diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..960696cd --- /dev/null +++ b/.gitignore @@ -0,0 +1,48 @@ +*~ +lib*.a +*.o +*.lo +*.la +*.gmo +.deps +.libs + +*.patch +*.rej +*.orig + +Makefile +Makefile.in + +/ABOUT-NLS +/aclocal.m4 +/autom4te.cache +/compile +/config.guess +/config.h +/config.h.in +/config.log +/config.rpath +/config.status +/config.sub +/configure +/depcomp +/install-sh +/libtool +/ltmain.sh +/m4 +/missing +/stamp-h1 +/ylwrap + +/po/*.header +/po/*.sed +/po/*.sin +/po/Makefile.in.in +/po/Makevars.template +/po/POTFILES +/po/Rules-quot +/po/stamp-po + +/shadow.spec +/libmisc/getdate.c diff --git a/ABOUT-NLS b/ABOUT-NLS deleted file mode 100644 index ec20977e..00000000 --- a/ABOUT-NLS +++ /dev/null @@ -1,1101 +0,0 @@ -1 Notes on the Free Translation Project -*************************************** - -Free software is going international! The Free Translation Project is -a way to get maintainers of free software, translators, and users all -together, so that free software will gradually become able to speak many -languages. A few packages already provide translations for their -messages. - - If you found this `ABOUT-NLS' file inside a distribution, you may -assume that the distributed package does use GNU `gettext' internally, -itself available at your nearest GNU archive site. But you do _not_ -need to install GNU `gettext' prior to configuring, installing or using -this package with messages translated. - - Installers will find here some useful hints. These notes also -explain how users should proceed for getting the programs to use the -available translations. They tell how people wanting to contribute and -work on translations can contact the appropriate team. - - When reporting bugs in the `intl/' directory or bugs which may be -related to internationalization, you should tell about the version of -`gettext' which is used. The information can be found in the -`intl/VERSION' file, in internationalized packages. - -1.1 Quick configuration advice -============================== - -If you want to exploit the full power of internationalization, you -should configure it using - - ./configure --with-included-gettext - -to force usage of internationalizing routines provided within this -package, despite the existence of internationalizing capabilities in the -operating system where this package is being installed. So far, only -the `gettext' implementation in the GNU C library version 2 provides as -many features (such as locale alias, message inheritance, automatic -charset conversion or plural form handling) as the implementation here. -It is also not possible to offer this additional functionality on top -of a `catgets' implementation. Future versions of GNU `gettext' will -very likely convey even more functionality. So it might be a good idea -to change to GNU `gettext' as soon as possible. - - So you need _not_ provide this option if you are using GNU libc 2 or -you have installed a recent copy of the GNU gettext package with the -included `libintl'. - -1.2 INSTALL Matters -=================== - -Some packages are "localizable" when properly installed; the programs -they contain can be made to speak your own native language. Most such -packages use GNU `gettext'. Other packages have their own ways to -internationalization, predating GNU `gettext'. - - By default, this package will be installed to allow translation of -messages. It will automatically detect whether the system already -provides the GNU `gettext' functions. If not, the included GNU -`gettext' library will be used. This library is wholly contained -within this package, usually in the `intl/' subdirectory, so prior -installation of the GNU `gettext' package is _not_ required. -Installers may use special options at configuration time for changing -the default behaviour. The commands: - - ./configure --with-included-gettext - ./configure --disable-nls - -will, respectively, bypass any pre-existing `gettext' to use the -internationalizing routines provided within this package, or else, -_totally_ disable translation of messages. - - When you already have GNU `gettext' installed on your system and run -configure without an option for your new package, `configure' will -probably detect the previously built and installed `libintl.a' file and -will decide to use this. This might not be desirable. You should use -the more recent version of the GNU `gettext' library. I.e. if the file -`intl/VERSION' shows that the library which comes with this package is -more recent, you should use - - ./configure --with-included-gettext - -to prevent auto-detection. - - The configuration process will not test for the `catgets' function -and therefore it will not be used. The reason is that even an -emulation of `gettext' on top of `catgets' could not provide all the -extensions of the GNU `gettext' library. - - Internationalized packages usually have many `po/LL.po' files, where -LL gives an ISO 639 two-letter code identifying the language. Unless -translations have been forbidden at `configure' time by using the -`--disable-nls' switch, all available translations are installed -together with the package. However, the environment variable `LINGUAS' -may be set, prior to configuration, to limit the installed set. -`LINGUAS' should then contain a space separated list of two-letter -codes, stating which languages are allowed. - -1.3 Using This Package -====================== - -As a user, if your language has been installed for this package, you -only have to set the `LANG' environment variable to the appropriate -`LL_CC' combination. Here `LL' is an ISO 639 two-letter language code, -and `CC' is an ISO 3166 two-letter country code. For example, let's -suppose that you speak German and live in Germany. At the shell -prompt, merely execute `setenv LANG de_DE' (in `csh'), -`export LANG; LANG=de_DE' (in `sh') or `export LANG=de_DE' (in `bash'). -This can be done from your `.login' or `.profile' file, once and for -all. - - You might think that the country code specification is redundant. -But in fact, some languages have dialects in different countries. For -example, `de_AT' is used for Austria, and `pt_BR' for Brazil. The -country code serves to distinguish the dialects. - - The locale naming convention of `LL_CC', with `LL' denoting the -language and `CC' denoting the country, is the one use on systems based -on GNU libc. On other systems, some variations of this scheme are -used, such as `LL' or `LL_CC.ENCODING'. You can get the list of -locales supported by your system for your language by running the -command `locale -a | grep '^LL''. - - Not all programs have translations for all languages. By default, an -English message is shown in place of a nonexistent translation. If you -understand other languages, you can set up a priority list of languages. -This is done through a different environment variable, called -`LANGUAGE'. GNU `gettext' gives preference to `LANGUAGE' over `LANG' -for the purpose of message handling, but you still need to have `LANG' -set to the primary language; this is required by other parts of the -system libraries. For example, some Swedish users who would rather -read translations in German than English for when Swedish is not -available, set `LANGUAGE' to `sv:de' while leaving `LANG' to `sv_SE'. - - Special advice for Norwegian users: The language code for Norwegian -bokma*l changed from `no' to `nb' recently (in 2003). During the -transition period, while some message catalogs for this language are -installed under `nb' and some older ones under `no', it's recommended -for Norwegian users to set `LANGUAGE' to `nb:no' so that both newer and -older translations are used. - - In the `LANGUAGE' environment variable, but not in the `LANG' -environment variable, `LL_CC' combinations can be abbreviated as `LL' -to denote the language's main dialect. For example, `de' is equivalent -to `de_DE' (German as spoken in Germany), and `pt' to `pt_PT' -(Portuguese as spoken in Portugal) in this context. - -1.4 Translating Teams -===================== - -For the Free Translation Project to be a success, we need interested -people who like their own language and write it well, and who are also -able to synergize with other translators speaking the same language. -Each translation team has its own mailing list. The up-to-date list of -teams can be found at the Free Translation Project's homepage, -`http://www.iro.umontreal.ca/contrib/po/HTML/', in the "National teams" -area. - - If you'd like to volunteer to _work_ at translating messages, you -should become a member of the translating team for your own language. -The subscribing address is _not_ the same as the list itself, it has -`-request' appended. For example, speakers of Swedish can send a -message to `sv-request@li.org', having this message body: - - subscribe - - Keep in mind that team members are expected to participate -_actively_ in translations, or at solving translational difficulties, -rather than merely lurking around. If your team does not exist yet and -you want to start one, or if you are unsure about what to do or how to -get started, please write to `translation@iro.umontreal.ca' to reach the -coordinator for all translator teams. - - The English team is special. It works at improving and uniformizing -the terminology in use. Proven linguistic skills are praised more than -programming skills, here. - -1.5 Available Packages -====================== - -Languages are not equally supported in all packages. The following -matrix shows the current state of internationalization, as of October -2006. The matrix shows, in regard of each package, for which languages -PO files have been submitted to translation coordination, with a -translation percentage of at least 50%. - - Ready PO files af am ar az be bg bs ca cs cy da de el en en_GB eo - +----------------------------------------------------+ - GNUnet | [] | - a2ps | [] [] [] [] [] | - aegis | () | - ant-phone | () | - anubis | [] | - ap-utils | | - aspell | [] [] [] [] [] | - bash | [] [] [] | - batchelor | [] | - bfd | | - bibshelf | [] | - binutils | [] | - bison | [] [] | - bison-runtime | | - bluez-pin | [] [] [] [] [] | - cflow | [] | - clisp | [] [] | - console-tools | [] [] | - coreutils | [] [] [] | - cpio | | - cpplib | [] [] [] | - cryptonit | [] | - darkstat | [] () [] | - dialog | [] [] [] [] [] [] | - diffutils | [] [] [] [] [] [] | - doodle | [] | - e2fsprogs | [] [] | - enscript | [] [] [] [] | - error | [] [] [] [] | - fetchmail | [] [] () [] | - fileutils | [] [] | - findutils | [] [] [] | - flex | [] [] [] | - fslint | [] | - gas | | - gawk | [] [] [] | - gbiff | [] | - gcal | [] | - gcc | [] | - gettext-examples | [] [] [] [] [] | - gettext-runtime | [] [] [] [] [] | - gettext-tools | [] [] | - gimp-print | [] [] [] [] | - gip | [] | - gliv | [] | - glunarclock | [] | - gmult | [] [] | - gnubiff | () | - gnucash | () () [] | - gnucash-glossary | [] () | - gnuedu | | - gnulib | [] [] [] [] [] [] | - gnunet-gtk | | - gnutls | | - gpe-aerial | [] [] | - gpe-beam | [] [] | - gpe-calendar | | - gpe-clock | [] [] | - gpe-conf | [] [] | - gpe-contacts | | - gpe-edit | [] | - gpe-filemanager | | - gpe-go | [] | - gpe-login | [] [] | - gpe-ownerinfo | [] [] | - gpe-package | | - gpe-sketchbook | [] [] | - gpe-su | [] [] | - gpe-taskmanager | [] [] | - gpe-timesheet | [] | - gpe-today | [] [] | - gpe-todo | | - gphoto2 | [] [] [] [] | - gprof | [] [] | - gpsdrive | () () | - gramadoir | [] [] | - grep | [] [] [] [] [] [] | - gretl | | - gsasl | | - gss | | - gst-plugins | [] [] [] [] | - gst-plugins-base | [] [] [] | - gst-plugins-good | [] [] [] [] [] [] [] | - gstreamer | [] [] [] [] [] [] [] | - gtick | () | - gtkam | [] [] [] | - gtkorphan | [] [] | - gtkspell | [] [] [] [] | - gutenprint | [] | - hello | [] [] [] [] [] | - id-utils | [] [] | - impost | | - indent | [] [] [] | - iso_3166 | [] [] | - iso_3166_2 | | - iso_4217 | [] | - iso_639 | [] [] | - jpilot | [] | - jtag | | - jwhois | | - kbd | [] [] [] [] | - keytouch | | - keytouch-editor | | - keytouch-keyboa... | | - latrine | () | - ld | [] | - leafpad | [] [] [] [] [] | - libc | [] [] [] [] [] | - libexif | [] | - libextractor | [] | - libgpewidget | [] [] [] | - libgpg-error | [] | - libgphoto2 | [] [] | - libgphoto2_port | [] [] | - libgsasl | | - libiconv | [] [] | - libidn | [] [] | - lifelines | [] () | - lilypond | [] | - lingoteach | | - lynx | [] [] [] [] | - m4 | [] [] [] [] | - mailutils | [] | - make | [] [] | - man-db | [] () [] [] | - minicom | [] [] [] | - mysecretdiary | [] [] | - nano | [] [] [] | - nano_1_0 | [] () [] [] | - opcodes | [] | - parted | | - pilot-qof | [] | - psmisc | [] | - pwdutils | | - python | | - qof | | - radius | [] | - recode | [] [] [] [] [] [] | - rpm | [] [] | - screem | | - scrollkeeper | [] [] [] [] [] [] [] [] | - sed | [] [] [] | - sh-utils | [] [] | - shared-mime-info | [] [] [] [] | - sharutils | [] [] [] [] [] [] | - shishi | | - silky | | - skencil | [] () | - sketch | [] () | - solfege | | - soundtracker | [] [] | - sp | [] | - stardict | [] | - system-tools-ba... | [] [] [] [] [] [] [] [] [] | - tar | [] | - texinfo | [] [] [] | - textutils | [] [] [] | - tin | () () | - tp-robot | [] | - tuxpaint | [] [] [] [] [] | - unicode-han-tra... | | - unicode-transla... | | - util-linux | [] [] [] [] | - vorbis-tools | [] [] [] [] | - wastesedge | () | - wdiff | [] [] [] [] | - wget | [] [] | - xchat | [] [] [] [] [] [] | - xkeyboard-config | | - xpad | [] [] | - +----------------------------------------------------+ - af am ar az be bg bs ca cs cy da de el en en_GB eo - 10 0 1 2 9 22 1 42 41 2 60 95 16 1 17 16 - - es et eu fa fi fr ga gl gu he hi hr hu id is it - +--------------------------------------------------+ - GNUnet | | - a2ps | [] [] [] () | - aegis | | - ant-phone | [] | - anubis | [] | - ap-utils | [] [] | - aspell | [] [] [] | - bash | [] [] [] | - batchelor | [] [] | - bfd | [] | - bibshelf | [] [] [] | - binutils | [] [] [] | - bison | [] [] [] [] [] [] | - bison-runtime | [] [] [] [] [] | - bluez-pin | [] [] [] [] [] | - cflow | [] | - clisp | [] [] | - console-tools | | - coreutils | [] [] [] [] [] [] | - cpio | [] [] [] | - cpplib | [] [] | - cryptonit | [] | - darkstat | [] () [] [] [] | - dialog | [] [] [] [] [] [] [] [] | - diffutils | [] [] [] [] [] [] [] [] [] | - doodle | [] [] | - e2fsprogs | [] [] [] | - enscript | [] [] [] | - error | [] [] [] [] [] | - fetchmail | [] | - fileutils | [] [] [] [] [] [] | - findutils | [] [] [] [] | - flex | [] [] [] | - fslint | [] | - gas | [] [] | - gawk | [] [] [] [] | - gbiff | [] | - gcal | [] [] | - gcc | [] | - gettext-examples | [] [] [] [] [] [] | - gettext-runtime | [] [] [] [] [] [] | - gettext-tools | [] [] [] | - gimp-print | [] [] | - gip | [] [] [] | - gliv | () | - glunarclock | [] [] [] | - gmult | [] [] [] | - gnubiff | () () | - gnucash | () () () | - gnucash-glossary | [] [] | - gnuedu | [] | - gnulib | [] [] [] [] [] [] [] [] | - gnunet-gtk | | - gnutls | | - gpe-aerial | [] [] | - gpe-beam | [] [] | - gpe-calendar | | - gpe-clock | [] [] [] [] | - gpe-conf | [] | - gpe-contacts | [] [] | - gpe-edit | [] [] [] [] | - gpe-filemanager | [] | - gpe-go | [] [] [] | - gpe-login | [] [] [] | - gpe-ownerinfo | [] [] [] [] [] | - gpe-package | [] | - gpe-sketchbook | [] [] | - gpe-su | [] [] [] [] | - gpe-taskmanager | [] [] [] | - gpe-timesheet | [] [] [] [] | - gpe-today | [] [] [] [] | - gpe-todo | [] | - gphoto2 | [] [] [] [] [] | - gprof | [] [] [] [] | - gpsdrive | () () [] () | - gramadoir | [] [] | - grep | [] [] [] [] [] [] [] [] [] [] [] [] | - gretl | [] [] [] | - gsasl | [] [] | - gss | [] | - gst-plugins | [] [] [] | - gst-plugins-base | [] [] | - gst-plugins-good | [] [] [] | - gstreamer | [] [] [] | - gtick | [] | - gtkam | [] [] [] [] | - gtkorphan | [] [] | - gtkspell | [] [] [] [] [] [] | - gutenprint | [] | - hello | [] [] [] [] [] [] [] [] [] [] [] [] [] | - id-utils | [] [] [] [] [] | - impost | [] [] | - indent | [] [] [] [] [] [] [] [] [] [] | - iso_3166 | [] [] [] | - iso_3166_2 | [] | - iso_4217 | [] [] [] [] | - iso_639 | [] [] [] [] [] | - jpilot | [] [] | - jtag | [] | - jwhois | [] [] [] [] [] | - kbd | [] [] | - keytouch | [] | - keytouch-editor | [] | - keytouch-keyboa... | [] | - latrine | [] [] [] | - ld | [] [] | - leafpad | [] [] [] [] [] [] | - libc | [] [] [] [] [] | - libexif | [] | - libextractor | [] | - libgpewidget | [] [] [] [] [] | - libgpg-error | | - libgphoto2 | [] [] [] | - libgphoto2_port | [] [] | - libgsasl | [] [] | - libiconv | [] [] | - libidn | [] [] | - lifelines | () | - lilypond | [] | - lingoteach | [] [] [] | - lynx | [] [] [] | - m4 | [] [] [] [] | - mailutils | [] [] | - make | [] [] [] [] [] [] [] [] | - man-db | () | - minicom | [] [] [] [] | - mysecretdiary | [] [] [] | - nano | [] [] [] [] [] [] | - nano_1_0 | [] [] [] [] [] | - opcodes | [] [] [] [] | - parted | [] [] [] [] | - pilot-qof | | - psmisc | [] [] [] | - pwdutils | | - python | | - qof | [] | - radius | [] [] | - recode | [] [] [] [] [] [] [] [] | - rpm | [] [] | - screem | | - scrollkeeper | [] [] [] | - sed | [] [] [] [] [] | - sh-utils | [] [] [] [] [] [] [] | - shared-mime-info | [] [] [] [] [] [] | - sharutils | [] [] [] [] [] [] [] [] | - shishi | | - silky | [] | - skencil | [] [] | - sketch | [] [] | - solfege | [] | - soundtracker | [] [] [] | - sp | [] | - stardict | [] | - system-tools-ba... | [] [] [] [] [] [] [] [] | - tar | [] [] [] [] [] [] [] | - texinfo | [] [] | - textutils | [] [] [] [] [] | - tin | [] () | - tp-robot | [] [] [] [] | - tuxpaint | [] [] | - unicode-han-tra... | | - unicode-transla... | [] [] | - util-linux | [] [] [] [] [] [] [] | - vorbis-tools | [] [] | - wastesedge | () | - wdiff | [] [] [] [] [] [] [] [] | - wget | [] [] [] [] [] [] [] [] | - xchat | [] [] [] [] [] [] [] [] | - xkeyboard-config | [] [] [] [] | - xpad | [] [] [] | - +--------------------------------------------------+ - es et eu fa fi fr ga gl gu he hi hr hu id is it - 88 22 14 2 40 115 61 14 1 8 1 6 59 31 0 52 - - ja ko ku ky lg lt lv mk mn ms mt nb ne nl nn no - +-------------------------------------------------+ - GNUnet | | - a2ps | () [] [] () | - aegis | () | - ant-phone | [] | - anubis | [] [] [] | - ap-utils | [] | - aspell | [] [] | - bash | [] | - batchelor | [] [] | - bfd | | - bibshelf | [] | - binutils | | - bison | [] [] [] | - bison-runtime | [] [] [] | - bluez-pin | [] [] [] | - cflow | | - clisp | [] | - console-tools | | - coreutils | [] | - cpio | | - cpplib | [] | - cryptonit | [] | - darkstat | [] [] | - dialog | [] [] | - diffutils | [] [] [] | - doodle | | - e2fsprogs | [] | - enscript | [] | - error | [] | - fetchmail | [] [] | - fileutils | [] [] | - findutils | [] | - flex | [] [] | - fslint | [] [] | - gas | | - gawk | [] [] | - gbiff | [] | - gcal | | - gcc | | - gettext-examples | [] [] | - gettext-runtime | [] [] [] | - gettext-tools | [] [] | - gimp-print | [] [] | - gip | [] [] | - gliv | [] | - glunarclock | [] [] | - gmult | [] [] | - gnubiff | | - gnucash | () () | - gnucash-glossary | [] | - gnuedu | | - gnulib | [] [] [] [] | - gnunet-gtk | | - gnutls | | - gpe-aerial | [] | - gpe-beam | [] | - gpe-calendar | [] | - gpe-clock | [] [] [] | - gpe-conf | [] [] | - gpe-contacts | [] | - gpe-edit | [] [] [] | - gpe-filemanager | [] [] | - gpe-go | [] [] [] | - gpe-login | [] [] [] | - gpe-ownerinfo | [] [] | - gpe-package | [] [] | - gpe-sketchbook | [] [] | - gpe-su | [] [] [] | - gpe-taskmanager | [] [] [] [] | - gpe-timesheet | [] | - gpe-today | [] [] | - gpe-todo | [] | - gphoto2 | [] [] | - gprof | | - gpsdrive | () () () | - gramadoir | () | - grep | [] [] [] [] | - gretl | | - gsasl | [] | - gss | | - gst-plugins | [] | - gst-plugins-base | | - gst-plugins-good | [] | - gstreamer | [] | - gtick | | - gtkam | [] | - gtkorphan | [] | - gtkspell | [] [] | - gutenprint | | - hello | [] [] [] [] [] [] | - id-utils | [] | - impost | | - indent | [] [] | - iso_3166 | [] | - iso_3166_2 | [] | - iso_4217 | [] [] [] | - iso_639 | [] [] | - jpilot | () () () | - jtag | | - jwhois | [] | - kbd | [] | - keytouch | [] | - keytouch-editor | | - keytouch-keyboa... | | - latrine | [] | - ld | | - leafpad | [] [] | - libc | [] [] [] [] [] | - libexif | | - libextractor | | - libgpewidget | [] | - libgpg-error | | - libgphoto2 | [] | - libgphoto2_port | [] | - libgsasl | [] | - libiconv | | - libidn | [] [] | - lifelines | [] | - lilypond | | - lingoteach | [] | - lynx | [] [] | - m4 | [] [] | - mailutils | | - make | [] [] [] | - man-db | () | - minicom | [] | - mysecretdiary | [] | - nano | [] [] [] | - nano_1_0 | [] [] [] | - opcodes | [] | - parted | [] [] | - pilot-qof | | - psmisc | [] [] [] | - pwdutils | | - python | | - qof | | - radius | | - recode | [] | - rpm | [] [] | - screem | [] | - scrollkeeper | [] [] [] [] | - sed | [] [] | - sh-utils | [] [] | - shared-mime-info | [] [] [] [] [] | - sharutils | [] [] | - shishi | | - silky | [] | - skencil | | - sketch | | - solfege | | - soundtracker | | - sp | () | - stardict | [] [] | - system-tools-ba... | [] [] [] [] | - tar | [] [] [] | - texinfo | [] [] [] | - textutils | [] [] [] | - tin | | - tp-robot | [] | - tuxpaint | [] | - unicode-han-tra... | | - unicode-transla... | | - util-linux | [] [] | - vorbis-tools | [] | - wastesedge | [] | - wdiff | [] [] | - wget | [] [] | - xchat | [] [] [] [] | - xkeyboard-config | [] | - xpad | [] [] [] | - +-------------------------------------------------+ - ja ko ku ky lg lt lv mk mn ms mt nb ne nl nn no - 52 24 2 2 1 3 0 2 3 21 0 15 1 97 5 1 - - nso or pa pl pt pt_BR rm ro ru rw sk sl sq sr sv ta - +------------------------------------------------------+ - GNUnet | | - a2ps | () [] [] [] [] [] [] | - aegis | () () | - ant-phone | [] [] | - anubis | [] [] [] | - ap-utils | () | - aspell | [] [] | - bash | [] [] [] | - batchelor | [] [] | - bfd | | - bibshelf | [] | - binutils | [] [] | - bison | [] [] [] [] [] | - bison-runtime | [] [] [] [] | - bluez-pin | [] [] [] [] [] [] [] [] [] | - cflow | [] | - clisp | [] | - console-tools | [] | - coreutils | [] [] [] [] | - cpio | [] [] [] | - cpplib | [] | - cryptonit | [] [] | - darkstat | [] [] [] [] [] [] | - dialog | [] [] [] [] [] [] [] [] [] | - diffutils | [] [] [] [] [] [] | - doodle | [] [] | - e2fsprogs | [] [] | - enscript | [] [] [] [] [] | - error | [] [] [] [] | - fetchmail | [] [] [] | - fileutils | [] [] [] [] [] | - findutils | [] [] [] [] [] [] | - flex | [] [] [] [] [] | - fslint | [] [] [] [] | - gas | | - gawk | [] [] [] [] | - gbiff | [] | - gcal | [] | - gcc | [] | - gettext-examples | [] [] [] [] [] [] [] [] | - gettext-runtime | [] [] [] [] [] [] [] [] | - gettext-tools | [] [] [] [] [] [] [] | - gimp-print | [] [] | - gip | [] [] [] [] | - gliv | [] [] [] [] | - glunarclock | [] [] [] [] [] [] | - gmult | [] [] [] [] | - gnubiff | () | - gnucash | () [] | - gnucash-glossary | [] [] [] | - gnuedu | | - gnulib | [] [] [] [] [] | - gnunet-gtk | [] | - gnutls | [] [] | - gpe-aerial | [] [] [] [] [] [] [] | - gpe-beam | [] [] [] [] [] [] [] | - gpe-calendar | [] | - gpe-clock | [] [] [] [] [] [] [] [] | - gpe-conf | [] [] [] [] [] [] [] | - gpe-contacts | [] [] [] [] [] | - gpe-edit | [] [] [] [] [] [] [] [] | - gpe-filemanager | [] [] | - gpe-go | [] [] [] [] [] [] | - gpe-login | [] [] [] [] [] [] [] [] | - gpe-ownerinfo | [] [] [] [] [] [] [] [] | - gpe-package | [] [] | - gpe-sketchbook | [] [] [] [] [] [] [] [] | - gpe-su | [] [] [] [] [] [] [] [] | - gpe-taskmanager | [] [] [] [] [] [] [] [] | - gpe-timesheet | [] [] [] [] [] [] [] [] | - gpe-today | [] [] [] [] [] [] [] [] | - gpe-todo | [] [] [] [] | - gphoto2 | [] [] [] [] [] | - gprof | [] [] [] | - gpsdrive | [] [] [] | - gramadoir | [] [] | - grep | [] [] [] [] [] [] [] [] | - gretl | [] | - gsasl | [] [] [] | - gss | [] [] [] | - gst-plugins | [] [] [] [] | - gst-plugins-base | [] | - gst-plugins-good | [] [] [] [] | - gstreamer | [] [] [] | - gtick | [] | - gtkam | [] [] [] [] | - gtkorphan | [] | - gtkspell | [] [] [] [] [] [] [] [] | - gutenprint | [] | - hello | [] [] [] [] [] [] [] [] | - id-utils | [] [] [] [] | - impost | [] | - indent | [] [] [] [] [] [] | - iso_3166 | [] [] [] [] [] [] | - iso_3166_2 | | - iso_4217 | [] [] [] [] | - iso_639 | [] [] [] [] | - jpilot | | - jtag | [] | - jwhois | [] [] [] [] | - kbd | [] [] [] | - keytouch | [] | - keytouch-editor | [] | - keytouch-keyboa... | [] | - latrine | [] [] | - ld | [] | - leafpad | [] [] [] [] [] [] | - libc | [] [] [] [] [] | - libexif | [] | - libextractor | [] [] | - libgpewidget | [] [] [] [] [] [] [] | - libgpg-error | [] [] | - libgphoto2 | [] | - libgphoto2_port | [] [] [] | - libgsasl | [] [] [] [] | - libiconv | [] [] | - libidn | [] [] () | - lifelines | [] [] | - lilypond | | - lingoteach | [] | - lynx | [] [] [] | - m4 | [] [] [] [] [] | - mailutils | [] [] [] [] | - make | [] [] [] [] | - man-db | [] [] | - minicom | [] [] [] [] [] | - mysecretdiary | [] [] [] [] | - nano | [] [] [] | - nano_1_0 | [] [] [] [] | - opcodes | [] [] | - parted | [] | - pilot-qof | [] | - psmisc | [] [] | - pwdutils | [] [] | - python | | - qof | [] [] | - radius | [] [] | - recode | [] [] [] [] [] [] [] | - rpm | [] [] [] [] | - screem | | - scrollkeeper | [] [] [] [] [] [] [] | - sed | [] [] [] [] [] [] [] [] [] | - sh-utils | [] [] [] | - shared-mime-info | [] [] [] [] [] | - sharutils | [] [] [] [] | - shishi | [] | - silky | [] | - skencil | [] [] [] | - sketch | [] [] [] | - solfege | [] | - soundtracker | [] [] | - sp | | - stardict | [] [] [] | - system-tools-ba... | [] [] [] [] [] [] [] [] [] | - tar | [] [] [] [] [] | - texinfo | [] [] [] [] | - textutils | [] [] [] | - tin | () | - tp-robot | [] | - tuxpaint | [] [] [] [] [] | - unicode-han-tra... | | - unicode-transla... | | - util-linux | [] [] [] [] | - vorbis-tools | [] [] | - wastesedge | | - wdiff | [] [] [] [] [] [] | - wget | [] [] [] [] | - xchat | [] [] [] [] [] [] [] | - xkeyboard-config | [] [] | - xpad | [] [] [] | - +------------------------------------------------------+ - nso or pa pl pt pt_BR rm ro ru rw sk sl sq sr sv ta - 0 2 3 58 30 54 5 73 72 4 40 46 11 50 128 2 - - tg th tk tr uk ven vi wa xh zh_CN zh_HK zh_TW zu - +---------------------------------------------------+ - GNUnet | [] | 2 - a2ps | [] [] [] | 19 - aegis | | 0 - ant-phone | [] [] | 6 - anubis | [] [] [] | 11 - ap-utils | () [] | 4 - aspell | [] [] [] | 15 - bash | [] | 11 - batchelor | [] [] | 9 - bfd | | 1 - bibshelf | [] | 7 - binutils | [] [] [] | 9 - bison | [] [] [] | 19 - bison-runtime | [] [] [] | 15 - bluez-pin | [] [] [] [] [] [] | 28 - cflow | [] [] | 5 - clisp | | 6 - console-tools | [] [] | 5 - coreutils | [] [] | 16 - cpio | [] [] [] | 9 - cpplib | [] [] [] [] | 11 - cryptonit | | 5 - darkstat | [] () () | 15 - dialog | [] [] [] [] [] | 30 - diffutils | [] [] [] [] | 28 - doodle | [] | 6 - e2fsprogs | [] [] | 10 - enscript | [] [] [] | 16 - error | [] [] [] [] | 18 - fetchmail | [] [] | 12 - fileutils | [] [] [] | 18 - findutils | [] [] [] | 17 - flex | [] [] | 15 - fslint | [] | 9 - gas | [] | 3 - gawk | [] [] | 15 - gbiff | [] | 5 - gcal | [] | 5 - gcc | [] [] [] | 6 - gettext-examples | [] [] [] [] [] [] | 27 - gettext-runtime | [] [] [] [] [] [] | 28 - gettext-tools | [] [] [] [] [] | 19 - gimp-print | [] [] | 12 - gip | [] [] | 12 - gliv | [] [] | 8 - glunarclock | [] [] [] | 15 - gmult | [] [] [] [] | 15 - gnubiff | [] | 1 - gnucash | () | 2 - gnucash-glossary | [] [] | 9 - gnuedu | [] | 2 - gnulib | [] [] [] [] [] | 28 - gnunet-gtk | | 1 - gnutls | | 2 - gpe-aerial | [] [] | 14 - gpe-beam | [] [] | 14 - gpe-calendar | [] | 3 - gpe-clock | [] [] [] [] | 21 - gpe-conf | [] [] | 14 - gpe-contacts | [] [] | 10 - gpe-edit | [] [] [] [] | 20 - gpe-filemanager | [] | 6 - gpe-go | [] [] | 15 - gpe-login | [] [] [] [] [] | 21 - gpe-ownerinfo | [] [] [] [] | 21 - gpe-package | [] | 6 - gpe-sketchbook | [] [] | 16 - gpe-su | [] [] [] | 20 - gpe-taskmanager | [] [] [] | 20 - gpe-timesheet | [] [] [] [] | 18 - gpe-today | [] [] [] [] [] | 21 - gpe-todo | [] | 7 - gphoto2 | [] [] [] [] | 20 - gprof | [] [] | 11 - gpsdrive | | 4 - gramadoir | [] | 7 - grep | [] [] [] [] | 34 - gretl | | 4 - gsasl | [] [] | 8 - gss | [] | 5 - gst-plugins | [] [] [] | 15 - gst-plugins-base | [] [] [] | 9 - gst-plugins-good | [] [] [] [] [] | 20 - gstreamer | [] [] [] | 17 - gtick | [] | 3 - gtkam | [] | 13 - gtkorphan | [] | 7 - gtkspell | [] [] [] [] [] [] | 26 - gutenprint | | 3 - hello | [] [] [] [] [] | 37 - id-utils | [] [] | 14 - impost | [] | 4 - indent | [] [] [] [] | 25 - iso_3166 | [] [] [] [] | 16 - iso_3166_2 | | 2 - iso_4217 | [] [] | 14 - iso_639 | [] | 14 - jpilot | [] [] [] [] | 7 - jtag | [] | 3 - jwhois | [] [] [] | 13 - kbd | [] [] | 12 - keytouch | [] | 4 - keytouch-editor | | 2 - keytouch-keyboa... | [] | 3 - latrine | [] [] | 8 - ld | [] [] [] [] | 8 - leafpad | [] [] [] [] | 23 - libc | [] [] [] | 23 - libexif | [] | 4 - libextractor | [] | 5 - libgpewidget | [] [] [] | 19 - libgpg-error | [] | 4 - libgphoto2 | [] | 8 - libgphoto2_port | [] [] [] | 11 - libgsasl | [] | 8 - libiconv | [] | 7 - libidn | [] [] | 10 - lifelines | | 4 - lilypond | | 2 - lingoteach | [] | 6 - lynx | [] [] [] | 15 - m4 | [] [] [] | 18 - mailutils | [] | 8 - make | [] [] [] | 20 - man-db | [] | 6 - minicom | [] | 14 - mysecretdiary | [] [] | 12 - nano | [] [] | 17 - nano_1_0 | [] [] [] | 18 - opcodes | [] [] | 10 - parted | [] [] [] | 10 - pilot-qof | [] | 3 - psmisc | [] | 10 - pwdutils | [] | 3 - python | | 0 - qof | [] | 4 - radius | [] | 6 - recode | [] [] [] | 25 - rpm | [] [] [] [] | 14 - screem | [] | 2 - scrollkeeper | [] [] [] [] | 26 - sed | [] [] [] | 22 - sh-utils | [] | 15 - shared-mime-info | [] [] [] [] | 24 - sharutils | [] [] [] | 23 - shishi | | 1 - silky | [] | 4 - skencil | [] | 7 - sketch | | 6 - solfege | | 2 - soundtracker | [] [] | 9 - sp | [] | 3 - stardict | [] [] [] [] | 11 - system-tools-ba... | [] [] [] [] [] [] [] | 37 - tar | [] [] [] [] | 20 - texinfo | [] [] [] | 15 - textutils | [] [] [] | 17 - tin | | 1 - tp-robot | [] [] [] | 10 - tuxpaint | [] [] [] | 16 - unicode-han-tra... | | 0 - unicode-transla... | | 2 - util-linux | [] [] [] | 20 - vorbis-tools | [] [] | 11 - wastesedge | | 1 - wdiff | [] [] | 22 - wget | [] [] [] | 19 - xchat | [] [] [] [] | 29 - xkeyboard-config | [] [] [] [] | 11 - xpad | [] [] [] | 14 - +---------------------------------------------------+ - 77 teams tg th tk tr uk ven vi wa xh zh_CN zh_HK zh_TW zu - 170 domains 0 1 1 77 39 0 136 10 1 48 5 54 0 2028 - - Some counters in the preceding matrix are higher than the number of -visible blocks let us expect. This is because a few extra PO files are -used for implementing regional variants of languages, or language -dialects. - - For a PO file in the matrix above to be effective, the package to -which it applies should also have been internationalized and -distributed as such by its maintainer. There might be an observable -lag between the mere existence a PO file and its wide availability in a -distribution. - - If October 2006 seems to be old, you may fetch a more recent copy of -this `ABOUT-NLS' file on most GNU archive sites. The most up-to-date -matrix with full percentage details can be found at -`http://www.iro.umontreal.ca/contrib/po/HTML/matrix.html'. - -1.6 Using `gettext' in new packages -=================================== - -If you are writing a freely available program and want to -internationalize it you are welcome to use GNU `gettext' in your -package. Of course you have to respect the GNU Library General Public -License which covers the use of the GNU `gettext' library. This means -in particular that even non-free programs can use `libintl' as a shared -library, whereas only free software can use `libintl' as a static -library or use modified versions of `libintl'. - - Once the sources are changed appropriately and the setup can handle -the use of `gettext' the only thing missing are the translations. The -Free Translation Project is also available for packages which are not -developed inside the GNU project. Therefore the information given above -applies also for every other Free Software Project. Contact -`translation@iro.umontreal.ca' to make the `.pot' files available to -the translation teams. - diff --git a/ChangeLog b/ChangeLog index 23cd5aef..201ce95d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,17 +1,3 @@ -2014-05-09 Christian Perrier - - * Include patches only included in Debian for 4.2 - * man/su.1.xml: Fix typo - * etc/login.defs src/newusers.c src/useradd.c libmisc/find_new_sub_uids.c libmisc/find_new_sub_gids.c: - configure userns - * po/vi.po: Vietnamese translation update - * po/fr.po, man/po/fr.po: French translation update - * po/de.po: German translation update - -2014-04-30 Christian Perrier - - * Release 4.2 "as is" - 2013-08-25 Nicolas FranƧois * src/vipw.c: After waitpid(), use errno only if waitpid returned diff --git a/Makefile.in b/Makefile.in deleted file mode 100644 index 122bc2a1..00000000 --- a/Makefile.in +++ /dev/null @@ -1,831 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = . -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/configure $(am__configure_deps) \ - $(srcdir)/config.h.in $(top_srcdir)/man/po/Makefile.in \ - $(srcdir)/shadow.spec.in ABOUT-NLS COPYING ChangeLog NEWS \ - README TODO config.guess config.rpath config.sub depcomp \ - install-sh missing ylwrap ltmain.sh -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ - configure.lineno config.status.lineno -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = config.h -CONFIG_CLEAN_FILES = man/po/Makefile shadow.spec -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ - ctags-recursive dvi-recursive html-recursive info-recursive \ - install-data-recursive install-dvi-recursive \ - install-exec-recursive install-html-recursive \ - install-info-recursive install-pdf-recursive \ - install-ps-recursive install-recursive installcheck-recursive \ - installdirs-recursive pdf-recursive ps-recursive \ - tags-recursive uninstall-recursive -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -am__recursive_targets = \ - $(RECURSIVE_TARGETS) \ - $(RECURSIVE_CLEAN_TARGETS) \ - $(am__extra_recursive_targets) -AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ - cscope distdir dist dist-all distcheck -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \ - $(LISP)config.h.in -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -CSCOPE = cscope -DIST_SUBDIRS = $(SUBDIRS) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -distdir = $(PACKAGE)-$(VERSION) -top_distdir = $(distdir) -am__remove_distdir = \ - if test -d "$(distdir)"; then \ - find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ - && rm -rf "$(distdir)" \ - || { sleep 5 && rm -rf "$(distdir)"; }; \ - else :; fi -am__post_remove_distdir = $(am__remove_distdir) -am__relativize = \ - dir0=`pwd`; \ - sed_first='s,^\([^/]*\)/.*$$,\1,'; \ - sed_rest='s,^[^/]*/*,,'; \ - sed_last='s,^.*/\([^/]*\)$$,\1,'; \ - sed_butlast='s,/*[^/]*$$,,'; \ - while test -n "$$dir1"; do \ - first=`echo "$$dir1" | sed -e "$$sed_first"`; \ - if test "$$first" != "."; then \ - if test "$$first" = ".."; then \ - dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ - dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ - else \ - first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ - if test "$$first2" = "$$first"; then \ - dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ - else \ - dir2="../$$dir2"; \ - fi; \ - dir0="$$dir0"/"$$first"; \ - fi; \ - fi; \ - dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ - done; \ - reldir="$$dir2" -DIST_ARCHIVES = $(distdir).tar.gz $(distdir).tar.bz2 -GZIP_ENV = --best -DIST_TARGETS = dist-bzip2 dist-gzip -distuninstallcheck_listfiles = find . -type f -print -am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \ - | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$' -distcleancheck_listfiles = find . -type f -print -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -EXTRA_DIST = NEWS README TODO shadow.spec.in -AUTOMAKE_OPTIONS = 1.5 dist-bzip2 foreign -SUBDIRS = po man libmisc lib src \ - contrib doc etc - -all: config.h - $(MAKE) $(AM_MAKEFLAGS) all-recursive - -.SUFFIXES: -am--refresh: Makefile - @: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \ - $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - echo ' $(SHELL) ./config.status'; \ - $(SHELL) ./config.status;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - $(SHELL) ./config.status --recheck - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - $(am__cd) $(srcdir) && $(AUTOCONF) -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) -$(am__aclocal_m4_deps): - -config.h: stamp-h1 - @if test ! -f $@; then rm -f stamp-h1; else :; fi - @if test ! -f $@; then $(MAKE) $(AM_MAKEFLAGS) stamp-h1; else :; fi - -stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status - @rm -f stamp-h1 - cd $(top_builddir) && $(SHELL) ./config.status config.h -$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) - rm -f stamp-h1 - touch $@ - -distclean-hdr: - -rm -f config.h stamp-h1 -man/po/Makefile: $(top_builddir)/config.status $(top_srcdir)/man/po/Makefile.in - cd $(top_builddir) && $(SHELL) ./config.status $@ -shadow.spec: $(top_builddir)/config.status $(srcdir)/shadow.spec.in - cd $(top_builddir) && $(SHELL) ./config.status $@ - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool config.lt - -# This directory's subdirectories are mostly independent; you can cd -# into them and run 'make' without going through this Makefile. -# To change the values of 'make' variables: instead of editing Makefiles, -# (1) if the variable is set in 'config.status', edit 'config.status' -# (which will cause the Makefiles to be regenerated when you run 'make'); -# (2) otherwise, pass the desired values on the 'make' command line. -$(am__recursive_targets): - @fail=; \ - if $(am__make_keepgoing); then \ - failcom='fail=yes'; \ - else \ - failcom='exit 1'; \ - fi; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-recursive -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-recursive - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscope: cscope.files - test ! -s cscope.files \ - || $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS) -clean-cscope: - -rm -f cscope.files -cscope.files: clean-cscope cscopelist -cscopelist: cscopelist-recursive - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -rm -f cscope.out cscope.in.out cscope.po.out cscope.files - -distdir: $(DISTFILES) - $(am__remove_distdir) - test -d "$(distdir)" || mkdir "$(distdir)" - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done - @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - $(am__make_dryrun) \ - || test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ - $(am__relativize); \ - new_distdir=$$reldir; \ - dir1=$$subdir; dir2="$(top_distdir)"; \ - $(am__relativize); \ - new_top_distdir=$$reldir; \ - echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ - echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ - ($(am__cd) $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$new_top_distdir" \ - distdir="$$new_distdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - am__skip_mode_fix=: \ - distdir) \ - || exit 1; \ - fi; \ - done - -test -n "$(am__skip_mode_fix)" \ - || find "$(distdir)" -type d ! -perm -755 \ - -exec chmod u+rwx,go+rx {} \; -o \ - ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ - ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ - ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ - || chmod -R a+r "$(distdir)" -dist-gzip: distdir - tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz - $(am__post_remove_distdir) -dist-bzip2: distdir - tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2 - $(am__post_remove_distdir) - -dist-lzip: distdir - tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz - $(am__post_remove_distdir) - -dist-xz: distdir - tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz - $(am__post_remove_distdir) - -dist-tarZ: distdir - tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z - $(am__post_remove_distdir) - -dist-shar: distdir - shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz - $(am__post_remove_distdir) - -dist-zip: distdir - -rm -f $(distdir).zip - zip -rq $(distdir).zip $(distdir) - $(am__post_remove_distdir) - -dist dist-all: - $(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:' - $(am__post_remove_distdir) - -# This target untars the dist file and tries a VPATH configuration. Then -# it guarantees that the distribution is self-contained by making another -# tarfile. -distcheck: dist - case '$(DIST_ARCHIVES)' in \ - *.tar.gz*) \ - GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\ - *.tar.bz2*) \ - bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ - *.tar.lz*) \ - lzip -dc $(distdir).tar.lz | $(am__untar) ;;\ - *.tar.xz*) \ - xz -dc $(distdir).tar.xz | $(am__untar) ;;\ - *.tar.Z*) \ - uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ - *.shar.gz*) \ - GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\ - *.zip*) \ - unzip $(distdir).zip ;;\ - esac - chmod -R a-w $(distdir) - chmod u+w $(distdir) - mkdir $(distdir)/_build $(distdir)/_inst - chmod a-w $(distdir) - test -d $(distdir)/_build || exit 0; \ - dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ - && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ - && am__cwd=`pwd` \ - && $(am__cd) $(distdir)/_build \ - && ../configure --srcdir=.. --prefix="$$dc_install_base" \ - $(AM_DISTCHECK_CONFIGURE_FLAGS) \ - $(DISTCHECK_CONFIGURE_FLAGS) \ - && $(MAKE) $(AM_MAKEFLAGS) \ - && $(MAKE) $(AM_MAKEFLAGS) dvi \ - && $(MAKE) $(AM_MAKEFLAGS) check \ - && $(MAKE) $(AM_MAKEFLAGS) install \ - && $(MAKE) $(AM_MAKEFLAGS) installcheck \ - && $(MAKE) $(AM_MAKEFLAGS) uninstall \ - && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ - distuninstallcheck \ - && chmod -R a-w "$$dc_install_base" \ - && ({ \ - (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ - && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ - && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ - && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ - distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ - } || { rm -rf "$$dc_destdir"; exit 1; }) \ - && rm -rf "$$dc_destdir" \ - && $(MAKE) $(AM_MAKEFLAGS) dist \ - && rm -rf $(DIST_ARCHIVES) \ - && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ - && cd "$$am__cwd" \ - || exit 1 - $(am__post_remove_distdir) - @(echo "$(distdir) archives ready for distribution: "; \ - list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ - sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' -distuninstallcheck: - @test -n '$(distuninstallcheck_dir)' || { \ - echo 'ERROR: trying to run $@ with an empty' \ - '$$(distuninstallcheck_dir)' >&2; \ - exit 1; \ - }; \ - $(am__cd) '$(distuninstallcheck_dir)' || { \ - echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \ - exit 1; \ - }; \ - test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \ - || { echo "ERROR: files left after uninstall:" ; \ - if test -n "$(DESTDIR)"; then \ - echo " (check DESTDIR support)"; \ - fi ; \ - $(distuninstallcheck_listfiles) ; \ - exit 1; } >&2 -distcleancheck: distclean - @if test '$(srcdir)' = . ; then \ - echo "ERROR: distcleancheck can only run from a VPATH build" ; \ - exit 1 ; \ - fi - @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ - || { echo "ERROR: files left in build directory after distclean:" ; \ - $(distcleancheck_listfiles) ; \ - exit 1; } >&2 -check-am: all-am -check: check-recursive -all-am: Makefile config.h -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f $(am__CONFIG_DISTCLEAN_FILES) - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-hdr \ - distclean-libtool distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -html-am: - -info: info-recursive - -info-am: - -install-data-am: - -install-dvi: install-dvi-recursive - -install-dvi-am: - -install-exec-am: - -install-html: install-html-recursive - -install-html-am: - -install-info: install-info-recursive - -install-info-am: - -install-man: - -install-pdf: install-pdf-recursive - -install-pdf-am: - -install-ps: install-ps-recursive - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f $(am__CONFIG_DISTCLEAN_FILES) - -rm -rf $(top_srcdir)/autom4te.cache - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - -.MAKE: $(am__recursive_targets) all install-am install-strip - -.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ - am--refresh check check-am clean clean-cscope clean-generic \ - clean-libtool cscope cscopelist-am ctags ctags-am dist \ - dist-all dist-bzip2 dist-gzip dist-lzip dist-shar dist-tarZ \ - dist-xz dist-zip distcheck distclean distclean-generic \ - distclean-hdr distclean-libtool distclean-tags distcleancheck \ - distdir distuninstallcheck dvi dvi-am html html-am info \ - info-am install install-am install-data install-data-am \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-html install-html-am install-info install-info-am \ - install-man install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ - uninstall-am - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/NEWS b/NEWS index 77724413..21557eda 100644 --- a/NEWS +++ b/NEWS @@ -1,18 +1,6 @@ $Id$ -shadow-4.2 -> shadow-4.2.1 UNRELEASED - -*** general - * Properly release with a generated configure script, built manpages - * Include the configure_userns patch from Debian - -*** translation - * Vietnamese translation update - * French man pages translation update - * French translation update - * Typo fixes in German translation - -shadow-4.1.5.1 -> shadow-4.2 2013-04-30 +shadow-4.1.5.1 -> shadow-4.2 UNRELEASED *** general * Handle libc whose crypt() returns NULL when passed a salt that diff --git a/aclocal.m4 b/aclocal.m4 deleted file mode 100644 index de18eb72..00000000 --- a/aclocal.m4 +++ /dev/null @@ -1,12101 +0,0 @@ -# generated automatically by aclocal 1.13.3 -*- Autoconf -*- - -# Copyright (C) 1996-2013 Free Software Foundation, Inc. - -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) -m4_ifndef([AC_AUTOCONF_VERSION], - [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl -m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],, -[m4_warning([this file was generated for autoconf 2.69. -You have another version of autoconf. It may work, but is not guaranteed to. -If you have problems, you may need to regenerate the build system entirely. -To do so, use the procedure documented by the package, typically 'autoreconf'.])]) - -# gettext.m4 serial 66 (gettext-0.18.2) -dnl Copyright (C) 1995-2013 Free Software Foundation, Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. -dnl -dnl This file can can be used in projects which are not available under -dnl the GNU General Public License or the GNU Library General Public -dnl License but which still want to provide support for the GNU gettext -dnl functionality. -dnl Please note that the actual code of the GNU gettext library is covered -dnl by the GNU Library General Public License, and the rest of the GNU -dnl gettext package package is covered by the GNU General Public License. -dnl They are *not* in the public domain. - -dnl Authors: -dnl Ulrich Drepper , 1995-2000. -dnl Bruno Haible , 2000-2006, 2008-2010. - -dnl Macro to add for using GNU gettext. - -dnl Usage: AM_GNU_GETTEXT([INTLSYMBOL], [NEEDSYMBOL], [INTLDIR]). -dnl INTLSYMBOL can be one of 'external', 'no-libtool', 'use-libtool'. The -dnl default (if it is not specified or empty) is 'no-libtool'. -dnl INTLSYMBOL should be 'external' for packages with no intl directory, -dnl and 'no-libtool' or 'use-libtool' for packages with an intl directory. -dnl If INTLSYMBOL is 'use-libtool', then a libtool library -dnl $(top_builddir)/intl/libintl.la will be created (shared and/or static, -dnl depending on --{enable,disable}-{shared,static} and on the presence of -dnl AM-DISABLE-SHARED). If INTLSYMBOL is 'no-libtool', a static library -dnl $(top_builddir)/intl/libintl.a will be created. -dnl If NEEDSYMBOL is specified and is 'need-ngettext', then GNU gettext -dnl implementations (in libc or libintl) without the ngettext() function -dnl will be ignored. If NEEDSYMBOL is specified and is -dnl 'need-formatstring-macros', then GNU gettext implementations that don't -dnl support the ISO C 99 formatstring macros will be ignored. -dnl INTLDIR is used to find the intl libraries. If empty, -dnl the value '$(top_builddir)/intl/' is used. -dnl -dnl The result of the configuration is one of three cases: -dnl 1) GNU gettext, as included in the intl subdirectory, will be compiled -dnl and used. -dnl Catalog format: GNU --> install in $(datadir) -dnl Catalog extension: .mo after installation, .gmo in source tree -dnl 2) GNU gettext has been found in the system's C library. -dnl Catalog format: GNU --> install in $(datadir) -dnl Catalog extension: .mo after installation, .gmo in source tree -dnl 3) No internationalization, always use English msgid. -dnl Catalog format: none -dnl Catalog extension: none -dnl If INTLSYMBOL is 'external', only cases 2 and 3 can occur. -dnl The use of .gmo is historical (it was needed to avoid overwriting the -dnl GNU format catalogs when building on a platform with an X/Open gettext), -dnl but we keep it in order not to force irrelevant filename changes on the -dnl maintainers. -dnl -AC_DEFUN([AM_GNU_GETTEXT], -[ - dnl Argument checking. - ifelse([$1], [], , [ifelse([$1], [external], , [ifelse([$1], [no-libtool], , [ifelse([$1], [use-libtool], , - [errprint([ERROR: invalid first argument to AM_GNU_GETTEXT -])])])])]) - ifelse(ifelse([$1], [], [old])[]ifelse([$1], [no-libtool], [old]), [old], - [AC_DIAGNOSE([obsolete], [Use of AM_GNU_GETTEXT without [external] argument is deprecated.])]) - ifelse([$2], [], , [ifelse([$2], [need-ngettext], , [ifelse([$2], [need-formatstring-macros], , - [errprint([ERROR: invalid second argument to AM_GNU_GETTEXT -])])])]) - define([gt_included_intl], - ifelse([$1], [external], - ifdef([AM_GNU_GETTEXT_][INTL_SUBDIR], [yes], [no]), - [yes])) - define([gt_libtool_suffix_prefix], ifelse([$1], [use-libtool], [l], [])) - gt_NEEDS_INIT - AM_GNU_GETTEXT_NEED([$2]) - - AC_REQUIRE([AM_PO_SUBDIRS])dnl - ifelse(gt_included_intl, yes, [ - AC_REQUIRE([AM_INTL_SUBDIR])dnl - ]) - - dnl Prerequisites of AC_LIB_LINKFLAGS_BODY. - AC_REQUIRE([AC_LIB_PREPARE_PREFIX]) - AC_REQUIRE([AC_LIB_RPATH]) - - dnl Sometimes libintl requires libiconv, so first search for libiconv. - dnl Ideally we would do this search only after the - dnl if test "$USE_NLS" = "yes"; then - dnl if { eval "gt_val=\$$gt_func_gnugettext_libc"; test "$gt_val" != "yes"; }; then - dnl tests. But if configure.in invokes AM_ICONV after AM_GNU_GETTEXT - dnl the configure script would need to contain the same shell code - dnl again, outside any 'if'. There are two solutions: - dnl - Invoke AM_ICONV_LINKFLAGS_BODY here, outside any 'if'. - dnl - Control the expansions in more detail using AC_PROVIDE_IFELSE. - dnl Since AC_PROVIDE_IFELSE is only in autoconf >= 2.52 and not - dnl documented, we avoid it. - ifelse(gt_included_intl, yes, , [ - AC_REQUIRE([AM_ICONV_LINKFLAGS_BODY]) - ]) - - dnl Sometimes, on Mac OS X, libintl requires linking with CoreFoundation. - gt_INTL_MACOSX - - dnl Set USE_NLS. - AC_REQUIRE([AM_NLS]) - - ifelse(gt_included_intl, yes, [ - BUILD_INCLUDED_LIBINTL=no - USE_INCLUDED_LIBINTL=no - ]) - LIBINTL= - LTLIBINTL= - POSUB= - - dnl Add a version number to the cache macros. - case " $gt_needs " in - *" need-formatstring-macros "*) gt_api_version=3 ;; - *" need-ngettext "*) gt_api_version=2 ;; - *) gt_api_version=1 ;; - esac - gt_func_gnugettext_libc="gt_cv_func_gnugettext${gt_api_version}_libc" - gt_func_gnugettext_libintl="gt_cv_func_gnugettext${gt_api_version}_libintl" - - dnl If we use NLS figure out what method - if test "$USE_NLS" = "yes"; then - gt_use_preinstalled_gnugettext=no - ifelse(gt_included_intl, yes, [ - AC_MSG_CHECKING([whether included gettext is requested]) - AC_ARG_WITH([included-gettext], - [ --with-included-gettext use the GNU gettext library included here], - nls_cv_force_use_gnu_gettext=$withval, - nls_cv_force_use_gnu_gettext=no) - AC_MSG_RESULT([$nls_cv_force_use_gnu_gettext]) - - nls_cv_use_gnu_gettext="$nls_cv_force_use_gnu_gettext" - if test "$nls_cv_force_use_gnu_gettext" != "yes"; then - ]) - dnl User does not insist on using GNU NLS library. Figure out what - dnl to use. If GNU gettext is available we use this. Else we have - dnl to fall back to GNU NLS library. - - if test $gt_api_version -ge 3; then - gt_revision_test_code=' -#ifndef __GNU_GETTEXT_SUPPORTED_REVISION -#define __GNU_GETTEXT_SUPPORTED_REVISION(major) ((major) == 0 ? 0 : -1) -#endif -changequote(,)dnl -typedef int array [2 * (__GNU_GETTEXT_SUPPORTED_REVISION(0) >= 1) - 1]; -changequote([,])dnl -' - else - gt_revision_test_code= - fi - if test $gt_api_version -ge 2; then - gt_expression_test_code=' + * ngettext ("", "", 0)' - else - gt_expression_test_code= - fi - - AC_CACHE_CHECK([for GNU gettext in libc], [$gt_func_gnugettext_libc], - [AC_LINK_IFELSE( - [AC_LANG_PROGRAM( - [[ -#include -$gt_revision_test_code -extern int _nl_msg_cat_cntr; -extern int *_nl_domain_bindings; - ]], - [[ -bindtextdomain ("", ""); -return * gettext ("")$gt_expression_test_code + _nl_msg_cat_cntr + *_nl_domain_bindings - ]])], - [eval "$gt_func_gnugettext_libc=yes"], - [eval "$gt_func_gnugettext_libc=no"])]) - - if { eval "gt_val=\$$gt_func_gnugettext_libc"; test "$gt_val" != "yes"; }; then - dnl Sometimes libintl requires libiconv, so first search for libiconv. - ifelse(gt_included_intl, yes, , [ - AM_ICONV_LINK - ]) - dnl Search for libintl and define LIBINTL, LTLIBINTL and INCINTL - dnl accordingly. Don't use AC_LIB_LINKFLAGS_BODY([intl],[iconv]) - dnl because that would add "-liconv" to LIBINTL and LTLIBINTL - dnl even if libiconv doesn't exist. - AC_LIB_LINKFLAGS_BODY([intl]) - AC_CACHE_CHECK([for GNU gettext in libintl], - [$gt_func_gnugettext_libintl], - [gt_save_CPPFLAGS="$CPPFLAGS" - CPPFLAGS="$CPPFLAGS $INCINTL" - gt_save_LIBS="$LIBS" - LIBS="$LIBS $LIBINTL" - dnl Now see whether libintl exists and does not depend on libiconv. - AC_LINK_IFELSE( - [AC_LANG_PROGRAM( - [[ -#include -$gt_revision_test_code -extern int _nl_msg_cat_cntr; -extern -#ifdef __cplusplus -"C" -#endif -const char *_nl_expand_alias (const char *); - ]], - [[ -bindtextdomain ("", ""); -return * gettext ("")$gt_expression_test_code + _nl_msg_cat_cntr + *_nl_expand_alias ("") - ]])], - [eval "$gt_func_gnugettext_libintl=yes"], - [eval "$gt_func_gnugettext_libintl=no"]) - dnl Now see whether libintl exists and depends on libiconv. - if { eval "gt_val=\$$gt_func_gnugettext_libintl"; test "$gt_val" != yes; } && test -n "$LIBICONV"; then - LIBS="$LIBS $LIBICONV" - AC_LINK_IFELSE( - [AC_LANG_PROGRAM( - [[ -#include -$gt_revision_test_code -extern int _nl_msg_cat_cntr; -extern -#ifdef __cplusplus -"C" -#endif -const char *_nl_expand_alias (const char *); - ]], - [[ -bindtextdomain ("", ""); -return * gettext ("")$gt_expression_test_code + _nl_msg_cat_cntr + *_nl_expand_alias ("") - ]])], - [LIBINTL="$LIBINTL $LIBICONV" - LTLIBINTL="$LTLIBINTL $LTLIBICONV" - eval "$gt_func_gnugettext_libintl=yes" - ]) - fi - CPPFLAGS="$gt_save_CPPFLAGS" - LIBS="$gt_save_LIBS"]) - fi - - dnl If an already present or preinstalled GNU gettext() is found, - dnl use it. But if this macro is used in GNU gettext, and GNU - dnl gettext is already preinstalled in libintl, we update this - dnl libintl. (Cf. the install rule in intl/Makefile.in.) - if { eval "gt_val=\$$gt_func_gnugettext_libc"; test "$gt_val" = "yes"; } \ - || { { eval "gt_val=\$$gt_func_gnugettext_libintl"; test "$gt_val" = "yes"; } \ - && test "$PACKAGE" != gettext-runtime \ - && test "$PACKAGE" != gettext-tools; }; then - gt_use_preinstalled_gnugettext=yes - else - dnl Reset the values set by searching for libintl. - LIBINTL= - LTLIBINTL= - INCINTL= - fi - - ifelse(gt_included_intl, yes, [ - if test "$gt_use_preinstalled_gnugettext" != "yes"; then - dnl GNU gettext is not found in the C library. - dnl Fall back on included GNU gettext library. - nls_cv_use_gnu_gettext=yes - fi - fi - - if test "$nls_cv_use_gnu_gettext" = "yes"; then - dnl Mark actions used to generate GNU NLS library. - BUILD_INCLUDED_LIBINTL=yes - USE_INCLUDED_LIBINTL=yes - LIBINTL="ifelse([$3],[],\${top_builddir}/intl,[$3])/libintl.[]gt_libtool_suffix_prefix[]a $LIBICONV $LIBTHREAD" - LTLIBINTL="ifelse([$3],[],\${top_builddir}/intl,[$3])/libintl.[]gt_libtool_suffix_prefix[]a $LTLIBICONV $LTLIBTHREAD" - LIBS=`echo " $LIBS " | sed -e 's/ -lintl / /' -e 's/^ //' -e 's/ $//'` - fi - - CATOBJEXT= - if test "$gt_use_preinstalled_gnugettext" = "yes" \ - || test "$nls_cv_use_gnu_gettext" = "yes"; then - dnl Mark actions to use GNU gettext tools. - CATOBJEXT=.gmo - fi - ]) - - if test -n "$INTL_MACOSX_LIBS"; then - if test "$gt_use_preinstalled_gnugettext" = "yes" \ - || test "$nls_cv_use_gnu_gettext" = "yes"; then - dnl Some extra flags are needed during linking. - LIBINTL="$LIBINTL $INTL_MACOSX_LIBS" - LTLIBINTL="$LTLIBINTL $INTL_MACOSX_LIBS" - fi - fi - - if test "$gt_use_preinstalled_gnugettext" = "yes" \ - || test "$nls_cv_use_gnu_gettext" = "yes"; then - AC_DEFINE([ENABLE_NLS], [1], - [Define to 1 if translation of program messages to the user's native language - is requested.]) - else - USE_NLS=no - fi - fi - - AC_MSG_CHECKING([whether to use NLS]) - AC_MSG_RESULT([$USE_NLS]) - if test "$USE_NLS" = "yes"; then - AC_MSG_CHECKING([where the gettext function comes from]) - if test "$gt_use_preinstalled_gnugettext" = "yes"; then - if { eval "gt_val=\$$gt_func_gnugettext_libintl"; test "$gt_val" = "yes"; }; then - gt_source="external libintl" - else - gt_source="libc" - fi - else - gt_source="included intl directory" - fi - AC_MSG_RESULT([$gt_source]) - fi - - if test "$USE_NLS" = "yes"; then - - if test "$gt_use_preinstalled_gnugettext" = "yes"; then - if { eval "gt_val=\$$gt_func_gnugettext_libintl"; test "$gt_val" = "yes"; }; then - AC_MSG_CHECKING([how to link with libintl]) - AC_MSG_RESULT([$LIBINTL]) - AC_LIB_APPENDTOVAR([CPPFLAGS], [$INCINTL]) - fi - - dnl For backward compatibility. Some packages may be using this. - AC_DEFINE([HAVE_GETTEXT], [1], - [Define if the GNU gettext() function is already present or preinstalled.]) - AC_DEFINE([HAVE_DCGETTEXT], [1], - [Define if the GNU dcgettext() function is already present or preinstalled.]) - fi - - dnl We need to process the po/ directory. - POSUB=po - fi - - ifelse(gt_included_intl, yes, [ - dnl If this is used in GNU gettext we have to set BUILD_INCLUDED_LIBINTL - dnl to 'yes' because some of the testsuite requires it. - if test "$PACKAGE" = gettext-runtime || test "$PACKAGE" = gettext-tools; then - BUILD_INCLUDED_LIBINTL=yes - fi - - dnl Make all variables we use known to autoconf. - AC_SUBST([BUILD_INCLUDED_LIBINTL]) - AC_SUBST([USE_INCLUDED_LIBINTL]) - AC_SUBST([CATOBJEXT]) - - dnl For backward compatibility. Some configure.ins may be using this. - nls_cv_header_intl= - nls_cv_header_libgt= - - dnl For backward compatibility. Some Makefiles may be using this. - DATADIRNAME=share - AC_SUBST([DATADIRNAME]) - - dnl For backward compatibility. Some Makefiles may be using this. - INSTOBJEXT=.mo - AC_SUBST([INSTOBJEXT]) - - dnl For backward compatibility. Some Makefiles may be using this. - GENCAT=gencat - AC_SUBST([GENCAT]) - - dnl For backward compatibility. Some Makefiles may be using this. - INTLOBJS= - if test "$USE_INCLUDED_LIBINTL" = yes; then - INTLOBJS="\$(GETTOBJS)" - fi - AC_SUBST([INTLOBJS]) - - dnl Enable libtool support if the surrounding package wishes it. - INTL_LIBTOOL_SUFFIX_PREFIX=gt_libtool_suffix_prefix - AC_SUBST([INTL_LIBTOOL_SUFFIX_PREFIX]) - ]) - - dnl For backward compatibility. Some Makefiles may be using this. - INTLLIBS="$LIBINTL" - AC_SUBST([INTLLIBS]) - - dnl Make all documented variables known to autoconf. - AC_SUBST([LIBINTL]) - AC_SUBST([LTLIBINTL]) - AC_SUBST([POSUB]) -]) - - -dnl gt_NEEDS_INIT ensures that the gt_needs variable is initialized. -m4_define([gt_NEEDS_INIT], -[ - m4_divert_text([DEFAULTS], [gt_needs=]) - m4_define([gt_NEEDS_INIT], []) -]) - - -dnl Usage: AM_GNU_GETTEXT_NEED([NEEDSYMBOL]) -AC_DEFUN([AM_GNU_GETTEXT_NEED], -[ - m4_divert_text([INIT_PREPARE], [gt_needs="$gt_needs $1"]) -]) - - -dnl Usage: AM_GNU_GETTEXT_VERSION([gettext-version]) -AC_DEFUN([AM_GNU_GETTEXT_VERSION], []) - -# iconv.m4 serial 18 (gettext-0.18.2) -dnl Copyright (C) 2000-2002, 2007-2013 Free Software Foundation, Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. - -dnl From Bruno Haible. - -AC_DEFUN([AM_ICONV_LINKFLAGS_BODY], -[ - dnl Prerequisites of AC_LIB_LINKFLAGS_BODY. - AC_REQUIRE([AC_LIB_PREPARE_PREFIX]) - AC_REQUIRE([AC_LIB_RPATH]) - - dnl Search for libiconv and define LIBICONV, LTLIBICONV and INCICONV - dnl accordingly. - AC_LIB_LINKFLAGS_BODY([iconv]) -]) - -AC_DEFUN([AM_ICONV_LINK], -[ - dnl Some systems have iconv in libc, some have it in libiconv (OSF/1 and - dnl those with the standalone portable GNU libiconv installed). - AC_REQUIRE([AC_CANONICAL_HOST]) dnl for cross-compiles - - dnl Search for libiconv and define LIBICONV, LTLIBICONV and INCICONV - dnl accordingly. - AC_REQUIRE([AM_ICONV_LINKFLAGS_BODY]) - - dnl Add $INCICONV to CPPFLAGS before performing the following checks, - dnl because if the user has installed libiconv and not disabled its use - dnl via --without-libiconv-prefix, he wants to use it. The first - dnl AC_LINK_IFELSE will then fail, the second AC_LINK_IFELSE will succeed. - am_save_CPPFLAGS="$CPPFLAGS" - AC_LIB_APPENDTOVAR([CPPFLAGS], [$INCICONV]) - - AC_CACHE_CHECK([for iconv], [am_cv_func_iconv], [ - am_cv_func_iconv="no, consider installing GNU libiconv" - am_cv_lib_iconv=no - AC_LINK_IFELSE( - [AC_LANG_PROGRAM( - [[ -#include -#include - ]], - [[iconv_t cd = iconv_open("",""); - iconv(cd,NULL,NULL,NULL,NULL); - iconv_close(cd);]])], - [am_cv_func_iconv=yes]) - if test "$am_cv_func_iconv" != yes; then - am_save_LIBS="$LIBS" - LIBS="$LIBS $LIBICONV" - AC_LINK_IFELSE( - [AC_LANG_PROGRAM( - [[ -#include -#include - ]], - [[iconv_t cd = iconv_open("",""); - iconv(cd,NULL,NULL,NULL,NULL); - iconv_close(cd);]])], - [am_cv_lib_iconv=yes] - [am_cv_func_iconv=yes]) - LIBS="$am_save_LIBS" - fi - ]) - if test "$am_cv_func_iconv" = yes; then - AC_CACHE_CHECK([for working iconv], [am_cv_func_iconv_works], [ - dnl This tests against bugs in AIX 5.1, AIX 6.1..7.1, HP-UX 11.11, - dnl Solaris 10. - am_save_LIBS="$LIBS" - if test $am_cv_lib_iconv = yes; then - LIBS="$LIBS $LIBICONV" - fi - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ -#include -#include -int main () -{ - int result = 0; - /* Test against AIX 5.1 bug: Failures are not distinguishable from successful - returns. */ - { - iconv_t cd_utf8_to_88591 = iconv_open ("ISO8859-1", "UTF-8"); - if (cd_utf8_to_88591 != (iconv_t)(-1)) - { - static const char input[] = "\342\202\254"; /* EURO SIGN */ - char buf[10]; - const char *inptr = input; - size_t inbytesleft = strlen (input); - char *outptr = buf; - size_t outbytesleft = sizeof (buf); - size_t res = iconv (cd_utf8_to_88591, - (char **) &inptr, &inbytesleft, - &outptr, &outbytesleft); - if (res == 0) - result |= 1; - iconv_close (cd_utf8_to_88591); - } - } - /* Test against Solaris 10 bug: Failures are not distinguishable from - successful returns. */ - { - iconv_t cd_ascii_to_88591 = iconv_open ("ISO8859-1", "646"); - if (cd_ascii_to_88591 != (iconv_t)(-1)) - { - static const char input[] = "\263"; - char buf[10]; - const char *inptr = input; - size_t inbytesleft = strlen (input); - char *outptr = buf; - size_t outbytesleft = sizeof (buf); - size_t res = iconv (cd_ascii_to_88591, - (char **) &inptr, &inbytesleft, - &outptr, &outbytesleft); - if (res == 0) - result |= 2; - iconv_close (cd_ascii_to_88591); - } - } - /* Test against AIX 6.1..7.1 bug: Buffer overrun. */ - { - iconv_t cd_88591_to_utf8 = iconv_open ("UTF-8", "ISO-8859-1"); - if (cd_88591_to_utf8 != (iconv_t)(-1)) - { - static const char input[] = "\304"; - static char buf[2] = { (char)0xDE, (char)0xAD }; - const char *inptr = input; - size_t inbytesleft = 1; - char *outptr = buf; - size_t outbytesleft = 1; - size_t res = iconv (cd_88591_to_utf8, - (char **) &inptr, &inbytesleft, - &outptr, &outbytesleft); - if (res != (size_t)(-1) || outptr - buf > 1 || buf[1] != (char)0xAD) - result |= 4; - iconv_close (cd_88591_to_utf8); - } - } -#if 0 /* This bug could be worked around by the caller. */ - /* Test against HP-UX 11.11 bug: Positive return value instead of 0. */ - { - iconv_t cd_88591_to_utf8 = iconv_open ("utf8", "iso88591"); - if (cd_88591_to_utf8 != (iconv_t)(-1)) - { - static const char input[] = "\304rger mit b\366sen B\374bchen ohne Augenma\337"; - char buf[50]; - const char *inptr = input; - size_t inbytesleft = strlen (input); - char *outptr = buf; - size_t outbytesleft = sizeof (buf); - size_t res = iconv (cd_88591_to_utf8, - (char **) &inptr, &inbytesleft, - &outptr, &outbytesleft); - if ((int)res > 0) - result |= 8; - iconv_close (cd_88591_to_utf8); - } - } -#endif - /* Test against HP-UX 11.11 bug: No converter from EUC-JP to UTF-8 is - provided. */ - if (/* Try standardized names. */ - iconv_open ("UTF-8", "EUC-JP") == (iconv_t)(-1) - /* Try IRIX, OSF/1 names. */ - && iconv_open ("UTF-8", "eucJP") == (iconv_t)(-1) - /* Try AIX names. */ - && iconv_open ("UTF-8", "IBM-eucJP") == (iconv_t)(-1) - /* Try HP-UX names. */ - && iconv_open ("utf8", "eucJP") == (iconv_t)(-1)) - result |= 16; - return result; -}]])], - [am_cv_func_iconv_works=yes], - [am_cv_func_iconv_works=no], - [ -changequote(,)dnl - case "$host_os" in - aix* | hpux*) am_cv_func_iconv_works="guessing no" ;; - *) am_cv_func_iconv_works="guessing yes" ;; - esac -changequote([,])dnl - ]) - LIBS="$am_save_LIBS" - ]) - case "$am_cv_func_iconv_works" in - *no) am_func_iconv=no am_cv_lib_iconv=no ;; - *) am_func_iconv=yes ;; - esac - else - am_func_iconv=no am_cv_lib_iconv=no - fi - if test "$am_func_iconv" = yes; then - AC_DEFINE([HAVE_ICONV], [1], - [Define if you have the iconv() function and it works.]) - fi - if test "$am_cv_lib_iconv" = yes; then - AC_MSG_CHECKING([how to link with libiconv]) - AC_MSG_RESULT([$LIBICONV]) - else - dnl If $LIBICONV didn't lead to a usable library, we don't need $INCICONV - dnl either. - CPPFLAGS="$am_save_CPPFLAGS" - LIBICONV= - LTLIBICONV= - fi - AC_SUBST([LIBICONV]) - AC_SUBST([LTLIBICONV]) -]) - -dnl Define AM_ICONV using AC_DEFUN_ONCE for Autoconf >= 2.64, in order to -dnl avoid warnings like -dnl "warning: AC_REQUIRE: `AM_ICONV' was expanded before it was required". -dnl This is tricky because of the way 'aclocal' is implemented: -dnl - It requires defining an auxiliary macro whose name ends in AC_DEFUN. -dnl Otherwise aclocal's initial scan pass would miss the macro definition. -dnl - It requires a line break inside the AC_DEFUN_ONCE and AC_DEFUN expansions. -dnl Otherwise aclocal would emit many "Use of uninitialized value $1" -dnl warnings. -m4_define([gl_iconv_AC_DEFUN], - m4_version_prereq([2.64], - [[AC_DEFUN_ONCE( - [$1], [$2])]], - [m4_ifdef([gl_00GNULIB], - [[AC_DEFUN_ONCE( - [$1], [$2])]], - [[AC_DEFUN( - [$1], [$2])]])])) -gl_iconv_AC_DEFUN([AM_ICONV], -[ - AM_ICONV_LINK - if test "$am_cv_func_iconv" = yes; then - AC_MSG_CHECKING([for iconv declaration]) - AC_CACHE_VAL([am_cv_proto_iconv], [ - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ -#include -#include -extern -#ifdef __cplusplus -"C" -#endif -#if defined(__STDC__) || defined(_MSC_VER) || defined(__cplusplus) -size_t iconv (iconv_t cd, char * *inbuf, size_t *inbytesleft, char * *outbuf, size_t *outbytesleft); -#else -size_t iconv(); -#endif - ]], - [[]])], - [am_cv_proto_iconv_arg1=""], - [am_cv_proto_iconv_arg1="const"]) - am_cv_proto_iconv="extern size_t iconv (iconv_t cd, $am_cv_proto_iconv_arg1 char * *inbuf, size_t *inbytesleft, char * *outbuf, size_t *outbytesleft);"]) - am_cv_proto_iconv=`echo "[$]am_cv_proto_iconv" | tr -s ' ' | sed -e 's/( /(/'` - AC_MSG_RESULT([ - $am_cv_proto_iconv]) - AC_DEFINE_UNQUOTED([ICONV_CONST], [$am_cv_proto_iconv_arg1], - [Define as const if the declaration of iconv() needs const.]) - dnl Also substitute ICONV_CONST in the gnulib generated . - m4_ifdef([gl_ICONV_H_DEFAULTS], - [AC_REQUIRE([gl_ICONV_H_DEFAULTS]) - if test -n "$am_cv_proto_iconv_arg1"; then - ICONV_CONST="const" - fi - ]) - fi -]) - -# intlmacosx.m4 serial 5 (gettext-0.18.2) -dnl Copyright (C) 2004-2013 Free Software Foundation, Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. -dnl -dnl This file can can be used in projects which are not available under -dnl the GNU General Public License or the GNU Library General Public -dnl License but which still want to provide support for the GNU gettext -dnl functionality. -dnl Please note that the actual code of the GNU gettext library is covered -dnl by the GNU Library General Public License, and the rest of the GNU -dnl gettext package package is covered by the GNU General Public License. -dnl They are *not* in the public domain. - -dnl Checks for special options needed on Mac OS X. -dnl Defines INTL_MACOSX_LIBS. -AC_DEFUN([gt_INTL_MACOSX], -[ - dnl Check for API introduced in Mac OS X 10.2. - AC_CACHE_CHECK([for CFPreferencesCopyAppValue], - [gt_cv_func_CFPreferencesCopyAppValue], - [gt_save_LIBS="$LIBS" - LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation" - AC_LINK_IFELSE( - [AC_LANG_PROGRAM( - [[#include ]], - [[CFPreferencesCopyAppValue(NULL, NULL)]])], - [gt_cv_func_CFPreferencesCopyAppValue=yes], - [gt_cv_func_CFPreferencesCopyAppValue=no]) - LIBS="$gt_save_LIBS"]) - if test $gt_cv_func_CFPreferencesCopyAppValue = yes; then - AC_DEFINE([HAVE_CFPREFERENCESCOPYAPPVALUE], [1], - [Define to 1 if you have the Mac OS X function CFPreferencesCopyAppValue in the CoreFoundation framework.]) - fi - dnl Check for API introduced in Mac OS X 10.3. - AC_CACHE_CHECK([for CFLocaleCopyCurrent], [gt_cv_func_CFLocaleCopyCurrent], - [gt_save_LIBS="$LIBS" - LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation" - AC_LINK_IFELSE( - [AC_LANG_PROGRAM( - [[#include ]], - [[CFLocaleCopyCurrent();]])], - [gt_cv_func_CFLocaleCopyCurrent=yes], - [gt_cv_func_CFLocaleCopyCurrent=no]) - LIBS="$gt_save_LIBS"]) - if test $gt_cv_func_CFLocaleCopyCurrent = yes; then - AC_DEFINE([HAVE_CFLOCALECOPYCURRENT], [1], - [Define to 1 if you have the Mac OS X function CFLocaleCopyCurrent in the CoreFoundation framework.]) - fi - INTL_MACOSX_LIBS= - if test $gt_cv_func_CFPreferencesCopyAppValue = yes || test $gt_cv_func_CFLocaleCopyCurrent = yes; then - INTL_MACOSX_LIBS="-Wl,-framework -Wl,CoreFoundation" - fi - AC_SUBST([INTL_MACOSX_LIBS]) -]) - -# lib-ld.m4 serial 6 -dnl Copyright (C) 1996-2003, 2009-2013 Free Software Foundation, Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. - -dnl Subroutines of libtool.m4, -dnl with replacements s/_*LT_PATH/AC_LIB_PROG/ and s/lt_/acl_/ to avoid -dnl collision with libtool.m4. - -dnl From libtool-2.4. Sets the variable with_gnu_ld to yes or no. -AC_DEFUN([AC_LIB_PROG_LD_GNU], -[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], [acl_cv_prog_gnu_ld], -[# I'd rather use --version here, but apparently some GNU lds only accept -v. -case `$LD -v 2>&1 /dev/null 2>&1 \ - && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - || PATH_SEPARATOR=';' - } -fi - -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - AC_MSG_CHECKING([for ld used by $CC]) - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [[\\/]]* | ?:[[\\/]]*) - re_direlt='/[[^/]][[^/]]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`echo "$ac_prog"| sed 's%\\\\%/%g'` - while echo "$ac_prog" | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - AC_MSG_CHECKING([for GNU ld]) -else - AC_MSG_CHECKING([for non-GNU ld]) -fi -AC_CACHE_VAL([acl_cv_path_LD], -[if test -z "$LD"; then - acl_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$acl_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - acl_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$acl_cv_path_LD" -v 2>&1 = 1.10 to complain if config.rpath is missing. - m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([config.rpath])]) - AC_REQUIRE([AC_PROG_CC]) dnl we use $CC, $GCC, $LDFLAGS - AC_REQUIRE([AC_LIB_PROG_LD]) dnl we use $LD, $with_gnu_ld - AC_REQUIRE([AC_CANONICAL_HOST]) dnl we use $host - AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT]) dnl we use $ac_aux_dir - AC_CACHE_CHECK([for shared library run path origin], [acl_cv_rpath], [ - CC="$CC" GCC="$GCC" LDFLAGS="$LDFLAGS" LD="$LD" with_gnu_ld="$with_gnu_ld" \ - ${CONFIG_SHELL-/bin/sh} "$ac_aux_dir/config.rpath" "$host" > conftest.sh - . ./conftest.sh - rm -f ./conftest.sh - acl_cv_rpath=done - ]) - wl="$acl_cv_wl" - acl_libext="$acl_cv_libext" - acl_shlibext="$acl_cv_shlibext" - acl_libname_spec="$acl_cv_libname_spec" - acl_library_names_spec="$acl_cv_library_names_spec" - acl_hardcode_libdir_flag_spec="$acl_cv_hardcode_libdir_flag_spec" - acl_hardcode_libdir_separator="$acl_cv_hardcode_libdir_separator" - acl_hardcode_direct="$acl_cv_hardcode_direct" - acl_hardcode_minus_L="$acl_cv_hardcode_minus_L" - dnl Determine whether the user wants rpath handling at all. - AC_ARG_ENABLE([rpath], - [ --disable-rpath do not hardcode runtime library paths], - :, enable_rpath=yes) -]) - -dnl AC_LIB_FROMPACKAGE(name, package) -dnl declares that libname comes from the given package. The configure file -dnl will then not have a --with-libname-prefix option but a -dnl --with-package-prefix option. Several libraries can come from the same -dnl package. This declaration must occur before an AC_LIB_LINKFLAGS or similar -dnl macro call that searches for libname. -AC_DEFUN([AC_LIB_FROMPACKAGE], -[ - pushdef([NAME],[m4_translit([$1],[abcdefghijklmnopqrstuvwxyz./+-], - [ABCDEFGHIJKLMNOPQRSTUVWXYZ____])]) - define([acl_frompackage_]NAME, [$2]) - popdef([NAME]) - pushdef([PACK],[$2]) - pushdef([PACKUP],[m4_translit(PACK,[abcdefghijklmnopqrstuvwxyz./+-], - [ABCDEFGHIJKLMNOPQRSTUVWXYZ____])]) - define([acl_libsinpackage_]PACKUP, - m4_ifdef([acl_libsinpackage_]PACKUP, [m4_defn([acl_libsinpackage_]PACKUP)[, ]],)[lib$1]) - popdef([PACKUP]) - popdef([PACK]) -]) - -dnl AC_LIB_LINKFLAGS_BODY(name [, dependencies]) searches for libname and -dnl the libraries corresponding to explicit and implicit dependencies. -dnl Sets the LIB${NAME}, LTLIB${NAME} and INC${NAME} variables. -dnl Also, sets the LIB${NAME}_PREFIX variable to nonempty if libname was found -dnl in ${LIB${NAME}_PREFIX}/$acl_libdirstem. -AC_DEFUN([AC_LIB_LINKFLAGS_BODY], -[ - AC_REQUIRE([AC_LIB_PREPARE_MULTILIB]) - pushdef([NAME],[m4_translit([$1],[abcdefghijklmnopqrstuvwxyz./+-], - [ABCDEFGHIJKLMNOPQRSTUVWXYZ____])]) - pushdef([PACK],[m4_ifdef([acl_frompackage_]NAME, [acl_frompackage_]NAME, lib[$1])]) - pushdef([PACKUP],[m4_translit(PACK,[abcdefghijklmnopqrstuvwxyz./+-], - [ABCDEFGHIJKLMNOPQRSTUVWXYZ____])]) - pushdef([PACKLIBS],[m4_ifdef([acl_frompackage_]NAME, [acl_libsinpackage_]PACKUP, lib[$1])]) - dnl Autoconf >= 2.61 supports dots in --with options. - pushdef([P_A_C_K],[m4_if(m4_version_compare(m4_defn([m4_PACKAGE_VERSION]),[2.61]),[-1],[m4_translit(PACK,[.],[_])],PACK)]) - dnl By default, look in $includedir and $libdir. - use_additional=yes - AC_LIB_WITH_FINAL_PREFIX([ - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - ]) - AC_ARG_WITH(P_A_C_K[-prefix], -[[ --with-]]P_A_C_K[[-prefix[=DIR] search for ]PACKLIBS[ in DIR/include and DIR/lib - --without-]]P_A_C_K[[-prefix don't search for ]PACKLIBS[ in includedir and libdir]], -[ - if test "X$withval" = "Xno"; then - use_additional=no - else - if test "X$withval" = "X"; then - AC_LIB_WITH_FINAL_PREFIX([ - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - ]) - else - additional_includedir="$withval/include" - additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && ! test -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi - fi - fi -]) - dnl Search the library and its dependencies in $additional_libdir and - dnl $LDFLAGS. Using breadth-first-seach. - LIB[]NAME= - LTLIB[]NAME= - INC[]NAME= - LIB[]NAME[]_PREFIX= - dnl HAVE_LIB${NAME} is an indicator that LIB${NAME}, LTLIB${NAME} have been - dnl computed. So it has to be reset here. - HAVE_LIB[]NAME= - rpathdirs= - ltrpathdirs= - names_already_handled= - names_next_round='$1 $2' - while test -n "$names_next_round"; do - names_this_round="$names_next_round" - names_next_round= - for name in $names_this_round; do - already_handled= - for n in $names_already_handled; do - if test "$n" = "$name"; then - already_handled=yes - break - fi - done - if test -z "$already_handled"; then - names_already_handled="$names_already_handled $name" - dnl See if it was already located by an earlier AC_LIB_LINKFLAGS - dnl or AC_LIB_HAVE_LINKFLAGS call. - uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./+-|ABCDEFGHIJKLMNOPQRSTUVWXYZ____|'` - eval value=\"\$HAVE_LIB$uppername\" - if test -n "$value"; then - if test "$value" = yes; then - eval value=\"\$LIB$uppername\" - test -z "$value" || LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$value" - eval value=\"\$LTLIB$uppername\" - test -z "$value" || LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }$value" - else - dnl An earlier call to AC_LIB_HAVE_LINKFLAGS has determined - dnl that this library doesn't exist. So just drop it. - : - fi - else - dnl Search the library lib$name in $additional_libdir and $LDFLAGS - dnl and the already constructed $LIBNAME/$LTLIBNAME. - found_dir= - found_la= - found_so= - found_a= - eval libname=\"$acl_libname_spec\" # typically: libname=lib$name - if test -n "$acl_shlibext"; then - shrext=".$acl_shlibext" # typically: shrext=.so - else - shrext= - fi - if test $use_additional = yes; then - dir="$additional_libdir" - dnl The same code as in the loop below: - dnl First look for a shared library. - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - dnl Then look for a static library. - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - fi - if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIB[]NAME; do - AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) - case "$x" in - -L*) - dir=`echo "X$x" | sed -e 's/^X-L//'` - dnl First look for a shared library. - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - dnl Then look for a static library. - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - ;; - esac - if test "X$found_dir" != "X"; then - break - fi - done - fi - if test "X$found_dir" != "X"; then - dnl Found the library. - LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-L$found_dir -l$name" - if test "X$found_so" != "X"; then - dnl Linking with a shared library. We attempt to hardcode its - dnl directory into the executable's runpath, unless it's the - dnl standard /usr/lib. - if test "$enable_rpath" = no \ - || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then - dnl No hardcoding is needed. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so" - else - dnl Use an explicit option to hardcode DIR into the resulting - dnl binary. - dnl Potentially add DIR to ltrpathdirs. - dnl The ltrpathdirs will be appended to $LTLIBNAME at the end. - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $found_dir" - fi - dnl The hardcoding into $LIBNAME is system dependent. - if test "$acl_hardcode_direct" = yes; then - dnl Using DIR/libNAME.so during linking hardcodes DIR into the - dnl resulting binary. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so" - else - if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then - dnl Use an explicit option to hardcode DIR into the resulting - dnl binary. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so" - dnl Potentially add DIR to rpathdirs. - dnl The rpathdirs will be appended to $LIBNAME at the end. - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $found_dir" - fi - else - dnl Rely on "-L$found_dir". - dnl But don't add it if it's already contained in the LDFLAGS - dnl or the already constructed $LIBNAME - haveit= - for x in $LDFLAGS $LIB[]NAME; do - AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) - if test "X$x" = "X-L$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$found_dir" - fi - if test "$acl_hardcode_minus_L" != no; then - dnl FIXME: Not sure whether we should use - dnl "-L$found_dir -l$name" or "-L$found_dir $found_so" - dnl here. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so" - else - dnl We cannot use $acl_hardcode_runpath_var and LD_RUN_PATH - dnl here, because this doesn't fit in flags passed to the - dnl compiler. So give up. No hardcoding. This affects only - dnl very old systems. - dnl FIXME: Not sure whether we should use - dnl "-L$found_dir -l$name" or "-L$found_dir $found_so" - dnl here. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-l$name" - fi - fi - fi - fi - else - if test "X$found_a" != "X"; then - dnl Linking with a static library. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_a" - else - dnl We shouldn't come here, but anyway it's good to have a - dnl fallback. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$found_dir -l$name" - fi - fi - dnl Assume the include files are nearby. - additional_includedir= - case "$found_dir" in - */$acl_libdirstem | */$acl_libdirstem/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` - if test "$name" = '$1'; then - LIB[]NAME[]_PREFIX="$basedir" - fi - additional_includedir="$basedir/include" - ;; - */$acl_libdirstem2 | */$acl_libdirstem2/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem2/"'*$,,'` - if test "$name" = '$1'; then - LIB[]NAME[]_PREFIX="$basedir" - fi - additional_includedir="$basedir/include" - ;; - esac - if test "X$additional_includedir" != "X"; then - dnl Potentially add $additional_includedir to $INCNAME. - dnl But don't add it - dnl 1. if it's the standard /usr/include, - dnl 2. if it's /usr/local/include and we are using GCC on Linux, - dnl 3. if it's already present in $CPPFLAGS or the already - dnl constructed $INCNAME, - dnl 4. if it doesn't exist as a directory. - if test "X$additional_includedir" != "X/usr/include"; then - haveit= - if test "X$additional_includedir" = "X/usr/local/include"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - for x in $CPPFLAGS $INC[]NAME; do - AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) - if test "X$x" = "X-I$additional_includedir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_includedir"; then - dnl Really add $additional_includedir to $INCNAME. - INC[]NAME="${INC[]NAME}${INC[]NAME:+ }-I$additional_includedir" - fi - fi - fi - fi - fi - dnl Look for dependencies. - if test -n "$found_la"; then - dnl Read the .la file. It defines the variables - dnl dlname, library_names, old_library, dependency_libs, current, - dnl age, revision, installed, dlopen, dlpreopen, libdir. - save_libdir="$libdir" - case "$found_la" in - */* | *\\*) . "$found_la" ;; - *) . "./$found_la" ;; - esac - libdir="$save_libdir" - dnl We use only dependency_libs. - for dep in $dependency_libs; do - case "$dep" in - -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - dnl Potentially add $additional_libdir to $LIBNAME and $LTLIBNAME. - dnl But don't add it - dnl 1. if it's the standard /usr/lib, - dnl 2. if it's /usr/local/lib and we are using GCC on Linux, - dnl 3. if it's already present in $LDFLAGS or the already - dnl constructed $LIBNAME, - dnl 4. if it doesn't exist as a directory. - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then - haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - haveit= - for x in $LDFLAGS $LIB[]NAME; do - AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - dnl Really add $additional_libdir to $LIBNAME. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$additional_libdir" - fi - fi - haveit= - for x in $LDFLAGS $LTLIB[]NAME; do - AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - dnl Really add $additional_libdir to $LTLIBNAME. - LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-L$additional_libdir" - fi - fi - fi - fi - ;; - -R*) - dir=`echo "X$dep" | sed -e 's/^X-R//'` - if test "$enable_rpath" != no; then - dnl Potentially add DIR to rpathdirs. - dnl The rpathdirs will be appended to $LIBNAME at the end. - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $dir" - fi - dnl Potentially add DIR to ltrpathdirs. - dnl The ltrpathdirs will be appended to $LTLIBNAME at the end. - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $dir" - fi - fi - ;; - -l*) - dnl Handle this in the next round. - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'` - ;; - *.la) - dnl Handle this in the next round. Throw away the .la's - dnl directory; it is already contained in a preceding -L - dnl option. - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` - ;; - *) - dnl Most likely an immediate library name. - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$dep" - LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }$dep" - ;; - esac - done - fi - else - dnl Didn't find the library; assume it is in the system directories - dnl known to the linker and runtime loader. (All the system - dnl directories known to the linker should also be known to the - dnl runtime loader, otherwise the system is severely misconfigured.) - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-l$name" - LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-l$name" - fi - fi - fi - done - done - if test "X$rpathdirs" != "X"; then - if test -n "$acl_hardcode_libdir_separator"; then - dnl Weird platform: only the last -rpath option counts, the user must - dnl pass all path elements in one option. We can arrange that for a - dnl single library, but not when more than one $LIBNAMEs are used. - alldirs= - for found_dir in $rpathdirs; do - alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" - done - dnl Note: acl_hardcode_libdir_flag_spec uses $libdir and $wl. - acl_save_libdir="$libdir" - libdir="$alldirs" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$flag" - else - dnl The -rpath options are cumulative. - for found_dir in $rpathdirs; do - acl_save_libdir="$libdir" - libdir="$found_dir" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$flag" - done - fi - fi - if test "X$ltrpathdirs" != "X"; then - dnl When using libtool, the option that works for both libraries and - dnl executables is -R. The -R options are cumulative. - for found_dir in $ltrpathdirs; do - LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-R$found_dir" - done - fi - popdef([P_A_C_K]) - popdef([PACKLIBS]) - popdef([PACKUP]) - popdef([PACK]) - popdef([NAME]) -]) - -dnl AC_LIB_APPENDTOVAR(VAR, CONTENTS) appends the elements of CONTENTS to VAR, -dnl unless already present in VAR. -dnl Works only for CPPFLAGS, not for LIB* variables because that sometimes -dnl contains two or three consecutive elements that belong together. -AC_DEFUN([AC_LIB_APPENDTOVAR], -[ - for element in [$2]; do - haveit= - for x in $[$1]; do - AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) - if test "X$x" = "X$element"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - [$1]="${[$1]}${[$1]:+ }$element" - fi - done -]) - -dnl For those cases where a variable contains several -L and -l options -dnl referring to unknown libraries and directories, this macro determines the -dnl necessary additional linker options for the runtime path. -dnl AC_LIB_LINKFLAGS_FROM_LIBS([LDADDVAR], [LIBSVALUE], [USE-LIBTOOL]) -dnl sets LDADDVAR to linker options needed together with LIBSVALUE. -dnl If USE-LIBTOOL evaluates to non-empty, linking with libtool is assumed, -dnl otherwise linking without libtool is assumed. -AC_DEFUN([AC_LIB_LINKFLAGS_FROM_LIBS], -[ - AC_REQUIRE([AC_LIB_RPATH]) - AC_REQUIRE([AC_LIB_PREPARE_MULTILIB]) - $1= - if test "$enable_rpath" != no; then - if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then - dnl Use an explicit option to hardcode directories into the resulting - dnl binary. - rpathdirs= - next= - for opt in $2; do - if test -n "$next"; then - dir="$next" - dnl No need to hardcode the standard /usr/lib. - if test "X$dir" != "X/usr/$acl_libdirstem" \ - && test "X$dir" != "X/usr/$acl_libdirstem2"; then - rpathdirs="$rpathdirs $dir" - fi - next= - else - case $opt in - -L) next=yes ;; - -L*) dir=`echo "X$opt" | sed -e 's,^X-L,,'` - dnl No need to hardcode the standard /usr/lib. - if test "X$dir" != "X/usr/$acl_libdirstem" \ - && test "X$dir" != "X/usr/$acl_libdirstem2"; then - rpathdirs="$rpathdirs $dir" - fi - next= ;; - *) next= ;; - esac - fi - done - if test "X$rpathdirs" != "X"; then - if test -n ""$3""; then - dnl libtool is used for linking. Use -R options. - for dir in $rpathdirs; do - $1="${$1}${$1:+ }-R$dir" - done - else - dnl The linker is used for linking directly. - if test -n "$acl_hardcode_libdir_separator"; then - dnl Weird platform: only the last -rpath option counts, the user - dnl must pass all path elements in one option. - alldirs= - for dir in $rpathdirs; do - alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$dir" - done - acl_save_libdir="$libdir" - libdir="$alldirs" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - $1="$flag" - else - dnl The -rpath options are cumulative. - for dir in $rpathdirs; do - acl_save_libdir="$libdir" - libdir="$dir" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - $1="${$1}${$1:+ }$flag" - done - fi - fi - fi - fi - fi - AC_SUBST([$1]) -]) - -# lib-prefix.m4 serial 7 (gettext-0.18) -dnl Copyright (C) 2001-2005, 2008-2013 Free Software Foundation, Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. - -dnl From Bruno Haible. - -dnl AC_LIB_ARG_WITH is synonymous to AC_ARG_WITH in autoconf-2.13, and -dnl similar to AC_ARG_WITH in autoconf 2.52...2.57 except that is doesn't -dnl require excessive bracketing. -ifdef([AC_HELP_STRING], -[AC_DEFUN([AC_LIB_ARG_WITH], [AC_ARG_WITH([$1],[[$2]],[$3],[$4])])], -[AC_DEFUN([AC_][LIB_ARG_WITH], [AC_ARG_WITH([$1],[$2],[$3],[$4])])]) - -dnl AC_LIB_PREFIX adds to the CPPFLAGS and LDFLAGS the flags that are needed -dnl to access previously installed libraries. The basic assumption is that -dnl a user will want packages to use other packages he previously installed -dnl with the same --prefix option. -dnl This macro is not needed if only AC_LIB_LINKFLAGS is used to locate -dnl libraries, but is otherwise very convenient. -AC_DEFUN([AC_LIB_PREFIX], -[ - AC_BEFORE([$0], [AC_LIB_LINKFLAGS]) - AC_REQUIRE([AC_PROG_CC]) - AC_REQUIRE([AC_CANONICAL_HOST]) - AC_REQUIRE([AC_LIB_PREPARE_MULTILIB]) - AC_REQUIRE([AC_LIB_PREPARE_PREFIX]) - dnl By default, look in $includedir and $libdir. - use_additional=yes - AC_LIB_WITH_FINAL_PREFIX([ - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - ]) - AC_LIB_ARG_WITH([lib-prefix], -[ --with-lib-prefix[=DIR] search for libraries in DIR/include and DIR/lib - --without-lib-prefix don't search for libraries in includedir and libdir], -[ - if test "X$withval" = "Xno"; then - use_additional=no - else - if test "X$withval" = "X"; then - AC_LIB_WITH_FINAL_PREFIX([ - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - ]) - else - additional_includedir="$withval/include" - additional_libdir="$withval/$acl_libdirstem" - fi - fi -]) - if test $use_additional = yes; then - dnl Potentially add $additional_includedir to $CPPFLAGS. - dnl But don't add it - dnl 1. if it's the standard /usr/include, - dnl 2. if it's already present in $CPPFLAGS, - dnl 3. if it's /usr/local/include and we are using GCC on Linux, - dnl 4. if it doesn't exist as a directory. - if test "X$additional_includedir" != "X/usr/include"; then - haveit= - for x in $CPPFLAGS; do - AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) - if test "X$x" = "X-I$additional_includedir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test "X$additional_includedir" = "X/usr/local/include"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - if test -d "$additional_includedir"; then - dnl Really add $additional_includedir to $CPPFLAGS. - CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }-I$additional_includedir" - fi - fi - fi - fi - dnl Potentially add $additional_libdir to $LDFLAGS. - dnl But don't add it - dnl 1. if it's the standard /usr/lib, - dnl 2. if it's already present in $LDFLAGS, - dnl 3. if it's /usr/local/lib and we are using GCC on Linux, - dnl 4. if it doesn't exist as a directory. - if test "X$additional_libdir" != "X/usr/$acl_libdirstem"; then - haveit= - for x in $LDFLAGS; do - AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem"; then - if test -n "$GCC"; then - case $host_os in - linux*) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - dnl Really add $additional_libdir to $LDFLAGS. - LDFLAGS="${LDFLAGS}${LDFLAGS:+ }-L$additional_libdir" - fi - fi - fi - fi - fi -]) - -dnl AC_LIB_PREPARE_PREFIX creates variables acl_final_prefix, -dnl acl_final_exec_prefix, containing the values to which $prefix and -dnl $exec_prefix will expand at the end of the configure script. -AC_DEFUN([AC_LIB_PREPARE_PREFIX], -[ - dnl Unfortunately, prefix and exec_prefix get only finally determined - dnl at the end of configure. - if test "X$prefix" = "XNONE"; then - acl_final_prefix="$ac_default_prefix" - else - acl_final_prefix="$prefix" - fi - if test "X$exec_prefix" = "XNONE"; then - acl_final_exec_prefix='${prefix}' - else - acl_final_exec_prefix="$exec_prefix" - fi - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - eval acl_final_exec_prefix=\"$acl_final_exec_prefix\" - prefix="$acl_save_prefix" -]) - -dnl AC_LIB_WITH_FINAL_PREFIX([statement]) evaluates statement, with the -dnl variables prefix and exec_prefix bound to the values they will have -dnl at the end of the configure script. -AC_DEFUN([AC_LIB_WITH_FINAL_PREFIX], -[ - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - $1 - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" -]) - -dnl AC_LIB_PREPARE_MULTILIB creates -dnl - a variable acl_libdirstem, containing the basename of the libdir, either -dnl "lib" or "lib64" or "lib/64", -dnl - a variable acl_libdirstem2, as a secondary possible value for -dnl acl_libdirstem, either the same as acl_libdirstem or "lib/sparcv9" or -dnl "lib/amd64". -AC_DEFUN([AC_LIB_PREPARE_MULTILIB], -[ - dnl There is no formal standard regarding lib and lib64. - dnl On glibc systems, the current practice is that on a system supporting - dnl 32-bit and 64-bit instruction sets or ABIs, 64-bit libraries go under - dnl $prefix/lib64 and 32-bit libraries go under $prefix/lib. We determine - dnl the compiler's default mode by looking at the compiler's library search - dnl path. If at least one of its elements ends in /lib64 or points to a - dnl directory whose absolute pathname ends in /lib64, we assume a 64-bit ABI. - dnl Otherwise we use the default, namely "lib". - dnl On Solaris systems, the current practice is that on a system supporting - dnl 32-bit and 64-bit instruction sets or ABIs, 64-bit libraries go under - dnl $prefix/lib/64 (which is a symlink to either $prefix/lib/sparcv9 or - dnl $prefix/lib/amd64) and 32-bit libraries go under $prefix/lib. - AC_REQUIRE([AC_CANONICAL_HOST]) - acl_libdirstem=lib - acl_libdirstem2= - case "$host_os" in - solaris*) - dnl See Solaris 10 Software Developer Collection > Solaris 64-bit Developer's Guide > The Development Environment - dnl . - dnl "Portable Makefiles should refer to any library directories using the 64 symbolic link." - dnl But we want to recognize the sparcv9 or amd64 subdirectory also if the - dnl symlink is missing, so we set acl_libdirstem2 too. - AC_CACHE_CHECK([for 64-bit host], [gl_cv_solaris_64bit], - [AC_EGREP_CPP([sixtyfour bits], [ -#ifdef _LP64 -sixtyfour bits -#endif - ], [gl_cv_solaris_64bit=yes], [gl_cv_solaris_64bit=no]) - ]) - if test $gl_cv_solaris_64bit = yes; then - acl_libdirstem=lib/64 - case "$host_cpu" in - sparc*) acl_libdirstem2=lib/sparcv9 ;; - i*86 | x86_64) acl_libdirstem2=lib/amd64 ;; - esac - fi - ;; - *) - searchpath=`(LC_ALL=C $CC -print-search-dirs) 2>/dev/null | sed -n -e 's,^libraries: ,,p' | sed -e 's,^=,,'` - if test -n "$searchpath"; then - acl_save_IFS="${IFS= }"; IFS=":" - for searchdir in $searchpath; do - if test -d "$searchdir"; then - case "$searchdir" in - */lib64/ | */lib64 ) acl_libdirstem=lib64 ;; - */../ | */.. ) - # Better ignore directories of this form. They are misleading. - ;; - *) searchdir=`cd "$searchdir" && pwd` - case "$searchdir" in - */lib64 ) acl_libdirstem=lib64 ;; - esac ;; - esac - fi - done - IFS="$acl_save_IFS" - fi - ;; - esac - test -n "$acl_libdirstem2" || acl_libdirstem2="$acl_libdirstem" -]) - -# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- -# -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. -# Written by Gordon Matzigkeit, 1996 -# -# This file is free software; the Free Software Foundation gives -# unlimited permission to copy and/or distribute it, with or without -# modifications, as long as this notice is preserved. - -m4_define([_LT_COPYING], [dnl -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. -# Written by Gordon Matzigkeit, 1996 -# -# This file is part of GNU Libtool. -# -# GNU Libtool is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; either version 2 of -# the License, or (at your option) any later version. -# -# As a special exception to the GNU General Public License, -# if you distribute this file as part of a program or library that -# is built using GNU Libtool, you may include this file under the -# same distribution terms that you use for the rest of that program. -# -# GNU Libtool is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with GNU Libtool; see the file COPYING. If not, a copy -# can be downloaded from http://www.gnu.org/licenses/gpl.html, or -# obtained by writing to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -]) - -# serial 57 LT_INIT - - -# LT_PREREQ(VERSION) -# ------------------ -# Complain and exit if this libtool version is less that VERSION. -m4_defun([LT_PREREQ], -[m4_if(m4_version_compare(m4_defn([LT_PACKAGE_VERSION]), [$1]), -1, - [m4_default([$3], - [m4_fatal([Libtool version $1 or higher is required], - 63)])], - [$2])]) - - -# _LT_CHECK_BUILDDIR -# ------------------ -# Complain if the absolute build directory name contains unusual characters -m4_defun([_LT_CHECK_BUILDDIR], -[case `pwd` in - *\ * | *\ *) - AC_MSG_WARN([Libtool does not cope well with whitespace in `pwd`]) ;; -esac -]) - - -# LT_INIT([OPTIONS]) -# ------------------ -AC_DEFUN([LT_INIT], -[AC_PREREQ([2.58])dnl We use AC_INCLUDES_DEFAULT -AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl -AC_BEFORE([$0], [LT_LANG])dnl -AC_BEFORE([$0], [LT_OUTPUT])dnl -AC_BEFORE([$0], [LTDL_INIT])dnl -m4_require([_LT_CHECK_BUILDDIR])dnl - -dnl Autoconf doesn't catch unexpanded LT_ macros by default: -m4_pattern_forbid([^_?LT_[A-Z_]+$])dnl -m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])dnl -dnl aclocal doesn't pull ltoptions.m4, ltsugar.m4, or ltversion.m4 -dnl unless we require an AC_DEFUNed macro: -AC_REQUIRE([LTOPTIONS_VERSION])dnl -AC_REQUIRE([LTSUGAR_VERSION])dnl -AC_REQUIRE([LTVERSION_VERSION])dnl -AC_REQUIRE([LTOBSOLETE_VERSION])dnl -m4_require([_LT_PROG_LTMAIN])dnl - -_LT_SHELL_INIT([SHELL=${CONFIG_SHELL-/bin/sh}]) - -dnl Parse OPTIONS -_LT_SET_OPTIONS([$0], [$1]) - -# This can be used to rebuild libtool when needed -LIBTOOL_DEPS="$ltmain" - -# Always use our own libtool. -LIBTOOL='$(SHELL) $(top_builddir)/libtool' -AC_SUBST(LIBTOOL)dnl - -_LT_SETUP - -# Only expand once: -m4_define([LT_INIT]) -])# LT_INIT - -# Old names: -AU_ALIAS([AC_PROG_LIBTOOL], [LT_INIT]) -AU_ALIAS([AM_PROG_LIBTOOL], [LT_INIT]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_PROG_LIBTOOL], []) -dnl AC_DEFUN([AM_PROG_LIBTOOL], []) - - -# _LT_CC_BASENAME(CC) -# ------------------- -# Calculate cc_basename. Skip known compiler wrappers and cross-prefix. -m4_defun([_LT_CC_BASENAME], -[for cc_temp in $1""; do - case $cc_temp in - compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;; - distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"` -]) - - -# _LT_FILEUTILS_DEFAULTS -# ---------------------- -# It is okay to use these file commands and assume they have been set -# sensibly after `m4_require([_LT_FILEUTILS_DEFAULTS])'. -m4_defun([_LT_FILEUTILS_DEFAULTS], -[: ${CP="cp -f"} -: ${MV="mv -f"} -: ${RM="rm -f"} -])# _LT_FILEUTILS_DEFAULTS - - -# _LT_SETUP -# --------- -m4_defun([_LT_SETUP], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -AC_REQUIRE([AC_CANONICAL_BUILD])dnl -AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl -AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl - -_LT_DECL([], [PATH_SEPARATOR], [1], [The PATH separator for the build system])dnl -dnl -_LT_DECL([], [host_alias], [0], [The host system])dnl -_LT_DECL([], [host], [0])dnl -_LT_DECL([], [host_os], [0])dnl -dnl -_LT_DECL([], [build_alias], [0], [The build system])dnl -_LT_DECL([], [build], [0])dnl -_LT_DECL([], [build_os], [0])dnl -dnl -AC_REQUIRE([AC_PROG_CC])dnl -AC_REQUIRE([LT_PATH_LD])dnl -AC_REQUIRE([LT_PATH_NM])dnl -dnl -AC_REQUIRE([AC_PROG_LN_S])dnl -test -z "$LN_S" && LN_S="ln -s" -_LT_DECL([], [LN_S], [1], [Whether we need soft or hard links])dnl -dnl -AC_REQUIRE([LT_CMD_MAX_LEN])dnl -_LT_DECL([objext], [ac_objext], [0], [Object file suffix (normally "o")])dnl -_LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl -dnl -m4_require([_LT_FILEUTILS_DEFAULTS])dnl -m4_require([_LT_CHECK_SHELL_FEATURES])dnl -m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl -m4_require([_LT_CMD_RELOAD])dnl -m4_require([_LT_CHECK_MAGIC_METHOD])dnl -m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl -m4_require([_LT_CMD_OLD_ARCHIVE])dnl -m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl -m4_require([_LT_WITH_SYSROOT])dnl - -_LT_CONFIG_LIBTOOL_INIT([ -# See if we are running on zsh, and set the options which allow our -# commands through without removal of \ escapes INIT. -if test -n "\${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST -fi -]) -if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST -fi - -_LT_CHECK_OBJDIR - -m4_require([_LT_TAG_COMPILER])dnl - -case $host_os in -aix3*) - # AIX sometimes has problems with the GCC collect2 program. For some - # reason, if we set the COLLECT_NAMES environment variable, the problems - # vanish in a puff of smoke. - if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES - fi - ;; -esac - -# Global variables: -ofile=libtool -can_build_shared=yes - -# All known linkers require a `.a' archive for static linking (except MSVC, -# which needs '.lib'). -libext=a - -with_gnu_ld="$lt_cv_prog_gnu_ld" - -old_CC="$CC" -old_CFLAGS="$CFLAGS" - -# Set sane defaults for various variables -test -z "$CC" && CC=cc -test -z "$LTCC" && LTCC=$CC -test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS -test -z "$LD" && LD=ld -test -z "$ac_objext" && ac_objext=o - -_LT_CC_BASENAME([$compiler]) - -# Only perform the check for file, if the check method requires it -test -z "$MAGIC_CMD" && MAGIC_CMD=file -case $deplibs_check_method in -file_magic*) - if test "$file_magic_cmd" = '$MAGIC_CMD'; then - _LT_PATH_MAGIC - fi - ;; -esac - -# Use C for the default configuration in the libtool script -LT_SUPPORTED_TAG([CC]) -_LT_LANG_C_CONFIG -_LT_LANG_DEFAULT_CONFIG -_LT_CONFIG_COMMANDS -])# _LT_SETUP - - -# _LT_PREPARE_SED_QUOTE_VARS -# -------------------------- -# Define a few sed substitution that help us do robust quoting. -m4_defun([_LT_PREPARE_SED_QUOTE_VARS], -[# Backslashify metacharacters that are still active within -# double-quoted strings. -sed_quote_subst='s/\([["`$\\]]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\([["`\\]]\)/\\\1/g' - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# Sed substitution to delay expansion of an escaped single quote. -delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' - -# Sed substitution to avoid accidental globbing in evaled expressions -no_glob_subst='s/\*/\\\*/g' -]) - -# _LT_PROG_LTMAIN -# --------------- -# Note that this code is called both from `configure', and `config.status' -# now that we use AC_CONFIG_COMMANDS to generate libtool. Notably, -# `config.status' has no value for ac_aux_dir unless we are using Automake, -# so we pass a copy along to make sure it has a sensible value anyway. -m4_defun([_LT_PROG_LTMAIN], -[m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([ltmain.sh])])dnl -_LT_CONFIG_LIBTOOL_INIT([ac_aux_dir='$ac_aux_dir']) -ltmain="$ac_aux_dir/ltmain.sh" -])# _LT_PROG_LTMAIN - - - -# So that we can recreate a full libtool script including additional -# tags, we accumulate the chunks of code to send to AC_CONFIG_COMMANDS -# in macros and then make a single call at the end using the `libtool' -# label. - - -# _LT_CONFIG_LIBTOOL_INIT([INIT-COMMANDS]) -# ---------------------------------------- -# Register INIT-COMMANDS to be passed to AC_CONFIG_COMMANDS later. -m4_define([_LT_CONFIG_LIBTOOL_INIT], -[m4_ifval([$1], - [m4_append([_LT_OUTPUT_LIBTOOL_INIT], - [$1 -])])]) - -# Initialize. -m4_define([_LT_OUTPUT_LIBTOOL_INIT]) - - -# _LT_CONFIG_LIBTOOL([COMMANDS]) -# ------------------------------ -# Register COMMANDS to be passed to AC_CONFIG_COMMANDS later. -m4_define([_LT_CONFIG_LIBTOOL], -[m4_ifval([$1], - [m4_append([_LT_OUTPUT_LIBTOOL_COMMANDS], - [$1 -])])]) - -# Initialize. -m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS]) - - -# _LT_CONFIG_SAVE_COMMANDS([COMMANDS], [INIT_COMMANDS]) -# ----------------------------------------------------- -m4_defun([_LT_CONFIG_SAVE_COMMANDS], -[_LT_CONFIG_LIBTOOL([$1]) -_LT_CONFIG_LIBTOOL_INIT([$2]) -]) - - -# _LT_FORMAT_COMMENT([COMMENT]) -# ----------------------------- -# Add leading comment marks to the start of each line, and a trailing -# full-stop to the whole comment if one is not present already. -m4_define([_LT_FORMAT_COMMENT], -[m4_ifval([$1], [ -m4_bpatsubst([m4_bpatsubst([$1], [^ *], [# ])], - [['`$\]], [\\\&])]m4_bmatch([$1], [[!?.]$], [], [.]) -)]) - - - - - -# _LT_DECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION], [IS-TAGGED?]) -# ------------------------------------------------------------------- -# CONFIGNAME is the name given to the value in the libtool script. -# VARNAME is the (base) name used in the configure script. -# VALUE may be 0, 1 or 2 for a computed quote escaped value based on -# VARNAME. Any other value will be used directly. -m4_define([_LT_DECL], -[lt_if_append_uniq([lt_decl_varnames], [$2], [, ], - [lt_dict_add_subkey([lt_decl_dict], [$2], [libtool_name], - [m4_ifval([$1], [$1], [$2])]) - lt_dict_add_subkey([lt_decl_dict], [$2], [value], [$3]) - m4_ifval([$4], - [lt_dict_add_subkey([lt_decl_dict], [$2], [description], [$4])]) - lt_dict_add_subkey([lt_decl_dict], [$2], - [tagged?], [m4_ifval([$5], [yes], [no])])]) -]) - - -# _LT_TAGDECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION]) -# -------------------------------------------------------- -m4_define([_LT_TAGDECL], [_LT_DECL([$1], [$2], [$3], [$4], [yes])]) - - -# lt_decl_tag_varnames([SEPARATOR], [VARNAME1...]) -# ------------------------------------------------ -m4_define([lt_decl_tag_varnames], -[_lt_decl_filter([tagged?], [yes], $@)]) - - -# _lt_decl_filter(SUBKEY, VALUE, [SEPARATOR], [VARNAME1..]) -# --------------------------------------------------------- -m4_define([_lt_decl_filter], -[m4_case([$#], - [0], [m4_fatal([$0: too few arguments: $#])], - [1], [m4_fatal([$0: too few arguments: $#: $1])], - [2], [lt_dict_filter([lt_decl_dict], [$1], [$2], [], lt_decl_varnames)], - [3], [lt_dict_filter([lt_decl_dict], [$1], [$2], [$3], lt_decl_varnames)], - [lt_dict_filter([lt_decl_dict], $@)])[]dnl -]) - - -# lt_decl_quote_varnames([SEPARATOR], [VARNAME1...]) -# -------------------------------------------------- -m4_define([lt_decl_quote_varnames], -[_lt_decl_filter([value], [1], $@)]) - - -# lt_decl_dquote_varnames([SEPARATOR], [VARNAME1...]) -# --------------------------------------------------- -m4_define([lt_decl_dquote_varnames], -[_lt_decl_filter([value], [2], $@)]) - - -# lt_decl_varnames_tagged([SEPARATOR], [VARNAME1...]) -# --------------------------------------------------- -m4_define([lt_decl_varnames_tagged], -[m4_assert([$# <= 2])dnl -_$0(m4_quote(m4_default([$1], [[, ]])), - m4_ifval([$2], [[$2]], [m4_dquote(lt_decl_tag_varnames)]), - m4_split(m4_normalize(m4_quote(_LT_TAGS)), [ ]))]) -m4_define([_lt_decl_varnames_tagged], -[m4_ifval([$3], [lt_combine([$1], [$2], [_], $3)])]) - - -# lt_decl_all_varnames([SEPARATOR], [VARNAME1...]) -# ------------------------------------------------ -m4_define([lt_decl_all_varnames], -[_$0(m4_quote(m4_default([$1], [[, ]])), - m4_if([$2], [], - m4_quote(lt_decl_varnames), - m4_quote(m4_shift($@))))[]dnl -]) -m4_define([_lt_decl_all_varnames], -[lt_join($@, lt_decl_varnames_tagged([$1], - lt_decl_tag_varnames([[, ]], m4_shift($@))))dnl -]) - - -# _LT_CONFIG_STATUS_DECLARE([VARNAME]) -# ------------------------------------ -# Quote a variable value, and forward it to `config.status' so that its -# declaration there will have the same value as in `configure'. VARNAME -# must have a single quote delimited value for this to work. -m4_define([_LT_CONFIG_STATUS_DECLARE], -[$1='`$ECHO "$][$1" | $SED "$delay_single_quote_subst"`']) - - -# _LT_CONFIG_STATUS_DECLARATIONS -# ------------------------------ -# We delimit libtool config variables with single quotes, so when -# we write them to config.status, we have to be sure to quote all -# embedded single quotes properly. In configure, this macro expands -# each variable declared with _LT_DECL (and _LT_TAGDECL) into: -# -# ='`$ECHO "$" | $SED "$delay_single_quote_subst"`' -m4_defun([_LT_CONFIG_STATUS_DECLARATIONS], -[m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames), - [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])]) - - -# _LT_LIBTOOL_TAGS -# ---------------- -# Output comment and list of tags supported by the script -m4_defun([_LT_LIBTOOL_TAGS], -[_LT_FORMAT_COMMENT([The names of the tagged configurations supported by this script])dnl -available_tags="_LT_TAGS"dnl -]) - - -# _LT_LIBTOOL_DECLARE(VARNAME, [TAG]) -# ----------------------------------- -# Extract the dictionary values for VARNAME (optionally with TAG) and -# expand to a commented shell variable setting: -# -# # Some comment about what VAR is for. -# visible_name=$lt_internal_name -m4_define([_LT_LIBTOOL_DECLARE], -[_LT_FORMAT_COMMENT(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], - [description])))[]dnl -m4_pushdef([_libtool_name], - m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [libtool_name])))[]dnl -m4_case(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [value])), - [0], [_libtool_name=[$]$1], - [1], [_libtool_name=$lt_[]$1], - [2], [_libtool_name=$lt_[]$1], - [_libtool_name=lt_dict_fetch([lt_decl_dict], [$1], [value])])[]dnl -m4_ifval([$2], [_$2])[]m4_popdef([_libtool_name])[]dnl -]) - - -# _LT_LIBTOOL_CONFIG_VARS -# ----------------------- -# Produce commented declarations of non-tagged libtool config variables -# suitable for insertion in the LIBTOOL CONFIG section of the `libtool' -# script. Tagged libtool config variables (even for the LIBTOOL CONFIG -# section) are produced by _LT_LIBTOOL_TAG_VARS. -m4_defun([_LT_LIBTOOL_CONFIG_VARS], -[m4_foreach([_lt_var], - m4_quote(_lt_decl_filter([tagged?], [no], [], lt_decl_varnames)), - [m4_n([_LT_LIBTOOL_DECLARE(_lt_var)])])]) - - -# _LT_LIBTOOL_TAG_VARS(TAG) -# ------------------------- -m4_define([_LT_LIBTOOL_TAG_VARS], -[m4_foreach([_lt_var], m4_quote(lt_decl_tag_varnames), - [m4_n([_LT_LIBTOOL_DECLARE(_lt_var, [$1])])])]) - - -# _LT_TAGVAR(VARNAME, [TAGNAME]) -# ------------------------------ -m4_define([_LT_TAGVAR], [m4_ifval([$2], [$1_$2], [$1])]) - - -# _LT_CONFIG_COMMANDS -# ------------------- -# Send accumulated output to $CONFIG_STATUS. Thanks to the lists of -# variables for single and double quote escaping we saved from calls -# to _LT_DECL, we can put quote escaped variables declarations -# into `config.status', and then the shell code to quote escape them in -# for loops in `config.status'. Finally, any additional code accumulated -# from calls to _LT_CONFIG_LIBTOOL_INIT is expanded. -m4_defun([_LT_CONFIG_COMMANDS], -[AC_PROVIDE_IFELSE([LT_OUTPUT], - dnl If the libtool generation code has been placed in $CONFIG_LT, - dnl instead of duplicating it all over again into config.status, - dnl then we will have config.status run $CONFIG_LT later, so it - dnl needs to know what name is stored there: - [AC_CONFIG_COMMANDS([libtool], - [$SHELL $CONFIG_LT || AS_EXIT(1)], [CONFIG_LT='$CONFIG_LT'])], - dnl If the libtool generation code is destined for config.status, - dnl expand the accumulated commands and init code now: - [AC_CONFIG_COMMANDS([libtool], - [_LT_OUTPUT_LIBTOOL_COMMANDS], [_LT_OUTPUT_LIBTOOL_COMMANDS_INIT])]) -])#_LT_CONFIG_COMMANDS - - -# Initialize. -m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS_INIT], -[ - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -sed_quote_subst='$sed_quote_subst' -double_quote_subst='$double_quote_subst' -delay_variable_subst='$delay_variable_subst' -_LT_CONFIG_STATUS_DECLARATIONS -LTCC='$LTCC' -LTCFLAGS='$LTCFLAGS' -compiler='$compiler_DEFAULT' - -# A function that is used when there is no print builtin or printf. -func_fallback_echo () -{ - eval 'cat <<_LTECHO_EOF -\$[]1 -_LTECHO_EOF' -} - -# Quote evaled strings. -for var in lt_decl_all_varnames([[ \ -]], lt_decl_quote_varnames); do - case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in - *[[\\\\\\\`\\"\\\$]]*) - eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" - ;; - *) - eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" - ;; - esac -done - -# Double-quote double-evaled strings. -for var in lt_decl_all_varnames([[ \ -]], lt_decl_dquote_varnames); do - case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in - *[[\\\\\\\`\\"\\\$]]*) - eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" - ;; - *) - eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" - ;; - esac -done - -_LT_OUTPUT_LIBTOOL_INIT -]) - -# _LT_GENERATED_FILE_INIT(FILE, [COMMENT]) -# ------------------------------------ -# Generate a child script FILE with all initialization necessary to -# reuse the environment learned by the parent script, and make the -# file executable. If COMMENT is supplied, it is inserted after the -# `#!' sequence but before initialization text begins. After this -# macro, additional text can be appended to FILE to form the body of -# the child script. The macro ends with non-zero status if the -# file could not be fully written (such as if the disk is full). -m4_ifdef([AS_INIT_GENERATED], -[m4_defun([_LT_GENERATED_FILE_INIT],[AS_INIT_GENERATED($@)])], -[m4_defun([_LT_GENERATED_FILE_INIT], -[m4_require([AS_PREPARE])]dnl -[m4_pushdef([AS_MESSAGE_LOG_FD])]dnl -[lt_write_fail=0 -cat >$1 <<_ASEOF || lt_write_fail=1 -#! $SHELL -# Generated by $as_me. -$2 -SHELL=\${CONFIG_SHELL-$SHELL} -export SHELL -_ASEOF -cat >>$1 <<\_ASEOF || lt_write_fail=1 -AS_SHELL_SANITIZE -_AS_PREPARE -exec AS_MESSAGE_FD>&1 -_ASEOF -test $lt_write_fail = 0 && chmod +x $1[]dnl -m4_popdef([AS_MESSAGE_LOG_FD])])])# _LT_GENERATED_FILE_INIT - -# LT_OUTPUT -# --------- -# This macro allows early generation of the libtool script (before -# AC_OUTPUT is called), incase it is used in configure for compilation -# tests. -AC_DEFUN([LT_OUTPUT], -[: ${CONFIG_LT=./config.lt} -AC_MSG_NOTICE([creating $CONFIG_LT]) -_LT_GENERATED_FILE_INIT(["$CONFIG_LT"], -[# Run this file to recreate a libtool stub with the current configuration.]) - -cat >>"$CONFIG_LT" <<\_LTEOF -lt_cl_silent=false -exec AS_MESSAGE_LOG_FD>>config.log -{ - echo - AS_BOX([Running $as_me.]) -} >&AS_MESSAGE_LOG_FD - -lt_cl_help="\ -\`$as_me' creates a local libtool stub from the current configuration, -for use in further configure time tests before the real libtool is -generated. - -Usage: $[0] [[OPTIONS]] - - -h, --help print this help, then exit - -V, --version print version number, then exit - -q, --quiet do not print progress messages - -d, --debug don't remove temporary files - -Report bugs to ." - -lt_cl_version="\ -m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl -m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION]) -configured by $[0], generated by m4_PACKAGE_STRING. - -Copyright (C) 2011 Free Software Foundation, Inc. -This config.lt script is free software; the Free Software Foundation -gives unlimited permision to copy, distribute and modify it." - -while test $[#] != 0 -do - case $[1] in - --version | --v* | -V ) - echo "$lt_cl_version"; exit 0 ;; - --help | --h* | -h ) - echo "$lt_cl_help"; exit 0 ;; - --debug | --d* | -d ) - debug=: ;; - --quiet | --q* | --silent | --s* | -q ) - lt_cl_silent=: ;; - - -*) AC_MSG_ERROR([unrecognized option: $[1] -Try \`$[0] --help' for more information.]) ;; - - *) AC_MSG_ERROR([unrecognized argument: $[1] -Try \`$[0] --help' for more information.]) ;; - esac - shift -done - -if $lt_cl_silent; then - exec AS_MESSAGE_FD>/dev/null -fi -_LTEOF - -cat >>"$CONFIG_LT" <<_LTEOF -_LT_OUTPUT_LIBTOOL_COMMANDS_INIT -_LTEOF - -cat >>"$CONFIG_LT" <<\_LTEOF -AC_MSG_NOTICE([creating $ofile]) -_LT_OUTPUT_LIBTOOL_COMMANDS -AS_EXIT(0) -_LTEOF -chmod +x "$CONFIG_LT" - -# configure is writing to config.log, but config.lt does its own redirection, -# appending to config.log, which fails on DOS, as config.log is still kept -# open by configure. Here we exec the FD to /dev/null, effectively closing -# config.log, so it can be properly (re)opened and appended to by config.lt. -lt_cl_success=: -test "$silent" = yes && - lt_config_lt_args="$lt_config_lt_args --quiet" -exec AS_MESSAGE_LOG_FD>/dev/null -$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false -exec AS_MESSAGE_LOG_FD>>config.log -$lt_cl_success || AS_EXIT(1) -])# LT_OUTPUT - - -# _LT_CONFIG(TAG) -# --------------- -# If TAG is the built-in tag, create an initial libtool script with a -# default configuration from the untagged config vars. Otherwise add code -# to config.status for appending the configuration named by TAG from the -# matching tagged config vars. -m4_defun([_LT_CONFIG], -[m4_require([_LT_FILEUTILS_DEFAULTS])dnl -_LT_CONFIG_SAVE_COMMANDS([ - m4_define([_LT_TAG], m4_if([$1], [], [C], [$1]))dnl - m4_if(_LT_TAG, [C], [ - # See if we are running on zsh, and set the options which allow our - # commands through without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - - cfgfile="${ofile}T" - trap "$RM \"$cfgfile\"; exit 1" 1 2 15 - $RM "$cfgfile" - - cat <<_LT_EOF >> "$cfgfile" -#! $SHELL - -# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. -# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: -# NOTE: Changes made to this file will be lost: look at ltmain.sh. -# -_LT_COPYING -_LT_LIBTOOL_TAGS - -# ### BEGIN LIBTOOL CONFIG -_LT_LIBTOOL_CONFIG_VARS -_LT_LIBTOOL_TAG_VARS -# ### END LIBTOOL CONFIG - -_LT_EOF - - case $host_os in - aix3*) - cat <<\_LT_EOF >> "$cfgfile" -# AIX sometimes has problems with the GCC collect2 program. For some -# reason, if we set the COLLECT_NAMES environment variable, the problems -# vanish in a puff of smoke. -if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES -fi -_LT_EOF - ;; - esac - - _LT_PROG_LTMAIN - - # We use sed instead of cat because bash on DJGPP gets confused if - # if finds mixed CR/LF and LF-only lines. Since sed operates in - # text mode, it properly converts lines to CR/LF. This bash problem - # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" \ - || (rm -f "$cfgfile"; exit 1) - - _LT_PROG_REPLACE_SHELLFNS - - mv -f "$cfgfile" "$ofile" || - (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") - chmod +x "$ofile" -], -[cat <<_LT_EOF >> "$ofile" - -dnl Unfortunately we have to use $1 here, since _LT_TAG is not expanded -dnl in a comment (ie after a #). -# ### BEGIN LIBTOOL TAG CONFIG: $1 -_LT_LIBTOOL_TAG_VARS(_LT_TAG) -# ### END LIBTOOL TAG CONFIG: $1 -_LT_EOF -])dnl /m4_if -], -[m4_if([$1], [], [ - PACKAGE='$PACKAGE' - VERSION='$VERSION' - TIMESTAMP='$TIMESTAMP' - RM='$RM' - ofile='$ofile'], []) -])dnl /_LT_CONFIG_SAVE_COMMANDS -])# _LT_CONFIG - - -# LT_SUPPORTED_TAG(TAG) -# --------------------- -# Trace this macro to discover what tags are supported by the libtool -# --tag option, using: -# autoconf --trace 'LT_SUPPORTED_TAG:$1' -AC_DEFUN([LT_SUPPORTED_TAG], []) - - -# C support is built-in for now -m4_define([_LT_LANG_C_enabled], []) -m4_define([_LT_TAGS], []) - - -# LT_LANG(LANG) -# ------------- -# Enable libtool support for the given language if not already enabled. -AC_DEFUN([LT_LANG], -[AC_BEFORE([$0], [LT_OUTPUT])dnl -m4_case([$1], - [C], [_LT_LANG(C)], - [C++], [_LT_LANG(CXX)], - [Go], [_LT_LANG(GO)], - [Java], [_LT_LANG(GCJ)], - [Fortran 77], [_LT_LANG(F77)], - [Fortran], [_LT_LANG(FC)], - [Windows Resource], [_LT_LANG(RC)], - [m4_ifdef([_LT_LANG_]$1[_CONFIG], - [_LT_LANG($1)], - [m4_fatal([$0: unsupported language: "$1"])])])dnl -])# LT_LANG - - -# _LT_LANG(LANGNAME) -# ------------------ -m4_defun([_LT_LANG], -[m4_ifdef([_LT_LANG_]$1[_enabled], [], - [LT_SUPPORTED_TAG([$1])dnl - m4_append([_LT_TAGS], [$1 ])dnl - m4_define([_LT_LANG_]$1[_enabled], [])dnl - _LT_LANG_$1_CONFIG($1)])dnl -])# _LT_LANG - - -m4_ifndef([AC_PROG_GO], [ -# NOTE: This macro has been submitted for inclusion into # -# GNU Autoconf as AC_PROG_GO. When it is available in # -# a released version of Autoconf we should remove this # -# macro and use it instead. # -m4_defun([AC_PROG_GO], -[AC_LANG_PUSH(Go)dnl -AC_ARG_VAR([GOC], [Go compiler command])dnl -AC_ARG_VAR([GOFLAGS], [Go compiler flags])dnl -_AC_ARG_VAR_LDFLAGS()dnl -AC_CHECK_TOOL(GOC, gccgo) -if test -z "$GOC"; then - if test -n "$ac_tool_prefix"; then - AC_CHECK_PROG(GOC, [${ac_tool_prefix}gccgo], [${ac_tool_prefix}gccgo]) - fi -fi -if test -z "$GOC"; then - AC_CHECK_PROG(GOC, gccgo, gccgo, false) -fi -])#m4_defun -])#m4_ifndef - - -# _LT_LANG_DEFAULT_CONFIG -# ----------------------- -m4_defun([_LT_LANG_DEFAULT_CONFIG], -[AC_PROVIDE_IFELSE([AC_PROG_CXX], - [LT_LANG(CXX)], - [m4_define([AC_PROG_CXX], defn([AC_PROG_CXX])[LT_LANG(CXX)])]) - -AC_PROVIDE_IFELSE([AC_PROG_F77], - [LT_LANG(F77)], - [m4_define([AC_PROG_F77], defn([AC_PROG_F77])[LT_LANG(F77)])]) - -AC_PROVIDE_IFELSE([AC_PROG_FC], - [LT_LANG(FC)], - [m4_define([AC_PROG_FC], defn([AC_PROG_FC])[LT_LANG(FC)])]) - -dnl The call to [A][M_PROG_GCJ] is quoted like that to stop aclocal -dnl pulling things in needlessly. -AC_PROVIDE_IFELSE([AC_PROG_GCJ], - [LT_LANG(GCJ)], - [AC_PROVIDE_IFELSE([A][M_PROG_GCJ], - [LT_LANG(GCJ)], - [AC_PROVIDE_IFELSE([LT_PROG_GCJ], - [LT_LANG(GCJ)], - [m4_ifdef([AC_PROG_GCJ], - [m4_define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[LT_LANG(GCJ)])]) - m4_ifdef([A][M_PROG_GCJ], - [m4_define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[LT_LANG(GCJ)])]) - m4_ifdef([LT_PROG_GCJ], - [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])]) - -AC_PROVIDE_IFELSE([AC_PROG_GO], - [LT_LANG(GO)], - [m4_define([AC_PROG_GO], defn([AC_PROG_GO])[LT_LANG(GO)])]) - -AC_PROVIDE_IFELSE([LT_PROG_RC], - [LT_LANG(RC)], - [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])]) -])# _LT_LANG_DEFAULT_CONFIG - -# Obsolete macros: -AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)]) -AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)]) -AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)]) -AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)]) -AU_DEFUN([AC_LIBTOOL_RC], [LT_LANG(Windows Resource)]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_LIBTOOL_CXX], []) -dnl AC_DEFUN([AC_LIBTOOL_F77], []) -dnl AC_DEFUN([AC_LIBTOOL_FC], []) -dnl AC_DEFUN([AC_LIBTOOL_GCJ], []) -dnl AC_DEFUN([AC_LIBTOOL_RC], []) - - -# _LT_TAG_COMPILER -# ---------------- -m4_defun([_LT_TAG_COMPILER], -[AC_REQUIRE([AC_PROG_CC])dnl - -_LT_DECL([LTCC], [CC], [1], [A C compiler])dnl -_LT_DECL([LTCFLAGS], [CFLAGS], [1], [LTCC compiler flags])dnl -_LT_TAGDECL([CC], [compiler], [1], [A language specific compiler])dnl -_LT_TAGDECL([with_gcc], [GCC], [0], [Is the compiler the GNU compiler?])dnl - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC -])# _LT_TAG_COMPILER - - -# _LT_COMPILER_BOILERPLATE -# ------------------------ -# Check for compiler boilerplate output or warnings with -# the simple compiler test code. -m4_defun([_LT_COMPILER_BOILERPLATE], -[m4_require([_LT_DECL_SED])dnl -ac_outfile=conftest.$ac_objext -echo "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$RM conftest* -])# _LT_COMPILER_BOILERPLATE - - -# _LT_LINKER_BOILERPLATE -# ---------------------- -# Check for linker boilerplate output or warnings with -# the simple link test code. -m4_defun([_LT_LINKER_BOILERPLATE], -[m4_require([_LT_DECL_SED])dnl -ac_outfile=conftest.$ac_objext -echo "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$RM -r conftest* -])# _LT_LINKER_BOILERPLATE - -# _LT_REQUIRED_DARWIN_CHECKS -# ------------------------- -m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ - case $host_os in - rhapsody* | darwin*) - AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:]) - AC_CHECK_TOOL([NMEDIT], [nmedit], [:]) - AC_CHECK_TOOL([LIPO], [lipo], [:]) - AC_CHECK_TOOL([OTOOL], [otool], [:]) - AC_CHECK_TOOL([OTOOL64], [otool64], [:]) - _LT_DECL([], [DSYMUTIL], [1], - [Tool to manipulate archived DWARF debug symbol files on Mac OS X]) - _LT_DECL([], [NMEDIT], [1], - [Tool to change global to local symbols on Mac OS X]) - _LT_DECL([], [LIPO], [1], - [Tool to manipulate fat objects and archives on Mac OS X]) - _LT_DECL([], [OTOOL], [1], - [ldd/readelf like tool for Mach-O binaries on Mac OS X]) - _LT_DECL([], [OTOOL64], [1], - [ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4]) - - AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod], - [lt_cv_apple_cc_single_mod=no - if test -z "${LT_MULTI_MODULE}"; then - # By default we will add the -single_module flag. You can override - # by either setting the environment variable LT_MULTI_MODULE - # non-empty at configure time, or by adding -multi_module to the - # link flags. - rm -rf libconftest.dylib* - echo "int foo(void){return 1;}" > conftest.c - echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ --dynamiclib -Wl,-single_module conftest.c" >&AS_MESSAGE_LOG_FD - $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ - -dynamiclib -Wl,-single_module conftest.c 2>conftest.err - _lt_result=$? - # If there is a non-empty error log, and "single_module" - # appears in it, assume the flag caused a linker warning - if test -s conftest.err && $GREP single_module conftest.err; then - cat conftest.err >&AS_MESSAGE_LOG_FD - # Otherwise, if the output was created with a 0 exit code from - # the compiler, it worked. - elif test -f libconftest.dylib && test $_lt_result -eq 0; then - lt_cv_apple_cc_single_mod=yes - else - cat conftest.err >&AS_MESSAGE_LOG_FD - fi - rm -rf libconftest.dylib* - rm -f conftest.* - fi]) - - AC_CACHE_CHECK([for -exported_symbols_list linker flag], - [lt_cv_ld_exported_symbols_list], - [lt_cv_ld_exported_symbols_list=no - save_LDFLAGS=$LDFLAGS - echo "_main" > conftest.sym - LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" - AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], - [lt_cv_ld_exported_symbols_list=yes], - [lt_cv_ld_exported_symbols_list=no]) - LDFLAGS="$save_LDFLAGS" - ]) - - AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load], - [lt_cv_ld_force_load=no - cat > conftest.c << _LT_EOF -int forced_loaded() { return 2;} -_LT_EOF - echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD - $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD - echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD - $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD - echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD - $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD - cat > conftest.c << _LT_EOF -int main() { return 0;} -_LT_EOF - echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD - $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err - _lt_result=$? - if test -s conftest.err && $GREP force_load conftest.err; then - cat conftest.err >&AS_MESSAGE_LOG_FD - elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then - lt_cv_ld_force_load=yes - else - cat conftest.err >&AS_MESSAGE_LOG_FD - fi - rm -f conftest.err libconftest.a conftest conftest.c - rm -rf conftest.dSYM - ]) - case $host_os in - rhapsody* | darwin1.[[012]]) - _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; - darwin1.*) - _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; - darwin*) # darwin 5.x on - # if running on 10.5 or later, the deployment target defaults - # to the OS version, if on x86, and 10.4, the deployment - # target defaults to 10.4. Don't you love it? - case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in - 10.0,*86*-darwin8*|10.0,*-darwin[[91]]*) - _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; - 10.[[012]]*) - _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; - 10.*) - _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; - esac - ;; - esac - if test "$lt_cv_apple_cc_single_mod" = "yes"; then - _lt_dar_single_mod='$single_module' - fi - if test "$lt_cv_ld_exported_symbols_list" = "yes"; then - _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' - else - _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then - _lt_dsymutil='~$DSYMUTIL $lib || :' - else - _lt_dsymutil= - fi - ;; - esac -]) - - -# _LT_DARWIN_LINKER_FEATURES([TAG]) -# --------------------------------- -# Checks for linker and compiler features on darwin -m4_defun([_LT_DARWIN_LINKER_FEATURES], -[ - m4_require([_LT_REQUIRED_DARWIN_CHECKS]) - _LT_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_TAGVAR(hardcode_direct, $1)=no - _LT_TAGVAR(hardcode_automatic, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - if test "$lt_cv_ld_force_load" = "yes"; then - _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' - m4_case([$1], [F77], [_LT_TAGVAR(compiler_needs_object, $1)=yes], - [FC], [_LT_TAGVAR(compiler_needs_object, $1)=yes]) - else - _LT_TAGVAR(whole_archive_flag_spec, $1)='' - fi - _LT_TAGVAR(link_all_deplibs, $1)=yes - _LT_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined" - case $cc_basename in - ifort*) _lt_dar_can_shared=yes ;; - *) _lt_dar_can_shared=$GCC ;; - esac - if test "$_lt_dar_can_shared" = "yes"; then - output_verbose_link_cmd=func_echo_all - _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" - _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" - _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" - _LT_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" - m4_if([$1], [CXX], -[ if test "$lt_cv_apple_cc_single_mod" != "yes"; then - _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}" - _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}" - fi -],[]) - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi -]) - -# _LT_SYS_MODULE_PATH_AIX([TAGNAME]) -# ---------------------------------- -# Links a minimal program and checks the executable -# for the system default hardcoded library path. In most cases, -# this is /usr/lib:/lib, but when the MPI compilers are used -# the location of the communication and MPI libs are included too. -# If we don't find anything, use the default library path according -# to the aix ld manual. -# Store the results from the different compilers for each TAGNAME. -# Allow to override them for all tags through lt_cv_aix_libpath. -m4_defun([_LT_SYS_MODULE_PATH_AIX], -[m4_require([_LT_DECL_SED])dnl -if test "${lt_cv_aix_libpath+set}" = set; then - aix_libpath=$lt_cv_aix_libpath -else - AC_CACHE_VAL([_LT_TAGVAR([lt_cv_aix_libpath_], [$1])], - [AC_LINK_IFELSE([AC_LANG_PROGRAM],[ - lt_aix_libpath_sed='[ - /Import File Strings/,/^$/ { - /^0/ { - s/^0 *\([^ ]*\) *$/\1/ - p - } - }]' - _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` - # Check for a 64-bit object if we didn't find anything. - if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then - _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` - fi],[]) - if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then - _LT_TAGVAR([lt_cv_aix_libpath_], [$1])="/usr/lib:/lib" - fi - ]) - aix_libpath=$_LT_TAGVAR([lt_cv_aix_libpath_], [$1]) -fi -])# _LT_SYS_MODULE_PATH_AIX - - -# _LT_SHELL_INIT(ARG) -# ------------------- -m4_define([_LT_SHELL_INIT], -[m4_divert_text([M4SH-INIT], [$1 -])])# _LT_SHELL_INIT - - - -# _LT_PROG_ECHO_BACKSLASH -# ----------------------- -# Find how we can fake an echo command that does not interpret backslash. -# In particular, with Autoconf 2.60 or later we add some code to the start -# of the generated configure script which will find a shell with a builtin -# printf (which we can use as an echo command). -m4_defun([_LT_PROG_ECHO_BACKSLASH], -[ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO -ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO - -AC_MSG_CHECKING([how to print strings]) -# Test print first, because it will be a builtin if present. -if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ - test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then - ECHO='print -r --' -elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then - ECHO='printf %s\n' -else - # Use this function as a fallback that always works. - func_fallback_echo () - { - eval 'cat <<_LTECHO_EOF -$[]1 -_LTECHO_EOF' - } - ECHO='func_fallback_echo' -fi - -# func_echo_all arg... -# Invoke $ECHO with all args, space-separated. -func_echo_all () -{ - $ECHO "$*" -} - -case "$ECHO" in - printf*) AC_MSG_RESULT([printf]) ;; - print*) AC_MSG_RESULT([print -r]) ;; - *) AC_MSG_RESULT([cat]) ;; -esac - -m4_ifdef([_AS_DETECT_SUGGESTED], -[_AS_DETECT_SUGGESTED([ - test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || ( - ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' - ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO - ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO - PATH=/empty FPATH=/empty; export PATH FPATH - test "X`printf %s $ECHO`" = "X$ECHO" \ - || test "X`print -r -- $ECHO`" = "X$ECHO" )])]) - -_LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts]) -_LT_DECL([], [ECHO], [1], [An echo program that protects backslashes]) -])# _LT_PROG_ECHO_BACKSLASH - - -# _LT_WITH_SYSROOT -# ---------------- -AC_DEFUN([_LT_WITH_SYSROOT], -[AC_MSG_CHECKING([for sysroot]) -AC_ARG_WITH([sysroot], -[ --with-sysroot[=DIR] Search for dependent libraries within DIR - (or the compiler's sysroot if not specified).], -[], [with_sysroot=no]) - -dnl lt_sysroot will always be passed unquoted. We quote it here -dnl in case the user passed a directory name. -lt_sysroot= -case ${with_sysroot} in #( - yes) - if test "$GCC" = yes; then - lt_sysroot=`$CC --print-sysroot 2>/dev/null` - fi - ;; #( - /*) - lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` - ;; #( - no|'') - ;; #( - *) - AC_MSG_RESULT([${with_sysroot}]) - AC_MSG_ERROR([The sysroot must be an absolute path.]) - ;; -esac - - AC_MSG_RESULT([${lt_sysroot:-no}]) -_LT_DECL([], [lt_sysroot], [0], [The root where to search for ]dnl -[dependent libraries, and in which our libraries should be installed.])]) - -# _LT_ENABLE_LOCK -# --------------- -m4_defun([_LT_ENABLE_LOCK], -[AC_ARG_ENABLE([libtool-lock], - [AS_HELP_STRING([--disable-libtool-lock], - [avoid locking (might break parallel builds)])]) -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - -# Some flags need to be propagated to the compiler or linker for good -# libtool support. -case $host in -ia64-*-hpux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.$ac_objext` in - *ELF-32*) - HPUX_IA64_MODE="32" - ;; - *ELF-64*) - HPUX_IA64_MODE="64" - ;; - esac - fi - rm -rf conftest* - ;; -*-*-irix6*) - # Find out which ABI we are using. - echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - if test "$lt_cv_prog_gnu_ld" = yes; then - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -melf32bsmip" - ;; - *N32*) - LD="${LD-ld} -melf32bmipn32" - ;; - *64-bit*) - LD="${LD-ld} -melf64bmip" - ;; - esac - else - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -32" - ;; - *N32*) - LD="${LD-ld} -n32" - ;; - *64-bit*) - LD="${LD-ld} -64" - ;; - esac - fi - fi - rm -rf conftest* - ;; - -x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ -s390*-*linux*|s390*-*tpf*|sparc*-*linux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.o` in - *32-bit*) - case $host in - x86_64-*kfreebsd*-gnu) - LD="${LD-ld} -m elf_i386_fbsd" - ;; - x86_64-*linux*) - case `/usr/bin/file conftest.o` in - *x86-64*) - LD="${LD-ld} -m elf32_x86_64" - ;; - *) - LD="${LD-ld} -m elf_i386" - ;; - esac - ;; - ppc64-*linux*|powerpc64-*linux*) - LD="${LD-ld} -m elf32ppclinux" - ;; - s390x-*linux*) - LD="${LD-ld} -m elf_s390" - ;; - sparc64-*linux*) - LD="${LD-ld} -m elf32_sparc" - ;; - esac - ;; - *64-bit*) - case $host in - x86_64-*kfreebsd*-gnu) - LD="${LD-ld} -m elf_x86_64_fbsd" - ;; - x86_64-*linux*) - LD="${LD-ld} -m elf_x86_64" - ;; - ppc*-*linux*|powerpc*-*linux*) - LD="${LD-ld} -m elf64ppc" - ;; - s390*-*linux*|s390*-*tpf*) - LD="${LD-ld} -m elf64_s390" - ;; - sparc*-*linux*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - -*-*-sco3.2v5*) - # On SCO OpenServer 5, we need -belf to get full-featured binaries. - SAVE_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -belf" - AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf, - [AC_LANG_PUSH(C) - AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],[[]])],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no]) - AC_LANG_POP]) - if test x"$lt_cv_cc_needs_belf" != x"yes"; then - # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf - CFLAGS="$SAVE_CFLAGS" - fi - ;; -*-*solaris*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.o` in - *64-bit*) - case $lt_cv_prog_gnu_ld in - yes*) - case $host in - i?86-*-solaris*) - LD="${LD-ld} -m elf_x86_64" - ;; - sparc*-*-solaris*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - # GNU ld 2.21 introduced _sol2 emulations. Use them if available. - if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then - LD="${LD-ld}_sol2" - fi - ;; - *) - if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then - LD="${LD-ld} -64" - fi - ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; -esac - -need_locks="$enable_libtool_lock" -])# _LT_ENABLE_LOCK - - -# _LT_PROG_AR -# ----------- -m4_defun([_LT_PROG_AR], -[AC_CHECK_TOOLS(AR, [ar], false) -: ${AR=ar} -: ${AR_FLAGS=cru} -_LT_DECL([], [AR], [1], [The archiver]) -_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive]) - -AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file], - [lt_cv_ar_at_file=no - AC_COMPILE_IFELSE([AC_LANG_PROGRAM], - [echo conftest.$ac_objext > conftest.lst - lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&AS_MESSAGE_LOG_FD' - AC_TRY_EVAL([lt_ar_try]) - if test "$ac_status" -eq 0; then - # Ensure the archiver fails upon bogus file names. - rm -f conftest.$ac_objext libconftest.a - AC_TRY_EVAL([lt_ar_try]) - if test "$ac_status" -ne 0; then - lt_cv_ar_at_file=@ - fi - fi - rm -f conftest.* libconftest.a - ]) - ]) - -if test "x$lt_cv_ar_at_file" = xno; then - archiver_list_spec= -else - archiver_list_spec=$lt_cv_ar_at_file -fi -_LT_DECL([], [archiver_list_spec], [1], - [How to feed a file listing to the archiver]) -])# _LT_PROG_AR - - -# _LT_CMD_OLD_ARCHIVE -# ------------------- -m4_defun([_LT_CMD_OLD_ARCHIVE], -[_LT_PROG_AR - -AC_CHECK_TOOL(STRIP, strip, :) -test -z "$STRIP" && STRIP=: -_LT_DECL([], [STRIP], [1], [A symbol stripping program]) - -AC_CHECK_TOOL(RANLIB, ranlib, :) -test -z "$RANLIB" && RANLIB=: -_LT_DECL([], [RANLIB], [1], - [Commands used to install an old-style archive]) - -# Determine commands to create old-style static archives. -old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' -old_postinstall_cmds='chmod 644 $oldlib' -old_postuninstall_cmds= - -if test -n "$RANLIB"; then - case $host_os in - openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib" - ;; - *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib" - ;; - esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib" -fi - -case $host_os in - darwin*) - lock_old_archive_extraction=yes ;; - *) - lock_old_archive_extraction=no ;; -esac -_LT_DECL([], [old_postinstall_cmds], [2]) -_LT_DECL([], [old_postuninstall_cmds], [2]) -_LT_TAGDECL([], [old_archive_cmds], [2], - [Commands used to build an old-style archive]) -_LT_DECL([], [lock_old_archive_extraction], [0], - [Whether to use a lock for old archive extraction]) -])# _LT_CMD_OLD_ARCHIVE - - -# _LT_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, -# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE]) -# ---------------------------------------------------------------- -# Check whether the given compiler option works -AC_DEFUN([_LT_COMPILER_OPTION], -[m4_require([_LT_FILEUTILS_DEFAULTS])dnl -m4_require([_LT_DECL_SED])dnl -AC_CACHE_CHECK([$1], [$2], - [$2=no - m4_if([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4]) - echo "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$3" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&AS_MESSAGE_LOG_FD - echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - $2=yes - fi - fi - $RM conftest* -]) - -if test x"[$]$2" = xyes; then - m4_if([$5], , :, [$5]) -else - m4_if([$6], , :, [$6]) -fi -])# _LT_COMPILER_OPTION - -# Old name: -AU_ALIAS([AC_LIBTOOL_COMPILER_OPTION], [_LT_COMPILER_OPTION]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], []) - - -# _LT_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, -# [ACTION-SUCCESS], [ACTION-FAILURE]) -# ---------------------------------------------------- -# Check whether the given linker option works -AC_DEFUN([_LT_LINKER_OPTION], -[m4_require([_LT_FILEUTILS_DEFAULTS])dnl -m4_require([_LT_DECL_SED])dnl -AC_CACHE_CHECK([$1], [$2], - [$2=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $3" - echo "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&AS_MESSAGE_LOG_FD - $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - $2=yes - fi - else - $2=yes - fi - fi - $RM -r conftest* - LDFLAGS="$save_LDFLAGS" -]) - -if test x"[$]$2" = xyes; then - m4_if([$4], , :, [$4]) -else - m4_if([$5], , :, [$5]) -fi -])# _LT_LINKER_OPTION - -# Old name: -AU_ALIAS([AC_LIBTOOL_LINKER_OPTION], [_LT_LINKER_OPTION]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], []) - - -# LT_CMD_MAX_LEN -#--------------- -AC_DEFUN([LT_CMD_MAX_LEN], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -# find the maximum length of command line arguments -AC_MSG_CHECKING([the maximum length of command line arguments]) -AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl - i=0 - teststring="ABCD" - - case $build_os in - msdosdjgpp*) - # On DJGPP, this test can blow up pretty badly due to problems in libc - # (any single argument exceeding 2000 bytes causes a buffer overrun - # during glob expansion). Even if it were fixed, the result of this - # check would be larger than it should be. - lt_cv_sys_max_cmd_len=12288; # 12K is about right - ;; - - gnu*) - # Under GNU Hurd, this test is not required because there is - # no limit to the length of command line arguments. - # Libtool will interpret -1 as no limit whatsoever - lt_cv_sys_max_cmd_len=-1; - ;; - - cygwin* | mingw* | cegcc*) - # On Win9x/ME, this test blows up -- it succeeds, but takes - # about 5 minutes as the teststring grows exponentially. - # Worse, since 9x/ME are not pre-emptively multitasking, - # you end up with a "frozen" computer, even though with patience - # the test eventually succeeds (with a max line length of 256k). - # Instead, let's just punt: use the minimum linelength reported by - # all of the supported platforms: 8192 (on NT/2K/XP). - lt_cv_sys_max_cmd_len=8192; - ;; - - mint*) - # On MiNT this can take a long time and run out of memory. - lt_cv_sys_max_cmd_len=8192; - ;; - - amigaos*) - # On AmigaOS with pdksh, this test takes hours, literally. - # So we just punt and use a minimum line length of 8192. - lt_cv_sys_max_cmd_len=8192; - ;; - - netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) - # This has been around since 386BSD, at least. Likely further. - if test -x /sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` - elif test -x /usr/sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` - else - lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs - fi - # And add a safety zone - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - ;; - - interix*) - # We know the value 262144 and hardcode it with a safety zone (like BSD) - lt_cv_sys_max_cmd_len=196608 - ;; - - os2*) - # The test takes a long time on OS/2. - lt_cv_sys_max_cmd_len=8192 - ;; - - osf*) - # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure - # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not - # nice to cause kernel panics so lets avoid the loop below. - # First set a reasonable default. - lt_cv_sys_max_cmd_len=16384 - # - if test -x /sbin/sysconfig; then - case `/sbin/sysconfig -q proc exec_disable_arg_limit` in - *1*) lt_cv_sys_max_cmd_len=-1 ;; - esac - fi - ;; - sco3.2v5*) - lt_cv_sys_max_cmd_len=102400 - ;; - sysv5* | sco5v6* | sysv4.2uw2*) - kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` - if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'` - else - lt_cv_sys_max_cmd_len=32768 - fi - ;; - *) - lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` - if test -n "$lt_cv_sys_max_cmd_len" && \ - test undefined != "$lt_cv_sys_max_cmd_len"; then - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - else - # Make teststring a little bigger before we do anything with it. - # a 1K string should be a reasonable start. - for i in 1 2 3 4 5 6 7 8 ; do - teststring=$teststring$teststring - done - SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \ - = "X$teststring$teststring"; } >/dev/null 2>&1 && - test $i != 17 # 1/2 MB should be enough - do - i=`expr $i + 1` - teststring=$teststring$teststring - done - # Only check the string length outside the loop. - lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` - teststring= - # Add a significant safety factor because C++ compilers can tack on - # massive amounts of additional arguments before passing them to the - # linker. It appears as though 1/2 is a usable value. - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` - fi - ;; - esac -]) -if test -n $lt_cv_sys_max_cmd_len ; then - AC_MSG_RESULT($lt_cv_sys_max_cmd_len) -else - AC_MSG_RESULT(none) -fi -max_cmd_len=$lt_cv_sys_max_cmd_len -_LT_DECL([], [max_cmd_len], [0], - [What is the maximum length of a command?]) -])# LT_CMD_MAX_LEN - -# Old name: -AU_ALIAS([AC_LIBTOOL_SYS_MAX_CMD_LEN], [LT_CMD_MAX_LEN]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], []) - - -# _LT_HEADER_DLFCN -# ---------------- -m4_defun([_LT_HEADER_DLFCN], -[AC_CHECK_HEADERS([dlfcn.h], [], [], [AC_INCLUDES_DEFAULT])dnl -])# _LT_HEADER_DLFCN - - -# _LT_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE, -# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING) -# ---------------------------------------------------------------- -m4_defun([_LT_TRY_DLOPEN_SELF], -[m4_require([_LT_HEADER_DLFCN])dnl -if test "$cross_compiling" = yes; then : - [$4] -else - lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 - lt_status=$lt_dlunknown - cat > conftest.$ac_ext <<_LT_EOF -[#line $LINENO "configure" -#include "confdefs.h" - -#if HAVE_DLFCN_H -#include -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LT_DLGLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LT_DLGLOBAL DL_GLOBAL -# else -# define LT_DLGLOBAL 0 -# endif -#endif - -/* We may have to define LT_DLLAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LT_DLLAZY_OR_NOW -# ifdef RTLD_LAZY -# define LT_DLLAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LT_DLLAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LT_DLLAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LT_DLLAZY_OR_NOW DL_NOW -# else -# define LT_DLLAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -/* When -fvisbility=hidden is used, assume the code has been annotated - correspondingly for the symbols needed. */ -#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) -int fnord () __attribute__((visibility("default"))); -#endif - -int fnord () { return 42; } -int main () -{ - void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); - int status = $lt_dlunknown; - - if (self) - { - if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else - { - if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; - else puts (dlerror ()); - } - /* dlclose (self); */ - } - else - puts (dlerror ()); - - return status; -}] -_LT_EOF - if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then - (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null - lt_status=$? - case x$lt_status in - x$lt_dlno_uscore) $1 ;; - x$lt_dlneed_uscore) $2 ;; - x$lt_dlunknown|x*) $3 ;; - esac - else : - # compilation failed - $3 - fi -fi -rm -fr conftest* -])# _LT_TRY_DLOPEN_SELF - - -# LT_SYS_DLOPEN_SELF -# ------------------ -AC_DEFUN([LT_SYS_DLOPEN_SELF], -[m4_require([_LT_HEADER_DLFCN])dnl -if test "x$enable_dlopen" != xyes; then - enable_dlopen=unknown - enable_dlopen_self=unknown - enable_dlopen_self_static=unknown -else - lt_cv_dlopen=no - lt_cv_dlopen_libs= - - case $host_os in - beos*) - lt_cv_dlopen="load_add_on" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ;; - - mingw* | pw32* | cegcc*) - lt_cv_dlopen="LoadLibrary" - lt_cv_dlopen_libs= - ;; - - cygwin*) - lt_cv_dlopen="dlopen" - lt_cv_dlopen_libs= - ;; - - darwin*) - # if libdl is installed we need to link against it - AC_CHECK_LIB([dl], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[ - lt_cv_dlopen="dyld" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ]) - ;; - - *) - AC_CHECK_FUNC([shl_load], - [lt_cv_dlopen="shl_load"], - [AC_CHECK_LIB([dld], [shl_load], - [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"], - [AC_CHECK_FUNC([dlopen], - [lt_cv_dlopen="dlopen"], - [AC_CHECK_LIB([dl], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"], - [AC_CHECK_LIB([svld], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"], - [AC_CHECK_LIB([dld], [dld_link], - [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"]) - ]) - ]) - ]) - ]) - ]) - ;; - esac - - if test "x$lt_cv_dlopen" != xno; then - enable_dlopen=yes - else - enable_dlopen=no - fi - - case $lt_cv_dlopen in - dlopen) - save_CPPFLAGS="$CPPFLAGS" - test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" - - save_LDFLAGS="$LDFLAGS" - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" - - save_LIBS="$LIBS" - LIBS="$lt_cv_dlopen_libs $LIBS" - - AC_CACHE_CHECK([whether a program can dlopen itself], - lt_cv_dlopen_self, [dnl - _LT_TRY_DLOPEN_SELF( - lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes, - lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross) - ]) - - if test "x$lt_cv_dlopen_self" = xyes; then - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" - AC_CACHE_CHECK([whether a statically linked program can dlopen itself], - lt_cv_dlopen_self_static, [dnl - _LT_TRY_DLOPEN_SELF( - lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes, - lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross) - ]) - fi - - CPPFLAGS="$save_CPPFLAGS" - LDFLAGS="$save_LDFLAGS" - LIBS="$save_LIBS" - ;; - esac - - case $lt_cv_dlopen_self in - yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; - *) enable_dlopen_self=unknown ;; - esac - - case $lt_cv_dlopen_self_static in - yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; - *) enable_dlopen_self_static=unknown ;; - esac -fi -_LT_DECL([dlopen_support], [enable_dlopen], [0], - [Whether dlopen is supported]) -_LT_DECL([dlopen_self], [enable_dlopen_self], [0], - [Whether dlopen of programs is supported]) -_LT_DECL([dlopen_self_static], [enable_dlopen_self_static], [0], - [Whether dlopen of statically linked programs is supported]) -])# LT_SYS_DLOPEN_SELF - -# Old name: -AU_ALIAS([AC_LIBTOOL_DLOPEN_SELF], [LT_SYS_DLOPEN_SELF]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], []) - - -# _LT_COMPILER_C_O([TAGNAME]) -# --------------------------- -# Check to see if options -c and -o are simultaneously supported by compiler. -# This macro does not hard code the compiler like AC_PROG_CC_C_O. -m4_defun([_LT_COMPILER_C_O], -[m4_require([_LT_DECL_SED])dnl -m4_require([_LT_FILEUTILS_DEFAULTS])dnl -m4_require([_LT_TAG_COMPILER])dnl -AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext], - [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)], - [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no - $RM -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - echo "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&AS_MESSAGE_LOG_FD - echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes - fi - fi - chmod u+w . 2>&AS_MESSAGE_LOG_FD - $RM conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files - $RM out/* && rmdir out - cd .. - $RM -r conftest - $RM conftest* -]) -_LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1], - [Does compiler simultaneously support -c and -o options?]) -])# _LT_COMPILER_C_O - - -# _LT_COMPILER_FILE_LOCKS([TAGNAME]) -# ---------------------------------- -# Check to see if we can do hard links to lock some files if needed -m4_defun([_LT_COMPILER_FILE_LOCKS], -[m4_require([_LT_ENABLE_LOCK])dnl -m4_require([_LT_FILEUTILS_DEFAULTS])dnl -_LT_COMPILER_C_O([$1]) - -hard_links="nottested" -if test "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - AC_MSG_CHECKING([if we can lock with hard links]) - hard_links=yes - $RM conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - AC_MSG_RESULT([$hard_links]) - if test "$hard_links" = no; then - AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe]) - need_locks=warn - fi -else - need_locks=no -fi -_LT_DECL([], [need_locks], [1], [Must we lock files when doing compilation?]) -])# _LT_COMPILER_FILE_LOCKS - - -# _LT_CHECK_OBJDIR -# ---------------- -m4_defun([_LT_CHECK_OBJDIR], -[AC_CACHE_CHECK([for objdir], [lt_cv_objdir], -[rm -f .libs 2>/dev/null -mkdir .libs 2>/dev/null -if test -d .libs; then - lt_cv_objdir=.libs -else - # MS-DOS does not allow filenames that begin with a dot. - lt_cv_objdir=_libs -fi -rmdir .libs 2>/dev/null]) -objdir=$lt_cv_objdir -_LT_DECL([], [objdir], [0], - [The name of the directory that contains temporary libtool files])dnl -m4_pattern_allow([LT_OBJDIR])dnl -AC_DEFINE_UNQUOTED(LT_OBJDIR, "$lt_cv_objdir/", - [Define to the sub-directory in which libtool stores uninstalled libraries.]) -])# _LT_CHECK_OBJDIR - - -# _LT_LINKER_HARDCODE_LIBPATH([TAGNAME]) -# -------------------------------------- -# Check hardcoding attributes. -m4_defun([_LT_LINKER_HARDCODE_LIBPATH], -[AC_MSG_CHECKING([how to hardcode library paths into programs]) -_LT_TAGVAR(hardcode_action, $1)= -if test -n "$_LT_TAGVAR(hardcode_libdir_flag_spec, $1)" || - test -n "$_LT_TAGVAR(runpath_var, $1)" || - test "X$_LT_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then - - # We can hardcode non-existent directories. - if test "$_LT_TAGVAR(hardcode_direct, $1)" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_TAGVAR(hardcode_shlibpath_var, $1)" != no && - test "$_LT_TAGVAR(hardcode_minus_L, $1)" != no; then - # Linking always hardcodes the temporary library directory. - _LT_TAGVAR(hardcode_action, $1)=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - _LT_TAGVAR(hardcode_action, $1)=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - _LT_TAGVAR(hardcode_action, $1)=unsupported -fi -AC_MSG_RESULT([$_LT_TAGVAR(hardcode_action, $1)]) - -if test "$_LT_TAGVAR(hardcode_action, $1)" = relink || - test "$_LT_TAGVAR(inherit_rpath, $1)" = yes; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi -_LT_TAGDECL([], [hardcode_action], [0], - [How to hardcode a shared library path into an executable]) -])# _LT_LINKER_HARDCODE_LIBPATH - - -# _LT_CMD_STRIPLIB -# ---------------- -m4_defun([_LT_CMD_STRIPLIB], -[m4_require([_LT_DECL_EGREP]) -striplib= -old_striplib= -AC_MSG_CHECKING([whether stripping libraries is possible]) -if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - AC_MSG_RESULT([yes]) -else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP" ; then - striplib="$STRIP -x" - old_striplib="$STRIP -S" - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([no]) - fi - ;; - *) - AC_MSG_RESULT([no]) - ;; - esac -fi -_LT_DECL([], [old_striplib], [1], [Commands to strip libraries]) -_LT_DECL([], [striplib], [1]) -])# _LT_CMD_STRIPLIB - - -# _LT_SYS_DYNAMIC_LINKER([TAG]) -# ----------------------------- -# PORTME Fill in your ld.so characteristics -m4_defun([_LT_SYS_DYNAMIC_LINKER], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -m4_require([_LT_DECL_EGREP])dnl -m4_require([_LT_FILEUTILS_DEFAULTS])dnl -m4_require([_LT_DECL_OBJDUMP])dnl -m4_require([_LT_DECL_SED])dnl -m4_require([_LT_CHECK_SHELL_FEATURES])dnl -AC_MSG_CHECKING([dynamic linker characteristics]) -m4_if([$1], - [], [ -if test "$GCC" = yes; then - case $host_os in - darwin*) lt_awk_arg="/^libraries:/,/LR/" ;; - *) lt_awk_arg="/^libraries:/" ;; - esac - case $host_os in - mingw* | cegcc*) lt_sed_strip_eq="s,=\([[A-Za-z]]:\),\1,g" ;; - *) lt_sed_strip_eq="s,=/,/,g" ;; - esac - lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq` - case $lt_search_path_spec in - *\;*) - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'` - ;; - *) - lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"` - ;; - esac - # Ok, now we have the path, separated by spaces, we can step through it - # and add multilib dir if necessary. - lt_tmp_lt_search_path_spec= - lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null` - for lt_sys_path in $lt_search_path_spec; do - if test -d "$lt_sys_path/$lt_multi_os_dir"; then - lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir" - else - test -d "$lt_sys_path" && \ - lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path" - fi - done - lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk ' -BEGIN {RS=" "; FS="/|\n";} { - lt_foo=""; - lt_count=0; - for (lt_i = NF; lt_i > 0; lt_i--) { - if ($lt_i != "" && $lt_i != ".") { - if ($lt_i == "..") { - lt_count++; - } else { - if (lt_count == 0) { - lt_foo="/" $lt_i lt_foo; - } else { - lt_count--; - } - } - } - } - if (lt_foo != "") { lt_freq[[lt_foo]]++; } - if (lt_freq[[lt_foo]] == 1) { print lt_foo; } -}'` - # AWK program above erroneously prepends '/' to C:/dos/paths - # for these hosts. - case $host_os in - mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\ - $SED 's,/\([[A-Za-z]]:\),\1,g'` ;; - esac - sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP` -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi]) -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix[[4-9]]*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[[01]] | aix4.[[01]].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - case $host_cpu in - powerpc) - # Since July 2007 AmigaOS4 officially supports .so libraries. - # When compiling the executable, add -use-dynld -Lsobjs: to the compileline. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - ;; - m68k) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - esac - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[[45]]*) - version_type=linux # correct to gnu/linux during the next big refactor - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32* | cegcc*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$cc_basename in - yes,*) - # gcc - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname~ - if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then - eval '\''$striplib \$dldir/$dlname'\'' || exit \$?; - fi' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $RM \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' -m4_if([$1], [],[ - sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"]) - ;; - mingw* | cegcc*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - ;; - esac - dynamic_linker='Win32 ld.exe' - ;; - - *,cl*) - # Native MSVC - libname_spec='$name' - soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - library_names_spec='${libname}.dll.lib' - - case $build_os in - mingw*) - sys_lib_search_path_spec= - lt_save_ifs=$IFS - IFS=';' - for lt_path in $LIB - do - IFS=$lt_save_ifs - # Let DOS variable expansion print the short 8.3 style file name. - lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` - sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" - done - IFS=$lt_save_ifs - # Convert to MSYS style. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'` - ;; - cygwin*) - # Convert to unix form, then to dos form, then back to unix form - # but this time dos style (no spaces!) so that the unix form looks - # like /cygdrive/c/PROGRA~1:/cygdr... - sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` - sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` - sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - ;; - *) - sys_lib_search_path_spec="$LIB" - if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then - # It is most probably a Windows format PATH. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - # FIXME: find the short name or the path components, as spaces are - # common. (e.g. "Program Files" -> "PROGRA~1") - ;; - esac - - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $RM \$dlpath' - shlibpath_overrides_runpath=yes - dynamic_linker='Win32 link.exe' - ;; - - *) - # Assume MSVC wrapper - library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib' - dynamic_linker='Win32 ld.exe' - ;; - esac - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' -m4_if([$1], [],[ - sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"]) - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[[23]].*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2.*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[[01]]* | freebsdelf3.[[01]]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \ - freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - *) # from 4.6 on, and DragonFly - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -haiku*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - dynamic_linker="$host_os runtime_loader" - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LIBRARY_PATH - shlibpath_overrides_runpath=yes - sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib' - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555, ... - postinstall_cmds='chmod 555 $lib' - # or fails outright, so override atomically: - install_override_mode=555 - ;; - -interix[[3-9]]*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux # correct to gnu/linux during the next big refactor - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be glibc/ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - - # Some binutils ld are patched to set DT_RUNPATH - AC_CACHE_VAL([lt_cv_shlibpath_overrides_runpath], - [lt_cv_shlibpath_overrides_runpath=no - save_LDFLAGS=$LDFLAGS - save_libdir=$libdir - eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \ - LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\"" - AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], - [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null], - [lt_cv_shlibpath_overrides_runpath=yes])]) - LDFLAGS=$save_LDFLAGS - libdir=$save_libdir - ]) - shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath - - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -netbsdelf*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='NetBSD ld.elf_so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -*nto* | *qnx*) - version_type=qnx - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='ldqnx.so' - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[[89]] | openbsd2.[[89]].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -rdos*) - dynamic_linker=no - ;; - -solaris*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -tpf*) - # TPF is a cross-target only. Preferred cross-host = GNU/Linux. - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -uts4*) - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -AC_MSG_RESULT([$dynamic_linker]) -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then - sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" -fi -if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then - sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" -fi - -_LT_DECL([], [variables_saved_for_relink], [1], - [Variables whose values should be saved in libtool wrapper scripts and - restored at link time]) -_LT_DECL([], [need_lib_prefix], [0], - [Do we need the "lib" prefix for modules?]) -_LT_DECL([], [need_version], [0], [Do we need a version for libraries?]) -_LT_DECL([], [version_type], [0], [Library versioning type]) -_LT_DECL([], [runpath_var], [0], [Shared library runtime path variable]) -_LT_DECL([], [shlibpath_var], [0],[Shared library path variable]) -_LT_DECL([], [shlibpath_overrides_runpath], [0], - [Is shlibpath searched before the hard-coded library search path?]) -_LT_DECL([], [libname_spec], [1], [Format of library name prefix]) -_LT_DECL([], [library_names_spec], [1], - [[List of archive names. First name is the real one, the rest are links. - The last name is the one that the linker finds with -lNAME]]) -_LT_DECL([], [soname_spec], [1], - [[The coded name of the library, if different from the real name]]) -_LT_DECL([], [install_override_mode], [1], - [Permission mode override for installation of shared libraries]) -_LT_DECL([], [postinstall_cmds], [2], - [Command to use after installation of a shared archive]) -_LT_DECL([], [postuninstall_cmds], [2], - [Command to use after uninstallation of a shared archive]) -_LT_DECL([], [finish_cmds], [2], - [Commands used to finish a libtool library installation in a directory]) -_LT_DECL([], [finish_eval], [1], - [[As "finish_cmds", except a single script fragment to be evaled but - not shown]]) -_LT_DECL([], [hardcode_into_libs], [0], - [Whether we should hardcode library paths into libraries]) -_LT_DECL([], [sys_lib_search_path_spec], [2], - [Compile-time system search path for libraries]) -_LT_DECL([], [sys_lib_dlsearch_path_spec], [2], - [Run-time system search path for libraries]) -])# _LT_SYS_DYNAMIC_LINKER - - -# _LT_PATH_TOOL_PREFIX(TOOL) -# -------------------------- -# find a file program which can recognize shared library -AC_DEFUN([_LT_PATH_TOOL_PREFIX], -[m4_require([_LT_DECL_EGREP])dnl -AC_MSG_CHECKING([for $1]) -AC_CACHE_VAL(lt_cv_path_MAGIC_CMD, -[case $MAGIC_CMD in -[[\\/*] | ?:[\\/]*]) - lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. - ;; -*) - lt_save_MAGIC_CMD="$MAGIC_CMD" - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR -dnl $ac_dummy forces splitting on constant user-supplied paths. -dnl POSIX.2 word splitting is done only on the output of word expansions, -dnl not every word. This closes a longstanding sh security hole. - ac_dummy="m4_if([$2], , $PATH, [$2])" - for ac_dir in $ac_dummy; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$1; then - lt_cv_path_MAGIC_CMD="$ac_dir/$1" - if test -n "$file_magic_test_file"; then - case $deplibs_check_method in - "file_magic "*) - file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` - MAGIC_CMD="$lt_cv_path_MAGIC_CMD" - if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | - $EGREP "$file_magic_regex" > /dev/null; then - : - else - cat <<_LT_EOF 1>&2 - -*** Warning: the command libtool uses to detect shared libraries, -*** $file_magic_cmd, produces output that libtool cannot recognize. -*** The result is that libtool may fail to recognize shared libraries -*** as such. This will affect the creation of libtool libraries that -*** depend on shared libraries, but programs linked with such libtool -*** libraries will work regardless of this problem. Nevertheless, you -*** may want to report the problem to your system manager and/or to -*** bug-libtool@gnu.org - -_LT_EOF - fi ;; - esac - fi - break - fi - done - IFS="$lt_save_ifs" - MAGIC_CMD="$lt_save_MAGIC_CMD" - ;; -esac]) -MAGIC_CMD="$lt_cv_path_MAGIC_CMD" -if test -n "$MAGIC_CMD"; then - AC_MSG_RESULT($MAGIC_CMD) -else - AC_MSG_RESULT(no) -fi -_LT_DECL([], [MAGIC_CMD], [0], - [Used to examine libraries when file_magic_cmd begins with "file"])dnl -])# _LT_PATH_TOOL_PREFIX - -# Old name: -AU_ALIAS([AC_PATH_TOOL_PREFIX], [_LT_PATH_TOOL_PREFIX]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_PATH_TOOL_PREFIX], []) - - -# _LT_PATH_MAGIC -# -------------- -# find a file program which can recognize a shared library -m4_defun([_LT_PATH_MAGIC], -[_LT_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH) -if test -z "$lt_cv_path_MAGIC_CMD"; then - if test -n "$ac_tool_prefix"; then - _LT_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH) - else - MAGIC_CMD=: - fi -fi -])# _LT_PATH_MAGIC - - -# LT_PATH_LD -# ---------- -# find the pathname to the GNU or non-GNU linker -AC_DEFUN([LT_PATH_LD], -[AC_REQUIRE([AC_PROG_CC])dnl -AC_REQUIRE([AC_CANONICAL_HOST])dnl -AC_REQUIRE([AC_CANONICAL_BUILD])dnl -m4_require([_LT_DECL_SED])dnl -m4_require([_LT_DECL_EGREP])dnl -m4_require([_LT_PROG_ECHO_BACKSLASH])dnl - -AC_ARG_WITH([gnu-ld], - [AS_HELP_STRING([--with-gnu-ld], - [assume the C compiler uses GNU ld @<:@default=no@:>@])], - [test "$withval" = no || with_gnu_ld=yes], - [with_gnu_ld=no])dnl - -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - AC_MSG_CHECKING([for ld used by $CC]) - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [[\\/]]* | ?:[[\\/]]*) - re_direlt='/[[^/]][[^/]]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` - while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do - ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - AC_MSG_CHECKING([for GNU ld]) -else - AC_MSG_CHECKING([for non-GNU ld]) -fi -AC_CACHE_VAL(lt_cv_path_LD, -[if test -z "$LD"; then - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &1 /dev/null 2>&1; then - lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='func_win32_libid' - else - # Keep this pattern in sync with the one in func_win32_libid. - lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' - lt_cv_file_magic_cmd='$OBJDUMP -f' - fi - ;; - -cegcc*) - # use the weaker test based on 'objdump'. See mingw*. - lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' - lt_cv_file_magic_cmd='$OBJDUMP -f' - ;; - -darwin* | rhapsody*) - lt_cv_deplibs_check_method=pass_all - ;; - -freebsd* | dragonfly*) - if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then - case $host_cpu in - i*86 ) - # Not sure whether the presence of OpenBSD here was a mistake. - # Let's accept both of them until this is cleared up. - lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` - ;; - esac - else - lt_cv_deplibs_check_method=pass_all - fi - ;; - -haiku*) - lt_cv_deplibs_check_method=pass_all - ;; - -hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file - case $host_cpu in - ia64*) - lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64' - lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so - ;; - hppa*64*) - [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]'] - lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl - ;; - *) - lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]]\.[[0-9]]) shared library' - lt_cv_file_magic_test_file=/usr/lib/libc.sl - ;; - esac - ;; - -interix[[3-9]]*) - # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$' - ;; - -irix5* | irix6* | nonstopux*) - case $LD in - *-32|*"-32 ") libmagic=32-bit;; - *-n32|*"-n32 ") libmagic=N32;; - *-64|*"-64 ") libmagic=64-bit;; - *) libmagic=never-match;; - esac - lt_cv_deplibs_check_method=pass_all - ;; - -# This must be glibc/ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - -netbsd* | netbsdelf*-gnu) - if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$' - fi - ;; - -newos6*) - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=/usr/lib/libnls.so - ;; - -*nto* | *qnx*) - lt_cv_deplibs_check_method=pass_all - ;; - -openbsd*) - if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' - fi - ;; - -osf3* | osf4* | osf5*) - lt_cv_deplibs_check_method=pass_all - ;; - -rdos*) - lt_cv_deplibs_check_method=pass_all - ;; - -solaris*) - lt_cv_deplibs_check_method=pass_all - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - lt_cv_deplibs_check_method=pass_all - ;; - -sysv4 | sysv4.3*) - case $host_vendor in - motorola) - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]' - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` - ;; - ncr) - lt_cv_deplibs_check_method=pass_all - ;; - sequent) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )' - ;; - sni) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib" - lt_cv_file_magic_test_file=/lib/libc.so - ;; - siemens) - lt_cv_deplibs_check_method=pass_all - ;; - pc) - lt_cv_deplibs_check_method=pass_all - ;; - esac - ;; - -tpf*) - lt_cv_deplibs_check_method=pass_all - ;; -esac -]) - -file_magic_glob= -want_nocaseglob=no -if test "$build" = "$host"; then - case $host_os in - mingw* | pw32*) - if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then - want_nocaseglob=yes - else - file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[[\1]]\/[[\1]]\/g;/g"` - fi - ;; - esac -fi - -file_magic_cmd=$lt_cv_file_magic_cmd -deplibs_check_method=$lt_cv_deplibs_check_method -test -z "$deplibs_check_method" && deplibs_check_method=unknown - -_LT_DECL([], [deplibs_check_method], [1], - [Method to check whether dependent libraries are shared objects]) -_LT_DECL([], [file_magic_cmd], [1], - [Command to use when deplibs_check_method = "file_magic"]) -_LT_DECL([], [file_magic_glob], [1], - [How to find potential files when deplibs_check_method = "file_magic"]) -_LT_DECL([], [want_nocaseglob], [1], - [Find potential files using nocaseglob when deplibs_check_method = "file_magic"]) -])# _LT_CHECK_MAGIC_METHOD - - -# LT_PATH_NM -# ---------- -# find the pathname to a BSD- or MS-compatible name lister -AC_DEFUN([LT_PATH_NM], -[AC_REQUIRE([AC_PROG_CC])dnl -AC_CACHE_CHECK([for BSD- or MS-compatible name lister (nm)], lt_cv_path_NM, -[if test -n "$NM"; then - # Let the user override the test. - lt_cv_path_NM="$NM" -else - lt_nm_to_check="${ac_tool_prefix}nm" - if test -n "$ac_tool_prefix" && test "$build" = "$host"; then - lt_nm_to_check="$lt_nm_to_check nm" - fi - for lt_tmp_nm in $lt_nm_to_check; do - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - tmp_nm="$ac_dir/$lt_tmp_nm" - if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then - # Check to see if the nm accepts a BSD-compat flag. - # Adding the `sed 1q' prevents false positives on HP-UX, which says: - # nm: unknown option "B" ignored - # Tru64's nm complains that /dev/null is an invalid object file - case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in - */dev/null* | *'Invalid file or object type'*) - lt_cv_path_NM="$tmp_nm -B" - break - ;; - *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in - */dev/null*) - lt_cv_path_NM="$tmp_nm -p" - break - ;; - *) - lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but - continue # so that we can try to find one that supports BSD flags - ;; - esac - ;; - esac - fi - done - IFS="$lt_save_ifs" - done - : ${lt_cv_path_NM=no} -fi]) -if test "$lt_cv_path_NM" != "no"; then - NM="$lt_cv_path_NM" -else - # Didn't find any BSD compatible name lister, look for dumpbin. - if test -n "$DUMPBIN"; then : - # Let the user override the test. - else - AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :) - case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in - *COFF*) - DUMPBIN="$DUMPBIN -symbols" - ;; - *) - DUMPBIN=: - ;; - esac - fi - AC_SUBST([DUMPBIN]) - if test "$DUMPBIN" != ":"; then - NM="$DUMPBIN" - fi -fi -test -z "$NM" && NM=nm -AC_SUBST([NM]) -_LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl - -AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface], - [lt_cv_nm_interface="BSD nm" - echo "int some_variable = 0;" > conftest.$ac_ext - (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&AS_MESSAGE_LOG_FD) - (eval "$ac_compile" 2>conftest.err) - cat conftest.err >&AS_MESSAGE_LOG_FD - (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD) - (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) - cat conftest.err >&AS_MESSAGE_LOG_FD - (eval echo "\"\$as_me:$LINENO: output\"" >&AS_MESSAGE_LOG_FD) - cat conftest.out >&AS_MESSAGE_LOG_FD - if $GREP 'External.*some_variable' conftest.out > /dev/null; then - lt_cv_nm_interface="MS dumpbin" - fi - rm -f conftest*]) -])# LT_PATH_NM - -# Old names: -AU_ALIAS([AM_PROG_NM], [LT_PATH_NM]) -AU_ALIAS([AC_PROG_NM], [LT_PATH_NM]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AM_PROG_NM], []) -dnl AC_DEFUN([AC_PROG_NM], []) - -# _LT_CHECK_SHAREDLIB_FROM_LINKLIB -# -------------------------------- -# how to determine the name of the shared library -# associated with a specific link library. -# -- PORTME fill in with the dynamic library characteristics -m4_defun([_LT_CHECK_SHAREDLIB_FROM_LINKLIB], -[m4_require([_LT_DECL_EGREP]) -m4_require([_LT_DECL_OBJDUMP]) -m4_require([_LT_DECL_DLLTOOL]) -AC_CACHE_CHECK([how to associate runtime and link libraries], -lt_cv_sharedlib_from_linklib_cmd, -[lt_cv_sharedlib_from_linklib_cmd='unknown' - -case $host_os in -cygwin* | mingw* | pw32* | cegcc*) - # two different shell functions defined in ltmain.sh - # decide which to use based on capabilities of $DLLTOOL - case `$DLLTOOL --help 2>&1` in - *--identify-strict*) - lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib - ;; - *) - lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback - ;; - esac - ;; -*) - # fallback: assume linklib IS sharedlib - lt_cv_sharedlib_from_linklib_cmd="$ECHO" - ;; -esac -]) -sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd -test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO - -_LT_DECL([], [sharedlib_from_linklib_cmd], [1], - [Command to associate shared and link libraries]) -])# _LT_CHECK_SHAREDLIB_FROM_LINKLIB - - -# _LT_PATH_MANIFEST_TOOL -# ---------------------- -# locate the manifest tool -m4_defun([_LT_PATH_MANIFEST_TOOL], -[AC_CHECK_TOOL(MANIFEST_TOOL, mt, :) -test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt -AC_CACHE_CHECK([if $MANIFEST_TOOL is a manifest tool], [lt_cv_path_mainfest_tool], - [lt_cv_path_mainfest_tool=no - echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&AS_MESSAGE_LOG_FD - $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out - cat conftest.err >&AS_MESSAGE_LOG_FD - if $GREP 'Manifest Tool' conftest.out > /dev/null; then - lt_cv_path_mainfest_tool=yes - fi - rm -f conftest*]) -if test "x$lt_cv_path_mainfest_tool" != xyes; then - MANIFEST_TOOL=: -fi -_LT_DECL([], [MANIFEST_TOOL], [1], [Manifest tool])dnl -])# _LT_PATH_MANIFEST_TOOL - - -# LT_LIB_M -# -------- -# check for math library -AC_DEFUN([LT_LIB_M], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -LIBM= -case $host in -*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*) - # These system don't have libm, or don't need it - ;; -*-ncr-sysv4.3*) - AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw") - AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm") - ;; -*) - AC_CHECK_LIB(m, cos, LIBM="-lm") - ;; -esac -AC_SUBST([LIBM]) -])# LT_LIB_M - -# Old name: -AU_ALIAS([AC_CHECK_LIBM], [LT_LIB_M]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_CHECK_LIBM], []) - - -# _LT_COMPILER_NO_RTTI([TAGNAME]) -# ------------------------------- -m4_defun([_LT_COMPILER_NO_RTTI], -[m4_require([_LT_TAG_COMPILER])dnl - -_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= - -if test "$GCC" = yes; then - case $cc_basename in - nvcc*) - _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -Xcompiler -fno-builtin' ;; - *) - _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' ;; - esac - - _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions], - lt_cv_prog_compiler_rtti_exceptions, - [-fno-rtti -fno-exceptions], [], - [_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"]) -fi -_LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1], - [Compiler flag to turn off builtin functions]) -])# _LT_COMPILER_NO_RTTI - - -# _LT_CMD_GLOBAL_SYMBOLS -# ---------------------- -m4_defun([_LT_CMD_GLOBAL_SYMBOLS], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -AC_REQUIRE([AC_PROG_CC])dnl -AC_REQUIRE([AC_PROG_AWK])dnl -AC_REQUIRE([LT_PATH_NM])dnl -AC_REQUIRE([LT_PATH_LD])dnl -m4_require([_LT_DECL_SED])dnl -m4_require([_LT_DECL_EGREP])dnl -m4_require([_LT_TAG_COMPILER])dnl - -# Check for command to grab the raw symbol name followed by C symbol from nm. -AC_MSG_CHECKING([command to parse $NM output from $compiler object]) -AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe], -[ -# These are sane defaults that work on at least a few old systems. -# [They come from Ultrix. What could be older than Ultrix?!! ;)] - -# Character class describing NM global symbol codes. -symcode='[[BCDEGRST]]' - -# Regexp to match symbols that can be accessed directly from C. -sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)' - -# Define system-specific variables. -case $host_os in -aix*) - symcode='[[BCDT]]' - ;; -cygwin* | mingw* | pw32* | cegcc*) - symcode='[[ABCDGISTW]]' - ;; -hpux*) - if test "$host_cpu" = ia64; then - symcode='[[ABCDEGRST]]' - fi - ;; -irix* | nonstopux*) - symcode='[[BCDEGRST]]' - ;; -osf*) - symcode='[[BCDEGQRST]]' - ;; -solaris*) - symcode='[[BDRT]]' - ;; -sco3.2v5*) - symcode='[[DT]]' - ;; -sysv4.2uw2*) - symcode='[[DT]]' - ;; -sysv5* | sco5v6* | unixware* | OpenUNIX*) - symcode='[[ABDT]]' - ;; -sysv4) - symcode='[[DFNSTU]]' - ;; -esac - -# If we're using GNU nm, then use its standard symbol codes. -case `$NM -V 2>&1` in -*GNU* | *'with BFD'*) - symcode='[[ABCDGIRSTW]]' ;; -esac - -# Transform an extracted symbol line into a proper C declaration. -# Some systems (esp. on ia64) link data and code symbols differently, -# so use this general approach. -lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - -# Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p'" -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"lib\2\", (void *) \&\2},/p'" - -# Handle CRLF in mingw tool chain -opt_cr= -case $build_os in -mingw*) - opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp - ;; -esac - -# Try without a prefix underscore, then with it. -for ac_symprfx in "" "_"; do - - # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. - symxfrm="\\1 $ac_symprfx\\2 \\2" - - # Write the raw and C identifiers. - if test "$lt_cv_nm_interface" = "MS dumpbin"; then - # Fake it for dumpbin and say T for any non-static function - # and D for any global variable. - # Also find C++ and __fastcall symbols from MSVC++, - # which start with @ or ?. - lt_cv_sys_global_symbol_pipe="$AWK ['"\ -" {last_section=section; section=\$ 3};"\ -" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\ -" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ -" \$ 0!~/External *\|/{next};"\ -" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ -" {if(hide[section]) next};"\ -" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\ -" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\ -" s[1]~/^[@?]/{print s[1], s[1]; next};"\ -" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\ -" ' prfx=^$ac_symprfx]" - else - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" - fi - lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" - - # Check to see that the pipe works correctly. - pipe_works=no - - rm -f conftest* - cat > conftest.$ac_ext <<_LT_EOF -#ifdef __cplusplus -extern "C" { -#endif -char nm_test_var; -void nm_test_func(void); -void nm_test_func(void){} -#ifdef __cplusplus -} -#endif -int main(){nm_test_var='a';nm_test_func();return(0);} -_LT_EOF - - if AC_TRY_EVAL(ac_compile); then - # Now try to grab the symbols. - nlist=conftest.nm - if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then - # Try sorting and uniquifying the output. - if sort "$nlist" | uniq > "$nlist"T; then - mv -f "$nlist"T "$nlist" - else - rm -f "$nlist"T - fi - - # Make sure that we snagged all the symbols we need. - if $GREP ' nm_test_var$' "$nlist" >/dev/null; then - if $GREP ' nm_test_func$' "$nlist" >/dev/null; then - cat <<_LT_EOF > conftest.$ac_ext -/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ -#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) -/* DATA imports from DLLs on WIN32 con't be const, because runtime - relocations are performed -- see ld's documentation on pseudo-relocs. */ -# define LT@&t@_DLSYM_CONST -#elif defined(__osf__) -/* This system does not cope well with relocations in const data. */ -# define LT@&t@_DLSYM_CONST -#else -# define LT@&t@_DLSYM_CONST const -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -_LT_EOF - # Now generate the symbol file. - eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' - - cat <<_LT_EOF >> conftest.$ac_ext - -/* The mapping between symbol names and symbols. */ -LT@&t@_DLSYM_CONST struct { - const char *name; - void *address; -} -lt__PROGRAM__LTX_preloaded_symbols[[]] = -{ - { "@PROGRAM@", (void *) 0 }, -_LT_EOF - $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext - cat <<\_LT_EOF >> conftest.$ac_ext - {0, (void *) 0} -}; - -/* This works around a problem in FreeBSD linker */ -#ifdef FREEBSD_WORKAROUND -static const void *lt_preloaded_setup() { - return lt__PROGRAM__LTX_preloaded_symbols; -} -#endif - -#ifdef __cplusplus -} -#endif -_LT_EOF - # Now try linking the two files. - mv conftest.$ac_objext conftstm.$ac_objext - lt_globsym_save_LIBS=$LIBS - lt_globsym_save_CFLAGS=$CFLAGS - LIBS="conftstm.$ac_objext" - CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)" - if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then - pipe_works=yes - fi - LIBS=$lt_globsym_save_LIBS - CFLAGS=$lt_globsym_save_CFLAGS - else - echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD - fi - else - echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD - fi - else - echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD - fi - else - echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD - cat conftest.$ac_ext >&5 - fi - rm -rf conftest* conftst* - - # Do not use the global_symbol_pipe unless it works. - if test "$pipe_works" = yes; then - break - else - lt_cv_sys_global_symbol_pipe= - fi -done -]) -if test -z "$lt_cv_sys_global_symbol_pipe"; then - lt_cv_sys_global_symbol_to_cdecl= -fi -if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then - AC_MSG_RESULT(failed) -else - AC_MSG_RESULT(ok) -fi - -# Response file support. -if test "$lt_cv_nm_interface" = "MS dumpbin"; then - nm_file_list_spec='@' -elif $NM --help 2>/dev/null | grep '[[@]]FILE' >/dev/null; then - nm_file_list_spec='@' -fi - -_LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1], - [Take the output of nm and produce a listing of raw symbols and C names]) -_LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1], - [Transform the output of nm in a proper C declaration]) -_LT_DECL([global_symbol_to_c_name_address], - [lt_cv_sys_global_symbol_to_c_name_address], [1], - [Transform the output of nm in a C name address pair]) -_LT_DECL([global_symbol_to_c_name_address_lib_prefix], - [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1], - [Transform the output of nm in a C name address pair when lib prefix is needed]) -_LT_DECL([], [nm_file_list_spec], [1], - [Specify filename containing input files for $NM]) -]) # _LT_CMD_GLOBAL_SYMBOLS - - -# _LT_COMPILER_PIC([TAGNAME]) -# --------------------------- -m4_defun([_LT_COMPILER_PIC], -[m4_require([_LT_TAG_COMPILER])dnl -_LT_TAGVAR(lt_prog_compiler_wl, $1)= -_LT_TAGVAR(lt_prog_compiler_pic, $1)= -_LT_TAGVAR(lt_prog_compiler_static, $1)= - -m4_if([$1], [CXX], [ - # C++ specific cases for pic, static, wl, etc. - if test "$GXX" = yes; then - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - - amigaos*) - case $host_cpu in - powerpc) - # see comment about AmigaOS4 .so support - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - m68k) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' - ;; - esac - ;; - - beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - mingw* | cygwin* | os2* | pw32* | cegcc*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - # Although the cygwin gcc ignores -fPIC, still need this for old-style - # (--disable-auto-import) libraries - m4_if([$1], [GCJ], [], - [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) - ;; - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' - ;; - *djgpp*) - # DJGPP does not support shared libraries at all - _LT_TAGVAR(lt_prog_compiler_pic, $1)= - ;; - haiku*) - # PIC is the default for Haiku. - # The "-static" flag exists, but is broken. - _LT_TAGVAR(lt_prog_compiler_static, $1)= - ;; - interix[[3-9]]*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - sysv4*MP*) - if test -d /usr/nec; then - _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic - fi - ;; - hpux*) - # PIC is the default for 64-bit PA HP-UX, but not for 32-bit - # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag - # sets the default TLS model and affects inlining. - case $host_cpu in - hppa*64*) - ;; - *) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - ;; - *qnx* | *nto*) - # QNX uses GNU C++, but need to define -shared option too, otherwise - # it will coredump. - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' - ;; - *) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - else - case $host_os in - aix[[4-9]]*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - else - _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' - fi - ;; - chorus*) - case $cc_basename in - cxch68*) - # Green Hills C++ Compiler - # _LT_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a" - ;; - esac - ;; - mingw* | cygwin* | os2* | pw32* | cegcc*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - m4_if([$1], [GCJ], [], - [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) - ;; - dgux*) - case $cc_basename in - ec++*) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - ;; - ghcx*) - # Green Hills C++ Compiler - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - *) - ;; - esac - ;; - freebsd* | dragonfly*) - # FreeBSD uses GNU C++ - ;; - hpux9* | hpux10* | hpux11*) - case $cc_basename in - CC*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - if test "$host_cpu" != ia64; then - _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - fi - ;; - aCC*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - ;; - esac - ;; - *) - ;; - esac - ;; - interix*) - # This is c89, which is MS Visual C++ (no shared libs) - # Anyone wants to do a port? - ;; - irix5* | irix6* | nonstopux*) - case $cc_basename in - CC*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - # CC pic flag -KPIC is the default. - ;; - *) - ;; - esac - ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) - case $cc_basename in - KCC*) - # KAI C++ Compiler - _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - ecpc* ) - # old Intel C++ for x86_64 which still supported -KPIC. - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - icpc* ) - # Intel C++, used to be incompatible with GCC. - # ICC 10 doesn't accept -KPIC any more. - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - pgCC* | pgcpp*) - # Portland Group C++ compiler - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - cxx*) - # Compaq C++ - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - _LT_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - xlc* | xlC* | bgxl[[cC]]* | mpixl[[cC]]*) - # IBM XL 8.0, 9.0 on PPC and BlueGene - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' - ;; - *) - case `$CC -V 2>&1 | sed 5q` in - *Sun\ C*) - # Sun C++ 5.9 - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - ;; - esac - ;; - esac - ;; - lynxos*) - ;; - m88k*) - ;; - mvs*) - case $cc_basename in - cxx*) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall' - ;; - *) - ;; - esac - ;; - netbsd* | netbsdelf*-gnu) - ;; - *qnx* | *nto*) - # QNX uses GNU C++, but need to define -shared option too, otherwise - # it will coredump. - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' - ;; - osf3* | osf4* | osf5*) - case $cc_basename in - KCC*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' - ;; - RCC*) - # Rational C++ 2.4.1 - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - cxx*) - # Digital/Compaq C++ - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - _LT_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - *) - ;; - esac - ;; - psos*) - ;; - solaris*) - case $cc_basename in - CC* | sunCC*) - # Sun C++ 4.2, 5.x and Centerline C++ - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - ;; - gcx*) - # Green Hills C++ Compiler - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' - ;; - *) - ;; - esac - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - lcc*) - # Lucid - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - *) - ;; - esac - ;; - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - case $cc_basename in - CC*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - ;; - *) - ;; - esac - ;; - vxworks*) - ;; - *) - _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - esac - fi -], -[ - if test "$GCC" = yes; then - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - - amigaos*) - case $host_cpu in - powerpc) - # see comment about AmigaOS4 .so support - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - m68k) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' - ;; - esac - ;; - - beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | cygwin* | pw32* | os2* | cegcc*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - # Although the cygwin gcc ignores -fPIC, still need this for old-style - # (--disable-auto-import) libraries - m4_if([$1], [GCJ], [], - [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' - ;; - - haiku*) - # PIC is the default for Haiku. - # The "-static" flag exists, but is broken. - _LT_TAGVAR(lt_prog_compiler_static, $1)= - ;; - - hpux*) - # PIC is the default for 64-bit PA HP-UX, but not for 32-bit - # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag - # sets the default TLS model and affects inlining. - case $host_cpu in - hppa*64*) - # +Z the default - ;; - *) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - ;; - - interix[[3-9]]*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - enable_shared=no - ;; - - *nto* | *qnx*) - # QNX uses GNU C++, but need to define -shared option too, otherwise - # it will coredump. - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic - fi - ;; - - *) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - - case $cc_basename in - nvcc*) # Cuda Compiler Driver 2.2 - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker ' - if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then - _LT_TAGVAR(lt_prog_compiler_pic, $1)="-Xcompiler $_LT_TAGVAR(lt_prog_compiler_pic, $1)" - fi - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - else - _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' - fi - ;; - - mingw* | cygwin* | pw32* | os2* | cegcc*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - m4_if([$1], [GCJ], [], - [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) - ;; - - hpux9* | hpux10* | hpux11*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # PIC (with -KPIC) is the default. - _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - - linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) - case $cc_basename in - # old Intel for x86_64 which still supported -KPIC. - ecc*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - # icc used to be incompatible with GCC. - # ICC 10 doesn't accept -KPIC any more. - icc* | ifort*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - # Lahey Fortran 8.1. - lf95*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared' - _LT_TAGVAR(lt_prog_compiler_static, $1)='--static' - ;; - nagfor*) - # NAG Fortran compiler - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - ccc*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # All Alpha code is PIC. - _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - xl* | bgxl* | bgf* | mpixl*) - # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' - ;; - *) - case `$CC -V 2>&1 | sed 5q` in - *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*) - # Sun Fortran 8.3 passes all unrecognized flags to the linker - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - _LT_TAGVAR(lt_prog_compiler_wl, $1)='' - ;; - *Sun\ F* | *Sun*Fortran*) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - ;; - *Sun\ C*) - # Sun C 5.9 - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - ;; - *Intel*\ [[CF]]*Compiler*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - *Portland\ Group*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - esac - ;; - esac - ;; - - newsos6) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - *nto* | *qnx*) - # QNX uses GNU C++, but need to define -shared option too, otherwise - # it will coredump. - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' - ;; - - osf3* | osf4* | osf5*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # All OSF/1 code is PIC. - _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - - rdos*) - _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - - solaris*) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - case $cc_basename in - f77* | f90* | f95* | sunf77* | sunf90* | sunf95*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';; - *) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';; - esac - ;; - - sunos4*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - unicos*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - - uts4*) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - *) - _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - esac - fi -]) -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - _LT_TAGVAR(lt_prog_compiler_pic, $1)= - ;; - *) - _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])" - ;; -esac - -AC_CACHE_CHECK([for $compiler option to produce PIC], - [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)], - [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_prog_compiler_pic, $1)]) -_LT_TAGVAR(lt_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_cv_prog_compiler_pic, $1) - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then - _LT_COMPILER_OPTION([if $compiler PIC flag $_LT_TAGVAR(lt_prog_compiler_pic, $1) works], - [_LT_TAGVAR(lt_cv_prog_compiler_pic_works, $1)], - [$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])], [], - [case $_LT_TAGVAR(lt_prog_compiler_pic, $1) in - "" | " "*) ;; - *) _LT_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_TAGVAR(lt_prog_compiler_pic, $1)" ;; - esac], - [_LT_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no]) -fi -_LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1], - [Additional compiler flags for building library objects]) - -_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1], - [How to pass a linker flag through the compiler]) -# -# Check to make sure the static flag actually works. -# -wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_TAGVAR(lt_prog_compiler_static, $1)\" -_LT_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works], - _LT_TAGVAR(lt_cv_prog_compiler_static_works, $1), - $lt_tmp_static_flag, - [], - [_LT_TAGVAR(lt_prog_compiler_static, $1)=]) -_LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1], - [Compiler flag to prevent dynamic linking]) -])# _LT_COMPILER_PIC - - -# _LT_LINKER_SHLIBS([TAGNAME]) -# ---------------------------- -# See if the linker supports building shared libraries. -m4_defun([_LT_LINKER_SHLIBS], -[AC_REQUIRE([LT_PATH_LD])dnl -AC_REQUIRE([LT_PATH_NM])dnl -m4_require([_LT_PATH_MANIFEST_TOOL])dnl -m4_require([_LT_FILEUTILS_DEFAULTS])dnl -m4_require([_LT_DECL_EGREP])dnl -m4_require([_LT_DECL_SED])dnl -m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl -m4_require([_LT_TAG_COMPILER])dnl -AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) -m4_if([$1], [CXX], [ - _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] - case $host_os in - aix[[4-9]]*) - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - # Also, AIX nm treats weak defined symbols like other global defined - # symbols, whereas GNU nm marks them as "W". - if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then - _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' - else - _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' - fi - ;; - pw32*) - _LT_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds" - ;; - cygwin* | mingw* | cegcc*) - case $cc_basename in - cl*) - _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' - ;; - *) - _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' - _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] - ;; - esac - ;; - linux* | k*bsd*-gnu | gnu*) - _LT_TAGVAR(link_all_deplibs, $1)=no - ;; - *) - _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - ;; - esac -], [ - runpath_var= - _LT_TAGVAR(allow_undefined_flag, $1)= - _LT_TAGVAR(always_export_symbols, $1)=no - _LT_TAGVAR(archive_cmds, $1)= - _LT_TAGVAR(archive_expsym_cmds, $1)= - _LT_TAGVAR(compiler_needs_object, $1)=no - _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no - _LT_TAGVAR(export_dynamic_flag_spec, $1)= - _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - _LT_TAGVAR(hardcode_automatic, $1)=no - _LT_TAGVAR(hardcode_direct, $1)=no - _LT_TAGVAR(hardcode_direct_absolute, $1)=no - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_TAGVAR(hardcode_libdir_separator, $1)= - _LT_TAGVAR(hardcode_minus_L, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_TAGVAR(inherit_rpath, $1)=no - _LT_TAGVAR(link_all_deplibs, $1)=unknown - _LT_TAGVAR(module_cmds, $1)= - _LT_TAGVAR(module_expsym_cmds, $1)= - _LT_TAGVAR(old_archive_from_new_cmds, $1)= - _LT_TAGVAR(old_archive_from_expsyms_cmds, $1)= - _LT_TAGVAR(thread_safe_flag_spec, $1)= - _LT_TAGVAR(whole_archive_flag_spec, $1)= - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - _LT_TAGVAR(include_expsyms, $1)= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - # Exclude shared library initialization/finalization symbols. -dnl Note also adjust exclude_expsyms for C++ above. - extract_expsyms_cmds= - - case $host_os in - cygwin* | mingw* | pw32* | cegcc*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - linux* | k*bsd*-gnu | gnu*) - _LT_TAGVAR(link_all_deplibs, $1)=no - ;; - esac - - _LT_TAGVAR(ld_shlibs, $1)=yes - - # On some targets, GNU ld is compatible enough with the native linker - # that we're better off using the native interface for both. - lt_use_gnu_ld_interface=no - if test "$with_gnu_ld" = yes; then - case $host_os in - aix*) - # The AIX port of GNU ld has always aspired to compatibility - # with the native linker. However, as the warning in the GNU ld - # block says, versions before 2.19.5* couldn't really create working - # shared libraries, regardless of the interface used. - case `$LD -v 2>&1` in - *\ \(GNU\ Binutils\)\ 2.19.5*) ;; - *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;; - *\ \(GNU\ Binutils\)\ [[3-9]]*) ;; - *) - lt_use_gnu_ld_interface=yes - ;; - esac - ;; - *) - lt_use_gnu_ld_interface=yes - ;; - esac - fi - - if test "$lt_use_gnu_ld_interface" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then - _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - _LT_TAGVAR(whole_archive_flag_spec, $1)= - fi - supports_anon_versioning=no - case `$LD -v 2>&1` in - *GNU\ gold*) supports_anon_versioning=yes ;; - *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix[[3-9]]*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - _LT_TAGVAR(ld_shlibs, $1)=no - cat <<_LT_EOF 1>&2 - -*** Warning: the GNU linker, at least up to release 2.19, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to install binutils -*** 2.20 or above, or modify your PATH so that a non-GNU linker is found. -*** You will then need to restart the configuration process. - -_LT_EOF - fi - ;; - - amigaos*) - case $host_cpu in - powerpc) - # see comment about AmigaOS4 .so support - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='' - ;; - m68k) - _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(hardcode_minus_L, $1)=yes - ;; - esac - ;; - - beos*) - if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - cygwin* | mingw* | pw32* | cegcc*) - # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, - # as there is no search path for DLLs. - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols' - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_TAGVAR(always_export_symbols, $1)=no - _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' - _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] - - if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - haiku*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(link_all_deplibs, $1)=yes - ;; - - interix[[3-9]]*) - _LT_TAGVAR(hardcode_direct, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) - tmp_diet=no - if test "$host_os" = linux-dietlibc; then - case $cc_basename in - diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn) - esac - fi - if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ - && test "$tmp_diet" = no - then - tmp_addflag=' $pic_flag' - tmp_sharedflag='-shared' - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95* | pgfortran*) - # Portland Group f77 and f90 compilers - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - lf95*) # Lahey Fortran 8.1 - _LT_TAGVAR(whole_archive_flag_spec, $1)= - tmp_sharedflag='--shared' ;; - xl[[cC]]* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below) - tmp_sharedflag='-qmkshrobj' - tmp_addflag= ;; - nvcc*) # Cuda Compiler Driver 2.2 - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - _LT_TAGVAR(compiler_needs_object, $1)=yes - ;; - esac - case `$CC -V 2>&1 | sed 5q` in - *Sun\ C*) # Sun C 5.9 - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - _LT_TAGVAR(compiler_needs_object, $1)=yes - tmp_sharedflag='-G' ;; - *Sun\ F*) # Sun Fortran 8.3 - tmp_sharedflag='-G' ;; - esac - _LT_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test "x$supports_anon_versioning" = xyes; then - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - - case $cc_basename in - xlf* | bgf* | bgxlf* | mpixlf*) - # IBM XL Fortran 10.1 on PPC cannot create shared libs itself - _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' - if test "x$supports_anon_versioning" = xyes; then - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - echo "local: *; };" >> $output_objdir/$libname.ver~ - $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' - fi - ;; - esac - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - netbsd* | netbsdelf*-gnu) - if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then - _LT_TAGVAR(ld_shlibs, $1)=no - cat <<_LT_EOF 1>&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*) - _LT_TAGVAR(ld_shlibs, $1)=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - # For security reasons, it is highly recommended that you always - # use absolute paths for naming shared libraries, and exclude the - # DT_RUNPATH tag from executables and libraries. But doing so - # requires that you compile everything twice, which is a pain. - if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - - sunos4*) - _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - *) - if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - - if test "$_LT_TAGVAR(ld_shlibs, $1)" = no; then - runpath_var= - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_TAGVAR(export_dynamic_flag_spec, $1)= - _LT_TAGVAR(whole_archive_flag_spec, $1)= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_TAGVAR(always_export_symbols, $1)=yes - _LT_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - _LT_TAGVAR(hardcode_minus_L, $1)=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - _LT_TAGVAR(hardcode_direct, $1)=unsupported - fi - ;; - - aix[[4-9]]*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - # Also, AIX nm treats weak defined symbols like other global - # defined symbols, whereas GNU nm marks them as "W". - if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then - _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' - else - _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - _LT_TAGVAR(archive_cmds, $1)='' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_direct_absolute, $1)=yes - _LT_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_TAGVAR(link_all_deplibs, $1)=yes - _LT_TAGVAR(file_list_spec, $1)='${wl}-f,' - - if test "$GCC" = yes; then - case $host_os in aix4.[[012]]|aix4.[[012]].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && - strings "$collect2name" | $GREP resolve_lib_name >/dev/null - then - # We have reworked collect2 - : - else - # We have old collect2 - _LT_TAGVAR(hardcode_direct, $1)=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - _LT_TAGVAR(hardcode_minus_L, $1)=yes - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - _LT_TAGVAR(link_all_deplibs, $1)=no - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall' - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - _LT_TAGVAR(always_export_symbols, $1)=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - _LT_TAGVAR(allow_undefined_flag, $1)='-berok' - # Determine the default libpath from the value encoded in an - # empty executable. - _LT_SYS_MODULE_PATH_AIX([$1]) - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' - _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs" - _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an - # empty executable. - _LT_SYS_MODULE_PATH_AIX([$1]) - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' - _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' - if test "$with_gnu_ld" = yes; then - # We only use this code for GNU lds that support --whole-archive. - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' - else - # Exported symbols can be pulled into shared objects from archives - _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience' - fi - _LT_TAGVAR(archive_cmds_need_lc, $1)=yes - # This is similar to how AIX traditionally builds its shared libraries. - _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - amigaos*) - case $host_cpu in - powerpc) - # see comment about AmigaOS4 .so support - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='' - ;; - m68k) - _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(hardcode_minus_L, $1)=yes - ;; - esac - ;; - - bsdi[[45]]*) - _LT_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic - ;; - - cygwin* | mingw* | pw32* | cegcc*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - case $cc_basename in - cl*) - # Native MSVC - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_TAGVAR(always_export_symbols, $1)=yes - _LT_TAGVAR(file_list_spec, $1)='@' - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' - _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; - else - sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; - fi~ - $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ - linknames=' - # The linker will not automatically build a static lib if we build a DLL. - # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' - _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' - _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' - # Don't use ranlib - _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' - _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ - lt_tool_outputfile="@TOOL_OUTPUT@"~ - case $lt_outputfile in - *.exe|*.EXE) ;; - *) - lt_outputfile="$lt_outputfile.exe" - lt_tool_outputfile="$lt_tool_outputfile.exe" - ;; - esac~ - if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then - $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; - $RM "$lt_outputfile.manifest"; - fi' - ;; - *) - # Assume MSVC wrapper - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' - # FIXME: Should let the user specify the lib program. - _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs' - _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - ;; - esac - ;; - - darwin* | rhapsody*) - _LT_DARWIN_LINKER_FEATURES($1) - ;; - - dgux*) - _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2.*) - _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_minus_L, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | dragonfly*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - hpux9*) - if test "$GCC" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_TAGVAR(hardcode_direct, $1)=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_TAGVAR(hardcode_minus_L, $1)=yes - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes && test "$with_gnu_ld" = no; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_direct_absolute, $1)=yes - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_TAGVAR(hardcode_minus_L, $1)=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes && test "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - m4_if($1, [], [ - # Older versions of the 11.00 compiler do not understand -b yet - # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) - _LT_LINKER_OPTION([if $CC understands -b], - _LT_TAGVAR(lt_cv_prog_compiler__b, $1), [-b], - [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'], - [_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'])], - [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags']) - ;; - esac - fi - if test "$with_gnu_ld" = no; then - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - - case $host_cpu in - hppa*64*|ia64*) - _LT_TAGVAR(hardcode_direct, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - *) - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_direct_absolute, $1)=yes - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_TAGVAR(hardcode_minus_L, $1)=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - # Try to use the -exported_symbol ld option, if it does not - # work, assume that -exports_file does not work either and - # implicitly export all symbols. - # This should be the same for all languages, so no per-tag cache variable. - AC_CACHE_CHECK([whether the $host_os linker accepts -exported_symbol], - [lt_cv_irix_exported_symbol], - [save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" - AC_LINK_IFELSE( - [AC_LANG_SOURCE( - [AC_LANG_CASE([C], [[int foo (void) { return 0; }]], - [C++], [[int foo (void) { return 0; }]], - [Fortran 77], [[ - subroutine foo - end]], - [Fortran], [[ - subroutine foo - end]])])], - [lt_cv_irix_exported_symbol=yes], - [lt_cv_irix_exported_symbol=no]) - LDFLAGS="$save_LDFLAGS"]) - if test "$lt_cv_irix_exported_symbol" = yes; then - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' - fi - else - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib' - fi - _LT_TAGVAR(archive_cmds_need_lc, $1)='no' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_TAGVAR(inherit_rpath, $1)=yes - _LT_TAGVAR(link_all_deplibs, $1)=yes - ;; - - netbsd* | netbsdelf*-gnu) - if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - _LT_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - newsos6) - _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - *nto* | *qnx*) - ;; - - openbsd*) - if test -f /usr/libexec/ld.so; then - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_TAGVAR(hardcode_direct_absolute, $1)=yes - if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - else - case $host_os in - openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*) - _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - ;; - *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - ;; - esac - fi - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - os2*) - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(hardcode_minus_L, $1)=yes - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - _LT_TAGVAR(old_archive_from_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - fi - _LT_TAGVAR(archive_cmds_need_lc, $1)='no' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - else - _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~ - $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp' - - # Both c and cxx compiler support -rpath directly - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - fi - _LT_TAGVAR(archive_cmds_need_lc, $1)='no' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - ;; - - solaris*) - _LT_TAGVAR(no_undefined_flag, $1)=' -z defs' - if test "$GCC" = yes; then - wlarc='${wl}' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' - else - case `$CC -V 2>&1` in - *"Compilers 5.0"*) - wlarc='' - _LT_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp' - ;; - *) - wlarc='${wl}' - _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' - ;; - esac - fi - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - case $host_os in - solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; - *) - # The compiler driver will combine and reorder linker options, - # but understands `-z linker_flag'. GCC discards it without `$wl', - # but is careful enough not to reorder. - # Supported since Solaris 2.6 (maybe 2.5.1?) - if test "$GCC" = yes; then - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' - else - _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' - fi - ;; - esac - _LT_TAGVAR(link_all_deplibs, $1)=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_minus_L, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - sysv4) - case $host_vendor in - sni) - _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_direct, $1)=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - _LT_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs' - _LT_TAGVAR(hardcode_direct, $1)=no - ;; - motorola) - _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - sysv4.3*) - _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - _LT_TAGVAR(ld_shlibs, $1)=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) - _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' - _LT_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_TAGVAR(link_all_deplibs, $1)=yes - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - *) - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - esac - - if test x$host_vendor = xsni; then - case $host in - sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Blargedynsym' - ;; - esac - fi - fi -]) -AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)]) -test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no - -_LT_TAGVAR(with_gnu_ld, $1)=$with_gnu_ld - -_LT_DECL([], [libext], [0], [Old archive suffix (normally "a")])dnl -_LT_DECL([], [shrext_cmds], [1], [Shared library suffix (normally ".so")])dnl -_LT_DECL([], [extract_expsyms_cmds], [2], - [The commands to extract the exported symbol list from a shared archive]) - -# -# Do we need to explicitly link libc? -# -case "x$_LT_TAGVAR(archive_cmds_need_lc, $1)" in -x|xyes) - # Assume -lc should be added - _LT_TAGVAR(archive_cmds_need_lc, $1)=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $_LT_TAGVAR(archive_cmds, $1) in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - AC_CACHE_CHECK([whether -lc should be explicitly linked in], - [lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1), - [$RM conftest* - echo "$lt_simple_compile_test_code" > conftest.$ac_ext - - if AC_TRY_EVAL(ac_compile) 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) - pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1) - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1) - _LT_TAGVAR(allow_undefined_flag, $1)= - if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) - then - lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=no - else - lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=yes - fi - _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $RM conftest* - ]) - _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1) - ;; - esac - fi - ;; -esac - -_LT_TAGDECL([build_libtool_need_lc], [archive_cmds_need_lc], [0], - [Whether or not to add -lc for building shared libraries]) -_LT_TAGDECL([allow_libtool_libs_with_static_runtimes], - [enable_shared_with_static_runtimes], [0], - [Whether or not to disallow shared libs when runtime libs are static]) -_LT_TAGDECL([], [export_dynamic_flag_spec], [1], - [Compiler flag to allow reflexive dlopens]) -_LT_TAGDECL([], [whole_archive_flag_spec], [1], - [Compiler flag to generate shared objects directly from archives]) -_LT_TAGDECL([], [compiler_needs_object], [1], - [Whether the compiler copes with passing no objects directly]) -_LT_TAGDECL([], [old_archive_from_new_cmds], [2], - [Create an old-style archive from a shared archive]) -_LT_TAGDECL([], [old_archive_from_expsyms_cmds], [2], - [Create a temporary old-style archive to link instead of a shared archive]) -_LT_TAGDECL([], [archive_cmds], [2], [Commands used to build a shared archive]) -_LT_TAGDECL([], [archive_expsym_cmds], [2]) -_LT_TAGDECL([], [module_cmds], [2], - [Commands used to build a loadable module if different from building - a shared archive.]) -_LT_TAGDECL([], [module_expsym_cmds], [2]) -_LT_TAGDECL([], [with_gnu_ld], [1], - [Whether we are building with GNU ld or not]) -_LT_TAGDECL([], [allow_undefined_flag], [1], - [Flag that allows shared libraries with undefined symbols to be built]) -_LT_TAGDECL([], [no_undefined_flag], [1], - [Flag that enforces no undefined symbols]) -_LT_TAGDECL([], [hardcode_libdir_flag_spec], [1], - [Flag to hardcode $libdir into a binary during linking. - This must work even if $libdir does not exist]) -_LT_TAGDECL([], [hardcode_libdir_separator], [1], - [Whether we need a single "-rpath" flag with a separated argument]) -_LT_TAGDECL([], [hardcode_direct], [0], - [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes - DIR into the resulting binary]) -_LT_TAGDECL([], [hardcode_direct_absolute], [0], - [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes - DIR into the resulting binary and the resulting library dependency is - "absolute", i.e impossible to change by setting ${shlibpath_var} if the - library is relocated]) -_LT_TAGDECL([], [hardcode_minus_L], [0], - [Set to "yes" if using the -LDIR flag during linking hardcodes DIR - into the resulting binary]) -_LT_TAGDECL([], [hardcode_shlibpath_var], [0], - [Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR - into the resulting binary]) -_LT_TAGDECL([], [hardcode_automatic], [0], - [Set to "yes" if building a shared library automatically hardcodes DIR - into the library and all subsequent libraries and executables linked - against it]) -_LT_TAGDECL([], [inherit_rpath], [0], - [Set to yes if linker adds runtime paths of dependent libraries - to runtime path list]) -_LT_TAGDECL([], [link_all_deplibs], [0], - [Whether libtool must link a program against all its dependency libraries]) -_LT_TAGDECL([], [always_export_symbols], [0], - [Set to "yes" if exported symbols are required]) -_LT_TAGDECL([], [export_symbols_cmds], [2], - [The commands to list exported symbols]) -_LT_TAGDECL([], [exclude_expsyms], [1], - [Symbols that should not be listed in the preloaded symbols]) -_LT_TAGDECL([], [include_expsyms], [1], - [Symbols that must always be exported]) -_LT_TAGDECL([], [prelink_cmds], [2], - [Commands necessary for linking programs (against libraries) with templates]) -_LT_TAGDECL([], [postlink_cmds], [2], - [Commands necessary for finishing linking programs]) -_LT_TAGDECL([], [file_list_spec], [1], - [Specify filename containing input files]) -dnl FIXME: Not yet implemented -dnl _LT_TAGDECL([], [thread_safe_flag_spec], [1], -dnl [Compiler flag to generate thread safe objects]) -])# _LT_LINKER_SHLIBS - - -# _LT_LANG_C_CONFIG([TAG]) -# ------------------------ -# Ensure that the configuration variables for a C compiler are suitably -# defined. These variables are subsequently used by _LT_CONFIG to write -# the compiler configuration to `libtool'. -m4_defun([_LT_LANG_C_CONFIG], -[m4_require([_LT_DECL_EGREP])dnl -lt_save_CC="$CC" -AC_LANG_PUSH(C) - -# Source file extension for C test sources. -ac_ext=c - -# Object file extension for compiled C test sources. -objext=o -_LT_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(){return(0);}' - -_LT_TAG_COMPILER -# Save the default compiler, since it gets overwritten when the other -# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP. -compiler_DEFAULT=$CC - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -if test -n "$compiler"; then - _LT_COMPILER_NO_RTTI($1) - _LT_COMPILER_PIC($1) - _LT_COMPILER_C_O($1) - _LT_COMPILER_FILE_LOCKS($1) - _LT_LINKER_SHLIBS($1) - _LT_SYS_DYNAMIC_LINKER($1) - _LT_LINKER_HARDCODE_LIBPATH($1) - LT_SYS_DLOPEN_SELF - _LT_CMD_STRIPLIB - - # Report which library types will actually be built - AC_MSG_CHECKING([if libtool supports shared libraries]) - AC_MSG_RESULT([$can_build_shared]) - - AC_MSG_CHECKING([whether to build shared libraries]) - test "$can_build_shared" = "no" && enable_shared=no - - # On AIX, shared libraries and static libraries use the same namespace, and - # are all built from PIC. - case $host_os in - aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; - - aix[[4-9]]*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; - esac - AC_MSG_RESULT([$enable_shared]) - - AC_MSG_CHECKING([whether to build static libraries]) - # Make sure either enable_shared or enable_static is yes. - test "$enable_shared" = yes || enable_static=yes - AC_MSG_RESULT([$enable_static]) - - _LT_CONFIG($1) -fi -AC_LANG_POP -CC="$lt_save_CC" -])# _LT_LANG_C_CONFIG - - -# _LT_LANG_CXX_CONFIG([TAG]) -# -------------------------- -# Ensure that the configuration variables for a C++ compiler are suitably -# defined. These variables are subsequently used by _LT_CONFIG to write -# the compiler configuration to `libtool'. -m4_defun([_LT_LANG_CXX_CONFIG], -[m4_require([_LT_FILEUTILS_DEFAULTS])dnl -m4_require([_LT_DECL_EGREP])dnl -m4_require([_LT_PATH_MANIFEST_TOOL])dnl -if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - AC_PROG_CXXCPP -else - _lt_caught_CXX_error=yes -fi - -AC_LANG_PUSH(C++) -_LT_TAGVAR(archive_cmds_need_lc, $1)=no -_LT_TAGVAR(allow_undefined_flag, $1)= -_LT_TAGVAR(always_export_symbols, $1)=no -_LT_TAGVAR(archive_expsym_cmds, $1)= -_LT_TAGVAR(compiler_needs_object, $1)=no -_LT_TAGVAR(export_dynamic_flag_spec, $1)= -_LT_TAGVAR(hardcode_direct, $1)=no -_LT_TAGVAR(hardcode_direct_absolute, $1)=no -_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_separator, $1)= -_LT_TAGVAR(hardcode_minus_L, $1)=no -_LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported -_LT_TAGVAR(hardcode_automatic, $1)=no -_LT_TAGVAR(inherit_rpath, $1)=no -_LT_TAGVAR(module_cmds, $1)= -_LT_TAGVAR(module_expsym_cmds, $1)= -_LT_TAGVAR(link_all_deplibs, $1)=unknown -_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds -_LT_TAGVAR(reload_flag, $1)=$reload_flag -_LT_TAGVAR(reload_cmds, $1)=$reload_cmds -_LT_TAGVAR(no_undefined_flag, $1)= -_LT_TAGVAR(whole_archive_flag_spec, $1)= -_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no - -# Source file extension for C++ test sources. -ac_ext=cpp - -# Object file extension for compiled C++ test sources. -objext=o -_LT_TAGVAR(objext, $1)=$objext - -# No sense in running all these tests if we already determined that -# the CXX compiler isn't working. Some variables (like enable_shared) -# are currently assumed to apply to all compilers on this platform, -# and will be corrupted by setting them based on a non-working compiler. -if test "$_lt_caught_CXX_error" != yes; then - # Code to be used in simple compile tests - lt_simple_compile_test_code="int some_variable = 0;" - - # Code to be used in simple link tests - lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }' - - # ltmain only uses $CC for tagged configurations so make sure $CC is set. - _LT_TAG_COMPILER - - # save warnings/boilerplate of simple test code - _LT_COMPILER_BOILERPLATE - _LT_LINKER_BOILERPLATE - - # Allow CC to be a program name with arguments. - lt_save_CC=$CC - lt_save_CFLAGS=$CFLAGS - lt_save_LD=$LD - lt_save_GCC=$GCC - GCC=$GXX - lt_save_with_gnu_ld=$with_gnu_ld - lt_save_path_LD=$lt_cv_path_LD - if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then - lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx - else - $as_unset lt_cv_prog_gnu_ld - fi - if test -n "${lt_cv_path_LDCXX+set}"; then - lt_cv_path_LD=$lt_cv_path_LDCXX - else - $as_unset lt_cv_path_LD - fi - test -z "${LDCXX+set}" || LD=$LDCXX - CC=${CXX-"c++"} - CFLAGS=$CXXFLAGS - compiler=$CC - _LT_TAGVAR(compiler, $1)=$CC - _LT_CC_BASENAME([$compiler]) - - if test -n "$compiler"; then - # We don't want -fno-exception when compiling C++ code, so set the - # no_builtin_flag separately - if test "$GXX" = yes; then - _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' - else - _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= - fi - - if test "$GXX" = yes; then - # Set up default GNU C++ configuration - - LT_PATH_LD - - # Check if GNU C++ uses GNU ld as the underlying linker, since the - # archiving commands below assume that GNU ld is being used. - if test "$with_gnu_ld" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - - # If archive_cmds runs LD, not CC, wlarc should be empty - # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to - # investigate it a little bit more. (MM) - wlarc='${wl}' - - # ancient GNU ld didn't support --whole-archive et. al. - if eval "`$CC -print-prog-name=ld` --help 2>&1" | - $GREP 'no-whole-archive' > /dev/null; then - _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - _LT_TAGVAR(whole_archive_flag_spec, $1)= - fi - else - with_gnu_ld=no - wlarc= - - # A generic and very simple default shared library creation - # command for GNU C++ for the case where it uses the native - # linker, instead of GNU ld. If possible, this setting should - # overridden to take advantage of the native linker features on - # the platform it is being used on. - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - fi - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' - - else - GXX=no - with_gnu_ld=no - wlarc= - fi - - # PORTME: fill in a description of your system's C++ link characteristics - AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) - _LT_TAGVAR(ld_shlibs, $1)=yes - case $host_os in - aix3*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - aix[[4-9]]*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) - for ld_flag in $LDFLAGS; do - case $ld_flag in - *-brtl*) - aix_use_runtimelinking=yes - break - ;; - esac - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - _LT_TAGVAR(archive_cmds, $1)='' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_direct_absolute, $1)=yes - _LT_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_TAGVAR(link_all_deplibs, $1)=yes - _LT_TAGVAR(file_list_spec, $1)='${wl}-f,' - - if test "$GXX" = yes; then - case $host_os in aix4.[[012]]|aix4.[[012]].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && - strings "$collect2name" | $GREP resolve_lib_name >/dev/null - then - # We have reworked collect2 - : - else - # We have old collect2 - _LT_TAGVAR(hardcode_direct, $1)=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - _LT_TAGVAR(hardcode_minus_L, $1)=yes - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)= - fi - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall' - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to - # export. - _LT_TAGVAR(always_export_symbols, $1)=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - _LT_TAGVAR(allow_undefined_flag, $1)='-berok' - # Determine the default libpath from the value encoded in an empty - # executable. - _LT_SYS_MODULE_PATH_AIX([$1]) - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' - _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs" - _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an - # empty executable. - _LT_SYS_MODULE_PATH_AIX([$1]) - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' - _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' - if test "$with_gnu_ld" = yes; then - # We only use this code for GNU lds that support --whole-archive. - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' - else - # Exported symbols can be pulled into shared objects from archives - _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience' - fi - _LT_TAGVAR(archive_cmds_need_lc, $1)=yes - # This is similar to how AIX traditionally builds its shared - # libraries. - _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - beos*) - if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - chorus*) - case $cc_basename in - *) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - - cygwin* | mingw* | pw32* | cegcc*) - case $GXX,$cc_basename in - ,cl* | no,cl*) - # Native MSVC - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_TAGVAR(always_export_symbols, $1)=yes - _LT_TAGVAR(file_list_spec, $1)='@' - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' - _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - $SED -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; - else - $SED -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; - fi~ - $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ - linknames=' - # The linker will not automatically build a static lib if we build a DLL. - # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' - _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - # Don't use ranlib - _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' - _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ - lt_tool_outputfile="@TOOL_OUTPUT@"~ - case $lt_outputfile in - *.exe|*.EXE) ;; - *) - lt_outputfile="$lt_outputfile.exe" - lt_tool_outputfile="$lt_tool_outputfile.exe" - ;; - esac~ - func_to_tool_file "$lt_outputfile"~ - if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then - $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; - $RM "$lt_outputfile.manifest"; - fi' - ;; - *) - # g++ - # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, - # as there is no search path for DLLs. - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols' - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_TAGVAR(always_export_symbols, $1)=no - _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - - if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - darwin* | rhapsody*) - _LT_DARWIN_LINKER_FEATURES($1) - ;; - - dgux*) - case $cc_basename in - ec++*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - ghcx*) - # Green Hills C++ Compiler - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - - freebsd2.*) - # C++ shared libraries reported to be fairly broken before - # switch to ELF - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - - freebsd-elf*) - _LT_TAGVAR(archive_cmds_need_lc, $1)=no - ;; - - freebsd* | dragonfly*) - # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF - # conventions - _LT_TAGVAR(ld_shlibs, $1)=yes - ;; - - haiku*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(link_all_deplibs, $1)=yes - ;; - - hpux9*) - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, - # but as the default - # location of the library. - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - aCC*) - _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' - ;; - *) - if test "$GXX" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - - hpux10*|hpux11*) - if test $with_gnu_ld = no; then - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - - case $host_cpu in - hppa*64*|ia64*) - ;; - *) - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - ;; - esac - fi - case $host_cpu in - hppa*64*|ia64*) - _LT_TAGVAR(hardcode_direct, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - *) - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_direct_absolute, $1)=yes - _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, - # but as the default - # location of the library. - ;; - esac - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - aCC*) - case $host_cpu in - hppa*64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' - ;; - *) - if test "$GXX" = yes; then - if test $with_gnu_ld = no; then - case $host_cpu in - hppa*64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - fi - else - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - - interix[[3-9]]*) - _LT_TAGVAR(hardcode_direct, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - irix5* | irix6*) - case $cc_basename in - CC*) - # SGI C++ - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - - # Archives containing C++ object files must be created using - # "CC -ar", where "CC" is the IRIX C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - _LT_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs' - ;; - *) - if test "$GXX" = yes; then - if test "$with_gnu_ld" = no; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib' - fi - fi - _LT_TAGVAR(link_all_deplibs, $1)=yes - ;; - esac - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_TAGVAR(inherit_rpath, $1)=yes - ;; - - linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' - - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' - ;; - icpc* | ecpc* ) - # Intel C++ - with_gnu_ld=yes - # version 8.0 and above of icpc choke on multiply defined symbols - # if we add $predep_objects and $postdep_objects, however 7.1 and - # earlier do not add the objects themselves. - case `$CC -V 2>&1` in - *"Version 7."*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - *) # Version 8.0 or newer - tmp_idyn= - case $host_cpu in - ia64*) tmp_idyn=' -i_dynamic';; - esac - _LT_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - esac - _LT_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' - ;; - pgCC* | pgcpp*) - # Portland Group C++ compiler - case `$CC -V` in - *pgCC\ [[1-5]].* | *pgcpp\ [[1-5]].*) - _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~ - rm -rf $tpldir~ - $CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~ - compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"' - _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~ - rm -rf $tpldir~ - $CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~ - $AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~ - $RANLIB $oldlib' - _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~ - rm -rf $tpldir~ - $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~ - $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~ - rm -rf $tpldir~ - $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~ - $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' - ;; - *) # Version 6 and above use weak symbols - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' - ;; - esac - - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - ;; - cxx*) - # Compaq C++ - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols' - - runpath_var=LD_RUN_PATH - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed' - ;; - xl* | mpixl* | bgxl*) - # IBM XL 8.0 on PPC, with GNU ld - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - if test "x$supports_anon_versioning" = xyes; then - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - ;; - *) - case `$CC -V 2>&1 | sed 5q` in - *Sun\ C*) - # Sun C++ 5.9 - _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' - _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - _LT_TAGVAR(compiler_needs_object, $1)=yes - - # Not sure whether something based on - # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 - # would be better. - output_verbose_link_cmd='func_echo_all' - - # Archives containing C++ object files must be created using - # "CC -xar", where "CC" is the Sun C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' - ;; - esac - ;; - esac - ;; - - lynxos*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - - m88k*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - - mvs*) - case $cc_basename in - cxx*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' - wlarc= - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - fi - # Workaround some broken pre-1.5 toolchains - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' - ;; - - *nto* | *qnx*) - _LT_TAGVAR(ld_shlibs, $1)=yes - ;; - - openbsd2*) - # C++ shared libraries are fairly broken - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - - openbsd*) - if test -f /usr/libexec/ld.so; then - _LT_TAGVAR(hardcode_direct, $1)=yes - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_TAGVAR(hardcode_direct_absolute, $1)=yes - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - fi - output_verbose_link_cmd=func_echo_all - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - osf3* | osf4* | osf5*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - - # Archives containing C++ object files must be created using - # the KAI C++ compiler. - case $host in - osf3*) _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;; - *) _LT_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' ;; - esac - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - cxx*) - case $host in - osf3*) - _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && func_echo_all "${wl}-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - ;; - *) - _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~ - echo "-hidden">> $lib.exp~ - $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~ - $RM $lib.exp' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - ;; - esac - - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - case $host in - osf3*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - ;; - *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - ;; - esac - - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' - - else - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - - psos*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - lcc*) - # Lucid - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - - solaris*) - case $cc_basename in - CC* | sunCC*) - # Sun C++ 4.2, 5.x and Centerline C++ - _LT_TAGVAR(archive_cmds_need_lc,$1)=yes - _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' - _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' - - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - case $host_os in - solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; - *) - # The compiler driver will combine and reorder linker options, - # but understands `-z linker_flag'. - # Supported since Solaris 2.6 (maybe 2.5.1?) - _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' - ;; - esac - _LT_TAGVAR(link_all_deplibs, $1)=yes - - output_verbose_link_cmd='func_echo_all' - - # Archives containing C++ object files must be created using - # "CC -xar", where "CC" is the Sun C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' - ;; - gcx*) - # Green Hills C++ Compiler - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - - # The C++ compiler must be used to create the archive. - _LT_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs' - ;; - *) - # GNU C++ compiler with Solaris linker - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs' - if $CC --version | $GREP -v '^2\.7' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -shared $pic_flag -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' - else - # g++ 2.7 appears to require `-G' NOT `-shared' on this - # platform. - _LT_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' - fi - - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir' - case $host_os in - solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; - *) - _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' - ;; - esac - fi - ;; - esac - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) - _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' - _LT_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir' - _LT_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_TAGVAR(link_all_deplibs, $1)=yes - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(old_archive_cmds, $1)='$CC -Tprelink_objects $oldobjs~ - '"$_LT_TAGVAR(old_archive_cmds, $1)" - _LT_TAGVAR(reload_cmds, $1)='$CC -Tprelink_objects $reload_objs~ - '"$_LT_TAGVAR(reload_cmds, $1)" - ;; - *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - - vxworks*) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - - *) - # FIXME: insert proper C++ library support - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - esac - - AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)]) - test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no - - _LT_TAGVAR(GCC, $1)="$GXX" - _LT_TAGVAR(LD, $1)="$LD" - - ## CAVEAT EMPTOR: - ## There is no encapsulation within the following macros, do not change - ## the running order or otherwise move them around unless you know exactly - ## what you are doing... - _LT_SYS_HIDDEN_LIBDEPS($1) - _LT_COMPILER_PIC($1) - _LT_COMPILER_C_O($1) - _LT_COMPILER_FILE_LOCKS($1) - _LT_LINKER_SHLIBS($1) - _LT_SYS_DYNAMIC_LINKER($1) - _LT_LINKER_HARDCODE_LIBPATH($1) - - _LT_CONFIG($1) - fi # test -n "$compiler" - - CC=$lt_save_CC - CFLAGS=$lt_save_CFLAGS - LDCXX=$LD - LD=$lt_save_LD - GCC=$lt_save_GCC - with_gnu_ld=$lt_save_with_gnu_ld - lt_cv_path_LDCXX=$lt_cv_path_LD - lt_cv_path_LD=$lt_save_path_LD - lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld - lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld -fi # test "$_lt_caught_CXX_error" != yes - -AC_LANG_POP -])# _LT_LANG_CXX_CONFIG - - -# _LT_FUNC_STRIPNAME_CNF -# ---------------------- -# func_stripname_cnf prefix suffix name -# strip PREFIX and SUFFIX off of NAME. -# PREFIX and SUFFIX must not contain globbing or regex special -# characters, hashes, percent signs, but SUFFIX may contain a leading -# dot (in which case that matches only a dot). -# -# This function is identical to the (non-XSI) version of func_stripname, -# except this one can be used by m4 code that may be executed by configure, -# rather than the libtool script. -m4_defun([_LT_FUNC_STRIPNAME_CNF],[dnl -AC_REQUIRE([_LT_DECL_SED]) -AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH]) -func_stripname_cnf () -{ - case ${2} in - .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; - *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; - esac -} # func_stripname_cnf -])# _LT_FUNC_STRIPNAME_CNF - -# _LT_SYS_HIDDEN_LIBDEPS([TAGNAME]) -# --------------------------------- -# Figure out "hidden" library dependencies from verbose -# compiler output when linking a shared library. -# Parse the compiler output and extract the necessary -# objects, libraries and library flags. -m4_defun([_LT_SYS_HIDDEN_LIBDEPS], -[m4_require([_LT_FILEUTILS_DEFAULTS])dnl -AC_REQUIRE([_LT_FUNC_STRIPNAME_CNF])dnl -# Dependencies to place before and after the object being linked: -_LT_TAGVAR(predep_objects, $1)= -_LT_TAGVAR(postdep_objects, $1)= -_LT_TAGVAR(predeps, $1)= -_LT_TAGVAR(postdeps, $1)= -_LT_TAGVAR(compiler_lib_search_path, $1)= - -dnl we can't use the lt_simple_compile_test_code here, -dnl because it contains code intended for an executable, -dnl not a library. It's possible we should let each -dnl tag define a new lt_????_link_test_code variable, -dnl but it's only used here... -m4_if([$1], [], [cat > conftest.$ac_ext <<_LT_EOF -int a; -void foo (void) { a = 0; } -_LT_EOF -], [$1], [CXX], [cat > conftest.$ac_ext <<_LT_EOF -class Foo -{ -public: - Foo (void) { a = 0; } -private: - int a; -}; -_LT_EOF -], [$1], [F77], [cat > conftest.$ac_ext <<_LT_EOF - subroutine foo - implicit none - integer*4 a - a=0 - return - end -_LT_EOF -], [$1], [FC], [cat > conftest.$ac_ext <<_LT_EOF - subroutine foo - implicit none - integer a - a=0 - return - end -_LT_EOF -], [$1], [GCJ], [cat > conftest.$ac_ext <<_LT_EOF -public class foo { - private int a; - public void bar (void) { - a = 0; - } -}; -_LT_EOF -], [$1], [GO], [cat > conftest.$ac_ext <<_LT_EOF -package foo -func foo() { -} -_LT_EOF -]) - -_lt_libdeps_save_CFLAGS=$CFLAGS -case "$CC $CFLAGS " in #( -*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;; -*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;; -*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;; -esac - -dnl Parse the compiler output and extract the necessary -dnl objects, libraries and library flags. -if AC_TRY_EVAL(ac_compile); then - # Parse the compiler output and extract the necessary - # objects, libraries and library flags. - - # Sentinel used to keep track of whether or not we are before - # the conftest object file. - pre_test_object_deps_done=no - - for p in `eval "$output_verbose_link_cmd"`; do - case ${prev}${p} in - - -L* | -R* | -l*) - # Some compilers place space between "-{L,R}" and the path. - # Remove the space. - if test $p = "-L" || - test $p = "-R"; then - prev=$p - continue - fi - - # Expand the sysroot to ease extracting the directories later. - if test -z "$prev"; then - case $p in - -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;; - -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;; - -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;; - esac - fi - case $p in - =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;; - esac - if test "$pre_test_object_deps_done" = no; then - case ${prev} in - -L | -R) - # Internal compiler library paths should come after those - # provided the user. The postdeps already come after the - # user supplied libs so there is no need to process them. - if test -z "$_LT_TAGVAR(compiler_lib_search_path, $1)"; then - _LT_TAGVAR(compiler_lib_search_path, $1)="${prev}${p}" - else - _LT_TAGVAR(compiler_lib_search_path, $1)="${_LT_TAGVAR(compiler_lib_search_path, $1)} ${prev}${p}" - fi - ;; - # The "-l" case would never come before the object being - # linked, so don't bother handling this case. - esac - else - if test -z "$_LT_TAGVAR(postdeps, $1)"; then - _LT_TAGVAR(postdeps, $1)="${prev}${p}" - else - _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} ${prev}${p}" - fi - fi - prev= - ;; - - *.lto.$objext) ;; # Ignore GCC LTO objects - *.$objext) - # This assumes that the test object file only shows up - # once in the compiler output. - if test "$p" = "conftest.$objext"; then - pre_test_object_deps_done=yes - continue - fi - - if test "$pre_test_object_deps_done" = no; then - if test -z "$_LT_TAGVAR(predep_objects, $1)"; then - _LT_TAGVAR(predep_objects, $1)="$p" - else - _LT_TAGVAR(predep_objects, $1)="$_LT_TAGVAR(predep_objects, $1) $p" - fi - else - if test -z "$_LT_TAGVAR(postdep_objects, $1)"; then - _LT_TAGVAR(postdep_objects, $1)="$p" - else - _LT_TAGVAR(postdep_objects, $1)="$_LT_TAGVAR(postdep_objects, $1) $p" - fi - fi - ;; - - *) ;; # Ignore the rest. - - esac - done - - # Clean up. - rm -f a.out a.exe -else - echo "libtool.m4: error: problem compiling $1 test program" -fi - -$RM -f confest.$objext -CFLAGS=$_lt_libdeps_save_CFLAGS - -# PORTME: override above test on systems where it is broken -m4_if([$1], [CXX], -[case $host_os in -interix[[3-9]]*) - # Interix 3.5 installs completely hosed .la files for C++, so rather than - # hack all around it, let's just trust "g++" to DTRT. - _LT_TAGVAR(predep_objects,$1)= - _LT_TAGVAR(postdep_objects,$1)= - _LT_TAGVAR(postdeps,$1)= - ;; - -linux*) - case `$CC -V 2>&1 | sed 5q` in - *Sun\ C*) - # Sun C++ 5.9 - - # The more standards-conforming stlport4 library is - # incompatible with the Cstd library. Avoid specifying - # it if it's in CXXFLAGS. Ignore libCrun as - # -library=stlport4 depends on it. - case " $CXX $CXXFLAGS " in - *" -library=stlport4 "*) - solaris_use_stlport4=yes - ;; - esac - - if test "$solaris_use_stlport4" != yes; then - _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun' - fi - ;; - esac - ;; - -solaris*) - case $cc_basename in - CC* | sunCC*) - # The more standards-conforming stlport4 library is - # incompatible with the Cstd library. Avoid specifying - # it if it's in CXXFLAGS. Ignore libCrun as - # -library=stlport4 depends on it. - case " $CXX $CXXFLAGS " in - *" -library=stlport4 "*) - solaris_use_stlport4=yes - ;; - esac - - # Adding this requires a known-good setup of shared libraries for - # Sun compiler versions before 5.6, else PIC objects from an old - # archive will be linked into the output, leading to subtle bugs. - if test "$solaris_use_stlport4" != yes; then - _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun' - fi - ;; - esac - ;; -esac -]) - -case " $_LT_TAGVAR(postdeps, $1) " in -*" -lc "*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;; -esac - _LT_TAGVAR(compiler_lib_search_dirs, $1)= -if test -n "${_LT_TAGVAR(compiler_lib_search_path, $1)}"; then - _LT_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'` -fi -_LT_TAGDECL([], [compiler_lib_search_dirs], [1], - [The directories searched by this compiler when creating a shared library]) -_LT_TAGDECL([], [predep_objects], [1], - [Dependencies to place before and after the objects being linked to - create a shared library]) -_LT_TAGDECL([], [postdep_objects], [1]) -_LT_TAGDECL([], [predeps], [1]) -_LT_TAGDECL([], [postdeps], [1]) -_LT_TAGDECL([], [compiler_lib_search_path], [1], - [The library search path used internally by the compiler when linking - a shared library]) -])# _LT_SYS_HIDDEN_LIBDEPS - - -# _LT_LANG_F77_CONFIG([TAG]) -# -------------------------- -# Ensure that the configuration variables for a Fortran 77 compiler are -# suitably defined. These variables are subsequently used by _LT_CONFIG -# to write the compiler configuration to `libtool'. -m4_defun([_LT_LANG_F77_CONFIG], -[AC_LANG_PUSH(Fortran 77) -if test -z "$F77" || test "X$F77" = "Xno"; then - _lt_disable_F77=yes -fi - -_LT_TAGVAR(archive_cmds_need_lc, $1)=no -_LT_TAGVAR(allow_undefined_flag, $1)= -_LT_TAGVAR(always_export_symbols, $1)=no -_LT_TAGVAR(archive_expsym_cmds, $1)= -_LT_TAGVAR(export_dynamic_flag_spec, $1)= -_LT_TAGVAR(hardcode_direct, $1)=no -_LT_TAGVAR(hardcode_direct_absolute, $1)=no -_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_separator, $1)= -_LT_TAGVAR(hardcode_minus_L, $1)=no -_LT_TAGVAR(hardcode_automatic, $1)=no -_LT_TAGVAR(inherit_rpath, $1)=no -_LT_TAGVAR(module_cmds, $1)= -_LT_TAGVAR(module_expsym_cmds, $1)= -_LT_TAGVAR(link_all_deplibs, $1)=unknown -_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds -_LT_TAGVAR(reload_flag, $1)=$reload_flag -_LT_TAGVAR(reload_cmds, $1)=$reload_cmds -_LT_TAGVAR(no_undefined_flag, $1)= -_LT_TAGVAR(whole_archive_flag_spec, $1)= -_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no - -# Source file extension for f77 test sources. -ac_ext=f - -# Object file extension for compiled f77 test sources. -objext=o -_LT_TAGVAR(objext, $1)=$objext - -# No sense in running all these tests if we already determined that -# the F77 compiler isn't working. Some variables (like enable_shared) -# are currently assumed to apply to all compilers on this platform, -# and will be corrupted by setting them based on a non-working compiler. -if test "$_lt_disable_F77" != yes; then - # Code to be used in simple compile tests - lt_simple_compile_test_code="\ - subroutine t - return - end -" - - # Code to be used in simple link tests - lt_simple_link_test_code="\ - program t - end -" - - # ltmain only uses $CC for tagged configurations so make sure $CC is set. - _LT_TAG_COMPILER - - # save warnings/boilerplate of simple test code - _LT_COMPILER_BOILERPLATE - _LT_LINKER_BOILERPLATE - - # Allow CC to be a program name with arguments. - lt_save_CC="$CC" - lt_save_GCC=$GCC - lt_save_CFLAGS=$CFLAGS - CC=${F77-"f77"} - CFLAGS=$FFLAGS - compiler=$CC - _LT_TAGVAR(compiler, $1)=$CC - _LT_CC_BASENAME([$compiler]) - GCC=$G77 - if test -n "$compiler"; then - AC_MSG_CHECKING([if libtool supports shared libraries]) - AC_MSG_RESULT([$can_build_shared]) - - AC_MSG_CHECKING([whether to build shared libraries]) - test "$can_build_shared" = "no" && enable_shared=no - - # On AIX, shared libraries and static libraries use the same namespace, and - # are all built from PIC. - case $host_os in - aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; - aix[[4-9]]*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; - esac - AC_MSG_RESULT([$enable_shared]) - - AC_MSG_CHECKING([whether to build static libraries]) - # Make sure either enable_shared or enable_static is yes. - test "$enable_shared" = yes || enable_static=yes - AC_MSG_RESULT([$enable_static]) - - _LT_TAGVAR(GCC, $1)="$G77" - _LT_TAGVAR(LD, $1)="$LD" - - ## CAVEAT EMPTOR: - ## There is no encapsulation within the following macros, do not change - ## the running order or otherwise move them around unless you know exactly - ## what you are doing... - _LT_COMPILER_PIC($1) - _LT_COMPILER_C_O($1) - _LT_COMPILER_FILE_LOCKS($1) - _LT_LINKER_SHLIBS($1) - _LT_SYS_DYNAMIC_LINKER($1) - _LT_LINKER_HARDCODE_LIBPATH($1) - - _LT_CONFIG($1) - fi # test -n "$compiler" - - GCC=$lt_save_GCC - CC="$lt_save_CC" - CFLAGS="$lt_save_CFLAGS" -fi # test "$_lt_disable_F77" != yes - -AC_LANG_POP -])# _LT_LANG_F77_CONFIG - - -# _LT_LANG_FC_CONFIG([TAG]) -# ------------------------- -# Ensure that the configuration variables for a Fortran compiler are -# suitably defined. These variables are subsequently used by _LT_CONFIG -# to write the compiler configuration to `libtool'. -m4_defun([_LT_LANG_FC_CONFIG], -[AC_LANG_PUSH(Fortran) - -if test -z "$FC" || test "X$FC" = "Xno"; then - _lt_disable_FC=yes -fi - -_LT_TAGVAR(archive_cmds_need_lc, $1)=no -_LT_TAGVAR(allow_undefined_flag, $1)= -_LT_TAGVAR(always_export_symbols, $1)=no -_LT_TAGVAR(archive_expsym_cmds, $1)= -_LT_TAGVAR(export_dynamic_flag_spec, $1)= -_LT_TAGVAR(hardcode_direct, $1)=no -_LT_TAGVAR(hardcode_direct_absolute, $1)=no -_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_separator, $1)= -_LT_TAGVAR(hardcode_minus_L, $1)=no -_LT_TAGVAR(hardcode_automatic, $1)=no -_LT_TAGVAR(inherit_rpath, $1)=no -_LT_TAGVAR(module_cmds, $1)= -_LT_TAGVAR(module_expsym_cmds, $1)= -_LT_TAGVAR(link_all_deplibs, $1)=unknown -_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds -_LT_TAGVAR(reload_flag, $1)=$reload_flag -_LT_TAGVAR(reload_cmds, $1)=$reload_cmds -_LT_TAGVAR(no_undefined_flag, $1)= -_LT_TAGVAR(whole_archive_flag_spec, $1)= -_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no - -# Source file extension for fc test sources. -ac_ext=${ac_fc_srcext-f} - -# Object file extension for compiled fc test sources. -objext=o -_LT_TAGVAR(objext, $1)=$objext - -# No sense in running all these tests if we already determined that -# the FC compiler isn't working. Some variables (like enable_shared) -# are currently assumed to apply to all compilers on this platform, -# and will be corrupted by setting them based on a non-working compiler. -if test "$_lt_disable_FC" != yes; then - # Code to be used in simple compile tests - lt_simple_compile_test_code="\ - subroutine t - return - end -" - - # Code to be used in simple link tests - lt_simple_link_test_code="\ - program t - end -" - - # ltmain only uses $CC for tagged configurations so make sure $CC is set. - _LT_TAG_COMPILER - - # save warnings/boilerplate of simple test code - _LT_COMPILER_BOILERPLATE - _LT_LINKER_BOILERPLATE - - # Allow CC to be a program name with arguments. - lt_save_CC="$CC" - lt_save_GCC=$GCC - lt_save_CFLAGS=$CFLAGS - CC=${FC-"f95"} - CFLAGS=$FCFLAGS - compiler=$CC - GCC=$ac_cv_fc_compiler_gnu - - _LT_TAGVAR(compiler, $1)=$CC - _LT_CC_BASENAME([$compiler]) - - if test -n "$compiler"; then - AC_MSG_CHECKING([if libtool supports shared libraries]) - AC_MSG_RESULT([$can_build_shared]) - - AC_MSG_CHECKING([whether to build shared libraries]) - test "$can_build_shared" = "no" && enable_shared=no - - # On AIX, shared libraries and static libraries use the same namespace, and - # are all built from PIC. - case $host_os in - aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; - aix[[4-9]]*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; - esac - AC_MSG_RESULT([$enable_shared]) - - AC_MSG_CHECKING([whether to build static libraries]) - # Make sure either enable_shared or enable_static is yes. - test "$enable_shared" = yes || enable_static=yes - AC_MSG_RESULT([$enable_static]) - - _LT_TAGVAR(GCC, $1)="$ac_cv_fc_compiler_gnu" - _LT_TAGVAR(LD, $1)="$LD" - - ## CAVEAT EMPTOR: - ## There is no encapsulation within the following macros, do not change - ## the running order or otherwise move them around unless you know exactly - ## what you are doing... - _LT_SYS_HIDDEN_LIBDEPS($1) - _LT_COMPILER_PIC($1) - _LT_COMPILER_C_O($1) - _LT_COMPILER_FILE_LOCKS($1) - _LT_LINKER_SHLIBS($1) - _LT_SYS_DYNAMIC_LINKER($1) - _LT_LINKER_HARDCODE_LIBPATH($1) - - _LT_CONFIG($1) - fi # test -n "$compiler" - - GCC=$lt_save_GCC - CC=$lt_save_CC - CFLAGS=$lt_save_CFLAGS -fi # test "$_lt_disable_FC" != yes - -AC_LANG_POP -])# _LT_LANG_FC_CONFIG - - -# _LT_LANG_GCJ_CONFIG([TAG]) -# -------------------------- -# Ensure that the configuration variables for the GNU Java Compiler compiler -# are suitably defined. These variables are subsequently used by _LT_CONFIG -# to write the compiler configuration to `libtool'. -m4_defun([_LT_LANG_GCJ_CONFIG], -[AC_REQUIRE([LT_PROG_GCJ])dnl -AC_LANG_SAVE - -# Source file extension for Java test sources. -ac_ext=java - -# Object file extension for compiled Java test sources. -objext=o -_LT_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="class foo {}" - -# Code to be used in simple link tests -lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. -_LT_TAG_COMPILER - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -# Allow CC to be a program name with arguments. -lt_save_CC=$CC -lt_save_CFLAGS=$CFLAGS -lt_save_GCC=$GCC -GCC=yes -CC=${GCJ-"gcj"} -CFLAGS=$GCJFLAGS -compiler=$CC -_LT_TAGVAR(compiler, $1)=$CC -_LT_TAGVAR(LD, $1)="$LD" -_LT_CC_BASENAME([$compiler]) - -# GCJ did not exist at the time GCC didn't implicitly link libc in. -_LT_TAGVAR(archive_cmds_need_lc, $1)=no - -_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds -_LT_TAGVAR(reload_flag, $1)=$reload_flag -_LT_TAGVAR(reload_cmds, $1)=$reload_cmds - -if test -n "$compiler"; then - _LT_COMPILER_NO_RTTI($1) - _LT_COMPILER_PIC($1) - _LT_COMPILER_C_O($1) - _LT_COMPILER_FILE_LOCKS($1) - _LT_LINKER_SHLIBS($1) - _LT_LINKER_HARDCODE_LIBPATH($1) - - _LT_CONFIG($1) -fi - -AC_LANG_RESTORE - -GCC=$lt_save_GCC -CC=$lt_save_CC -CFLAGS=$lt_save_CFLAGS -])# _LT_LANG_GCJ_CONFIG - - -# _LT_LANG_GO_CONFIG([TAG]) -# -------------------------- -# Ensure that the configuration variables for the GNU Go compiler -# are suitably defined. These variables are subsequently used by _LT_CONFIG -# to write the compiler configuration to `libtool'. -m4_defun([_LT_LANG_GO_CONFIG], -[AC_REQUIRE([LT_PROG_GO])dnl -AC_LANG_SAVE - -# Source file extension for Go test sources. -ac_ext=go - -# Object file extension for compiled Go test sources. -objext=o -_LT_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="package main; func main() { }" - -# Code to be used in simple link tests -lt_simple_link_test_code='package main; func main() { }' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. -_LT_TAG_COMPILER - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -# Allow CC to be a program name with arguments. -lt_save_CC=$CC -lt_save_CFLAGS=$CFLAGS -lt_save_GCC=$GCC -GCC=yes -CC=${GOC-"gccgo"} -CFLAGS=$GOFLAGS -compiler=$CC -_LT_TAGVAR(compiler, $1)=$CC -_LT_TAGVAR(LD, $1)="$LD" -_LT_CC_BASENAME([$compiler]) - -# Go did not exist at the time GCC didn't implicitly link libc in. -_LT_TAGVAR(archive_cmds_need_lc, $1)=no - -_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds -_LT_TAGVAR(reload_flag, $1)=$reload_flag -_LT_TAGVAR(reload_cmds, $1)=$reload_cmds - -if test -n "$compiler"; then - _LT_COMPILER_NO_RTTI($1) - _LT_COMPILER_PIC($1) - _LT_COMPILER_C_O($1) - _LT_COMPILER_FILE_LOCKS($1) - _LT_LINKER_SHLIBS($1) - _LT_LINKER_HARDCODE_LIBPATH($1) - - _LT_CONFIG($1) -fi - -AC_LANG_RESTORE - -GCC=$lt_save_GCC -CC=$lt_save_CC -CFLAGS=$lt_save_CFLAGS -])# _LT_LANG_GO_CONFIG - - -# _LT_LANG_RC_CONFIG([TAG]) -# ------------------------- -# Ensure that the configuration variables for the Windows resource compiler -# are suitably defined. These variables are subsequently used by _LT_CONFIG -# to write the compiler configuration to `libtool'. -m4_defun([_LT_LANG_RC_CONFIG], -[AC_REQUIRE([LT_PROG_RC])dnl -AC_LANG_SAVE - -# Source file extension for RC test sources. -ac_ext=rc - -# Object file extension for compiled RC test sources. -objext=o -_LT_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }' - -# Code to be used in simple link tests -lt_simple_link_test_code="$lt_simple_compile_test_code" - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. -_LT_TAG_COMPILER - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -# Allow CC to be a program name with arguments. -lt_save_CC="$CC" -lt_save_CFLAGS=$CFLAGS -lt_save_GCC=$GCC -GCC= -CC=${RC-"windres"} -CFLAGS= -compiler=$CC -_LT_TAGVAR(compiler, $1)=$CC -_LT_CC_BASENAME([$compiler]) -_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes - -if test -n "$compiler"; then - : - _LT_CONFIG($1) -fi - -GCC=$lt_save_GCC -AC_LANG_RESTORE -CC=$lt_save_CC -CFLAGS=$lt_save_CFLAGS -])# _LT_LANG_RC_CONFIG - - -# LT_PROG_GCJ -# ----------- -AC_DEFUN([LT_PROG_GCJ], -[m4_ifdef([AC_PROG_GCJ], [AC_PROG_GCJ], - [m4_ifdef([A][M_PROG_GCJ], [A][M_PROG_GCJ], - [AC_CHECK_TOOL(GCJ, gcj,) - test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2" - AC_SUBST(GCJFLAGS)])])[]dnl -]) - -# Old name: -AU_ALIAS([LT_AC_PROG_GCJ], [LT_PROG_GCJ]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([LT_AC_PROG_GCJ], []) - - -# LT_PROG_GO -# ---------- -AC_DEFUN([LT_PROG_GO], -[AC_CHECK_TOOL(GOC, gccgo,) -]) - - -# LT_PROG_RC -# ---------- -AC_DEFUN([LT_PROG_RC], -[AC_CHECK_TOOL(RC, windres,) -]) - -# Old name: -AU_ALIAS([LT_AC_PROG_RC], [LT_PROG_RC]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([LT_AC_PROG_RC], []) - - -# _LT_DECL_EGREP -# -------------- -# If we don't have a new enough Autoconf to choose the best grep -# available, choose the one first in the user's PATH. -m4_defun([_LT_DECL_EGREP], -[AC_REQUIRE([AC_PROG_EGREP])dnl -AC_REQUIRE([AC_PROG_FGREP])dnl -test -z "$GREP" && GREP=grep -_LT_DECL([], [GREP], [1], [A grep program that handles long lines]) -_LT_DECL([], [EGREP], [1], [An ERE matcher]) -_LT_DECL([], [FGREP], [1], [A literal string matcher]) -dnl Non-bleeding-edge autoconf doesn't subst GREP, so do it here too -AC_SUBST([GREP]) -]) - - -# _LT_DECL_OBJDUMP -# -------------- -# If we don't have a new enough Autoconf to choose the best objdump -# available, choose the one first in the user's PATH. -m4_defun([_LT_DECL_OBJDUMP], -[AC_CHECK_TOOL(OBJDUMP, objdump, false) -test -z "$OBJDUMP" && OBJDUMP=objdump -_LT_DECL([], [OBJDUMP], [1], [An object symbol dumper]) -AC_SUBST([OBJDUMP]) -]) - -# _LT_DECL_DLLTOOL -# ---------------- -# Ensure DLLTOOL variable is set. -m4_defun([_LT_DECL_DLLTOOL], -[AC_CHECK_TOOL(DLLTOOL, dlltool, false) -test -z "$DLLTOOL" && DLLTOOL=dlltool -_LT_DECL([], [DLLTOOL], [1], [DLL creation program]) -AC_SUBST([DLLTOOL]) -]) - -# _LT_DECL_SED -# ------------ -# Check for a fully-functional sed program, that truncates -# as few characters as possible. Prefer GNU sed if found. -m4_defun([_LT_DECL_SED], -[AC_PROG_SED -test -z "$SED" && SED=sed -Xsed="$SED -e 1s/^X//" -_LT_DECL([], [SED], [1], [A sed program that does not truncate output]) -_LT_DECL([], [Xsed], ["\$SED -e 1s/^X//"], - [Sed that helps us avoid accidentally triggering echo(1) options like -n]) -])# _LT_DECL_SED - -m4_ifndef([AC_PROG_SED], [ -# NOTE: This macro has been submitted for inclusion into # -# GNU Autoconf as AC_PROG_SED. When it is available in # -# a released version of Autoconf we should remove this # -# macro and use it instead. # - -m4_defun([AC_PROG_SED], -[AC_MSG_CHECKING([for a sed that does not truncate output]) -AC_CACHE_VAL(lt_cv_path_SED, -[# Loop through the user's path and test for sed and gsed. -# Then use that list of sed's as ones to test for truncation. -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for lt_ac_prog in sed gsed; do - for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then - lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" - fi - done - done -done -IFS=$as_save_IFS -lt_ac_max=0 -lt_ac_count=0 -# Add /usr/xpg4/bin/sed as it is typically found on Solaris -# along with /bin/sed that truncates output. -for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do - test ! -f $lt_ac_sed && continue - cat /dev/null > conftest.in - lt_ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >conftest.in - # Check for GNU sed and select it if it is found. - if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then - lt_cv_path_SED=$lt_ac_sed - break - fi - while true; do - cat conftest.in conftest.in >conftest.tmp - mv conftest.tmp conftest.in - cp conftest.in conftest.nl - echo >>conftest.nl - $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break - cmp -s conftest.out conftest.nl || break - # 10000 chars as input seems more than enough - test $lt_ac_count -gt 10 && break - lt_ac_count=`expr $lt_ac_count + 1` - if test $lt_ac_count -gt $lt_ac_max; then - lt_ac_max=$lt_ac_count - lt_cv_path_SED=$lt_ac_sed - fi - done -done -]) -SED=$lt_cv_path_SED -AC_SUBST([SED]) -AC_MSG_RESULT([$SED]) -])#AC_PROG_SED -])#m4_ifndef - -# Old name: -AU_ALIAS([LT_AC_PROG_SED], [AC_PROG_SED]) -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([LT_AC_PROG_SED], []) - - -# _LT_CHECK_SHELL_FEATURES -# ------------------------ -# Find out whether the shell is Bourne or XSI compatible, -# or has some other useful features. -m4_defun([_LT_CHECK_SHELL_FEATURES], -[AC_MSG_CHECKING([whether the shell understands some XSI constructs]) -# Try some XSI features -xsi_shell=no -( _lt_dummy="a/b/c" - test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \ - = c,a/b,b/c, \ - && eval 'test $(( 1 + 1 )) -eq 2 \ - && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ - && xsi_shell=yes -AC_MSG_RESULT([$xsi_shell]) -_LT_CONFIG_LIBTOOL_INIT([xsi_shell='$xsi_shell']) - -AC_MSG_CHECKING([whether the shell understands "+="]) -lt_shell_append=no -( foo=bar; set foo baz; eval "$[1]+=\$[2]" && test "$foo" = barbaz ) \ - >/dev/null 2>&1 \ - && lt_shell_append=yes -AC_MSG_RESULT([$lt_shell_append]) -_LT_CONFIG_LIBTOOL_INIT([lt_shell_append='$lt_shell_append']) - -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - lt_unset=unset -else - lt_unset=false -fi -_LT_DECL([], [lt_unset], [0], [whether the shell understands "unset"])dnl - -# test EBCDIC or ASCII -case `echo X|tr X '\101'` in - A) # ASCII based system - # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr - lt_SP2NL='tr \040 \012' - lt_NL2SP='tr \015\012 \040\040' - ;; - *) # EBCDIC based system - lt_SP2NL='tr \100 \n' - lt_NL2SP='tr \r\n \100\100' - ;; -esac -_LT_DECL([SP2NL], [lt_SP2NL], [1], [turn spaces into newlines])dnl -_LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl -])# _LT_CHECK_SHELL_FEATURES - - -# _LT_PROG_FUNCTION_REPLACE (FUNCNAME, REPLACEMENT-BODY) -# ------------------------------------------------------ -# In `$cfgfile', look for function FUNCNAME delimited by `^FUNCNAME ()$' and -# '^} FUNCNAME ', and replace its body with REPLACEMENT-BODY. -m4_defun([_LT_PROG_FUNCTION_REPLACE], -[dnl { -sed -e '/^$1 ()$/,/^} # $1 /c\ -$1 ()\ -{\ -m4_bpatsubsts([$2], [$], [\\], [^\([ ]\)], [\\\1]) -} # Extended-shell $1 implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: -]) - - -# _LT_PROG_REPLACE_SHELLFNS -# ------------------------- -# Replace existing portable implementations of several shell functions with -# equivalent extended shell implementations where those features are available.. -m4_defun([_LT_PROG_REPLACE_SHELLFNS], -[if test x"$xsi_shell" = xyes; then - _LT_PROG_FUNCTION_REPLACE([func_dirname], [dnl - case ${1} in - */*) func_dirname_result="${1%/*}${2}" ;; - * ) func_dirname_result="${3}" ;; - esac]) - - _LT_PROG_FUNCTION_REPLACE([func_basename], [dnl - func_basename_result="${1##*/}"]) - - _LT_PROG_FUNCTION_REPLACE([func_dirname_and_basename], [dnl - case ${1} in - */*) func_dirname_result="${1%/*}${2}" ;; - * ) func_dirname_result="${3}" ;; - esac - func_basename_result="${1##*/}"]) - - _LT_PROG_FUNCTION_REPLACE([func_stripname], [dnl - # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are - # positional parameters, so assign one to ordinary parameter first. - func_stripname_result=${3} - func_stripname_result=${func_stripname_result#"${1}"} - func_stripname_result=${func_stripname_result%"${2}"}]) - - _LT_PROG_FUNCTION_REPLACE([func_split_long_opt], [dnl - func_split_long_opt_name=${1%%=*} - func_split_long_opt_arg=${1#*=}]) - - _LT_PROG_FUNCTION_REPLACE([func_split_short_opt], [dnl - func_split_short_opt_arg=${1#??} - func_split_short_opt_name=${1%"$func_split_short_opt_arg"}]) - - _LT_PROG_FUNCTION_REPLACE([func_lo2o], [dnl - case ${1} in - *.lo) func_lo2o_result=${1%.lo}.${objext} ;; - *) func_lo2o_result=${1} ;; - esac]) - - _LT_PROG_FUNCTION_REPLACE([func_xform], [ func_xform_result=${1%.*}.lo]) - - _LT_PROG_FUNCTION_REPLACE([func_arith], [ func_arith_result=$(( $[*] ))]) - - _LT_PROG_FUNCTION_REPLACE([func_len], [ func_len_result=${#1}]) -fi - -if test x"$lt_shell_append" = xyes; then - _LT_PROG_FUNCTION_REPLACE([func_append], [ eval "${1}+=\\${2}"]) - - _LT_PROG_FUNCTION_REPLACE([func_append_quoted], [dnl - func_quote_for_eval "${2}" -dnl m4 expansion turns \\\\ into \\, and then the shell eval turns that into \ - eval "${1}+=\\\\ \\$func_quote_for_eval_result"]) - - # Save a `func_append' function call where possible by direct use of '+=' - sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") - test 0 -eq $? || _lt_function_replace_fail=: -else - # Save a `func_append' function call even when '+=' is not available - sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") - test 0 -eq $? || _lt_function_replace_fail=: -fi - -if test x"$_lt_function_replace_fail" = x":"; then - AC_MSG_WARN([Unable to substitute extended shell functions in $ofile]) -fi -]) - -# _LT_PATH_CONVERSION_FUNCTIONS -# ----------------------------- -# Determine which file name conversion functions should be used by -# func_to_host_file (and, implicitly, by func_to_host_path). These are needed -# for certain cross-compile configurations and native mingw. -m4_defun([_LT_PATH_CONVERSION_FUNCTIONS], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -AC_REQUIRE([AC_CANONICAL_BUILD])dnl -AC_MSG_CHECKING([how to convert $build file names to $host format]) -AC_CACHE_VAL(lt_cv_to_host_file_cmd, -[case $host in - *-*-mingw* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 - ;; - *-*-cygwin* ) - lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 - ;; - * ) # otherwise, assume *nix - lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 - ;; - esac - ;; - *-*-cygwin* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin - ;; - *-*-cygwin* ) - lt_cv_to_host_file_cmd=func_convert_file_noop - ;; - * ) # otherwise, assume *nix - lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin - ;; - esac - ;; - * ) # unhandled hosts (and "normal" native builds) - lt_cv_to_host_file_cmd=func_convert_file_noop - ;; -esac -]) -to_host_file_cmd=$lt_cv_to_host_file_cmd -AC_MSG_RESULT([$lt_cv_to_host_file_cmd]) -_LT_DECL([to_host_file_cmd], [lt_cv_to_host_file_cmd], - [0], [convert $build file names to $host format])dnl - -AC_MSG_CHECKING([how to convert $build file names to toolchain format]) -AC_CACHE_VAL(lt_cv_to_tool_file_cmd, -[#assume ordinary cross tools, or native build. -lt_cv_to_tool_file_cmd=func_convert_file_noop -case $host in - *-*-mingw* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 - ;; - esac - ;; -esac -]) -to_tool_file_cmd=$lt_cv_to_tool_file_cmd -AC_MSG_RESULT([$lt_cv_to_tool_file_cmd]) -_LT_DECL([to_tool_file_cmd], [lt_cv_to_tool_file_cmd], - [0], [convert $build files to toolchain format])dnl -])# _LT_PATH_CONVERSION_FUNCTIONS - -# Helper functions for option handling. -*- Autoconf -*- -# -# Copyright (C) 2004, 2005, 2007, 2008, 2009 Free Software Foundation, -# Inc. -# Written by Gary V. Vaughan, 2004 -# -# This file is free software; the Free Software Foundation gives -# unlimited permission to copy and/or distribute it, with or without -# modifications, as long as this notice is preserved. - -# serial 7 ltoptions.m4 - -# This is to help aclocal find these macros, as it can't see m4_define. -AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])]) - - -# _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME) -# ------------------------------------------ -m4_define([_LT_MANGLE_OPTION], -[[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])]) - - -# _LT_SET_OPTION(MACRO-NAME, OPTION-NAME) -# --------------------------------------- -# Set option OPTION-NAME for macro MACRO-NAME, and if there is a -# matching handler defined, dispatch to it. Other OPTION-NAMEs are -# saved as a flag. -m4_define([_LT_SET_OPTION], -[m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl -m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]), - _LT_MANGLE_DEFUN([$1], [$2]), - [m4_warning([Unknown $1 option `$2'])])[]dnl -]) - - -# _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET]) -# ------------------------------------------------------------ -# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. -m4_define([_LT_IF_OPTION], -[m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])]) - - -# _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET) -# ------------------------------------------------------- -# Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME -# are set. -m4_define([_LT_UNLESS_OPTIONS], -[m4_foreach([_LT_Option], m4_split(m4_normalize([$2])), - [m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option), - [m4_define([$0_found])])])[]dnl -m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3 -])[]dnl -]) - - -# _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST) -# ---------------------------------------- -# OPTION-LIST is a space-separated list of Libtool options associated -# with MACRO-NAME. If any OPTION has a matching handler declared with -# LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about -# the unknown option and exit. -m4_defun([_LT_SET_OPTIONS], -[# Set options -m4_foreach([_LT_Option], m4_split(m4_normalize([$2])), - [_LT_SET_OPTION([$1], _LT_Option)]) - -m4_if([$1],[LT_INIT],[ - dnl - dnl Simply set some default values (i.e off) if boolean options were not - dnl specified: - _LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no - ]) - _LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no - ]) - dnl - dnl If no reference was made to various pairs of opposing options, then - dnl we run the default mode handler for the pair. For example, if neither - dnl `shared' nor `disable-shared' was passed, we enable building of shared - dnl archives by default: - _LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED]) - _LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC]) - _LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC]) - _LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install], - [_LT_ENABLE_FAST_INSTALL]) - ]) -])# _LT_SET_OPTIONS - - - -# _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME) -# ----------------------------------------- -m4_define([_LT_MANGLE_DEFUN], -[[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])]) - - -# LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE) -# ----------------------------------------------- -m4_define([LT_OPTION_DEFINE], -[m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl -])# LT_OPTION_DEFINE - - -# dlopen -# ------ -LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes -]) - -AU_DEFUN([AC_LIBTOOL_DLOPEN], -[_LT_SET_OPTION([LT_INIT], [dlopen]) -AC_DIAGNOSE([obsolete], -[$0: Remove this warning and the call to _LT_SET_OPTION when you -put the `dlopen' option into LT_INIT's first parameter.]) -]) - -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], []) - - -# win32-dll -# --------- -# Declare package support for building win32 dll's. -LT_OPTION_DEFINE([LT_INIT], [win32-dll], -[enable_win32_dll=yes - -case $host in -*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) - AC_CHECK_TOOL(AS, as, false) - AC_CHECK_TOOL(DLLTOOL, dlltool, false) - AC_CHECK_TOOL(OBJDUMP, objdump, false) - ;; -esac - -test -z "$AS" && AS=as -_LT_DECL([], [AS], [1], [Assembler program])dnl - -test -z "$DLLTOOL" && DLLTOOL=dlltool -_LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl - -test -z "$OBJDUMP" && OBJDUMP=objdump -_LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl -])# win32-dll - -AU_DEFUN([AC_LIBTOOL_WIN32_DLL], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -_LT_SET_OPTION([LT_INIT], [win32-dll]) -AC_DIAGNOSE([obsolete], -[$0: Remove this warning and the call to _LT_SET_OPTION when you -put the `win32-dll' option into LT_INIT's first parameter.]) -]) - -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], []) - - -# _LT_ENABLE_SHARED([DEFAULT]) -# ---------------------------- -# implement the --enable-shared flag, and supports the `shared' and -# `disable-shared' LT_INIT options. -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -m4_define([_LT_ENABLE_SHARED], -[m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl -AC_ARG_ENABLE([shared], - [AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@], - [build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_shared=yes ;; - no) enable_shared=no ;; - *) - enable_shared=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_shared=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_shared=]_LT_ENABLE_SHARED_DEFAULT) - - _LT_DECL([build_libtool_libs], [enable_shared], [0], - [Whether or not to build shared libraries]) -])# _LT_ENABLE_SHARED - -LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])]) -LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])]) - -# Old names: -AC_DEFUN([AC_ENABLE_SHARED], -[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared]) -]) - -AC_DEFUN([AC_DISABLE_SHARED], -[_LT_SET_OPTION([LT_INIT], [disable-shared]) -]) - -AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)]) -AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)]) - -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AM_ENABLE_SHARED], []) -dnl AC_DEFUN([AM_DISABLE_SHARED], []) - - - -# _LT_ENABLE_STATIC([DEFAULT]) -# ---------------------------- -# implement the --enable-static flag, and support the `static' and -# `disable-static' LT_INIT options. -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -m4_define([_LT_ENABLE_STATIC], -[m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl -AC_ARG_ENABLE([static], - [AS_HELP_STRING([--enable-static@<:@=PKGS@:>@], - [build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_static=]_LT_ENABLE_STATIC_DEFAULT) - - _LT_DECL([build_old_libs], [enable_static], [0], - [Whether or not to build static libraries]) -])# _LT_ENABLE_STATIC - -LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])]) -LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])]) - -# Old names: -AC_DEFUN([AC_ENABLE_STATIC], -[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static]) -]) - -AC_DEFUN([AC_DISABLE_STATIC], -[_LT_SET_OPTION([LT_INIT], [disable-static]) -]) - -AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)]) -AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)]) - -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AM_ENABLE_STATIC], []) -dnl AC_DEFUN([AM_DISABLE_STATIC], []) - - - -# _LT_ENABLE_FAST_INSTALL([DEFAULT]) -# ---------------------------------- -# implement the --enable-fast-install flag, and support the `fast-install' -# and `disable-fast-install' LT_INIT options. -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -m4_define([_LT_ENABLE_FAST_INSTALL], -[m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl -AC_ARG_ENABLE([fast-install], - [AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@], - [optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_fast_install=yes ;; - no) enable_fast_install=no ;; - *) - enable_fast_install=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_fast_install=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT) - -_LT_DECL([fast_install], [enable_fast_install], [0], - [Whether or not to optimize for fast installation])dnl -])# _LT_ENABLE_FAST_INSTALL - -LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])]) -LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])]) - -# Old names: -AU_DEFUN([AC_ENABLE_FAST_INSTALL], -[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install]) -AC_DIAGNOSE([obsolete], -[$0: Remove this warning and the call to _LT_SET_OPTION when you put -the `fast-install' option into LT_INIT's first parameter.]) -]) - -AU_DEFUN([AC_DISABLE_FAST_INSTALL], -[_LT_SET_OPTION([LT_INIT], [disable-fast-install]) -AC_DIAGNOSE([obsolete], -[$0: Remove this warning and the call to _LT_SET_OPTION when you put -the `disable-fast-install' option into LT_INIT's first parameter.]) -]) - -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], []) -dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], []) - - -# _LT_WITH_PIC([MODE]) -# -------------------- -# implement the --with-pic flag, and support the `pic-only' and `no-pic' -# LT_INIT options. -# MODE is either `yes' or `no'. If omitted, it defaults to `both'. -m4_define([_LT_WITH_PIC], -[AC_ARG_WITH([pic], - [AS_HELP_STRING([--with-pic@<:@=PKGS@:>@], - [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], - [lt_p=${PACKAGE-default} - case $withval in - yes|no) pic_mode=$withval ;; - *) - pic_mode=default - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for lt_pkg in $withval; do - IFS="$lt_save_ifs" - if test "X$lt_pkg" = "X$lt_p"; then - pic_mode=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [pic_mode=default]) - -test -z "$pic_mode" && pic_mode=m4_default([$1], [default]) - -_LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl -])# _LT_WITH_PIC - -LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])]) -LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])]) - -# Old name: -AU_DEFUN([AC_LIBTOOL_PICMODE], -[_LT_SET_OPTION([LT_INIT], [pic-only]) -AC_DIAGNOSE([obsolete], -[$0: Remove this warning and the call to _LT_SET_OPTION when you -put the `pic-only' option into LT_INIT's first parameter.]) -]) - -dnl aclocal-1.4 backwards compatibility: -dnl AC_DEFUN([AC_LIBTOOL_PICMODE], []) - - -m4_define([_LTDL_MODE], []) -LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive], - [m4_define([_LTDL_MODE], [nonrecursive])]) -LT_OPTION_DEFINE([LTDL_INIT], [recursive], - [m4_define([_LTDL_MODE], [recursive])]) -LT_OPTION_DEFINE([LTDL_INIT], [subproject], - [m4_define([_LTDL_MODE], [subproject])]) - -m4_define([_LTDL_TYPE], []) -LT_OPTION_DEFINE([LTDL_INIT], [installable], - [m4_define([_LTDL_TYPE], [installable])]) -LT_OPTION_DEFINE([LTDL_INIT], [convenience], - [m4_define([_LTDL_TYPE], [convenience])]) - -# ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*- -# -# Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc. -# Written by Gary V. Vaughan, 2004 -# -# This file is free software; the Free Software Foundation gives -# unlimited permission to copy and/or distribute it, with or without -# modifications, as long as this notice is preserved. - -# serial 6 ltsugar.m4 - -# This is to help aclocal find these macros, as it can't see m4_define. -AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])]) - - -# lt_join(SEP, ARG1, [ARG2...]) -# ----------------------------- -# Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their -# associated separator. -# Needed until we can rely on m4_join from Autoconf 2.62, since all earlier -# versions in m4sugar had bugs. -m4_define([lt_join], -[m4_if([$#], [1], [], - [$#], [2], [[$2]], - [m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])]) -m4_define([_lt_join], -[m4_if([$#$2], [2], [], - [m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])]) - - -# lt_car(LIST) -# lt_cdr(LIST) -# ------------ -# Manipulate m4 lists. -# These macros are necessary as long as will still need to support -# Autoconf-2.59 which quotes differently. -m4_define([lt_car], [[$1]]) -m4_define([lt_cdr], -[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])], - [$#], 1, [], - [m4_dquote(m4_shift($@))])]) -m4_define([lt_unquote], $1) - - -# lt_append(MACRO-NAME, STRING, [SEPARATOR]) -# ------------------------------------------ -# Redefine MACRO-NAME to hold its former content plus `SEPARATOR'`STRING'. -# Note that neither SEPARATOR nor STRING are expanded; they are appended -# to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked). -# No SEPARATOR is output if MACRO-NAME was previously undefined (different -# than defined and empty). -# -# This macro is needed until we can rely on Autoconf 2.62, since earlier -# versions of m4sugar mistakenly expanded SEPARATOR but not STRING. -m4_define([lt_append], -[m4_define([$1], - m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])]) - - - -# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...]) -# ---------------------------------------------------------- -# Produce a SEP delimited list of all paired combinations of elements of -# PREFIX-LIST with SUFFIX1 through SUFFIXn. Each element of the list -# has the form PREFIXmINFIXSUFFIXn. -# Needed until we can rely on m4_combine added in Autoconf 2.62. -m4_define([lt_combine], -[m4_if(m4_eval([$# > 3]), [1], - [m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl -[[m4_foreach([_Lt_prefix], [$2], - [m4_foreach([_Lt_suffix], - ]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[, - [_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])]) - - -# lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ]) -# ----------------------------------------------------------------------- -# Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited -# by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ. -m4_define([lt_if_append_uniq], -[m4_ifdef([$1], - [m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1], - [lt_append([$1], [$2], [$3])$4], - [$5])], - [lt_append([$1], [$2], [$3])$4])]) - - -# lt_dict_add(DICT, KEY, VALUE) -# ----------------------------- -m4_define([lt_dict_add], -[m4_define([$1($2)], [$3])]) - - -# lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE) -# -------------------------------------------- -m4_define([lt_dict_add_subkey], -[m4_define([$1($2:$3)], [$4])]) - - -# lt_dict_fetch(DICT, KEY, [SUBKEY]) -# ---------------------------------- -m4_define([lt_dict_fetch], -[m4_ifval([$3], - m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]), - m4_ifdef([$1($2)], [m4_defn([$1($2)])]))]) - - -# lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE]) -# ----------------------------------------------------------------- -m4_define([lt_if_dict_fetch], -[m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4], - [$5], - [$6])]) - - -# lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...]) -# -------------------------------------------------------------- -m4_define([lt_dict_filter], -[m4_if([$5], [], [], - [lt_join(m4_quote(m4_default([$4], [[, ]])), - lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]), - [lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl -]) - -# ltversion.m4 -- version numbers -*- Autoconf -*- -# -# Copyright (C) 2004 Free Software Foundation, Inc. -# Written by Scott James Remnant, 2004 -# -# This file is free software; the Free Software Foundation gives -# unlimited permission to copy and/or distribute it, with or without -# modifications, as long as this notice is preserved. - -# @configure_input@ - -# serial 3337 ltversion.m4 -# This file is part of GNU Libtool - -m4_define([LT_PACKAGE_VERSION], [2.4.2]) -m4_define([LT_PACKAGE_REVISION], [1.3337]) - -AC_DEFUN([LTVERSION_VERSION], -[macro_version='2.4.2' -macro_revision='1.3337' -_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) -_LT_DECL(, macro_revision, 0) -]) - -# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*- -# -# Copyright (C) 2004, 2005, 2007, 2009 Free Software Foundation, Inc. -# Written by Scott James Remnant, 2004. -# -# This file is free software; the Free Software Foundation gives -# unlimited permission to copy and/or distribute it, with or without -# modifications, as long as this notice is preserved. - -# serial 5 lt~obsolete.m4 - -# These exist entirely to fool aclocal when bootstrapping libtool. -# -# In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN) -# which have later been changed to m4_define as they aren't part of the -# exported API, or moved to Autoconf or Automake where they belong. -# -# The trouble is, aclocal is a bit thick. It'll see the old AC_DEFUN -# in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us -# using a macro with the same name in our local m4/libtool.m4 it'll -# pull the old libtool.m4 in (it doesn't see our shiny new m4_define -# and doesn't know about Autoconf macros at all.) -# -# So we provide this file, which has a silly filename so it's always -# included after everything else. This provides aclocal with the -# AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything -# because those macros already exist, or will be overwritten later. -# We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6. -# -# Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here. -# Yes, that means every name once taken will need to remain here until -# we give up compatibility with versions before 1.7, at which point -# we need to keep only those names which we still refer to. - -# This is to help aclocal find these macros, as it can't see m4_define. -AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])]) - -m4_ifndef([AC_LIBTOOL_LINKER_OPTION], [AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])]) -m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP])]) -m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])]) -m4_ifndef([_LT_AC_SHELL_INIT], [AC_DEFUN([_LT_AC_SHELL_INIT])]) -m4_ifndef([_LT_AC_SYS_LIBPATH_AIX], [AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])]) -m4_ifndef([_LT_PROG_LTMAIN], [AC_DEFUN([_LT_PROG_LTMAIN])]) -m4_ifndef([_LT_AC_TAGVAR], [AC_DEFUN([_LT_AC_TAGVAR])]) -m4_ifndef([AC_LTDL_ENABLE_INSTALL], [AC_DEFUN([AC_LTDL_ENABLE_INSTALL])]) -m4_ifndef([AC_LTDL_PREOPEN], [AC_DEFUN([AC_LTDL_PREOPEN])]) -m4_ifndef([_LT_AC_SYS_COMPILER], [AC_DEFUN([_LT_AC_SYS_COMPILER])]) -m4_ifndef([_LT_AC_LOCK], [AC_DEFUN([_LT_AC_LOCK])]) -m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE], [AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])]) -m4_ifndef([_LT_AC_TRY_DLOPEN_SELF], [AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])]) -m4_ifndef([AC_LIBTOOL_PROG_CC_C_O], [AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])]) -m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])]) -m4_ifndef([AC_LIBTOOL_OBJDIR], [AC_DEFUN([AC_LIBTOOL_OBJDIR])]) -m4_ifndef([AC_LTDL_OBJDIR], [AC_DEFUN([AC_LTDL_OBJDIR])]) -m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])]) -m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP], [AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])]) -m4_ifndef([AC_PATH_MAGIC], [AC_DEFUN([AC_PATH_MAGIC])]) -m4_ifndef([AC_PROG_LD_GNU], [AC_DEFUN([AC_PROG_LD_GNU])]) -m4_ifndef([AC_PROG_LD_RELOAD_FLAG], [AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])]) -m4_ifndef([AC_DEPLIBS_CHECK_METHOD], [AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])]) -m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])]) -m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])]) -m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])]) -m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS], [AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])]) -m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP], [AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])]) -m4_ifndef([LT_AC_PROG_EGREP], [AC_DEFUN([LT_AC_PROG_EGREP])]) -m4_ifndef([LT_AC_PROG_SED], [AC_DEFUN([LT_AC_PROG_SED])]) -m4_ifndef([_LT_CC_BASENAME], [AC_DEFUN([_LT_CC_BASENAME])]) -m4_ifndef([_LT_COMPILER_BOILERPLATE], [AC_DEFUN([_LT_COMPILER_BOILERPLATE])]) -m4_ifndef([_LT_LINKER_BOILERPLATE], [AC_DEFUN([_LT_LINKER_BOILERPLATE])]) -m4_ifndef([_AC_PROG_LIBTOOL], [AC_DEFUN([_AC_PROG_LIBTOOL])]) -m4_ifndef([AC_LIBTOOL_SETUP], [AC_DEFUN([AC_LIBTOOL_SETUP])]) -m4_ifndef([_LT_AC_CHECK_DLFCN], [AC_DEFUN([_LT_AC_CHECK_DLFCN])]) -m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER], [AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])]) -m4_ifndef([_LT_AC_TAGCONFIG], [AC_DEFUN([_LT_AC_TAGCONFIG])]) -m4_ifndef([AC_DISABLE_FAST_INSTALL], [AC_DEFUN([AC_DISABLE_FAST_INSTALL])]) -m4_ifndef([_LT_AC_LANG_CXX], [AC_DEFUN([_LT_AC_LANG_CXX])]) -m4_ifndef([_LT_AC_LANG_F77], [AC_DEFUN([_LT_AC_LANG_F77])]) -m4_ifndef([_LT_AC_LANG_GCJ], [AC_DEFUN([_LT_AC_LANG_GCJ])]) -m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])]) -m4_ifndef([_LT_AC_LANG_C_CONFIG], [AC_DEFUN([_LT_AC_LANG_C_CONFIG])]) -m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])]) -m4_ifndef([_LT_AC_LANG_CXX_CONFIG], [AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])]) -m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])]) -m4_ifndef([_LT_AC_LANG_F77_CONFIG], [AC_DEFUN([_LT_AC_LANG_F77_CONFIG])]) -m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])]) -m4_ifndef([_LT_AC_LANG_GCJ_CONFIG], [AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])]) -m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])]) -m4_ifndef([_LT_AC_LANG_RC_CONFIG], [AC_DEFUN([_LT_AC_LANG_RC_CONFIG])]) -m4_ifndef([AC_LIBTOOL_CONFIG], [AC_DEFUN([AC_LIBTOOL_CONFIG])]) -m4_ifndef([_LT_AC_FILE_LTDLL_C], [AC_DEFUN([_LT_AC_FILE_LTDLL_C])]) -m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS], [AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])]) -m4_ifndef([_LT_AC_PROG_CXXCPP], [AC_DEFUN([_LT_AC_PROG_CXXCPP])]) -m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS], [AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])]) -m4_ifndef([_LT_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])]) -m4_ifndef([_LT_PROG_F77], [AC_DEFUN([_LT_PROG_F77])]) -m4_ifndef([_LT_PROG_FC], [AC_DEFUN([_LT_PROG_FC])]) -m4_ifndef([_LT_PROG_CXX], [AC_DEFUN([_LT_PROG_CXX])]) - -# nls.m4 serial 5 (gettext-0.18) -dnl Copyright (C) 1995-2003, 2005-2006, 2008-2013 Free Software Foundation, -dnl Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. -dnl -dnl This file can can be used in projects which are not available under -dnl the GNU General Public License or the GNU Library General Public -dnl License but which still want to provide support for the GNU gettext -dnl functionality. -dnl Please note that the actual code of the GNU gettext library is covered -dnl by the GNU Library General Public License, and the rest of the GNU -dnl gettext package package is covered by the GNU General Public License. -dnl They are *not* in the public domain. - -dnl Authors: -dnl Ulrich Drepper , 1995-2000. -dnl Bruno Haible , 2000-2003. - -AC_PREREQ([2.50]) - -AC_DEFUN([AM_NLS], -[ - AC_MSG_CHECKING([whether NLS is requested]) - dnl Default is enabled NLS - AC_ARG_ENABLE([nls], - [ --disable-nls do not use Native Language Support], - USE_NLS=$enableval, USE_NLS=yes) - AC_MSG_RESULT([$USE_NLS]) - AC_SUBST([USE_NLS]) -]) - -# po.m4 serial 20 (gettext-0.18.2) -dnl Copyright (C) 1995-2013 Free Software Foundation, Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. -dnl -dnl This file can can be used in projects which are not available under -dnl the GNU General Public License or the GNU Library General Public -dnl License but which still want to provide support for the GNU gettext -dnl functionality. -dnl Please note that the actual code of the GNU gettext library is covered -dnl by the GNU Library General Public License, and the rest of the GNU -dnl gettext package package is covered by the GNU General Public License. -dnl They are *not* in the public domain. - -dnl Authors: -dnl Ulrich Drepper , 1995-2000. -dnl Bruno Haible , 2000-2003. - -AC_PREREQ([2.60]) - -dnl Checks for all prerequisites of the po subdirectory. -AC_DEFUN([AM_PO_SUBDIRS], -[ - AC_REQUIRE([AC_PROG_MAKE_SET])dnl - AC_REQUIRE([AC_PROG_INSTALL])dnl - AC_REQUIRE([AC_PROG_MKDIR_P])dnl - AC_REQUIRE([AM_NLS])dnl - - dnl Release version of the gettext macros. This is used to ensure that - dnl the gettext macros and po/Makefile.in.in are in sync. - AC_SUBST([GETTEXT_MACRO_VERSION], [0.18]) - - dnl Perform the following tests also if --disable-nls has been given, - dnl because they are needed for "make dist" to work. - - dnl Search for GNU msgfmt in the PATH. - dnl The first test excludes Solaris msgfmt and early GNU msgfmt versions. - dnl The second test excludes FreeBSD msgfmt. - AM_PATH_PROG_WITH_TEST(MSGFMT, msgfmt, - [$ac_dir/$ac_word --statistics /dev/null >&]AS_MESSAGE_LOG_FD[ 2>&1 && - (if $ac_dir/$ac_word --statistics /dev/null 2>&1 >/dev/null | grep usage >/dev/null; then exit 1; else exit 0; fi)], - :) - AC_PATH_PROG([GMSGFMT], [gmsgfmt], [$MSGFMT]) - - dnl Test whether it is GNU msgfmt >= 0.15. -changequote(,)dnl - case `$MSGFMT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in - '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) MSGFMT_015=: ;; - *) MSGFMT_015=$MSGFMT ;; - esac -changequote([,])dnl - AC_SUBST([MSGFMT_015]) -changequote(,)dnl - case `$GMSGFMT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in - '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) GMSGFMT_015=: ;; - *) GMSGFMT_015=$GMSGFMT ;; - esac -changequote([,])dnl - AC_SUBST([GMSGFMT_015]) - - dnl Search for GNU xgettext 0.12 or newer in the PATH. - dnl The first test excludes Solaris xgettext and early GNU xgettext versions. - dnl The second test excludes FreeBSD xgettext. - AM_PATH_PROG_WITH_TEST(XGETTEXT, xgettext, - [$ac_dir/$ac_word --omit-header --copyright-holder= --msgid-bugs-address= /dev/null >&]AS_MESSAGE_LOG_FD[ 2>&1 && - (if $ac_dir/$ac_word --omit-header --copyright-holder= --msgid-bugs-address= /dev/null 2>&1 >/dev/null | grep usage >/dev/null; then exit 1; else exit 0; fi)], - :) - dnl Remove leftover from FreeBSD xgettext call. - rm -f messages.po - - dnl Test whether it is GNU xgettext >= 0.15. -changequote(,)dnl - case `$XGETTEXT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in - '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) XGETTEXT_015=: ;; - *) XGETTEXT_015=$XGETTEXT ;; - esac -changequote([,])dnl - AC_SUBST([XGETTEXT_015]) - - dnl Search for GNU msgmerge 0.11 or newer in the PATH. - AM_PATH_PROG_WITH_TEST(MSGMERGE, msgmerge, - [$ac_dir/$ac_word --update -q /dev/null /dev/null >&]AS_MESSAGE_LOG_FD[ 2>&1], :) - - dnl Installation directories. - dnl Autoconf >= 2.60 defines localedir. For older versions of autoconf, we - dnl have to define it here, so that it can be used in po/Makefile. - test -n "$localedir" || localedir='${datadir}/locale' - AC_SUBST([localedir]) - - dnl Support for AM_XGETTEXT_OPTION. - test -n "${XGETTEXT_EXTRA_OPTIONS+set}" || XGETTEXT_EXTRA_OPTIONS= - AC_SUBST([XGETTEXT_EXTRA_OPTIONS]) - - AC_CONFIG_COMMANDS([po-directories], [[ - for ac_file in $CONFIG_FILES; do - # Support "outfile[:infile[:infile...]]" - case "$ac_file" in - *:*) ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; - esac - # PO directories have a Makefile.in generated from Makefile.in.in. - case "$ac_file" in */Makefile.in) - # Adjust a relative srcdir. - ac_dir=`echo "$ac_file"|sed 's%/[^/][^/]*$%%'` - ac_dir_suffix=/`echo "$ac_dir"|sed 's%^\./%%'` - ac_dots=`echo "$ac_dir_suffix"|sed 's%/[^/]*%../%g'` - # In autoconf-2.13 it is called $ac_given_srcdir. - # In autoconf-2.50 it is called $srcdir. - test -n "$ac_given_srcdir" || ac_given_srcdir="$srcdir" - case "$ac_given_srcdir" in - .) top_srcdir=`echo $ac_dots|sed 's%/$%%'` ;; - /*) top_srcdir="$ac_given_srcdir" ;; - *) top_srcdir="$ac_dots$ac_given_srcdir" ;; - esac - # Treat a directory as a PO directory if and only if it has a - # POTFILES.in file. This allows packages to have multiple PO - # directories under different names or in different locations. - if test -f "$ac_given_srcdir/$ac_dir/POTFILES.in"; then - rm -f "$ac_dir/POTFILES" - test -n "$as_me" && echo "$as_me: creating $ac_dir/POTFILES" || echo "creating $ac_dir/POTFILES" - gt_tab=`printf '\t'` - cat "$ac_given_srcdir/$ac_dir/POTFILES.in" | sed -e "/^#/d" -e "/^[ ${gt_tab}]*\$/d" -e "s,.*, $top_srcdir/& \\\\," | sed -e "\$s/\(.*\) \\\\/\1/" > "$ac_dir/POTFILES" - POMAKEFILEDEPS="POTFILES.in" - # ALL_LINGUAS, POFILES, UPDATEPOFILES, DUMMYPOFILES, GMOFILES depend - # on $ac_dir but don't depend on user-specified configuration - # parameters. - if test -f "$ac_given_srcdir/$ac_dir/LINGUAS"; then - # The LINGUAS file contains the set of available languages. - if test -n "$OBSOLETE_ALL_LINGUAS"; then - test -n "$as_me" && echo "$as_me: setting ALL_LINGUAS in configure.in is obsolete" || echo "setting ALL_LINGUAS in configure.in is obsolete" - fi - ALL_LINGUAS_=`sed -e "/^#/d" -e "s/#.*//" "$ac_given_srcdir/$ac_dir/LINGUAS"` - # Hide the ALL_LINGUAS assignment from automake < 1.5. - eval 'ALL_LINGUAS''=$ALL_LINGUAS_' - POMAKEFILEDEPS="$POMAKEFILEDEPS LINGUAS" - else - # The set of available languages was given in configure.in. - # Hide the ALL_LINGUAS assignment from automake < 1.5. - eval 'ALL_LINGUAS''=$OBSOLETE_ALL_LINGUAS' - fi - # Compute POFILES - # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).po) - # Compute UPDATEPOFILES - # as $(foreach lang, $(ALL_LINGUAS), $(lang).po-update) - # Compute DUMMYPOFILES - # as $(foreach lang, $(ALL_LINGUAS), $(lang).nop) - # Compute GMOFILES - # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).gmo) - case "$ac_given_srcdir" in - .) srcdirpre= ;; - *) srcdirpre='$(srcdir)/' ;; - esac - POFILES= - UPDATEPOFILES= - DUMMYPOFILES= - GMOFILES= - for lang in $ALL_LINGUAS; do - POFILES="$POFILES $srcdirpre$lang.po" - UPDATEPOFILES="$UPDATEPOFILES $lang.po-update" - DUMMYPOFILES="$DUMMYPOFILES $lang.nop" - GMOFILES="$GMOFILES $srcdirpre$lang.gmo" - done - # CATALOGS depends on both $ac_dir and the user's LINGUAS - # environment variable. - INST_LINGUAS= - if test -n "$ALL_LINGUAS"; then - for presentlang in $ALL_LINGUAS; do - useit=no - if test "%UNSET%" != "$LINGUAS"; then - desiredlanguages="$LINGUAS" - else - desiredlanguages="$ALL_LINGUAS" - fi - for desiredlang in $desiredlanguages; do - # Use the presentlang catalog if desiredlang is - # a. equal to presentlang, or - # b. a variant of presentlang (because in this case, - # presentlang can be used as a fallback for messages - # which are not translated in the desiredlang catalog). - case "$desiredlang" in - "$presentlang"*) useit=yes;; - esac - done - if test $useit = yes; then - INST_LINGUAS="$INST_LINGUAS $presentlang" - fi - done - fi - CATALOGS= - if test -n "$INST_LINGUAS"; then - for lang in $INST_LINGUAS; do - CATALOGS="$CATALOGS $lang.gmo" - done - fi - test -n "$as_me" && echo "$as_me: creating $ac_dir/Makefile" || echo "creating $ac_dir/Makefile" - sed -e "/^POTFILES =/r $ac_dir/POTFILES" -e "/^# Makevars/r $ac_given_srcdir/$ac_dir/Makevars" -e "s|@POFILES@|$POFILES|g" -e "s|@UPDATEPOFILES@|$UPDATEPOFILES|g" -e "s|@DUMMYPOFILES@|$DUMMYPOFILES|g" -e "s|@GMOFILES@|$GMOFILES|g" -e "s|@CATALOGS@|$CATALOGS|g" -e "s|@POMAKEFILEDEPS@|$POMAKEFILEDEPS|g" "$ac_dir/Makefile.in" > "$ac_dir/Makefile" - for f in "$ac_given_srcdir/$ac_dir"/Rules-*; do - if test -f "$f"; then - case "$f" in - *.orig | *.bak | *~) ;; - *) cat "$f" >> "$ac_dir/Makefile" ;; - esac - fi - done - fi - ;; - esac - done]], - [# Capture the value of obsolete ALL_LINGUAS because we need it to compute - # POFILES, UPDATEPOFILES, DUMMYPOFILES, GMOFILES, CATALOGS. But hide it - # from automake < 1.5. - eval 'OBSOLETE_ALL_LINGUAS''="$ALL_LINGUAS"' - # Capture the value of LINGUAS because we need it to compute CATALOGS. - LINGUAS="${LINGUAS-%UNSET%}" - ]) -]) - -dnl Postprocesses a Makefile in a directory containing PO files. -AC_DEFUN([AM_POSTPROCESS_PO_MAKEFILE], -[ - # When this code is run, in config.status, two variables have already been - # set: - # - OBSOLETE_ALL_LINGUAS is the value of LINGUAS set in configure.in, - # - LINGUAS is the value of the environment variable LINGUAS at configure - # time. - -changequote(,)dnl - # Adjust a relative srcdir. - ac_dir=`echo "$ac_file"|sed 's%/[^/][^/]*$%%'` - ac_dir_suffix=/`echo "$ac_dir"|sed 's%^\./%%'` - ac_dots=`echo "$ac_dir_suffix"|sed 's%/[^/]*%../%g'` - # In autoconf-2.13 it is called $ac_given_srcdir. - # In autoconf-2.50 it is called $srcdir. - test -n "$ac_given_srcdir" || ac_given_srcdir="$srcdir" - case "$ac_given_srcdir" in - .) top_srcdir=`echo $ac_dots|sed 's%/$%%'` ;; - /*) top_srcdir="$ac_given_srcdir" ;; - *) top_srcdir="$ac_dots$ac_given_srcdir" ;; - esac - - # Find a way to echo strings without interpreting backslash. - if test "X`(echo '\t') 2>/dev/null`" = 'X\t'; then - gt_echo='echo' - else - if test "X`(printf '%s\n' '\t') 2>/dev/null`" = 'X\t'; then - gt_echo='printf %s\n' - else - echo_func () { - cat < "$ac_file.tmp" - tab=`printf '\t'` - if grep -l '@TCLCATALOGS@' "$ac_file" > /dev/null; then - # Add dependencies that cannot be formulated as a simple suffix rule. - for lang in $ALL_LINGUAS; do - frobbedlang=`echo $lang | sed -e 's/\..*$//' -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'` - cat >> "$ac_file.tmp" < /dev/null; then - # Add dependencies that cannot be formulated as a simple suffix rule. - for lang in $ALL_LINGUAS; do - frobbedlang=`echo $lang | sed -e 's/_/-/g' -e 's/^sr-CS/sr-SP/' -e 's/@latin$/-Latn/' -e 's/@cyrillic$/-Cyrl/' -e 's/^sr-SP$/sr-SP-Latn/' -e 's/^uz-UZ$/uz-UZ-Latn/'` - cat >> "$ac_file.tmp" <> "$ac_file.tmp" <, 1996. - -AC_PREREQ([2.50]) - -# Search path for a program which passes the given test. - -dnl AM_PATH_PROG_WITH_TEST(VARIABLE, PROG-TO-CHECK-FOR, -dnl TEST-PERFORMED-ON-FOUND_PROGRAM [, VALUE-IF-NOT-FOUND [, PATH]]) -AC_DEFUN([AM_PATH_PROG_WITH_TEST], -[ -# Prepare PATH_SEPARATOR. -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - # Determine PATH_SEPARATOR by trying to find /bin/sh in a PATH which - # contains only /bin. Note that ksh looks also at the FPATH variable, - # so we have to set that as well for the test. - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - || PATH_SEPARATOR=';' - } -fi - -# Find out how to test for executable files. Don't use a zero-byte file, -# as systems may use methods other than mode bits to determine executability. -cat >conf$$.file <<_ASEOF -#! /bin/sh -exit 0 -_ASEOF -chmod +x conf$$.file -if test -x conf$$.file >/dev/null 2>&1; then - ac_executable_p="test -x" -else - ac_executable_p="test -f" -fi -rm -f conf$$.file - -# Extract the first word of "$2", so it can be a program name with args. -set dummy $2; ac_word=[$]2 -AC_MSG_CHECKING([for $ac_word]) -AC_CACHE_VAL([ac_cv_path_$1], -[case "[$]$1" in - [[\\/]]* | ?:[[\\/]]*) - ac_cv_path_$1="[$]$1" # Let the user override the test with a path. - ;; - *) - ac_save_IFS="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in ifelse([$5], , $PATH, [$5]); do - IFS="$ac_save_IFS" - test -z "$ac_dir" && ac_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if $ac_executable_p "$ac_dir/$ac_word$ac_exec_ext"; then - echo "$as_me: trying $ac_dir/$ac_word..." >&AS_MESSAGE_LOG_FD - if [$3]; then - ac_cv_path_$1="$ac_dir/$ac_word$ac_exec_ext" - break 2 - fi - fi - done - done - IFS="$ac_save_IFS" -dnl If no 4th arg is given, leave the cache variable unset, -dnl so AC_PATH_PROGS will keep looking. -ifelse([$4], , , [ test -z "[$]ac_cv_path_$1" && ac_cv_path_$1="$4" -])dnl - ;; -esac])dnl -$1="$ac_cv_path_$1" -if test ifelse([$4], , [-n "[$]$1"], ["[$]$1" != "$4"]); then - AC_MSG_RESULT([$][$1]) -else - AC_MSG_RESULT([no]) -fi -AC_SUBST([$1])dnl -]) - -# Copyright (C) 2002-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_AUTOMAKE_VERSION(VERSION) -# ---------------------------- -# Automake X.Y traces this macro to ensure aclocal.m4 has been -# generated from the m4 files accompanying Automake X.Y. -# (This private macro should not be called outside this file.) -AC_DEFUN([AM_AUTOMAKE_VERSION], -[am__api_version='1.13' -dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to -dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.13.3], [], - [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl -]) - -# _AM_AUTOCONF_VERSION(VERSION) -# ----------------------------- -# aclocal traces this macro to find the Autoconf version. -# This is a private macro too. Using m4_define simplifies -# the logic in aclocal, which can simply ignore this definition. -m4_define([_AM_AUTOCONF_VERSION], []) - -# AM_SET_CURRENT_AUTOMAKE_VERSION -# ------------------------------- -# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. -# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. -AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.13.3])dnl -m4_ifndef([AC_AUTOCONF_VERSION], - [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl -_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) - -# AM_AUX_DIR_EXPAND -*- Autoconf -*- - -# Copyright (C) 2001-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets -# $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to -# '$srcdir', '$srcdir/..', or '$srcdir/../..'. -# -# Of course, Automake must honor this variable whenever it calls a -# tool from the auxiliary directory. The problem is that $srcdir (and -# therefore $ac_aux_dir as well) can be either absolute or relative, -# depending on how configure is run. This is pretty annoying, since -# it makes $ac_aux_dir quite unusable in subdirectories: in the top -# source directory, any form will work fine, but in subdirectories a -# relative path needs to be adjusted first. -# -# $ac_aux_dir/missing -# fails when called from a subdirectory if $ac_aux_dir is relative -# $top_srcdir/$ac_aux_dir/missing -# fails if $ac_aux_dir is absolute, -# fails when called from a subdirectory in a VPATH build with -# a relative $ac_aux_dir -# -# The reason of the latter failure is that $top_srcdir and $ac_aux_dir -# are both prefixed by $srcdir. In an in-source build this is usually -# harmless because $srcdir is '.', but things will broke when you -# start a VPATH build or use an absolute $srcdir. -# -# So we could use something similar to $top_srcdir/$ac_aux_dir/missing, -# iff we strip the leading $srcdir from $ac_aux_dir. That would be: -# am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"` -# and then we would define $MISSING as -# MISSING="\${SHELL} $am_aux_dir/missing" -# This will work as long as MISSING is not called from configure, because -# unfortunately $(top_srcdir) has no meaning in configure. -# However there are other variables, like CC, which are often used in -# configure, and could therefore not use this "fixed" $ac_aux_dir. -# -# Another solution, used here, is to always expand $ac_aux_dir to an -# absolute PATH. The drawback is that using absolute paths prevent a -# configured tree to be moved without reconfiguration. - -AC_DEFUN([AM_AUX_DIR_EXPAND], -[dnl Rely on autoconf to set up CDPATH properly. -AC_PREREQ([2.50])dnl -# expand $ac_aux_dir to an absolute path -am_aux_dir=`cd $ac_aux_dir && pwd` -]) - -# AM_CONDITIONAL -*- Autoconf -*- - -# Copyright (C) 1997-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_CONDITIONAL(NAME, SHELL-CONDITION) -# ------------------------------------- -# Define a conditional. -AC_DEFUN([AM_CONDITIONAL], -[AC_PREREQ([2.52])dnl - m4_if([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], - [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl -AC_SUBST([$1_TRUE])dnl -AC_SUBST([$1_FALSE])dnl -_AM_SUBST_NOTMAKE([$1_TRUE])dnl -_AM_SUBST_NOTMAKE([$1_FALSE])dnl -m4_define([_AM_COND_VALUE_$1], [$2])dnl -if $2; then - $1_TRUE= - $1_FALSE='#' -else - $1_TRUE='#' - $1_FALSE= -fi -AC_CONFIG_COMMANDS_PRE( -[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then - AC_MSG_ERROR([[conditional "$1" was never defined. -Usually this means the macro was only invoked conditionally.]]) -fi])]) - -# Copyright (C) 1999-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - - -# There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be -# written in clear, in which case automake, when reading aclocal.m4, -# will think it sees a *use*, and therefore will trigger all it's -# C support machinery. Also note that it means that autoscan, seeing -# CC etc. in the Makefile, will ask for an AC_PROG_CC use... - - -# _AM_DEPENDENCIES(NAME) -# ---------------------- -# See how the compiler implements dependency checking. -# NAME is "CC", "CXX", "OBJC", "OBJCXX", "UPC", or "GJC". -# We try a few techniques and use that to set a single cache variable. -# -# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was -# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular -# dependency, and given that the user is not expected to run this macro, -# just rely on AC_PROG_CC. -AC_DEFUN([_AM_DEPENDENCIES], -[AC_REQUIRE([AM_SET_DEPDIR])dnl -AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl -AC_REQUIRE([AM_MAKE_INCLUDE])dnl -AC_REQUIRE([AM_DEP_TRACK])dnl - -m4_if([$1], [CC], [depcc="$CC" am_compiler_list=], - [$1], [CXX], [depcc="$CXX" am_compiler_list=], - [$1], [OBJC], [depcc="$OBJC" am_compiler_list='gcc3 gcc'], - [$1], [OBJCXX], [depcc="$OBJCXX" am_compiler_list='gcc3 gcc'], - [$1], [UPC], [depcc="$UPC" am_compiler_list=], - [$1], [GCJ], [depcc="$GCJ" am_compiler_list='gcc3 gcc'], - [depcc="$$1" am_compiler_list=]) - -AC_CACHE_CHECK([dependency style of $depcc], - [am_cv_$1_dependencies_compiler_type], -[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then - # We make a subdir and do the tests there. Otherwise we can end up - # making bogus files that we don't know about and never remove. For - # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named 'D' -- because '-MD' means "put the output - # in D". - rm -rf conftest.dir - mkdir conftest.dir - # Copy depcomp to subdir because otherwise we won't find it if we're - # using a relative directory. - cp "$am_depcomp" conftest.dir - cd conftest.dir - # We will build objects and dependencies in a subdirectory because - # it helps to detect inapplicable dependency modes. For instance - # both Tru64's cc and ICC support -MD to output dependencies as a - # side effect of compilation, but ICC will put the dependencies in - # the current directory while Tru64 will put them in the object - # directory. - mkdir sub - - am_cv_$1_dependencies_compiler_type=none - if test "$am_compiler_list" = ""; then - am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` - fi - am__universal=false - m4_case([$1], [CC], - [case " $depcc " in #( - *\ -arch\ *\ -arch\ *) am__universal=true ;; - esac], - [CXX], - [case " $depcc " in #( - *\ -arch\ *\ -arch\ *) am__universal=true ;; - esac]) - - for depmode in $am_compiler_list; do - # Setup a source with many dependencies, because some compilers - # like to wrap large dependency lists on column 80 (with \), and - # we should not choose a depcomp mode which is confused by this. - # - # We need to recreate these files for each test, as the compiler may - # overwrite some of them when testing with obscure command lines. - # This happens at least with the AIX C compiler. - : > sub/conftest.c - for i in 1 2 3 4 5 6; do - echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with - # Solaris 10 /bin/sh. - echo '/* dummy */' > sub/conftst$i.h - done - echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf - - # We check with '-c' and '-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle '-M -o', and we need to detect this. Also, some Intel - # versions had trouble with output in subdirs. - am__obj=sub/conftest.${OBJEXT-o} - am__minus_obj="-o $am__obj" - case $depmode in - gcc) - # This depmode causes a compiler race in universal mode. - test "$am__universal" = false || continue - ;; - nosideeffect) - # After this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested. - if test "x$enable_dependency_tracking" = xyes; then - continue - else - break - fi - ;; - msvc7 | msvc7msys | msvisualcpp | msvcmsys) - # This compiler won't grok '-c -o', but also, the minuso test has - # not run yet. These depmodes are late enough in the game, and - # so weak that their functioning should not be impacted. - am__obj=conftest.${OBJEXT-o} - am__minus_obj= - ;; - none) break ;; - esac - if depmode=$depmode \ - source=sub/conftest.c object=$am__obj \ - depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ - >/dev/null 2>conftest.err && - grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep $am__obj sub/conftest.Po > /dev/null 2>&1 && - ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - # icc doesn't choke on unknown options, it will just issue warnings - # or remarks (even with -Werror). So we grep stderr for any message - # that says an option was ignored or not supported. - # When given -MP, icc 7.0 and 7.1 complain thusly: - # icc: Command line warning: ignoring option '-M'; no argument required - # The diagnosis changed in icc 8.0: - # icc: Command line remark: option '-MP' not supported - if (grep 'ignoring option' conftest.err || - grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else - am_cv_$1_dependencies_compiler_type=$depmode - break - fi - fi - done - - cd .. - rm -rf conftest.dir -else - am_cv_$1_dependencies_compiler_type=none -fi -]) -AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) -AM_CONDITIONAL([am__fastdep$1], [ - test "x$enable_dependency_tracking" != xno \ - && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) -]) - - -# AM_SET_DEPDIR -# ------------- -# Choose a directory name for dependency files. -# This macro is AC_REQUIREd in _AM_DEPENDENCIES. -AC_DEFUN([AM_SET_DEPDIR], -[AC_REQUIRE([AM_SET_LEADING_DOT])dnl -AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl -]) - - -# AM_DEP_TRACK -# ------------ -AC_DEFUN([AM_DEP_TRACK], -[AC_ARG_ENABLE([dependency-tracking], [dnl -AS_HELP_STRING( - [--enable-dependency-tracking], - [do not reject slow dependency extractors]) -AS_HELP_STRING( - [--disable-dependency-tracking], - [speeds up one-time build])]) -if test "x$enable_dependency_tracking" != xno; then - am_depcomp="$ac_aux_dir/depcomp" - AMDEPBACKSLASH='\' - am__nodep='_no' -fi -AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) -AC_SUBST([AMDEPBACKSLASH])dnl -_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl -AC_SUBST([am__nodep])dnl -_AM_SUBST_NOTMAKE([am__nodep])dnl -]) - -# Generate code to set up dependency tracking. -*- Autoconf -*- - -# Copyright (C) 1999-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - - -# _AM_OUTPUT_DEPENDENCY_COMMANDS -# ------------------------------ -AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], -[{ - # Older Autoconf quotes --file arguments for eval, but not when files - # are listed without --file. Let's play safe and only enable the eval - # if we detect the quoting. - case $CONFIG_FILES in - *\'*) eval set x "$CONFIG_FILES" ;; - *) set x $CONFIG_FILES ;; - esac - shift - for mf - do - # Strip MF so we end up with the name of the file. - mf=`echo "$mf" | sed -e 's/:.*$//'` - # Check whether this is an Automake generated Makefile or not. - # We used to match only the files named 'Makefile.in', but - # some people rename them; so instead we look at the file content. - # Grep'ing the first line is not enough: some people post-process - # each Makefile.in and add a new line on top of each file to say so. - # Grep'ing the whole file is not good either: AIX grep has a line - # limit of 2048, but all sed's we know have understand at least 4000. - if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then - dirpart=`AS_DIRNAME("$mf")` - else - continue - fi - # Extract the definition of DEPDIR, am__include, and am__quote - # from the Makefile without running 'make'. - DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` - test -z "$DEPDIR" && continue - am__include=`sed -n 's/^am__include = //p' < "$mf"` - test -z "$am__include" && continue - am__quote=`sed -n 's/^am__quote = //p' < "$mf"` - # Find all dependency output files, they are included files with - # $(DEPDIR) in their names. We invoke sed twice because it is the - # simplest approach to changing $(DEPDIR) to its actual value in the - # expansion. - for file in `sed -n " - s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ - sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do - # Make sure the directory exists. - test -f "$dirpart/$file" && continue - fdir=`AS_DIRNAME(["$file"])` - AS_MKDIR_P([$dirpart/$fdir]) - # echo "creating $dirpart/$file" - echo '# dummy' > "$dirpart/$file" - done - done -} -])# _AM_OUTPUT_DEPENDENCY_COMMANDS - - -# AM_OUTPUT_DEPENDENCY_COMMANDS -# ----------------------------- -# This macro should only be invoked once -- use via AC_REQUIRE. -# -# This code is only required when automatic dependency tracking -# is enabled. FIXME. This creates each '.P' file that we will -# need in order to bootstrap the dependency handling code. -AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], -[AC_CONFIG_COMMANDS([depfiles], - [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], - [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) -]) - -# Do all the work for Automake. -*- Autoconf -*- - -# Copyright (C) 1996-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This macro actually does too much. Some checks are only needed if -# your package does certain things. But this isn't really a big deal. - -# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) -# AM_INIT_AUTOMAKE([OPTIONS]) -# ----------------------------------------------- -# The call with PACKAGE and VERSION arguments is the old style -# call (pre autoconf-2.50), which is being phased out. PACKAGE -# and VERSION should now be passed to AC_INIT and removed from -# the call to AM_INIT_AUTOMAKE. -# We support both call styles for the transition. After -# the next Automake release, Autoconf can make the AC_INIT -# arguments mandatory, and then we can depend on a new Autoconf -# release and drop the old call support. -AC_DEFUN([AM_INIT_AUTOMAKE], -[AC_PREREQ([2.65])dnl -dnl Autoconf wants to disallow AM_ names. We explicitly allow -dnl the ones we care about. -m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl -AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl -AC_REQUIRE([AC_PROG_INSTALL])dnl -if test "`cd $srcdir && pwd`" != "`pwd`"; then - # Use -I$(srcdir) only when $(srcdir) != ., so that make's output - # is not polluted with repeated "-I." - AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl - # test to see if srcdir already configured - if test -f $srcdir/config.status; then - AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) - fi -fi - -# test whether we have cygpath -if test -z "$CYGPATH_W"; then - if (cygpath --version) >/dev/null 2>/dev/null; then - CYGPATH_W='cygpath -w' - else - CYGPATH_W=echo - fi -fi -AC_SUBST([CYGPATH_W]) - -# Define the identity of the package. -dnl Distinguish between old-style and new-style calls. -m4_ifval([$2], -[AC_DIAGNOSE([obsolete], - [$0: two- and three-arguments forms are deprecated.]) -m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl - AC_SUBST([PACKAGE], [$1])dnl - AC_SUBST([VERSION], [$2])], -[_AM_SET_OPTIONS([$1])dnl -dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. -m4_if( - m4_ifdef([AC_PACKAGE_NAME], [ok]):m4_ifdef([AC_PACKAGE_VERSION], [ok]), - [ok:ok],, - [m4_fatal([AC_INIT should be called with package and version arguments])])dnl - AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl - AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl - -_AM_IF_OPTION([no-define],, -[AC_DEFINE_UNQUOTED([PACKAGE], ["$PACKAGE"], [Name of package]) - AC_DEFINE_UNQUOTED([VERSION], ["$VERSION"], [Version number of package])])dnl - -# Some tools Automake needs. -AC_REQUIRE([AM_SANITY_CHECK])dnl -AC_REQUIRE([AC_ARG_PROGRAM])dnl -AM_MISSING_PROG([ACLOCAL], [aclocal-${am__api_version}]) -AM_MISSING_PROG([AUTOCONF], [autoconf]) -AM_MISSING_PROG([AUTOMAKE], [automake-${am__api_version}]) -AM_MISSING_PROG([AUTOHEADER], [autoheader]) -AM_MISSING_PROG([MAKEINFO], [makeinfo]) -AC_REQUIRE([AM_PROG_INSTALL_SH])dnl -AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl -AC_REQUIRE([AC_PROG_MKDIR_P])dnl -# For better backward compatibility. To be removed once Automake 1.9.x -# dies out for good. For more background, see: -# -# -AC_SUBST([mkdir_p], ['$(MKDIR_P)']) -# We need awk for the "check" target. The system "awk" is bad on -# some platforms. -AC_REQUIRE([AC_PROG_AWK])dnl -AC_REQUIRE([AC_PROG_MAKE_SET])dnl -AC_REQUIRE([AM_SET_LEADING_DOT])dnl -_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], - [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], - [_AM_PROG_TAR([v7])])]) -_AM_IF_OPTION([no-dependencies],, -[AC_PROVIDE_IFELSE([AC_PROG_CC], - [_AM_DEPENDENCIES([CC])], - [m4_define([AC_PROG_CC], - m4_defn([AC_PROG_CC])[_AM_DEPENDENCIES([CC])])])dnl -AC_PROVIDE_IFELSE([AC_PROG_CXX], - [_AM_DEPENDENCIES([CXX])], - [m4_define([AC_PROG_CXX], - m4_defn([AC_PROG_CXX])[_AM_DEPENDENCIES([CXX])])])dnl -AC_PROVIDE_IFELSE([AC_PROG_OBJC], - [_AM_DEPENDENCIES([OBJC])], - [m4_define([AC_PROG_OBJC], - m4_defn([AC_PROG_OBJC])[_AM_DEPENDENCIES([OBJC])])])dnl -AC_PROVIDE_IFELSE([AC_PROG_OBJCXX], - [_AM_DEPENDENCIES([OBJCXX])], - [m4_define([AC_PROG_OBJCXX], - m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl -]) -AC_REQUIRE([AM_SILENT_RULES])dnl -dnl The testsuite driver may need to know about EXEEXT, so add the -dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This -dnl macro is hooked onto _AC_COMPILER_EXEEXT early, see below. -AC_CONFIG_COMMANDS_PRE(dnl -[m4_provide_if([_AM_COMPILER_EXEEXT], - [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl -]) - -dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not -dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further -dnl mangled by Autoconf and run in a shell conditional statement. -m4_define([_AC_COMPILER_EXEEXT], -m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) - - -# When config.status generates a header, we must update the stamp-h file. -# This file resides in the same directory as the config header -# that is generated. The stamp files are numbered to have different names. - -# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the -# loop where config.status creates the headers, so we can generate -# our stamp files there. -AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], -[# Compute $1's index in $config_headers. -_am_arg=$1 -_am_stamp_count=1 -for _am_header in $config_headers :; do - case $_am_header in - $_am_arg | $_am_arg:* ) - break ;; - * ) - _am_stamp_count=`expr $_am_stamp_count + 1` ;; - esac -done -echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) - -# Copyright (C) 2001-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_PROG_INSTALL_SH -# ------------------ -# Define $install_sh. -AC_DEFUN([AM_PROG_INSTALL_SH], -[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -if test x"${install_sh}" != xset; then - case $am_aux_dir in - *\ * | *\ *) - install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; - *) - install_sh="\${SHELL} $am_aux_dir/install-sh" - esac -fi -AC_SUBST([install_sh])]) - -# Copyright (C) 2003-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# Check whether the underlying file-system supports filenames -# with a leading dot. For instance MS-DOS doesn't. -AC_DEFUN([AM_SET_LEADING_DOT], -[rm -rf .tst 2>/dev/null -mkdir .tst 2>/dev/null -if test -d .tst; then - am__leading_dot=. -else - am__leading_dot=_ -fi -rmdir .tst 2>/dev/null -AC_SUBST([am__leading_dot])]) - -# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- -# From Jim Meyering - -# Copyright (C) 1996-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_MAINTAINER_MODE([DEFAULT-MODE]) -# ---------------------------------- -# Control maintainer-specific portions of Makefiles. -# Default is to disable them, unless 'enable' is passed literally. -# For symmetry, 'disable' may be passed as well. Anyway, the user -# can override the default with the --enable/--disable switch. -AC_DEFUN([AM_MAINTAINER_MODE], -[m4_case(m4_default([$1], [disable]), - [enable], [m4_define([am_maintainer_other], [disable])], - [disable], [m4_define([am_maintainer_other], [enable])], - [m4_define([am_maintainer_other], [enable]) - m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])]) -AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) - dnl maintainer-mode's default is 'disable' unless 'enable' is passed - AC_ARG_ENABLE([maintainer-mode], - [AS_HELP_STRING([--]am_maintainer_other[-maintainer-mode], - am_maintainer_other[ make rules and dependencies not useful - (and sometimes confusing) to the casual installer])], - [USE_MAINTAINER_MODE=$enableval], - [USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes])) - AC_MSG_RESULT([$USE_MAINTAINER_MODE]) - AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes]) - MAINT=$MAINTAINER_MODE_TRUE - AC_SUBST([MAINT])dnl -] -) - -# Check to see how 'make' treats includes. -*- Autoconf -*- - -# Copyright (C) 2001-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_MAKE_INCLUDE() -# ----------------- -# Check to see how make treats includes. -AC_DEFUN([AM_MAKE_INCLUDE], -[am_make=${MAKE-make} -cat > confinc << 'END' -am__doit: - @echo this is the am__doit target -.PHONY: am__doit -END -# If we don't find an include directive, just comment out the code. -AC_MSG_CHECKING([for style of include used by $am_make]) -am__include="#" -am__quote= -_am_result=none -# First try GNU make style include. -echo "include confinc" > confmf -# Ignore all kinds of additional output from 'make'. -case `$am_make -s -f confmf 2> /dev/null` in #( -*the\ am__doit\ target*) - am__include=include - am__quote= - _am_result=GNU - ;; -esac -# Now try BSD make style include. -if test "$am__include" = "#"; then - echo '.include "confinc"' > confmf - case `$am_make -s -f confmf 2> /dev/null` in #( - *the\ am__doit\ target*) - am__include=.include - am__quote="\"" - _am_result=BSD - ;; - esac -fi -AC_SUBST([am__include]) -AC_SUBST([am__quote]) -AC_MSG_RESULT([$_am_result]) -rm -f confinc confmf -]) - -# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- - -# Copyright (C) 1997-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_MISSING_PROG(NAME, PROGRAM) -# ------------------------------ -AC_DEFUN([AM_MISSING_PROG], -[AC_REQUIRE([AM_MISSING_HAS_RUN]) -$1=${$1-"${am_missing_run}$2"} -AC_SUBST($1)]) - -# AM_MISSING_HAS_RUN -# ------------------ -# Define MISSING if not defined so far and test if it is modern enough. -# If it is, set am_missing_run to use it, otherwise, to nothing. -AC_DEFUN([AM_MISSING_HAS_RUN], -[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -AC_REQUIRE_AUX_FILE([missing])dnl -if test x"${MISSING+set}" != xset; then - case $am_aux_dir in - *\ * | *\ *) - MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; - *) - MISSING="\${SHELL} $am_aux_dir/missing" ;; - esac -fi -# Use eval to expand $SHELL -if eval "$MISSING --is-lightweight"; then - am_missing_run="$MISSING " -else - am_missing_run= - AC_MSG_WARN(['missing' script is too old or missing]) -fi -]) - -# Helper functions for option handling. -*- Autoconf -*- - -# Copyright (C) 2001-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# _AM_MANGLE_OPTION(NAME) -# ----------------------- -AC_DEFUN([_AM_MANGLE_OPTION], -[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) - -# _AM_SET_OPTION(NAME) -# -------------------- -# Set option NAME. Presently that only means defining a flag for this option. -AC_DEFUN([_AM_SET_OPTION], -[m4_define(_AM_MANGLE_OPTION([$1]), [1])]) - -# _AM_SET_OPTIONS(OPTIONS) -# ------------------------ -# OPTIONS is a space-separated list of Automake options. -AC_DEFUN([_AM_SET_OPTIONS], -[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) - -# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) -# ------------------------------------------- -# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. -AC_DEFUN([_AM_IF_OPTION], -[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) - -# Check to make sure that the build environment is sane. -*- Autoconf -*- - -# Copyright (C) 1996-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_SANITY_CHECK -# --------------- -AC_DEFUN([AM_SANITY_CHECK], -[AC_MSG_CHECKING([whether build environment is sane]) -# Reject unsafe characters in $srcdir or the absolute working directory -# name. Accept space and tab only in the latter. -am_lf=' -' -case `pwd` in - *[[\\\"\#\$\&\'\`$am_lf]]*) - AC_MSG_ERROR([unsafe absolute working directory name]);; -esac -case $srcdir in - *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) - AC_MSG_ERROR([unsafe srcdir value: '$srcdir']);; -esac - -# Do 'set' in a subshell so we don't clobber the current shell's -# arguments. Must try -L first in case configure is actually a -# symlink; some systems play weird games with the mod time of symlinks -# (eg FreeBSD returns the mod time of the symlink's containing -# directory). -if ( - am_has_slept=no - for am_try in 1 2; do - echo "timestamp, slept: $am_has_slept" > conftest.file - set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` - if test "$[*]" = "X"; then - # -L didn't work. - set X `ls -t "$srcdir/configure" conftest.file` - fi - if test "$[*]" != "X $srcdir/configure conftest.file" \ - && test "$[*]" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken - alias in your environment]) - fi - if test "$[2]" = conftest.file || test $am_try -eq 2; then - break - fi - # Just in case. - sleep 1 - am_has_slept=yes - done - test "$[2]" = conftest.file - ) -then - # Ok. - : -else - AC_MSG_ERROR([newly created file is older than distributed files! -Check your system clock]) -fi -AC_MSG_RESULT([yes]) -# If we didn't sleep, we still need to ensure time stamps of config.status and -# generated files are strictly newer. -am_sleep_pid= -if grep 'slept: no' conftest.file >/dev/null 2>&1; then - ( sleep 1 ) & - am_sleep_pid=$! -fi -AC_CONFIG_COMMANDS_PRE( - [AC_MSG_CHECKING([that generated files are newer than configure]) - if test -n "$am_sleep_pid"; then - # Hide warnings about reused PIDs. - wait $am_sleep_pid 2>/dev/null - fi - AC_MSG_RESULT([done])]) -rm -f conftest.file -]) - -# Copyright (C) 2009-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_SILENT_RULES([DEFAULT]) -# -------------------------- -# Enable less verbose build rules; with the default set to DEFAULT -# ("yes" being less verbose, "no" or empty being verbose). -AC_DEFUN([AM_SILENT_RULES], -[AC_ARG_ENABLE([silent-rules], [dnl -AS_HELP_STRING( - [--enable-silent-rules], - [less verbose build output (undo: "make V=1")]) -AS_HELP_STRING( - [--disable-silent-rules], - [verbose build output (undo: "make V=0")])dnl -]) -case $enable_silent_rules in @%:@ ((( - yes) AM_DEFAULT_VERBOSITY=0;; - no) AM_DEFAULT_VERBOSITY=1;; - *) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);; -esac -dnl -dnl A few 'make' implementations (e.g., NonStop OS and NextStep) -dnl do not support nested variable expansions. -dnl See automake bug#9928 and bug#10237. -am_make=${MAKE-make} -AC_CACHE_CHECK([whether $am_make supports nested variables], - [am_cv_make_support_nested_variables], - [if AS_ECHO([['TRUE=$(BAR$(V)) -BAR0=false -BAR1=true -V=1 -am__doit: - @$(TRUE) -.PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then - am_cv_make_support_nested_variables=yes -else - am_cv_make_support_nested_variables=no -fi]) -if test $am_cv_make_support_nested_variables = yes; then - dnl Using '$V' instead of '$(V)' breaks IRIX make. - AM_V='$(V)' - AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' -else - AM_V=$AM_DEFAULT_VERBOSITY - AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY -fi -AC_SUBST([AM_V])dnl -AM_SUBST_NOTMAKE([AM_V])dnl -AC_SUBST([AM_DEFAULT_V])dnl -AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl -AC_SUBST([AM_DEFAULT_VERBOSITY])dnl -AM_BACKSLASH='\' -AC_SUBST([AM_BACKSLASH])dnl -_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl -]) - -# Copyright (C) 2001-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_PROG_INSTALL_STRIP -# --------------------- -# One issue with vendor 'install' (even GNU) is that you can't -# specify the program used to strip binaries. This is especially -# annoying in cross-compiling environments, where the build's strip -# is unlikely to handle the host's binaries. -# Fortunately install-sh will honor a STRIPPROG variable, so we -# always use install-sh in "make install-strip", and initialize -# STRIPPROG with the value of the STRIP variable (set by the user). -AC_DEFUN([AM_PROG_INSTALL_STRIP], -[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl -# Installed binaries are usually stripped using 'strip' when the user -# run "make install-strip". However 'strip' might not be the right -# tool to use in cross-compilation environments, therefore Automake -# will honor the 'STRIP' environment variable to overrule this program. -dnl Don't test for $cross_compiling = yes, because it might be 'maybe'. -if test "$cross_compiling" != no; then - AC_CHECK_TOOL([STRIP], [strip], :) -fi -INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" -AC_SUBST([INSTALL_STRIP_PROGRAM])]) - -# Copyright (C) 2006-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# _AM_SUBST_NOTMAKE(VARIABLE) -# --------------------------- -# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. -# This macro is traced by Automake. -AC_DEFUN([_AM_SUBST_NOTMAKE]) - -# AM_SUBST_NOTMAKE(VARIABLE) -# -------------------------- -# Public sister of _AM_SUBST_NOTMAKE. -AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) - -# Check how to create a tarball. -*- Autoconf -*- - -# Copyright (C) 2004-2013 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# _AM_PROG_TAR(FORMAT) -# -------------------- -# Check how to create a tarball in format FORMAT. -# FORMAT should be one of 'v7', 'ustar', or 'pax'. -# -# Substitute a variable $(am__tar) that is a command -# writing to stdout a FORMAT-tarball containing the directory -# $tardir. -# tardir=directory && $(am__tar) > result.tar -# -# Substitute a variable $(am__untar) that extract such -# a tarball read from stdin. -# $(am__untar) < result.tar -# -AC_DEFUN([_AM_PROG_TAR], -[# Always define AMTAR for backward compatibility. Yes, it's still used -# in the wild :-( We should find a proper way to deprecate it ... -AC_SUBST([AMTAR], ['$${TAR-tar}']) - -# We'll loop over all known methods to create a tar archive until one works. -_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' - -m4_if([$1], [v7], - [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'], - - [m4_case([$1], - [ustar], - [# The POSIX 1988 'ustar' format is defined with fixed-size fields. - # There is notably a 21 bits limit for the UID and the GID. In fact, - # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343 - # and bug#13588). - am_max_uid=2097151 # 2^21 - 1 - am_max_gid=$am_max_uid - # The $UID and $GID variables are not portable, so we need to resort - # to the POSIX-mandated id(1) utility. Errors in the 'id' calls - # below are definitely unexpected, so allow the users to see them - # (that is, avoid stderr redirection). - am_uid=`id -u || echo unknown` - am_gid=`id -g || echo unknown` - AC_MSG_CHECKING([whether UID '$am_uid' is supported by ustar format]) - if test $am_uid -le $am_max_uid; then - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([no]) - _am_tools=none - fi - AC_MSG_CHECKING([whether GID '$am_gid' is supported by ustar format]) - if test $am_gid -le $am_max_gid; then - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([no]) - _am_tools=none - fi], - - [pax], - [], - - [m4_fatal([Unknown tar format])]) - - AC_MSG_CHECKING([how to create a $1 tar archive]) - - # Go ahead even if we have the value already cached. We do so because we - # need to set the values for the 'am__tar' and 'am__untar' variables. - _am_tools=${am_cv_prog_tar_$1-$_am_tools} - - for _am_tool in $_am_tools; do - case $_am_tool in - gnutar) - for _am_tar in tar gnutar gtar; do - AM_RUN_LOG([$_am_tar --version]) && break - done - am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' - am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' - am__untar="$_am_tar -xf -" - ;; - plaintar) - # Must skip GNU tar: if it does not support --format= it doesn't create - # ustar tarball either. - (tar --version) >/dev/null 2>&1 && continue - am__tar='tar chf - "$$tardir"' - am__tar_='tar chf - "$tardir"' - am__untar='tar xf -' - ;; - pax) - am__tar='pax -L -x $1 -w "$$tardir"' - am__tar_='pax -L -x $1 -w "$tardir"' - am__untar='pax -r' - ;; - cpio) - am__tar='find "$$tardir" -print | cpio -o -H $1 -L' - am__tar_='find "$tardir" -print | cpio -o -H $1 -L' - am__untar='cpio -i -H $1 -d' - ;; - none) - am__tar=false - am__tar_=false - am__untar=false - ;; - esac - - # If the value was cached, stop now. We just wanted to have am__tar - # and am__untar set. - test -n "${am_cv_prog_tar_$1}" && break - - # tar/untar a dummy directory, and stop if the command works. - rm -rf conftest.dir - mkdir conftest.dir - echo GrepMe > conftest.dir/file - AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) - rm -rf conftest.dir - if test -s conftest.tar; then - AM_RUN_LOG([$am__untar /dev/null 2>&1 && break - fi - done - rm -rf conftest.dir - - AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) - AC_MSG_RESULT([$am_cv_prog_tar_$1])]) - -AC_SUBST([am__tar]) -AC_SUBST([am__untar]) -]) # _AM_PROG_TAR - -m4_include([acinclude.m4]) diff --git a/autogen.sh b/autogen.sh new file mode 100755 index 00000000..336463c9 --- /dev/null +++ b/autogen.sh @@ -0,0 +1,12 @@ +#! /bin/sh + +autoreconf -v -f --install || exit 1 + +./configure \ + CFLAGS="-O2 -Wall" \ + --enable-man \ + --enable-maintainer-mode \ + --disable-shared \ + --without-libpam \ + --with-selinux \ + "$@" diff --git a/config.guess b/config.guess deleted file mode 100755 index 120cc0d2..00000000 --- a/config.guess +++ /dev/null @@ -1,1552 +0,0 @@ -#! /bin/sh -# Attempt to guess a canonical system name. -# Copyright 1992-2013 Free Software Foundation, Inc. - -timestamp='2013-05-16' - -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, see . -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that -# program. This Exception is an additional permission under section 7 -# of the GNU General Public License, version 3 ("GPLv3"). -# -# Originally written by Per Bothner. -# -# You can get the latest version of this script from: -# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD -# -# Please send patches with a ChangeLog entry to config-patches@gnu.org. - - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] - -Output the configuration name of the system \`$me' is run on. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.guess ($timestamp) - -Originally written by Per Bothner. -Copyright 1992-2013 Free Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" >&2 - exit 1 ;; - * ) - break ;; - esac -done - -if test $# != 0; then - echo "$me: too many arguments$help" >&2 - exit 1 -fi - -trap 'exit 1' 1 2 15 - -# CC_FOR_BUILD -- compiler used by this script. Note that the use of a -# compiler to aid in system detection is discouraged as it requires -# temporary files to be created and, as you can see below, it is a -# headache to deal with in a portable fashion. - -# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still -# use `HOST_CC' if defined, but it is deprecated. - -# Portable tmp directory creation inspired by the Autoconf team. - -set_cc_for_build=' -trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; -trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; -: ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || - { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || - { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || - { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; -dummy=$tmp/dummy ; -tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; -case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int x;" > $dummy.c ; - for c in cc gcc c89 c99 ; do - if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then - CC_FOR_BUILD="$c"; break ; - fi ; - done ; - if test x"$CC_FOR_BUILD" = x ; then - CC_FOR_BUILD=no_compiler_found ; - fi - ;; - ,,*) CC_FOR_BUILD=$CC ;; - ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ; set_cc_for_build= ;' - -# This is needed to find uname on a Pyramid OSx when run in the BSD universe. -# (ghazi@noc.rutgers.edu 1994-08-24) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then - PATH=$PATH:/.attbin ; export PATH -fi - -UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown -UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown -UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown - -case "${UNAME_SYSTEM}" in -Linux|GNU|GNU/*) - # If the system lacks a compiler, then just pick glibc. - # We could probably try harder. - LIBC=gnu - - eval $set_cc_for_build - cat <<-EOF > $dummy.c - #include - #if defined(__UCLIBC__) - LIBC=uclibc - #elif defined(__dietlibc__) - LIBC=dietlibc - #else - LIBC=gnu - #endif - EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` - ;; -esac - -# Note: order is significant - the case branches are not exclusive. - -case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in - *:NetBSD:*:*) - # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, - # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently - # switched to ELF, *-*-netbsd* would select the old - # object file format. This provides both forward - # compatibility and a consistent mechanism for selecting the - # object file format. - # - # Note: NetBSD doesn't particularly care about the vendor - # portion of the name. We always set it to "unknown". - sysctl="sysctl -n hw.machine_arch" - UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ - /usr/sbin/$sysctl 2>/dev/null || echo unknown)` - case "${UNAME_MACHINE_ARCH}" in - armeb) machine=armeb-unknown ;; - arm*) machine=arm-unknown ;; - sh3el) machine=shl-unknown ;; - sh3eb) machine=sh-unknown ;; - sh5el) machine=sh5le-unknown ;; - *) machine=${UNAME_MACHINE_ARCH}-unknown ;; - esac - # The Operating System including object format, if it has switched - # to ELF recently, or will in the future. - case "${UNAME_MACHINE_ARCH}" in - arm*|i386|m68k|ns32k|sh3*|sparc|vax) - eval $set_cc_for_build - if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep -q __ELF__ - then - # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). - # Return netbsd for either. FIX? - os=netbsd - else - os=netbsdelf - fi - ;; - *) - os=netbsd - ;; - esac - # The OS release - # Debian GNU/NetBSD machines have a different userland, and - # thus, need a distinct triplet. However, they do not need - # kernel version information, so it can be replaced with a - # suitable tag, in the style of linux-gnu. - case "${UNAME_VERSION}" in - Debian*) - release='-gnu' - ;; - *) - release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` - ;; - esac - # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: - # contains redundant information, the shorter form: - # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "${machine}-${os}${release}" - exit ;; - *:Bitrig:*:*) - UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` - echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE} - exit ;; - *:OpenBSD:*:*) - UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` - echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} - exit ;; - *:ekkoBSD:*:*) - echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} - exit ;; - *:SolidBSD:*:*) - echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} - exit ;; - macppc:MirBSD:*:*) - echo powerpc-unknown-mirbsd${UNAME_RELEASE} - exit ;; - *:MirBSD:*:*) - echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} - exit ;; - alpha:OSF1:*:*) - case $UNAME_RELEASE in - *4.0) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` - ;; - *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` - ;; - esac - # According to Compaq, /usr/sbin/psrinfo has been available on - # OSF/1 and Tru64 systems produced since 1995. I hope that - # covers most systems running today. This code pipes the CPU - # types through head -n 1, so we only detect the type of CPU 0. - ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` - case "$ALPHA_CPU_TYPE" in - "EV4 (21064)") - UNAME_MACHINE="alpha" ;; - "EV4.5 (21064)") - UNAME_MACHINE="alpha" ;; - "LCA4 (21066/21068)") - UNAME_MACHINE="alpha" ;; - "EV5 (21164)") - UNAME_MACHINE="alphaev5" ;; - "EV5.6 (21164A)") - UNAME_MACHINE="alphaev56" ;; - "EV5.6 (21164PC)") - UNAME_MACHINE="alphapca56" ;; - "EV5.7 (21164PC)") - UNAME_MACHINE="alphapca57" ;; - "EV6 (21264)") - UNAME_MACHINE="alphaev6" ;; - "EV6.7 (21264A)") - UNAME_MACHINE="alphaev67" ;; - "EV6.8CB (21264C)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8AL (21264B)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8CX (21264D)") - UNAME_MACHINE="alphaev68" ;; - "EV6.9A (21264/EV69A)") - UNAME_MACHINE="alphaev69" ;; - "EV7 (21364)") - UNAME_MACHINE="alphaev7" ;; - "EV7.9 (21364A)") - UNAME_MACHINE="alphaev79" ;; - esac - # A Pn.n version is a patched version. - # A Vn.n version is a released version. - # A Tn.n version is a released field test version. - # A Xn.n version is an unreleased experimental baselevel. - # 1.2 uses "1.2" for uname -r. - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - # Reset EXIT trap before exiting to avoid spurious non-zero exit code. - exitcode=$? - trap '' 0 - exit $exitcode ;; - Alpha\ *:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # Should we change UNAME_MACHINE based on the output of uname instead - # of the specific Alpha model? - echo alpha-pc-interix - exit ;; - 21064:Windows_NT:50:3) - echo alpha-dec-winnt3.5 - exit ;; - Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit ;; - *:[Aa]miga[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-amigaos - exit ;; - *:[Mm]orph[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-morphos - exit ;; - *:OS/390:*:*) - echo i370-ibm-openedition - exit ;; - *:z/VM:*:*) - echo s390-ibm-zvmoe - exit ;; - *:OS400:*:*) - echo powerpc-ibm-os400 - exit ;; - arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix${UNAME_RELEASE} - exit ;; - arm*:riscos:*:*|arm*:RISCOS:*:*) - echo arm-unknown-riscos - exit ;; - SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit ;; - Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) - # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit ;; - NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit ;; - DRS?6000:unix:4.0:6*) - echo sparc-icl-nx6 - exit ;; - DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) - case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7; exit ;; - esac ;; - s390x:SunOS:*:*) - echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) - echo i386-pc-auroraux${UNAME_RELEASE} - exit ;; - i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) - eval $set_cc_for_build - SUN_ARCH="i386" - # If there is a compiler, see if it is configured for 64-bit objects. - # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. - # This test works for both compilers. - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - SUN_ARCH="x86_64" - fi - fi - echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:6*:*) - # According to config.sub, this is the proper way to canonicalize - # SunOS6. Hard to guess exactly what SunOS6 will be like, but - # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in - Series*|S4*) - UNAME_RELEASE=`uname -v` - ;; - esac - # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` - exit ;; - sun3*:SunOS:*:*) - echo m68k-sun-sunos${UNAME_RELEASE} - exit ;; - sun*:*:4.2BSD:*) - UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` - test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 - case "`/bin/arch`" in - sun3) - echo m68k-sun-sunos${UNAME_RELEASE} - ;; - sun4) - echo sparc-sun-sunos${UNAME_RELEASE} - ;; - esac - exit ;; - aushp:SunOS:*:*) - echo sparc-auspex-sunos${UNAME_RELEASE} - exit ;; - # The situation for MiNT is a little confusing. The machine name - # can be virtually everything (everything which is not - # "atarist" or "atariste" at least should have a processor - # > m68000). The system name ranges from "MiNT" over "FreeMiNT" - # to the lowercase version "mint" (or "freemint"). Finally - # the system name "TOS" denotes a system which is actually not - # MiNT. But MiNT is downward compatible to TOS, so this should - # be no problem. - atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; - hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; - *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; - m68k:machten:*:*) - echo m68k-apple-machten${UNAME_RELEASE} - exit ;; - powerpc:machten:*:*) - echo powerpc-apple-machten${UNAME_RELEASE} - exit ;; - RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit ;; - RISC*:ULTRIX:*:*) - echo mips-dec-ultrix${UNAME_RELEASE} - exit ;; - VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix${UNAME_RELEASE} - exit ;; - 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix${UNAME_RELEASE} - exit ;; - mips:*:*:UMIPS | mips:*:*:RISCos) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c -#ifdef __cplusplus -#include /* for printf() prototype */ - int main (int argc, char *argv[]) { -#else - int main (argc, argv) int argc; char *argv[]; { -#endif - #if defined (host_mips) && defined (MIPSEB) - #if defined (SYSTYPE_SYSV) - printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_SVR4) - printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) - printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); - #endif - #endif - exit (-1); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && - dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && - SYSTEM_NAME=`$dummy $dummyarg` && - { echo "$SYSTEM_NAME"; exit; } - echo mips-mips-riscos${UNAME_RELEASE} - exit ;; - Motorola:PowerMAX_OS:*:*) - echo powerpc-motorola-powermax - exit ;; - Motorola:*:4.3:PL8-*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit ;; - m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit ;; - m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit ;; - m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit ;; - AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] - then - if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ - [ ${TARGET_BINARY_INTERFACE}x = x ] - then - echo m88k-dg-dgux${UNAME_RELEASE} - else - echo m88k-dg-dguxbcs${UNAME_RELEASE} - fi - else - echo i586-dg-dgux${UNAME_RELEASE} - fi - exit ;; - M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit ;; - M88*:*:R3*:*) - # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit ;; - XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit ;; - Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit ;; - *:IRIX*:*:*) - echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` - exit ;; - ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' - i*86:AIX:*:*) - echo i386-ibm-aix - exit ;; - ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} - exit ;; - *:AIX:2:3) - if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - - main() - { - if (!__power_pc()) - exit(1); - puts("powerpc-ibm-aix3.2.5"); - exit(0); - } -EOF - if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` - then - echo "$SYSTEM_NAME" - else - echo rs6000-ibm-aix3.2.5 - fi - elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 - else - echo rs6000-ibm-aix3.2 - fi - exit ;; - *:AIX:*:[4567]) - IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` - if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then - IBM_ARCH=rs6000 - else - IBM_ARCH=powerpc - fi - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${IBM_ARCH}-ibm-aix${IBM_REV} - exit ;; - *:AIX:*:*) - echo rs6000-ibm-aix - exit ;; - ibmrt:4.4BSD:*|romp-ibm:BSD:*) - echo romp-ibm-bsd4.4 - exit ;; - ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to - exit ;; # report: romp-ibm BSD 4.3 - *:BOSX:*:*) - echo rs6000-bull-bosx - exit ;; - DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit ;; - 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit ;; - hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit ;; - 9000/[34678]??:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - case "${UNAME_MACHINE}" in - 9000/31? ) HP_ARCH=m68000 ;; - 9000/[34]?? ) HP_ARCH=m68k ;; - 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then - sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; - '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac - fi - if [ "${HP_ARCH}" = "" ]; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - - #define _HPUX_SOURCE - #include - #include - - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); - - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } -EOF - (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` - test -z "$HP_ARCH" && HP_ARCH=hppa - fi ;; - esac - if [ ${HP_ARCH} = "hppa2.0w" ] - then - eval $set_cc_for_build - - # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating - # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler - # generating 64-bit code. GNU and HP use different nomenclature: - # - # $ CC_FOR_BUILD=cc ./config.guess - # => hppa2.0w-hp-hpux11.23 - # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess - # => hppa64-hp-hpux11.23 - - if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | - grep -q __LP64__ - then - HP_ARCH="hppa2.0w" - else - HP_ARCH="hppa64" - fi - fi - echo ${HP_ARCH}-hp-hpux${HPUX_REV} - exit ;; - ia64:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - echo ia64-hp-hpux${HPUX_REV} - exit ;; - 3050*:HI-UX:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - int - main () - { - long cpu = sysconf (_SC_CPU_VERSION); - /* The order matters, because CPU_IS_HP_MC68K erroneously returns - true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct - results, however. */ - if (CPU_IS_PA_RISC (cpu)) - { - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; - case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; - default: puts ("hppa-hitachi-hiuxwe2"); break; - } - } - else if (CPU_IS_HP_MC68K (cpu)) - puts ("m68k-hitachi-hiuxwe2"); - else puts ("unknown-hitachi-hiuxwe2"); - exit (0); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - echo unknown-hitachi-hiuxwe2 - exit ;; - 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) - echo hppa1.1-hp-bsd - exit ;; - 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit ;; - *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit ;; - hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) - echo hppa1.1-hp-osf - exit ;; - hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit ;; - i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo ${UNAME_MACHINE}-unknown-osf1mk - else - echo ${UNAME_MACHINE}-unknown-osf1 - fi - exit ;; - parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit ;; - C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit ;; - C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit ;; - C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit ;; - C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit ;; - CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*[A-Z]90:*:*:*) - echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ - | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ - -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ - -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*TS:*:*:*) - echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*T3E:*:*:*) - echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*SV1:*:*:*) - echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - *:UNICOS/mp:*:*) - echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) - FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} - exit ;; - sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:BSD/OS:*:*) - echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:FreeBSD:*:*) - UNAME_PROCESSOR=`/usr/bin/uname -p` - case ${UNAME_PROCESSOR} in - amd64) - echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - *) - echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - esac - exit ;; - i*:CYGWIN*:*) - echo ${UNAME_MACHINE}-pc-cygwin - exit ;; - *:MINGW64*:*) - echo ${UNAME_MACHINE}-pc-mingw64 - exit ;; - *:MINGW*:*) - echo ${UNAME_MACHINE}-pc-mingw32 - exit ;; - i*:MSYS*:*) - echo ${UNAME_MACHINE}-pc-msys - exit ;; - i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 - exit ;; - i*:PW*:*) - echo ${UNAME_MACHINE}-pc-pw32 - exit ;; - *:Interix*:*) - case ${UNAME_MACHINE} in - x86) - echo i586-pc-interix${UNAME_RELEASE} - exit ;; - authenticamd | genuineintel | EM64T) - echo x86_64-unknown-interix${UNAME_RELEASE} - exit ;; - IA64) - echo ia64-unknown-interix${UNAME_RELEASE} - exit ;; - esac ;; - [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) - echo i${UNAME_MACHINE}-pc-mks - exit ;; - 8664:Windows_NT:*) - echo x86_64-pc-mks - exit ;; - i*:Windows_NT*:* | Pentium*:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we - # UNAME_MACHINE based on the output of uname instead of i386? - echo i586-pc-interix - exit ;; - i*:UWIN*:*) - echo ${UNAME_MACHINE}-pc-uwin - exit ;; - amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) - echo x86_64-unknown-cygwin - exit ;; - p*:CYGWIN*:*) - echo powerpcle-unknown-cygwin - exit ;; - prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - *:GNU:*:*) - # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` - exit ;; - *:GNU/*:*:*) - # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} - exit ;; - i*86:Minix:*:*) - echo ${UNAME_MACHINE}-pc-minix - exit ;; - aarch64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - aarch64_be:Linux:*:*) - UNAME_MACHINE=aarch64_be - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in - EV5) UNAME_MACHINE=alphaev5 ;; - EV56) UNAME_MACHINE=alphaev56 ;; - PCA56) UNAME_MACHINE=alphapca56 ;; - PCA57) UNAME_MACHINE=alphapca56 ;; - EV6) UNAME_MACHINE=alphaev6 ;; - EV67) UNAME_MACHINE=alphaev67 ;; - EV68*) UNAME_MACHINE=alphaev68 ;; - esac - objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="gnulibc1" ; fi - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - arc:Linux:*:* | arceb:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - arm*:Linux:*:*) - eval $set_cc_for_build - if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep -q __ARM_EABI__ - then - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - else - if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep -q __ARM_PCS_VFP - then - echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi - else - echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf - fi - fi - exit ;; - avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - cris:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-${LIBC} - exit ;; - crisv32:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-${LIBC} - exit ;; - frv:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - hexagon:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - i*86:Linux:*:*) - echo ${UNAME_MACHINE}-pc-linux-${LIBC} - exit ;; - ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - mips:Linux:*:* | mips64:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef ${UNAME_MACHINE} - #undef ${UNAME_MACHINE}el - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=${UNAME_MACHINE}el - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=${UNAME_MACHINE} - #else - CPU= - #endif - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } - ;; - or1k:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - or32:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - padre:Linux:*:*) - echo sparc-unknown-linux-${LIBC} - exit ;; - parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-${LIBC} - exit ;; - parisc:Linux:*:* | hppa:Linux:*:*) - # Look for CPU level - case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-${LIBC} ;; - PA8*) echo hppa2.0-unknown-linux-${LIBC} ;; - *) echo hppa-unknown-linux-${LIBC} ;; - esac - exit ;; - ppc64:Linux:*:*) - echo powerpc64-unknown-linux-${LIBC} - exit ;; - ppc:Linux:*:*) - echo powerpc-unknown-linux-${LIBC} - exit ;; - s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux-${LIBC} - exit ;; - sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - tile*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-${LIBC} - exit ;; - x86_64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} - exit ;; - i*86:DYNIX/ptx:4*:*) - # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. - # earlier versions are messed up and put the nodename in both - # sysname and nodename. - echo i386-sequent-sysv4 - exit ;; - i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, - # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. - echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} - exit ;; - i*86:OS/2:*:*) - # If we were able to find `uname', then EMX Unix compatibility - # is probably installed. - echo ${UNAME_MACHINE}-pc-os2-emx - exit ;; - i*86:XTS-300:*:STOP) - echo ${UNAME_MACHINE}-unknown-stop - exit ;; - i*86:atheos:*:*) - echo ${UNAME_MACHINE}-unknown-atheos - exit ;; - i*86:syllable:*:*) - echo ${UNAME_MACHINE}-pc-syllable - exit ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) - echo i386-unknown-lynxos${UNAME_RELEASE} - exit ;; - i*86:*DOS:*:*) - echo ${UNAME_MACHINE}-pc-msdosdjgpp - exit ;; - i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) - UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` - if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} - else - echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} - fi - exit ;; - i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. - case `/bin/uname -X | grep "^Machine"` in - *486*) UNAME_MACHINE=i486 ;; - *Pentium) UNAME_MACHINE=i586 ;; - *Pent*|*Celeron) UNAME_MACHINE=i686 ;; - esac - echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} - exit ;; - i*86:*:3.2:*) - if test -f /usr/options/cb.name; then - UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then - UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` - (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 - (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ - && UNAME_MACHINE=i586 - (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ - && UNAME_MACHINE=i686 - (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ - && UNAME_MACHINE=i686 - echo ${UNAME_MACHINE}-pc-sco$UNAME_REL - else - echo ${UNAME_MACHINE}-pc-sysv32 - fi - exit ;; - pc:*:*:*) - # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i586. - # Note: whatever this is, it MUST be the same as what config.sub - # prints for the "djgpp" host, or else GDB configury will decide that - # this is a cross-build. - echo i586-pc-msdosdjgpp - exit ;; - Intel:Mach:3*:*) - echo i386-pc-mach3 - exit ;; - paragon:*:*:*) - echo i860-intel-osf1 - exit ;; - i860:*:4.*:*) # i860-SVR4 - if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 - else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 - fi - exit ;; - mini*:CTIX:SYS*5:*) - # "miniframe" - echo m68010-convergent-sysv - exit ;; - mc68k:UNIX:SYSTEM5:3.51m) - echo m68k-convergent-sysv - exit ;; - M680?0:D-NIX:5.3:*) - echo m68k-diab-dnix - exit ;; - M68*:*:R3V[5678]*:*) - test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; - 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) - OS_REL='' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; - 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; - NCR*:*:4.2:* | MPRAS*:*:4.2:*) - OS_REL='.3' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; - m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) - echo m68k-unknown-lynxos${UNAME_RELEASE} - exit ;; - mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit ;; - TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos${UNAME_RELEASE} - exit ;; - rs6000:LynxOS:2.*:*) - echo rs6000-unknown-lynxos${UNAME_RELEASE} - exit ;; - PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) - echo powerpc-unknown-lynxos${UNAME_RELEASE} - exit ;; - SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv${UNAME_RELEASE} - exit ;; - RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - *:SINIX-*:*:*) - if uname -p 2>/dev/null >/dev/null ; then - UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo ${UNAME_MACHINE}-sni-sysv4 - else - echo ns32k-sni-sysv - fi - exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; - *:UNIX_System_V:4*:FTX*) - # From Gerald Hewes . - # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit ;; - *:*:*:FTX*) - # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit ;; - i*86:VOS:*:*) - # From Paul.Green@stratus.com. - echo ${UNAME_MACHINE}-stratus-vos - exit ;; - *:VOS:*:*) - # From Paul.Green@stratus.com. - echo hppa1.1-stratus-vos - exit ;; - mc68*:A/UX:*:*) - echo m68k-apple-aux${UNAME_RELEASE} - exit ;; - news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit ;; - R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} - else - echo mips-unknown-sysv${UNAME_RELEASE} - fi - exit ;; - BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit ;; - BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit ;; - BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit ;; - BePC:Haiku:*:*) # Haiku running on Intel PC compatible. - echo i586-pc-haiku - exit ;; - x86_64:Haiku:*:*) - echo x86_64-unknown-haiku - exit ;; - SX-4:SUPER-UX:*:*) - echo sx4-nec-superux${UNAME_RELEASE} - exit ;; - SX-5:SUPER-UX:*:*) - echo sx5-nec-superux${UNAME_RELEASE} - exit ;; - SX-6:SUPER-UX:*:*) - echo sx6-nec-superux${UNAME_RELEASE} - exit ;; - SX-7:SUPER-UX:*:*) - echo sx7-nec-superux${UNAME_RELEASE} - exit ;; - SX-8:SUPER-UX:*:*) - echo sx8-nec-superux${UNAME_RELEASE} - exit ;; - SX-8R:SUPER-UX:*:*) - echo sx8r-nec-superux${UNAME_RELEASE} - exit ;; - Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Rhapsody:*:*) - echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - eval $set_cc_for_build - if test "$UNAME_PROCESSOR" = unknown ; then - UNAME_PROCESSOR=powerpc - fi - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - case $UNAME_PROCESSOR in - i386) UNAME_PROCESSOR=x86_64 ;; - powerpc) UNAME_PROCESSOR=powerpc64 ;; - esac - fi - fi - echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} - exit ;; - *:procnto*:*:* | *:QNX:[0123456789]*:*) - UNAME_PROCESSOR=`uname -p` - if test "$UNAME_PROCESSOR" = "x86"; then - UNAME_PROCESSOR=i386 - UNAME_MACHINE=pc - fi - echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} - exit ;; - *:QNX:*:4*) - echo i386-pc-qnx - exit ;; - NEO-?:NONSTOP_KERNEL:*:*) - echo neo-tandem-nsk${UNAME_RELEASE} - exit ;; - NSE-*:NONSTOP_KERNEL:*:*) - echo nse-tandem-nsk${UNAME_RELEASE} - exit ;; - NSR-?:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk${UNAME_RELEASE} - exit ;; - *:NonStop-UX:*:*) - echo mips-compaq-nonstopux - exit ;; - BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit ;; - DS/*:UNIX_System_V:*:*) - echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} - exit ;; - *:Plan9:*:*) - # "uname -m" is not consistent, so use $cputype instead. 386 - # is converted to i386 for consistency with other x86 - # operating systems. - if test "$cputype" = "386"; then - UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" - fi - echo ${UNAME_MACHINE}-unknown-plan9 - exit ;; - *:TOPS-10:*:*) - echo pdp10-unknown-tops10 - exit ;; - *:TENEX:*:*) - echo pdp10-unknown-tenex - exit ;; - KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) - echo pdp10-dec-tops20 - exit ;; - XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) - echo pdp10-xkl-tops20 - exit ;; - *:TOPS-20:*:*) - echo pdp10-unknown-tops20 - exit ;; - *:ITS:*:*) - echo pdp10-unknown-its - exit ;; - SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} - exit ;; - *:DragonFly:*:*) - echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit ;; - *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` - case "${UNAME_MACHINE}" in - A*) echo alpha-dec-vms ; exit ;; - I*) echo ia64-dec-vms ; exit ;; - V*) echo vax-dec-vms ; exit ;; - esac ;; - *:XENIX:*:SysV) - echo i386-pc-xenix - exit ;; - i*86:skyos:*:*) - echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' - exit ;; - i*86:rdos:*:*) - echo ${UNAME_MACHINE}-pc-rdos - exit ;; - i*86:AROS:*:*) - echo ${UNAME_MACHINE}-pc-aros - exit ;; - x86_64:VMkernel:*:*) - echo ${UNAME_MACHINE}-unknown-esx - exit ;; -esac - -eval $set_cc_for_build -cat >$dummy.c < -# include -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix\n"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -# if !defined (ultrix) -# include -# if defined (BSD) -# if BSD == 43 - printf ("vax-dec-bsd4.3\n"); exit (0); -# else -# if BSD == 199006 - printf ("vax-dec-bsd4.3reno\n"); exit (0); -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# endif -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# else - printf ("vax-dec-ultrix\n"); exit (0); -# endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd - exit ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - c34*) - echo c34-convex-bsd - exit ;; - c38*) - echo c38-convex-bsd - exit ;; - c4*) - echo c4-convex-bsd - exit ;; - esac -fi - -cat >&2 < in order to provide the needed -information to handle your system. - -config.guess timestamp = $timestamp - -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null` - -hostinfo = `(hostinfo) 2>/dev/null` -/bin/universe = `(/bin/universe) 2>/dev/null` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` -/bin/arch = `(/bin/arch) 2>/dev/null` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` - -UNAME_MACHINE = ${UNAME_MACHINE} -UNAME_RELEASE = ${UNAME_RELEASE} -UNAME_SYSTEM = ${UNAME_SYSTEM} -UNAME_VERSION = ${UNAME_VERSION} -EOF - -exit 1 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff --git a/config.h.in b/config.h.in deleted file mode 100644 index def7a951..00000000 --- a/config.h.in +++ /dev/null @@ -1,598 +0,0 @@ -/* config.h.in. Generated from configure.in by autoheader. */ - -/* Define if account management tools should be installed setuid and - authenticate the callers */ -#undef ACCT_TOOLS_SETUID - -/* Define to 1 if translation of program messages to the user's native - language is requested. */ -#undef ENABLE_NLS - -/* Define to support the subordinate IDs. */ -#undef ENABLE_SUBIDS - -/* Path for faillog file. */ -#undef FAILLOG_FILE - -/* Define to the type of elements in the array set by `getgroups'. Usually - this is either `int' or `gid_t'. */ -#undef GETGROUPS_T - -/* max group name length */ -#undef GROUP_NAME_MAX_LENGTH - -/* Define to 1 if you have the declaration of 'pam_fail_delay' */ -#undef HAS_PAM_FAIL_DELAY - -/* Define to 1 if you have the header file. */ -#undef HAVE_ACL_LIBACL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_ATTR_ERROR_CONTEXT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_ATTR_LIBATTR_H - -/* Define to 1 if you have the Mac OS X function CFLocaleCopyCurrent in the - CoreFoundation framework. */ -#undef HAVE_CFLOCALECOPYCURRENT - -/* Define to 1 if you have the Mac OS X function CFPreferencesCopyAppValue in - the CoreFoundation framework. */ -#undef HAVE_CFPREFERENCESCOPYAPPVALUE - -/* Define if the GNU dcgettext() function is already present or preinstalled. - */ -#undef HAVE_DCGETTEXT - -/* Define to 1 if you have the declaration of `PAM_DATA_SILENT', and to 0 if - you don't. */ -#undef HAVE_DECL_PAM_DATA_SILENT - -/* Define to 1 if you have the declaration of `PAM_DELETE_CRED', and to 0 if - you don't. */ -#undef HAVE_DECL_PAM_DELETE_CRED - -/* Define to 1 if you have the declaration of `PAM_ESTABLISH_CRED', and to 0 - if you don't. */ -#undef HAVE_DECL_PAM_ESTABLISH_CRED - -/* Define to 1 if you have the declaration of `PAM_NEW_AUTHTOK_REQD', and to 0 - if you don't. */ -#undef HAVE_DECL_PAM_NEW_AUTHTOK_REQD - -/* Define to 1 if you have the header file, and it defines `DIR'. - */ -#undef HAVE_DIRENT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_DLFCN_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_ERRNO_H - -/* Define to 1 if you have the `fchmod' function. */ -#undef HAVE_FCHMOD - -/* Define to 1 if you have the `fchown' function. */ -#undef HAVE_FCHOWN - -/* Define to 1 if you have the header file. */ -#undef HAVE_FCNTL_H - -/* Define to 1 if you have the `fsync' function. */ -#undef HAVE_FSYNC - -/* Define to 1 if you have the `futimes' function. */ -#undef HAVE_FUTIMES - -/* Define to 1 if you have the `getaddrinfo' function. */ -#undef HAVE_GETADDRINFO - -/* Define to 1 if you have the `getgrgid_r' function. */ -#undef HAVE_GETGRGID_R - -/* Define to 1 if you have the `getgrnam_r' function. */ -#undef HAVE_GETGRNAM_R - -/* Define to 1 if you have the `getgroups' function. */ -#undef HAVE_GETGROUPS - -/* Define to 1 if you have the `gethostname' function. */ -#undef HAVE_GETHOSTNAME - -/* Define to 1 if you have the `getpwnam_r' function. */ -#undef HAVE_GETPWNAM_R - -/* Define to 1 if you have the `getpwuid_r' function. */ -#undef HAVE_GETPWUID_R - -/* Define to 1 if you have the `getspnam' function. */ -#undef HAVE_GETSPNAM - -/* Define to 1 if you have the `getspnam_r' function. */ -#undef HAVE_GETSPNAM_R - -/* Define if the GNU gettext() function is already present or preinstalled. */ -#undef HAVE_GETTEXT - -/* Define to 1 if you have the `gettimeofday' function. */ -#undef HAVE_GETTIMEOFDAY - -/* Define to 1 if you have the `getusershell' function. */ -#undef HAVE_GETUSERSHELL - -/* Define to 1 if you have the `getutent' function. */ -#undef HAVE_GETUTENT - -/* Define to 1 if you have the header file. */ -#undef HAVE_GSHADOW_H - -/* Define if you have the iconv() function and it works. */ -#undef HAVE_ICONV - -/* Define to 1 if you have the `initgroups' function. */ -#undef HAVE_INITGROUPS - -/* Define to 1 if you have the `innetgr' function. */ -#undef HAVE_INNETGR - -/* Define to 1 if you have the header file. */ -#undef HAVE_INTTYPES_H - -/* Define to 1 if you have the `l64a' function. */ -#undef HAVE_L64A - -/* Define to 1 if you have the header file. */ -#undef HAVE_LASTLOG_H - -/* Define to 1 if you have the `lchown' function. */ -#undef HAVE_LCHOWN - -/* Define to 1 if you have the `lckpwdf' function. */ -#undef HAVE_LCKPWDF - -/* Defined if you have libcrack. */ -#undef HAVE_LIBCRACK - -/* Defined if you have the ts&szs cracklib. */ -#undef HAVE_LIBCRACK_HIST - -/* Defined if it includes *Pw functions. */ -#undef HAVE_LIBCRACK_PW - -/* Define to 1 if you have the header file. */ -#undef HAVE_LIMITS_H - -/* Define if struct lastlog has ll_host */ -#undef HAVE_LL_HOST - -/* Define to 1 if you have the header file. */ -#undef HAVE_LOCALE_H - -/* Define to 1 if you have the `lstat' function. */ -#undef HAVE_LSTAT - -/* Define to 1 if you have the `lutimes' function. */ -#undef HAVE_LUTIMES - -/* Define to 1 if you have the `memcpy' function. */ -#undef HAVE_MEMCPY - -/* Define to 1 if you have the header file. */ -#undef HAVE_MEMORY_H - -/* Define to 1 if you have the `memset' function. */ -#undef HAVE_MEMSET - -/* Define to 1 if you have the `mkdir' function. */ -#undef HAVE_MKDIR - -/* Define to 1 if you have the header file, and it defines `DIR'. */ -#undef HAVE_NDIR_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETDB_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_PATHS_H - -/* Define to 1 if you have the `putgrent' function. */ -#undef HAVE_PUTGRENT - -/* Define to 1 if you have the `putpwent' function. */ -#undef HAVE_PUTPWENT - -/* Define to 1 if you have the `putspent' function. */ -#undef HAVE_PUTSPENT - -/* Define to 1 if you have the `rename' function. */ -#undef HAVE_RENAME - -/* Define to 1 if you have the `rmdir' function. */ -#undef HAVE_RMDIR - -/* Define to 1 if you have the header file. */ -#undef HAVE_RPC_KEY_PROT_H - -/* Define to 1 if you have the `ruserok' function. */ -#undef HAVE_RUSEROK - -/* Define to 1 if you have the header file. */ -#undef HAVE_SECURITY_OPENPAM_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SECURITY_PAM_MISC_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SELINUX_SELINUX_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SEMANAGE_SEMANAGE_H - -/* Define to 1 if you have the `setgroups' function. */ -#undef HAVE_SETGROUPS - -/* Define to 1 if you have the `sgetgrent' function. */ -#undef HAVE_SGETGRENT - -/* Define to 1 if you have the `sgetpwent' function. */ -#undef HAVE_SGETPWENT - -/* Define to 1 if you have the `sgetspent' function. */ -#undef HAVE_SGETSPENT - -/* Define to 1 if you have the header file. */ -#undef HAVE_SGTTY_H - -/* Have working shadow group support in libc */ -#undef HAVE_SHADOWGRP - -/* Define to 1 if you have the `sigaction' function. */ -#undef HAVE_SIGACTION - -/* Define to 1 if you have the `snprintf' function. */ -#undef HAVE_SNPRINTF - -/* Define to 1 if stdbool.h conforms to C99. */ -#undef HAVE_STDBOOL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STDINT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STDLIB_H - -/* Define to 1 if you have the `strcasecmp' function. */ -#undef HAVE_STRCASECMP - -/* Define to 1 if you have the `strchr' function. */ -#undef HAVE_STRCHR - -/* Define to 1 if you have the `strdup' function. */ -#undef HAVE_STRDUP - -/* Define to 1 if you have the `strerror' function. */ -#undef HAVE_STRERROR - -/* Define to 1 if you have the `strftime' function. */ -#undef HAVE_STRFTIME - -/* Define to 1 if you have the header file. */ -#undef HAVE_STRINGS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STRING_H - -/* Define to 1 if you have the `strstr' function. */ -#undef HAVE_STRSTR - -/* Define to 1 if `st_atim' is a member of `struct stat'. */ -#undef HAVE_STRUCT_STAT_ST_ATIM - -/* Define to 1 if `st_atimensec' is a member of `struct stat'. */ -#undef HAVE_STRUCT_STAT_ST_ATIMENSEC - -/* Define to 1 if `st_mtim' is a member of `struct stat'. */ -#undef HAVE_STRUCT_STAT_ST_MTIM - -/* Define to 1 if `st_mtimensec' is a member of `struct stat'. */ -#undef HAVE_STRUCT_STAT_ST_MTIMENSEC - -/* Define to 1 if `st_rdev' is a member of `struct stat'. */ -#undef HAVE_STRUCT_STAT_ST_RDEV - -/* Define to 1 if `ut_addr' is a member of `struct utmpx'. */ -#undef HAVE_STRUCT_UTMPX_UT_ADDR - -/* Define to 1 if `ut_addr_v6' is a member of `struct utmpx'. */ -#undef HAVE_STRUCT_UTMPX_UT_ADDR_V6 - -/* Define to 1 if `ut_host' is a member of `struct utmpx'. */ -#undef HAVE_STRUCT_UTMPX_UT_HOST - -/* Define to 1 if `ut_name' is a member of `struct utmpx'. */ -#undef HAVE_STRUCT_UTMPX_UT_NAME - -/* Define to 1 if `ut_syslen' is a member of `struct utmpx'. */ -#undef HAVE_STRUCT_UTMPX_UT_SYSLEN - -/* Define to 1 if `ut_time' is a member of `struct utmpx'. */ -#undef HAVE_STRUCT_UTMPX_UT_TIME - -/* Define to 1 if `ut_xtime' is a member of `struct utmpx'. */ -#undef HAVE_STRUCT_UTMPX_UT_XTIME - -/* Define to 1 if `ut_addr' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_ADDR - -/* Define to 1 if `ut_addr_v6' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_ADDR_V6 - -/* Define to 1 if `ut_host' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_HOST - -/* Define to 1 if `ut_id' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_ID - -/* Define to 1 if `ut_name' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_NAME - -/* Define to 1 if `ut_syslen' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_SYSLEN - -/* Define to 1 if `ut_time' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_TIME - -/* Define to 1 if `ut_tv' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_TV - -/* Define to 1 if `ut_type' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_TYPE - -/* Define to 1 if `ut_user' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_USER - -/* Define to 1 if `ut_xtime' is a member of `struct utmp'. */ -#undef HAVE_STRUCT_UTMP_UT_XTIME - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYSLOG_H - -/* Define to 1 if you have the header file, and it defines `DIR'. - */ -#undef HAVE_SYS_DIR_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_IOCTL_H - -/* Define to 1 if you have the header file, and it defines `DIR'. - */ -#undef HAVE_SYS_NDIR_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_RESOURCE_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STAT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TIME_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TYPES_H - -/* Define to 1 if you have that is POSIX.1 compatible. */ -#undef HAVE_SYS_WAIT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_TCB_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_TERMIOS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_TERMIO_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_ULIMIT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_UNISTD_H - -/* Define to 1 if you have the `updwtmp' function. */ -#undef HAVE_UPDWTMP - -/* Define to 1 if you have the `updwtmpx' function. */ -#undef HAVE_UPDWTMPX - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTIME_H - -/* Define to 1 if `utime(file, NULL)' sets file's timestamp to the present. */ -#undef HAVE_UTIME_NULL - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTMPX_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTMP_H - -/* Define to 1 if the system has the type `_Bool'. */ -#undef HAVE__BOOL - -/* Path for lastlog file. */ -#undef LASTLOG_FILE - -/* Define to the sub-directory in which libtool stores uninstalled libraries. - */ -#undef LT_OBJDIR - -/* Location of system mail spool directory. */ -#undef MAIL_SPOOL_DIR - -/* Name of user's mail spool file if stored in user's home directory. */ -#undef MAIL_SPOOL_FILE - -/* Name of package */ -#undef PACKAGE - -/* Define to the address where bug reports for this package should be sent. */ -#undef PACKAGE_BUGREPORT - -/* Define to the full name of this package. */ -#undef PACKAGE_NAME - -/* Define to the full name and version of this package. */ -#undef PACKAGE_STRING - -/* Define to the one symbol short name of this package. */ -#undef PACKAGE_TARNAME - -/* Define to the home page for this package. */ -#undef PACKAGE_URL - -/* Define to the version of this package. */ -#undef PACKAGE_VERSION - -/* Path to passwd program. */ -#undef PASSWD_PROGRAM - -/* Define as the return type of signal handlers (`int' or `void'). */ -#undef RETSIGTYPE - -/* Define if login should support the -r flag for rlogind. */ -#undef RLOGIN - -/* Define to the ruserok() "success" return value (0 or 1). */ -#undef RUSEROK - -/* Define to support the shadow group file. */ -#undef SHADOWGRP - -/* PAM converstation to use */ -#undef SHADOW_PAM_CONVERSATION - -/* The default shell. */ -#undef SHELL - -/* Define to support S/Key logins. */ -#undef SKEY - -/* Define to support newer BSD S/Key API */ -#undef SKEY_BSD_STYLE - -/* Define to 1 if the `S_IS*' macros in do not work properly. */ -#undef STAT_MACROS_BROKEN - -/* Define to 1 if you have the ANSI C header files. */ -#undef STDC_HEADERS - -/* Define to support /etc/suauth su access control. */ -#undef SU_ACCESS - -/* Define to 1 if you can safely include both and . */ -#undef TIME_WITH_SYS_TIME - -/* Define to 1 if your declares `struct tm'. */ -#undef TM_IN_SYS_TIME - -/* Define to support flushing of nscd caches */ -#undef USE_NSCD - -/* Define to support Pluggable Authentication Modules */ -#undef USE_PAM - -/* Define to allow the SHA256 and SHA512 password encryption algorithms */ -#undef USE_SHA_CRYPT - -/* Define to use syslog(). */ -#undef USE_SYSLOG - -/* Enable extensions on AIX 3, Interix. */ -#ifndef _ALL_SOURCE -# undef _ALL_SOURCE -#endif -/* Enable GNU extensions on systems that have them. */ -#ifndef _GNU_SOURCE -# undef _GNU_SOURCE -#endif -/* Enable threading extensions on Solaris. */ -#ifndef _POSIX_PTHREAD_SEMANTICS -# undef _POSIX_PTHREAD_SEMANTICS -#endif -/* Enable extensions on HP NonStop. */ -#ifndef _TANDEM_SOURCE -# undef _TANDEM_SOURCE -#endif -/* Enable general extensions on Solaris. */ -#ifndef __EXTENSIONS__ -# undef __EXTENSIONS__ -#endif - - -/* Define if utmpx should be used */ -#undef USE_UTMPX - -/* Version number of package */ -#undef VERSION - -/* Build shadow with ACL support */ -#undef WITH_ACL - -/* Build shadow with Extended Attributes support */ -#undef WITH_ATTR - -/* Define if you want to enable Audit messages */ -#undef WITH_AUDIT - -/* Build shadow with SELinux support */ -#undef WITH_SELINUX - -/* Build shadow with tcb support (incomplete) */ -#undef WITH_TCB - -/* Enable large inode numbers on Mac OS X 10.5. */ -#ifndef _DARWIN_USE_64_BIT_INODE -# define _DARWIN_USE_64_BIT_INODE 1 -#endif - -/* Number of bits in a file offset, on hosts where this is settable. */ -#undef _FILE_OFFSET_BITS - -/* Define for large files, on AIX-style hosts. */ -#undef _LARGE_FILES - -/* Define to 1 if on MINIX. */ -#undef _MINIX - -/* Define to 2 if the system does not provide POSIX.1 features except with - this defined. */ -#undef _POSIX_1_SOURCE - -/* Define to 1 if you need to in order for `stat' and other things to work. */ -#undef _POSIX_SOURCE - -/* Path for utmp file. */ -#undef _UTMP_FILE - -/* Path for wtmp file. */ -#undef _WTMP_FILE - -/* Define to empty if `const' does not conform to ANSI C. */ -#undef const - -/* Define to `int' if doesn't define. */ -#undef gid_t - -/* Define to `int' if does not define. */ -#undef mode_t - -/* Define to `long int' if does not define. */ -#undef off_t - -/* Define to `int' if does not define. */ -#undef pid_t - -/* Define to `int' if doesn't define. */ -#undef uid_t diff --git a/config.rpath b/config.rpath deleted file mode 100755 index c492a93b..00000000 --- a/config.rpath +++ /dev/null @@ -1,614 +0,0 @@ -#! /bin/sh -# Output a system dependent set of variables, describing how to set the -# run time search path of shared libraries in an executable. -# -# Copyright 1996-2006 Free Software Foundation, Inc. -# Taken from GNU libtool, 2001 -# Originally by Gordon Matzigkeit , 1996 -# -# This file is free software; the Free Software Foundation gives -# unlimited permission to copy and/or distribute it, with or without -# modifications, as long as this notice is preserved. -# -# The first argument passed to this file is the canonical host specification, -# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM -# or -# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM -# The environment variables CC, GCC, LDFLAGS, LD, with_gnu_ld -# should be set by the caller. -# -# The set of defined variables is at the end of this script. - -# Known limitations: -# - On IRIX 6.5 with CC="cc", the run time search patch must not be longer -# than 256 bytes, otherwise the compiler driver will dump core. The only -# known workaround is to choose shorter directory names for the build -# directory and/or the installation directory. - -# All known linkers require a `.a' archive for static linking (except MSVC, -# which needs '.lib'). -libext=a -shrext=.so - -host="$1" -host_cpu=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` -host_vendor=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` -host_os=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` - -# Code taken from libtool.m4's _LT_CC_BASENAME. - -for cc_temp in $CC""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`echo "$cc_temp" | sed -e 's%^.*/%%'` - -# Code taken from libtool.m4's AC_LIBTOOL_PROG_COMPILER_PIC. - -wl= -if test "$GCC" = yes; then - wl='-Wl,' -else - case "$host_os" in - aix*) - wl='-Wl,' - ;; - darwin*) - case $cc_basename in - xlc*) - wl='-Wl,' - ;; - esac - ;; - mingw* | pw32* | os2*) - ;; - hpux9* | hpux10* | hpux11*) - wl='-Wl,' - ;; - irix5* | irix6* | nonstopux*) - wl='-Wl,' - ;; - newsos6) - ;; - linux*) - case $cc_basename in - icc* | ecc*) - wl='-Wl,' - ;; - pgcc | pgf77 | pgf90) - wl='-Wl,' - ;; - ccc*) - wl='-Wl,' - ;; - como) - wl='-lopt=' - ;; - *) - case `$CC -V 2>&1 | sed 5q` in - *Sun\ C*) - wl='-Wl,' - ;; - esac - ;; - esac - ;; - osf3* | osf4* | osf5*) - wl='-Wl,' - ;; - sco3.2v5*) - ;; - solaris*) - wl='-Wl,' - ;; - sunos4*) - wl='-Qoption ld ' - ;; - sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) - wl='-Wl,' - ;; - sysv4*MP*) - ;; - unicos*) - wl='-Wl,' - ;; - uts4*) - ;; - esac -fi - -# Code taken from libtool.m4's AC_LIBTOOL_PROG_LD_SHLIBS. - -hardcode_libdir_flag_spec= -hardcode_libdir_separator= -hardcode_direct=no -hardcode_minus_L=no - -case "$host_os" in - cygwin* | mingw* | pw32*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; -esac - -ld_shlibs=yes -if test "$with_gnu_ld" = yes; then - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - # Unlike libtool, we use -rpath here, not --rpath, since the documented - # option of GNU ld is called -rpath, not --rpath. - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - case "$host_os" in - aix3* | aix4* | aix5*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - ld_shlibs=no - fi - ;; - amigaos*) - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we cannot use - # them. - ld_shlibs=no - ;; - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - : - else - ld_shlibs=no - fi - ;; - cygwin* | mingw* | pw32*) - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - hardcode_libdir_flag_spec='-L$libdir' - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - : - else - ld_shlibs=no - fi - ;; - interix3*) - hardcode_direct=no - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - ;; - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - : - else - ld_shlibs=no - fi - ;; - netbsd*) - ;; - solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then - ld_shlibs=no - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - : - else - ld_shlibs=no - fi - ;; - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) - ld_shlibs=no - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - else - ld_shlibs=no - fi - ;; - esac - ;; - sunos4*) - hardcode_direct=yes - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - : - else - ld_shlibs=no - fi - ;; - esac - if test "$ld_shlibs" = no; then - hardcode_libdir_flag_spec= - fi -else - case "$host_os" in - aix3*) - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - hardcode_minus_L=yes - if test "$GCC" = yes; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - hardcode_direct=unsupported - fi - ;; - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - else - aix_use_runtimelinking=no - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - fi - hardcode_direct=yes - hardcode_libdir_separator=':' - if test "$GCC" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - hardcode_direct=yes - else - # We have old collect2 - hardcode_direct=unsupported - hardcode_minus_L=yes - hardcode_libdir_flag_spec='-L$libdir' - hardcode_libdir_separator= - fi - ;; - esac - fi - # Begin _LT_AC_SYS_LIBPATH_AIX. - echo 'int main () { return 0; }' > conftest.c - ${CC} ${LDFLAGS} conftest.c -o conftest - aix_libpath=`dump -H conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` - if test -z "$aix_libpath"; then - aix_libpath=`dump -HX64 conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` - fi - if test -z "$aix_libpath"; then - aix_libpath="/usr/lib:/lib" - fi - rm -f conftest.c conftest - # End _LT_AC_SYS_LIBPATH_AIX. - if test "$aix_use_runtimelinking" = yes; then - hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib' - else - hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" - fi - fi - ;; - amigaos*) - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - # see comment about different semantics on the GNU ld section - ld_shlibs=no - ;; - bsdi[45]*) - ;; - cygwin* | mingw* | pw32*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - hardcode_libdir_flag_spec=' ' - libext=lib - ;; - darwin* | rhapsody*) - hardcode_direct=no - if test "$GCC" = yes ; then - : - else - case $cc_basename in - xlc*) - ;; - *) - ld_shlibs=no - ;; - esac - fi - ;; - dgux*) - hardcode_libdir_flag_spec='-L$libdir' - ;; - freebsd1*) - ld_shlibs=no - ;; - freebsd2.2*) - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - ;; - freebsd2*) - hardcode_direct=yes - hardcode_minus_L=yes - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - ;; - hpux9*) - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - hardcode_direct=yes - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - ;; - hpux10*) - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - hardcode_direct=yes - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - fi - ;; - hpux11*) - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - case $host_cpu in - hppa*64*|ia64*) - hardcode_direct=no - ;; - *) - hardcode_direct=yes - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - ;; - esac - fi - ;; - irix5* | irix6* | nonstopux*) - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - ;; - netbsd*) - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - ;; - newsos6) - hardcode_direct=yes - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - ;; - openbsd*) - hardcode_direct=yes - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - else - case "$host_os" in - openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) - hardcode_libdir_flag_spec='-R$libdir' - ;; - *) - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - ;; - esac - fi - ;; - os2*) - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - ;; - osf3*) - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - ;; - osf4* | osf5*) - if test "$GCC" = yes; then - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - else - # Both cc and cxx compiler support -rpath directly - hardcode_libdir_flag_spec='-rpath $libdir' - fi - hardcode_libdir_separator=: - ;; - solaris*) - hardcode_libdir_flag_spec='-R$libdir' - ;; - sunos4*) - hardcode_libdir_flag_spec='-L$libdir' - hardcode_direct=yes - hardcode_minus_L=yes - ;; - sysv4) - case $host_vendor in - sni) - hardcode_direct=yes # is this really true??? - ;; - siemens) - hardcode_direct=no - ;; - motorola) - hardcode_direct=no #Motorola manual says yes, but my tests say they lie - ;; - esac - ;; - sysv4.3*) - ;; - sysv4*MP*) - if test -d /usr/nec; then - ld_shlibs=yes - fi - ;; - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*) - ;; - sysv5* | sco3.2v5* | sco5v6*) - hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - hardcode_libdir_separator=':' - ;; - uts4*) - hardcode_libdir_flag_spec='-L$libdir' - ;; - *) - ld_shlibs=no - ;; - esac -fi - -# Check dynamic linker characteristics -# Code taken from libtool.m4's AC_LIBTOOL_SYS_DYNAMIC_LINKER. -libname_spec='lib$name' -case "$host_os" in - aix3*) - ;; - aix4* | aix5*) - ;; - amigaos*) - ;; - beos*) - ;; - bsdi[45]*) - ;; - cygwin* | mingw* | pw32*) - shrext=.dll - ;; - darwin* | rhapsody*) - shrext=.dylib - ;; - dgux*) - ;; - freebsd1*) - ;; - kfreebsd*-gnu) - ;; - freebsd* | dragonfly*) - ;; - gnu*) - ;; - hpux9* | hpux10* | hpux11*) - case $host_cpu in - ia64*) - shrext=.so - ;; - hppa*64*) - shrext=.sl - ;; - *) - shrext=.sl - ;; - esac - ;; - interix3*) - ;; - irix5* | irix6* | nonstopux*) - case "$host_os" in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") libsuff= shlibsuff= ;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") libsuff=32 shlibsuff=N32 ;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") libsuff=64 shlibsuff=64 ;; - *) libsuff= shlibsuff= ;; - esac - ;; - esac - ;; - linux*oldld* | linux*aout* | linux*coff*) - ;; - linux*) - ;; - knetbsd*-gnu) - ;; - netbsd*) - ;; - newsos6) - ;; - nto-qnx*) - ;; - openbsd*) - ;; - os2*) - libname_spec='$name' - shrext=.dll - ;; - osf3* | osf4* | osf5*) - ;; - solaris*) - ;; - sunos4*) - ;; - sysv4 | sysv4.3*) - ;; - sysv4*MP*) - ;; - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - ;; - uts4*) - ;; -esac - -sed_quote_subst='s/\(["`$\\]\)/\\\1/g' -escaped_wl=`echo "X$wl" | sed -e 's/^X//' -e "$sed_quote_subst"` -shlibext=`echo "$shrext" | sed -e 's,^\.,,'` -escaped_hardcode_libdir_flag_spec=`echo "X$hardcode_libdir_flag_spec" | sed -e 's/^X//' -e "$sed_quote_subst"` - -LC_ALL=C sed -e 's/^\([a-zA-Z0-9_]*\)=/acl_cv_\1=/' <. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that -# program. This Exception is an additional permission under section 7 -# of the GNU General Public License, version 3 ("GPLv3"). - - -# Please send patches with a ChangeLog entry to config-patches@gnu.org. -# -# Configuration subroutine to validate and canonicalize a configuration type. -# Supply the specified configuration type as an argument. -# If it is invalid, we print an error message on stderr and exit with code 1. -# Otherwise, we print the canonical config type on stdout and succeed. - -# You can get the latest version of this script from: -# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD - -# This file is supposed to be the same for all GNU packages -# and recognize all the CPU types, system types and aliases -# that are meaningful with *any* GNU software. -# Each package is responsible for reporting which valid configurations -# it does not support. The user should be able to distinguish -# a failure to support a valid configuration from a meaningless -# configuration. - -# The goal of this file is to map all the various variations of a given -# machine specification into a single specification in the form: -# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM -# or in some cases, the newer four-part form: -# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM -# It is wrong to echo any other type of specification. - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] CPU-MFR-OPSYS - $0 [OPTION] ALIAS - -Canonicalize a configuration name. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.sub ($timestamp) - -Copyright 1992-2013 Free Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" - exit 1 ;; - - *local*) - # First pass through any local machine types. - echo $1 - exit ;; - - * ) - break ;; - esac -done - -case $# in - 0) echo "$me: missing argument$help" >&2 - exit 1;; - 1) ;; - *) echo "$me: too many arguments$help" >&2 - exit 1;; -esac - -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ - linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ - knetbsd*-gnu* | netbsd*-gnu* | \ - kopensolaris*-gnu* | \ - storm-chaos* | os2-emx* | rtmk-nova*) - os=-$maybe_os - basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - android-linux) - os=-linux-android - basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown - ;; - *) - basic_machine=`echo $1 | sed 's/-[^-]*$//'` - if [ $basic_machine != $1 ] - then os=`echo $1 | sed 's/.*-/-/'` - else os=; fi - ;; -esac - -### Let's recognize common machines as not being operating systems so -### that things like config.sub decstation-3100 work. We also -### recognize some manufacturers as not being operating systems, so we -### can provide default operating systems below. -case $os in - -sun*os*) - # Prevent following clause from handling this invalid input. - ;; - -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ - -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ - -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ - -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ - -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ - -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray | -microblaze*) - os= - basic_machine=$1 - ;; - -bluegene*) - os=-cnk - ;; - -sim | -cisco | -oki | -wec | -winbond) - os= - basic_machine=$1 - ;; - -scout) - ;; - -wrs) - os=-vxworks - basic_machine=$1 - ;; - -chorusos*) - os=-chorusos - basic_machine=$1 - ;; - -chorusrdb) - os=-chorusrdb - basic_machine=$1 - ;; - -hiux*) - os=-hiuxwe2 - ;; - -sco6) - os=-sco5v6 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco5) - os=-sco3.2v5 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco4) - os=-sco3.2v4 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2.[4-9]*) - os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2v[4-9]*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco5v6*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco*) - os=-sco3.2v2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -udk*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -isc) - os=-isc2.2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -clix*) - basic_machine=clipper-intergraph - ;; - -isc*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -lynx*178) - os=-lynxos178 - ;; - -lynx*5) - os=-lynxos5 - ;; - -lynx*) - os=-lynxos - ;; - -ptx*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` - ;; - -windowsnt*) - os=`echo $os | sed -e 's/windowsnt/winnt/'` - ;; - -psos*) - os=-psos - ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; -esac - -# Decode aliases for certain CPU-COMPANY combinations. -case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - 1750a | 580 \ - | a29k \ - | aarch64 | aarch64_be \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ - | am33_2.0 \ - | arc | arceb \ - | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ - | avr | avr32 \ - | be32 | be64 \ - | bfin \ - | c4x | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | epiphany \ - | fido | fr30 | frv \ - | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | hexagon \ - | i370 | i860 | i960 | ia64 \ - | ip2k | iq2000 \ - | le32 | le64 \ - | lm32 \ - | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64octeon | mips64octeonel \ - | mips64orion | mips64orionel \ - | mips64r5900 | mips64r5900el \ - | mips64vr | mips64vrel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mips64vr5900 | mips64vr5900el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64r2 | mipsisa64r2el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipsr5900 | mipsr5900el \ - | mipstx39 | mipstx39el \ - | mn10200 | mn10300 \ - | moxie \ - | mt \ - | msp430 \ - | nds32 | nds32le | nds32be \ - | nios | nios2 | nios2eb | nios2el \ - | ns16k | ns32k \ - | open8 \ - | or1k | or32 \ - | pdp10 | pdp11 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle \ - | pyramid \ - | rl78 | rx \ - | score \ - | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ - | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu \ - | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ - | ubicom32 \ - | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ - | we32k \ - | x86 | xc16x | xstormy16 | xtensa \ - | z8k | z80) - basic_machine=$basic_machine-unknown - ;; - c54x) - basic_machine=tic54x-unknown - ;; - c55x) - basic_machine=tic55x-unknown - ;; - c6x) - basic_machine=tic6x-unknown - ;; - m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | picochip) - basic_machine=$basic_machine-unknown - os=-none - ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) - ;; - ms1) - basic_machine=mt-unknown - ;; - - strongarm | thumb | xscale) - basic_machine=arm-unknown - ;; - xgate) - basic_machine=$basic_machine-unknown - os=-none - ;; - xscaleeb) - basic_machine=armeb-unknown - ;; - - xscaleel) - basic_machine=armel-unknown - ;; - - # We use `pc' rather than `unknown' - # because (1) that's what they normally are, and - # (2) the word "unknown" tends to confuse beginning users. - i*86 | x86_64) - basic_machine=$basic_machine-pc - ;; - # Object if more than one company name word. - *-*-*) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - 580-* \ - | a29k-* \ - | aarch64-* | aarch64_be-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ - | avr-* | avr32-* \ - | be32-* | be64-* \ - | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* \ - | clipper-* | craynv-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ - | elxsi-* \ - | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ - | h8300-* | h8500-* \ - | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | hexagon-* \ - | i*86-* | i860-* | i960-* | ia64-* \ - | ip2k-* | iq2000-* \ - | le32-* | le64-* \ - | lm32-* \ - | m32c-* | m32r-* | m32rle-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ - | microblaze-* | microblazeel-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64octeon-* | mips64octeonel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64r5900-* | mips64r5900el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mips64vr5900-* | mips64vr5900el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64r2-* | mipsisa64r2el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipsr5900-* | mipsr5900el-* \ - | mipstx39-* | mipstx39el-* \ - | mmix-* \ - | mt-* \ - | msp430-* \ - | nds32-* | nds32le-* | nds32be-* \ - | nios-* | nios2-* | nios2eb-* | nios2el-* \ - | none-* | np1-* | ns16k-* | ns32k-* \ - | open8-* \ - | orion-* \ - | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ - | pyramid-* \ - | rl78-* | romp-* | rs6000-* | rx-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ - | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \ - | tahoe-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tile*-* \ - | tron-* \ - | ubicom32-* \ - | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ - | vax-* \ - | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* \ - | xstormy16-* | xtensa*-* \ - | ymp-* \ - | z8k-* | z80-*) - ;; - # Recognize the basic CPU types without company name, with glob match. - xtensa*) - basic_machine=$basic_machine-unknown - ;; - # Recognize the various machine names and aliases which stand - # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-unknown - os=-bsd - ;; - 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att - ;; - 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - abacus) - basic_machine=abacus-unknown - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amd64) - basic_machine=x86_64-pc - ;; - amd64-*) - basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aros) - basic_machine=i386-pc - os=-aros - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - blackfin) - basic_machine=bfin-unknown - os=-linux - ;; - blackfin-*) - basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - bluegene*) - basic_machine=powerpc-ibm - os=-cnk - ;; - c54x-*) - basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - c55x-*) - basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - c6x-*) - basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; - cegcc) - basic_machine=arm-unknown - os=-cegcc - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | j90) - basic_machine=j90-cray - os=-unicos - ;; - craynv) - basic_machine=craynv-cray - os=-unicosmp - ;; - cr16 | cr16-*) - basic_machine=cr16-unknown - os=-elf - ;; - crds | unos) - basic_machine=m68k-crds - ;; - crisv32 | crisv32-* | etraxfs*) - basic_machine=crisv32-axis - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - crx) - basic_machine=crx-unknown - os=-elf - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec - ;; - decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 - ;; - decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 - ;; - delta | 3300 | motorola-3300 | motorola-delta \ - | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - dicos) - basic_machine=i686-pc - os=-dicos - ;; - djgpp) - basic_machine=i586-pc - os=-msdosdjgpp - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx - ;; - dpx2* | dpx2*-bull) - basic_machine=m68k-bull - os=-sysv3 - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd - ;; - encore | umax | mmax) - basic_machine=ns32k-encore - ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose - ;; - fx2800) - basic_machine=i860-alliant - ;; - genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - go32) - basic_machine=i386-pc - os=-go32 - ;; - h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux - ;; - hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp - ;; - hp9k3[2-9][0-9]) - basic_machine=m68k-hp - ;; - hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp - ;; - hp9k78[0-9] | hp78[0-9]) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppa-next) - os=-nextstep3 - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm - ;; - i*86v32) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv32 - ;; - i*86v4*) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv4 - ;; - i*86v) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv - ;; - i*86sol2) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach - ;; - i386-vsta | vsta) - basic_machine=i386-unknown - os=-vsta - ;; - iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) - ;; - *) - os=-irix4 - ;; - esac - ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - m68knommu) - basic_machine=m68k-unknown - os=-linux - ;; - m68knommu-*) - basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - m88k-omron*) - basic_machine=m88k-omron - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - microblaze*) - basic_machine=microblaze-xilinx - ;; - mingw64) - basic_machine=x86_64-pc - os=-mingw64 - ;; - mingw32) - basic_machine=i386-pc - os=-mingw32 - ;; - mingw32ce) - basic_machine=arm-unknown - os=-mingw32ce - ;; - miniframe) - basic_machine=m68000-convergent - ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mips3*-*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; - msdos) - basic_machine=i386-pc - os=-msdos - ;; - ms1-*) - basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` - ;; - msys) - basic_machine=i386-pc - os=-msys - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - nacl) - basic_machine=le32-unknown - os=-nacl - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos - ;; - news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv - ;; - next | m*-next ) - basic_machine=m68k-next - case $os in - -nextstep* ) - ;; - -ns2*) - os=-nextstep2 - ;; - *) - os=-nextstep3 - ;; - esac - ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - nonstopux) - basic_machine=mips-compaq - os=-nonstopux - ;; - np1) - basic_machine=np1-gould - ;; - neo-tandem) - basic_machine=neo-tandem - ;; - nse-tandem) - basic_machine=nse-tandem - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - openrisc | openrisc-*) - basic_machine=or32-unknown - ;; - os400) - basic_machine=powerpc-ibm - os=-os400 - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k - ;; - pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - parisc) - basic_machine=hppa-unknown - os=-linux - ;; - parisc-*) - basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - pbd) - basic_machine=sparc-tti - ;; - pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 - ;; - pc98) - basic_machine=i386-pc - ;; - pc98-*) - basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium | p5 | k5 | k6 | nexgen | viac3) - basic_machine=i586-pc - ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) - basic_machine=i686-pc - ;; - pentiumii | pentium2 | pentiumiii | pentium3) - basic_machine=i686-pc - ;; - pentium4) - basic_machine=i786-pc - ;; - pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) - basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium4-*) - basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pn) - basic_machine=pn-gould - ;; - power) basic_machine=power-ibm - ;; - ppc | ppcbe) basic_machine=powerpc-unknown - ;; - ppc-* | ppcbe-*) - basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppcle | powerpclittle | ppc-le | powerpc-little) - basic_machine=powerpcle-unknown - ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64) basic_machine=powerpc64-unknown - ;; - ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64le | powerpc64little | ppc64-le | powerpc64-little) - basic_machine=powerpc64le-unknown - ;; - ppc64le-* | powerpc64little-*) - basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ps2) - basic_machine=i386-ibm - ;; - pw32) - basic_machine=i586-unknown - os=-pw32 - ;; - rdos | rdos64) - basic_machine=x86_64-pc - os=-rdos - ;; - rdos32) - basic_machine=i386-pc - os=-rdos - ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff - ;; - rm[46]00) - basic_machine=mips-siemens - ;; - rtpc | rtpc-*) - basic_machine=romp-ibm - ;; - s390 | s390-*) - basic_machine=s390-ibm - ;; - s390x | s390x-*) - basic_machine=s390x-ibm - ;; - sa29200) - basic_machine=a29k-amd - os=-udi - ;; - sb1) - basic_machine=mipsisa64sb1-unknown - ;; - sb1el) - basic_machine=mipsisa64sb1el-unknown - ;; - sde) - basic_machine=mipsisa32-sde - os=-elf - ;; - sei) - basic_machine=mips-sei - os=-seiux - ;; - sequent) - basic_machine=i386-sequent - ;; - sh) - basic_machine=sh-hitachi - os=-hms - ;; - sh5el) - basic_machine=sh5le-unknown - ;; - sh64) - basic_machine=sh64-unknown - ;; - sparclite-wrs | simso-wrs) - basic_machine=sparclite-wrs - os=-vxworks - ;; - sps7) - basic_machine=m68k-bull - os=-sysv2 - ;; - spur) - basic_machine=spur-unknown - ;; - st2000) - basic_machine=m68k-tandem - ;; - stratus) - basic_machine=i860-stratus - os=-sysv4 - ;; - strongarm-* | thumb-*) - basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - sun2) - basic_machine=m68000-sun - ;; - sun2os3) - basic_machine=m68000-sun - os=-sunos3 - ;; - sun2os4) - basic_machine=m68000-sun - os=-sunos4 - ;; - sun3os3) - basic_machine=m68k-sun - os=-sunos3 - ;; - sun3os4) - basic_machine=m68k-sun - os=-sunos4 - ;; - sun4os3) - basic_machine=sparc-sun - os=-sunos3 - ;; - sun4os4) - basic_machine=sparc-sun - os=-sunos4 - ;; - sun4sol2) - basic_machine=sparc-sun - os=-solaris2 - ;; - sun3 | sun3-*) - basic_machine=m68k-sun - ;; - sun4) - basic_machine=sparc-sun - ;; - sun386 | sun386i | roadrunner) - basic_machine=i386-sun - ;; - sv1) - basic_machine=sv1-cray - os=-unicos - ;; - symmetry) - basic_machine=i386-sequent - os=-dynix - ;; - t3e) - basic_machine=alphaev5-cray - os=-unicos - ;; - t90) - basic_machine=t90-cray - os=-unicos - ;; - tile*) - basic_machine=$basic_machine-unknown - os=-linux-gnu - ;; - tx39) - basic_machine=mipstx39-unknown - ;; - tx39el) - basic_machine=mipstx39el-unknown - ;; - toad1) - basic_machine=pdp10-xkl - os=-tops20 - ;; - tower | tower-32) - basic_machine=m68k-ncr - ;; - tpf) - basic_machine=s390x-ibm - os=-tpf - ;; - udi29k) - basic_machine=a29k-amd - os=-udi - ;; - ultra3) - basic_machine=a29k-nyu - os=-sym1 - ;; - v810 | necv810) - basic_machine=v810-nec - os=-none - ;; - vaxv) - basic_machine=vax-dec - os=-sysv - ;; - vms) - basic_machine=vax-dec - os=-vms - ;; - vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; - vxworks960) - basic_machine=i960-wrs - os=-vxworks - ;; - vxworks68) - basic_machine=m68k-wrs - os=-vxworks - ;; - vxworks29k) - basic_machine=a29k-wrs - os=-vxworks - ;; - w65*) - basic_machine=w65-wdc - os=-none - ;; - w89k-*) - basic_machine=hppa1.1-winbond - os=-proelf - ;; - xbox) - basic_machine=i686-pc - os=-mingw32 - ;; - xps | xps100) - basic_machine=xps100-honeywell - ;; - xscale-* | xscalee[bl]-*) - basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'` - ;; - ymp) - basic_machine=ymp-cray - os=-unicos - ;; - z8k-*-coff) - basic_machine=z8k-unknown - os=-sim - ;; - z80-*-coff) - basic_machine=z80-unknown - os=-sim - ;; - none) - basic_machine=none-none - os=-none - ;; - -# Here we handle the default manufacturer of certain CPU types. It is in -# some cases the only manufacturer, in others, it is the most popular. - w89k) - basic_machine=hppa1.1-winbond - ;; - op50n) - basic_machine=hppa1.1-oki - ;; - op60c) - basic_machine=hppa1.1-oki - ;; - romp) - basic_machine=romp-ibm - ;; - mmix) - basic_machine=mmix-knuth - ;; - rs6000) - basic_machine=rs6000-ibm - ;; - vax) - basic_machine=vax-dec - ;; - pdp10) - # there are many clones, so DEC is not a safe bet - basic_machine=pdp10-unknown - ;; - pdp11) - basic_machine=pdp11-dec - ;; - we32k) - basic_machine=we32k-att - ;; - sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) - basic_machine=sh-unknown - ;; - sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) - basic_machine=sparc-sun - ;; - cydra) - basic_machine=cydra-cydrome - ;; - orion) - basic_machine=orion-highlevel - ;; - orion105) - basic_machine=clipper-highlevel - ;; - mac | mpw | mac-mpw) - basic_machine=m68k-apple - ;; - pmac | pmac-mpw) - basic_machine=powerpc-apple - ;; - *-unknown) - # Make sure to match an already-canonicalized machine name. - ;; - *) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; -esac - -# Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` - ;; - *-commodore*) - basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` - ;; - *) - ;; -esac - -# Decode manufacturer-specific aliases for certain operating systems. - -if [ x"$os" != x"" ] -then -case $os in - # First match some system type aliases - # that might get confused with valid system types. - # -solaris* is a basic system type, with this one exception. - -auroraux) - os=-auroraux - ;; - -solaris1 | -solaris1.*) - os=`echo $os | sed -e 's|solaris1|sunos4|'` - ;; - -solaris) - os=-solaris2 - ;; - -svr4*) - os=-sysv4 - ;; - -unixware*) - os=-sysv4.2uw - ;; - -gnu/linux*) - os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` - ;; - # First accept the basic system types. - # The portable systems comes first. - # Each alternative MUST END IN A *, to match a version number. - # -sysv* is not here because it comes later, after sysvr4. - -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ - | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ - | -sym* | -kopensolaris* | -plan9* \ - | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* | -aros* \ - | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ - | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ - | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -bitrig* | -openbsd* | -solidbsd* \ - | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ - | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ - | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ - | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -chorusos* | -chorusrdb* | -cegcc* \ - | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ - | -linux-newlib* | -linux-musl* | -linux-uclibc* \ - | -uxpv* | -beos* | -mpeix* | -udk* \ - | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ - | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ - | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ - | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ - | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ - | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) - # Remember, each alternative MUST END IN *, to match a version number. - ;; - -qnx*) - case $basic_machine in - x86-* | i*86-*) - ;; - *) - os=-nto$os - ;; - esac - ;; - -nto-qnx*) - ;; - -nto*) - os=`echo $os | sed -e 's|nto|nto-qnx|'` - ;; - -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ - | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ - | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) - ;; - -mac*) - os=`echo $os | sed -e 's|mac|macos|'` - ;; - -linux-dietlibc) - os=-linux-dietlibc - ;; - -linux*) - os=`echo $os | sed -e 's|linux|linux-gnu|'` - ;; - -sunos5*) - os=`echo $os | sed -e 's|sunos5|solaris2|'` - ;; - -sunos6*) - os=`echo $os | sed -e 's|sunos6|solaris3|'` - ;; - -opened*) - os=-openedition - ;; - -os400*) - os=-os400 - ;; - -wince*) - os=-wince - ;; - -osfrose*) - os=-osfrose - ;; - -osf*) - os=-osf - ;; - -utek*) - os=-bsd - ;; - -dynix*) - os=-bsd - ;; - -acis*) - os=-aos - ;; - -atheos*) - os=-atheos - ;; - -syllable*) - os=-syllable - ;; - -386bsd) - os=-bsd - ;; - -ctix* | -uts*) - os=-sysv - ;; - -nova*) - os=-rtmk-nova - ;; - -ns2 ) - os=-nextstep2 - ;; - -nsk*) - os=-nsk - ;; - # Preserve the version number of sinix5. - -sinix5.*) - os=`echo $os | sed -e 's|sinix|sysv|'` - ;; - -sinix*) - os=-sysv4 - ;; - -tpf*) - os=-tpf - ;; - -triton*) - os=-sysv3 - ;; - -oss*) - os=-sysv3 - ;; - -svr4) - os=-sysv4 - ;; - -svr3) - os=-sysv3 - ;; - -sysvr4) - os=-sysv4 - ;; - # This must come after -sysvr4. - -sysv*) - ;; - -ose*) - os=-ose - ;; - -es1800*) - os=-ose - ;; - -xenix) - os=-xenix - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - os=-mint - ;; - -aros*) - os=-aros - ;; - -zvmoe) - os=-zvmoe - ;; - -dicos*) - os=-dicos - ;; - -nacl*) - ;; - -none) - ;; - *) - # Get rid of the `-' at the beginning of $os. - os=`echo $os | sed 's/[^-]*-//'` - echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 - exit 1 - ;; -esac -else - -# Here we handle the default operating systems that come with various machines. -# The value should be what the vendor currently ships out the door with their -# machine or put another way, the most popular os provided with the machine. - -# Note that if you're going to try to match "-MANUFACTURER" here (say, -# "-sun"), then you have to tell the case statement up towards the top -# that MANUFACTURER isn't an operating system. Otherwise, code above -# will signal an error saying that MANUFACTURER isn't an operating -# system, and we'll never get to this point. - -case $basic_machine in - score-*) - os=-elf - ;; - spu-*) - os=-elf - ;; - *-acorn) - os=-riscix1.2 - ;; - arm*-rebel) - os=-linux - ;; - arm*-semi) - os=-aout - ;; - c4x-* | tic4x-*) - os=-coff - ;; - hexagon-*) - os=-elf - ;; - tic54x-*) - os=-coff - ;; - tic55x-*) - os=-coff - ;; - tic6x-*) - os=-coff - ;; - # This must come before the *-dec entry. - pdp10-*) - os=-tops20 - ;; - pdp11-*) - os=-none - ;; - *-dec | vax-*) - os=-ultrix4.2 - ;; - m68*-apollo) - os=-domain - ;; - i386-sun) - os=-sunos4.0.2 - ;; - m68000-sun) - os=-sunos3 - ;; - m68*-cisco) - os=-aout - ;; - mep-*) - os=-elf - ;; - mips*-cisco) - os=-elf - ;; - mips*-*) - os=-elf - ;; - or1k-*) - os=-elf - ;; - or32-*) - os=-coff - ;; - *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 - ;; - sparc-* | *-sun) - os=-sunos4.1.1 - ;; - *-be) - os=-beos - ;; - *-haiku) - os=-haiku - ;; - *-ibm) - os=-aix - ;; - *-knuth) - os=-mmixware - ;; - *-wec) - os=-proelf - ;; - *-winbond) - os=-proelf - ;; - *-oki) - os=-proelf - ;; - *-hp) - os=-hpux - ;; - *-hitachi) - os=-hiux - ;; - i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv - ;; - *-cbm) - os=-amigaos - ;; - *-dg) - os=-dgux - ;; - *-dolphin) - os=-sysv3 - ;; - m68k-ccur) - os=-rtu - ;; - m88k-omron*) - os=-luna - ;; - *-next ) - os=-nextstep - ;; - *-sequent) - os=-ptx - ;; - *-crds) - os=-unos - ;; - *-ns) - os=-genix - ;; - i370-*) - os=-mvs - ;; - *-next) - os=-nextstep3 - ;; - *-gould) - os=-sysv - ;; - *-highlevel) - os=-bsd - ;; - *-encore) - os=-bsd - ;; - *-sgi) - os=-irix - ;; - *-siemens) - os=-sysv4 - ;; - *-masscomp) - os=-rtu - ;; - f30[01]-fujitsu | f700-fujitsu) - os=-uxpv - ;; - *-rom68k) - os=-coff - ;; - *-*bug) - os=-coff - ;; - *-apple) - os=-macos - ;; - *-atari*) - os=-mint - ;; - *) - os=-none - ;; -esac -fi - -# Here we handle the case where we know the os, and the CPU type, but not the -# manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) - vendor=acorn - ;; - -sunos*) - vendor=sun - ;; - -cnk*|-aix*) - vendor=ibm - ;; - -beos*) - vendor=be - ;; - -hpux*) - vendor=hp - ;; - -mpeix*) - vendor=hp - ;; - -hiux*) - vendor=hitachi - ;; - -unos*) - vendor=crds - ;; - -dgux*) - vendor=dg - ;; - -luna*) - vendor=omron - ;; - -genix*) - vendor=ns - ;; - -mvs* | -opened*) - vendor=ibm - ;; - -os400*) - vendor=ibm - ;; - -ptx*) - vendor=sequent - ;; - -tpf*) - vendor=ibm - ;; - -vxsim* | -vxworks* | -windiss*) - vendor=wrs - ;; - -aux*) - vendor=apple - ;; - -hms*) - vendor=hitachi - ;; - -mpw* | -macos*) - vendor=apple - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - vendor=atari - ;; - -vos*) - vendor=stratus - ;; - esac - basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` - ;; -esac - -echo $basic_machine$os -exit - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff --git a/configure b/configure deleted file mode 100755 index 3fb10192..00000000 --- a/configure +++ /dev/null @@ -1,20645 +0,0 @@ -#! /bin/sh -# Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69. -# -# -# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. -# -# -# This configure script is free software; the Free Software Foundation -# gives unlimited permission to copy, distribute and modify it. -## -------------------- ## -## M4sh Initialization. ## -## -------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi - - -as_nl=' -' -export as_nl -# Printing a long string crashes Solaris 7 /usr/bin/printf. -as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo -# Prefer a ksh shell builtin over an external printf program on Solaris, -# but without wasting forks for bash or zsh. -if test -z "$BASH_VERSION$ZSH_VERSION" \ - && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='print -r --' - as_echo_n='print -rn --' -elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='printf %s\n' - as_echo_n='printf %s' -else - if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then - as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' - as_echo_n='/usr/ucb/echo -n' - else - as_echo_body='eval expr "X$1" : "X\\(.*\\)"' - as_echo_n_body='eval - arg=$1; - case $arg in #( - *"$as_nl"*) - expr "X$arg" : "X\\(.*\\)$as_nl"; - arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; - esac; - expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" - ' - export as_echo_n_body - as_echo_n='sh -c $as_echo_n_body as_echo' - fi - export as_echo_body - as_echo='sh -c $as_echo_body as_echo' -fi - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { - (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || - PATH_SEPARATOR=';' - } -fi - - -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -IFS=" "" $as_nl" - -# Find who we are. Look in the path if we contain no directory separator. -as_myself= -case $0 in #(( - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break - done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - exit 1 -fi - -# Unset variables that we do not need and which cause bugs (e.g. in -# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" -# suppresses any "Segmentation fault" message there. '((' could -# trigger a bug in pdksh 5.2.14. -for as_var in BASH_ENV ENV MAIL MAILPATH -do eval test x\${$as_var+set} = xset \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# CDPATH. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -# Use a proper internal environment variable to ensure we don't fall - # into an infinite loop, continuously re-executing ourselves. - if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then - _as_can_reexec=no; export _as_can_reexec; - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -as_fn_exit 255 - fi - # We don't want this to propagate to other subprocesses. - { _as_can_reexec=; unset _as_can_reexec;} -if test "x$CONFIG_SHELL" = x; then - as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which - # is contrary to our usage. Disable this feature. - alias -g '\${1+\"\$@\"}'='\"\$@\"' - setopt NO_GLOB_SUBST -else - case \`(set -o) 2>/dev/null\` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi -" - as_required="as_fn_return () { (exit \$1); } -as_fn_success () { as_fn_return 0; } -as_fn_failure () { as_fn_return 1; } -as_fn_ret_success () { return 0; } -as_fn_ret_failure () { return 1; } - -exitcode=0 -as_fn_success || { exitcode=1; echo as_fn_success failed.; } -as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } -as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } -as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } -if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : - -else - exitcode=1; echo positional parameters were not saved. -fi -test x\$exitcode = x0 || exit 1 -test -x / || exit 1" - as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO - as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO - eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && - test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 -test \$(( 1 + 1 )) = 2 || exit 1 - - test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || ( - ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' - ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO - ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO - PATH=/empty FPATH=/empty; export PATH FPATH - test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\ - || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1" - if (eval "$as_required") 2>/dev/null; then : - as_have_required=yes -else - as_have_required=no -fi - if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : - -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -as_found=false -for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - as_found=: - case $as_dir in #( - /*) - for as_base in sh bash ksh sh5; do - # Try only shells that exist, to save several forks. - as_shell=$as_dir/$as_base - if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : - CONFIG_SHELL=$as_shell as_have_required=yes - if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : - break 2 -fi -fi - done;; - esac - as_found=false -done -$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && - { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : - CONFIG_SHELL=$SHELL as_have_required=yes -fi; } -IFS=$as_save_IFS - - - if test "x$CONFIG_SHELL" != x; then : - export CONFIG_SHELL - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -exit 255 -fi - - if test x$as_have_required = xno; then : - $as_echo "$0: This script requires a shell more modern than all" - $as_echo "$0: the shells that I found on your system." - if test x${ZSH_VERSION+set} = xset ; then - $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" - $as_echo "$0: be upgraded to zsh 4.3.4 or later." - else - $as_echo "$0: Please tell bug-autoconf@gnu.org about your system, -$0: including any error possibly output before this -$0: message. Then install a modern shell, or manually run -$0: the script under such a shell if you do have one." - fi - exit 1 -fi -fi -fi -SHELL=${CONFIG_SHELL-/bin/sh} -export SHELL -# Unset more variables known to interfere with behavior of common tools. -CLICOLOR_FORCE= GREP_OPTIONS= -unset CLICOLOR_FORCE GREP_OPTIONS - -## --------------------- ## -## M4sh Shell Functions. ## -## --------------------- ## -# as_fn_unset VAR -# --------------- -# Portably unset VAR. -as_fn_unset () -{ - { eval $1=; unset $1;} -} -as_unset=as_fn_unset - -# as_fn_set_status STATUS -# ----------------------- -# Set $? to STATUS, without forking. -as_fn_set_status () -{ - return $1 -} # as_fn_set_status - -# as_fn_exit STATUS -# ----------------- -# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. -as_fn_exit () -{ - set +e - as_fn_set_status $1 - exit $1 -} # as_fn_exit - -# as_fn_mkdir_p -# ------------- -# Create "$as_dir" as a directory, including parents if necessary. -as_fn_mkdir_p () -{ - - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || eval $as_mkdir_p || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" - - -} # as_fn_mkdir_p - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -# as_fn_append VAR VALUE -# ---------------------- -# Append the text in VALUE to the end of the definition contained in VAR. Take -# advantage of any shell optimizations that allow amortized linear growth over -# repeated appends, instead of the typical quadratic growth present in naive -# implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : - eval 'as_fn_append () - { - eval $1+=\$2 - }' -else - as_fn_append () - { - eval $1=\$$1\$2 - } -fi # as_fn_append - -# as_fn_arith ARG... -# ------------------ -# Perform arithmetic evaluation on the ARGs, and store the result in the -# global $as_val. Take advantage of shells that can avoid forks. The arguments -# must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : - eval 'as_fn_arith () - { - as_val=$(( $* )) - }' -else - as_fn_arith () - { - as_val=`expr "$@" || test $? -eq 1` - } -fi # as_fn_arith - - -# as_fn_error STATUS ERROR [LINENO LOG_FD] -# ---------------------------------------- -# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are -# provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with STATUS, using 1 if that was 0. -as_fn_error () -{ - as_status=$1; test $as_status -eq 0 && as_status=1 - if test "$4"; then - as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 - fi - $as_echo "$as_me: error: $2" >&2 - as_fn_exit $as_status -} # as_fn_error - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - - - as_lineno_1=$LINENO as_lineno_1a=$LINENO - as_lineno_2=$LINENO as_lineno_2a=$LINENO - eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && - test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { - # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } - - # If we had to re-execute with $CONFIG_SHELL, we're ensured to have - # already done that, so ensure we don't try to do so again and fall - # in an infinite loop. This has already happened in practice. - _as_can_reexec=no; export _as_can_reexec - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in #((((( --n*) - case `echo 'xy\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - xy) ECHO_C='\c';; - *) echo `echo ksh88 bug on AIX 6.1` > /dev/null - ECHO_T=' ';; - esac;; -*) - ECHO_N='-n';; -esac - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir 2>/dev/null -fi -if (echo >conf$$.file) 2>/dev/null; then - if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' - elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln - else - as_ln_s='cp -pR' - fi -else - as_ln_s='cp -pR' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - -if mkdir -p . 2>/dev/null; then - as_mkdir_p='mkdir -p "$as_dir"' -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - -as_test_x='test -x' -as_executable_p=as_fn_executable_p - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - -SHELL=${CONFIG_SHELL-/bin/sh} - - -test -n "$DJDIR" || exec 7<&0 &1 - -# Name of the host. -# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, -# so uname gets run too. -ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` - -# -# Initializations. -# -ac_default_prefix=/usr/local -ac_clean_files= -ac_config_libobj_dir=. -LIBOBJS= -cross_compiling=no -subdirs= -MFLAGS= -MAKEFLAGS= - -# Identity of this package. -PACKAGE_NAME= -PACKAGE_TARNAME= -PACKAGE_VERSION= -PACKAGE_STRING= -PACKAGE_BUGREPORT= -PACKAGE_URL= - -# Factoring default headers for most tests. -ac_includes_default="\ -#include -#ifdef HAVE_SYS_TYPES_H -# include -#endif -#ifdef HAVE_SYS_STAT_H -# include -#endif -#ifdef STDC_HEADERS -# include -# include -#else -# ifdef HAVE_STDLIB_H -# include -# endif -#endif -#ifdef HAVE_STRING_H -# if !defined STDC_HEADERS && defined HAVE_MEMORY_H -# include -# endif -# include -#endif -#ifdef HAVE_STRINGS_H -# include -#endif -#ifdef HAVE_INTTYPES_H -# include -#endif -#ifdef HAVE_STDINT_H -# include -#endif -#ifdef HAVE_UNISTD_H -# include -#endif" - -ac_header_list= -gt_needs= -ac_subst_vars='am__EXEEXT_FALSE -am__EXEEXT_TRUE -LTLIBOBJS -USE_NLS_FALSE -USE_NLS_TRUE -POSUB -LTLIBINTL -LIBINTL -INTLLIBS -LTLIBICONV -LIBICONV -INTL_MACOSX_LIBS -XGETTEXT_EXTRA_OPTIONS -MSGMERGE -XGETTEXT_015 -XGETTEXT -GMSGFMT_015 -MSGFMT_015 -GMSGFMT -MSGFMT -GETTEXT_MACRO_VERSION -USE_NLS -LIBMD -LIBSKEY -ACCT_TOOLS_SETUID_FALSE -ACCT_TOOLS_SETUID_TRUE -USE_PAM_FALSE -USE_PAM_TRUE -LIBPAM -WITH_TCB_FALSE -WITH_TCB_TRUE -LIBTCB -LIBSEMANAGE -LIBSELINUX -LIBCRACK -LIBAUDIT -LIBATTR -LIBACL -LIBCRYPT -ENABLE_SUBIDS_FALSE -ENABLE_SUBIDS_TRUE -ENABLE_REGENERATE_MAN_FALSE -ENABLE_REGENERATE_MAN_TRUE -XMLCATALOG -XML_CATALOG_FILE -XSLTPROC -SHADOWGRP_FALSE -SHADOWGRP_TRUE -USE_SHA_CRYPT_FALSE -USE_SHA_CRYPT_TRUE -GROUP_NAME_MAX_LENGTH -LIBOBJS -OTOOL64 -OTOOL -LIPO -NMEDIT -DSYMUTIL -MANIFEST_TOOL -RANLIB -ac_ct_AR -AR -DLLTOOL -OBJDUMP -NM -ac_ct_DUMPBIN -DUMPBIN -LD -FGREP -SED -host_os -host_vendor -host_cpu -host -build_os -build_vendor -build_cpu -build -LIBTOOL -YFLAGS -YACC -LN_S -MAINT -MAINTAINER_MODE_FALSE -MAINTAINER_MODE_TRUE -EGREP -GREP -CPP -am__fastdepCC_FALSE -am__fastdepCC_TRUE -CCDEPMODE -am__nodep -AMDEPBACKSLASH -AMDEP_FALSE -AMDEP_TRUE -am__quote -am__include -DEPDIR -OBJEXT -EXEEXT -ac_ct_CC -CPPFLAGS -LDFLAGS -CFLAGS -CC -AM_BACKSLASH -AM_DEFAULT_VERBOSITY -AM_DEFAULT_V -AM_V -am__untar -am__tar -AMTAR -am__leading_dot -SET_MAKE -AWK -mkdir_p -MKDIR_P -INSTALL_STRIP_PROGRAM -STRIP -install_sh -MAKEINFO -AUTOHEADER -AUTOMAKE -AUTOCONF -ACLOCAL -VERSION -PACKAGE -CYGPATH_W -am__isrc -INSTALL_DATA -INSTALL_SCRIPT -INSTALL_PROGRAM -target_alias -host_alias -build_alias -LIBS -ECHO_T -ECHO_N -ECHO_C -DEFS -mandir -localedir -libdir -psdir -pdfdir -dvidir -htmldir -infodir -docdir -oldincludedir -includedir -localstatedir -sharedstatedir -sysconfdir -datadir -datarootdir -libexecdir -sbindir -bindir -program_transform_name -prefix -exec_prefix -PACKAGE_URL -PACKAGE_BUGREPORT -PACKAGE_STRING -PACKAGE_VERSION -PACKAGE_TARNAME -PACKAGE_NAME -PATH_SEPARATOR -SHELL' -ac_subst_files='' -ac_user_opts=' -enable_option_checking -enable_silent_rules -enable_dependency_tracking -enable_shared -enable_static -enable_maintainer_mode -with_pic -enable_fast_install -with_gnu_ld -with_sysroot -enable_libtool_lock -enable_largefile -enable_shadowgrp -enable_man -enable_account_tools_setuid -enable_utmpx -enable_subordinate_ids -with_audit -with_libpam -with_selinux -with_acl -with_attr -with_skey -with_tcb -with_libcrack -with_sha_crypt -with_nscd -with_group_name_max_length -with_xml_catalog -enable_nls -enable_rpath -with_libiconv_prefix -with_libintl_prefix -' - ac_precious_vars='build_alias -host_alias -target_alias -CC -CFLAGS -LDFLAGS -LIBS -CPPFLAGS -CPP -YACC -YFLAGS' - - -# Initialize some variables set by options. -ac_init_help= -ac_init_version=false -ac_unrecognized_opts= -ac_unrecognized_sep= -# The variables have the same names as the options, with -# dashes changed to underlines. -cache_file=/dev/null -exec_prefix=NONE -no_create= -no_recursion= -prefix=NONE -program_prefix=NONE -program_suffix=NONE -program_transform_name=s,x,x, -silent= -site= -srcdir= -verbose= -x_includes=NONE -x_libraries=NONE - -# Installation directory options. -# These are left unexpanded so users can "make install exec_prefix=/foo" -# and all the variables that are supposed to be based on exec_prefix -# by default will actually change. -# Use braces instead of parens because sh, perl, etc. also accept them. -# (The list follows the same order as the GNU Coding Standards.) -bindir='${exec_prefix}/bin' -sbindir='${exec_prefix}/sbin' -libexecdir='${exec_prefix}/libexec' -datarootdir='${prefix}/share' -datadir='${datarootdir}' -sysconfdir='${prefix}/etc' -sharedstatedir='${prefix}/com' -localstatedir='${prefix}/var' -includedir='${prefix}/include' -oldincludedir='/usr/include' -docdir='${datarootdir}/doc/${PACKAGE}' -infodir='${datarootdir}/info' -htmldir='${docdir}' -dvidir='${docdir}' -pdfdir='${docdir}' -psdir='${docdir}' -libdir='${exec_prefix}/lib' -localedir='${datarootdir}/locale' -mandir='${datarootdir}/man' - -ac_prev= -ac_dashdash= -for ac_option -do - # If the previous option needs an argument, assign it. - if test -n "$ac_prev"; then - eval $ac_prev=\$ac_option - ac_prev= - continue - fi - - case $ac_option in - *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; - *=) ac_optarg= ;; - *) ac_optarg=yes ;; - esac - - # Accept the important Cygnus configure options, so we can diagnose typos. - - case $ac_dashdash$ac_option in - --) - ac_dashdash=yes ;; - - -bindir | --bindir | --bindi | --bind | --bin | --bi) - ac_prev=bindir ;; - -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) - bindir=$ac_optarg ;; - - -build | --build | --buil | --bui | --bu) - ac_prev=build_alias ;; - -build=* | --build=* | --buil=* | --bui=* | --bu=*) - build_alias=$ac_optarg ;; - - -cache-file | --cache-file | --cache-fil | --cache-fi \ - | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) - ac_prev=cache_file ;; - -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ - | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) - cache_file=$ac_optarg ;; - - --config-cache | -C) - cache_file=config.cache ;; - - -datadir | --datadir | --datadi | --datad) - ac_prev=datadir ;; - -datadir=* | --datadir=* | --datadi=* | --datad=*) - datadir=$ac_optarg ;; - - -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ - | --dataroo | --dataro | --datar) - ac_prev=datarootdir ;; - -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ - | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) - datarootdir=$ac_optarg ;; - - -disable-* | --disable-*) - ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid feature name: $ac_useropt" - ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` - case $ac_user_opts in - *" -"enable_$ac_useropt" -"*) ;; - *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" - ac_unrecognized_sep=', ';; - esac - eval enable_$ac_useropt=no ;; - - -docdir | --docdir | --docdi | --doc | --do) - ac_prev=docdir ;; - -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) - docdir=$ac_optarg ;; - - -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) - ac_prev=dvidir ;; - -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) - dvidir=$ac_optarg ;; - - -enable-* | --enable-*) - ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid feature name: $ac_useropt" - ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` - case $ac_user_opts in - *" -"enable_$ac_useropt" -"*) ;; - *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" - ac_unrecognized_sep=', ';; - esac - eval enable_$ac_useropt=\$ac_optarg ;; - - -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ - | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ - | --exec | --exe | --ex) - ac_prev=exec_prefix ;; - -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ - | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ - | --exec=* | --exe=* | --ex=*) - exec_prefix=$ac_optarg ;; - - -gas | --gas | --ga | --g) - # Obsolete; use --with-gas. - with_gas=yes ;; - - -help | --help | --hel | --he | -h) - ac_init_help=long ;; - -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) - ac_init_help=recursive ;; - -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) - ac_init_help=short ;; - - -host | --host | --hos | --ho) - ac_prev=host_alias ;; - -host=* | --host=* | --hos=* | --ho=*) - host_alias=$ac_optarg ;; - - -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) - ac_prev=htmldir ;; - -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ - | --ht=*) - htmldir=$ac_optarg ;; - - -includedir | --includedir | --includedi | --included | --include \ - | --includ | --inclu | --incl | --inc) - ac_prev=includedir ;; - -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ - | --includ=* | --inclu=* | --incl=* | --inc=*) - includedir=$ac_optarg ;; - - -infodir | --infodir | --infodi | --infod | --info | --inf) - ac_prev=infodir ;; - -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) - infodir=$ac_optarg ;; - - -libdir | --libdir | --libdi | --libd) - ac_prev=libdir ;; - -libdir=* | --libdir=* | --libdi=* | --libd=*) - libdir=$ac_optarg ;; - - -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ - | --libexe | --libex | --libe) - ac_prev=libexecdir ;; - -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ - | --libexe=* | --libex=* | --libe=*) - libexecdir=$ac_optarg ;; - - -localedir | --localedir | --localedi | --localed | --locale) - ac_prev=localedir ;; - -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) - localedir=$ac_optarg ;; - - -localstatedir | --localstatedir | --localstatedi | --localstated \ - | --localstate | --localstat | --localsta | --localst | --locals) - ac_prev=localstatedir ;; - -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ - | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) - localstatedir=$ac_optarg ;; - - -mandir | --mandir | --mandi | --mand | --man | --ma | --m) - ac_prev=mandir ;; - -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) - mandir=$ac_optarg ;; - - -nfp | --nfp | --nf) - # Obsolete; use --without-fp. - with_fp=no ;; - - -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c | -n) - no_create=yes ;; - - -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) - no_recursion=yes ;; - - -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ - | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ - | --oldin | --oldi | --old | --ol | --o) - ac_prev=oldincludedir ;; - -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ - | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ - | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) - oldincludedir=$ac_optarg ;; - - -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) - ac_prev=prefix ;; - -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) - prefix=$ac_optarg ;; - - -program-prefix | --program-prefix | --program-prefi | --program-pref \ - | --program-pre | --program-pr | --program-p) - ac_prev=program_prefix ;; - -program-prefix=* | --program-prefix=* | --program-prefi=* \ - | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) - program_prefix=$ac_optarg ;; - - -program-suffix | --program-suffix | --program-suffi | --program-suff \ - | --program-suf | --program-su | --program-s) - ac_prev=program_suffix ;; - -program-suffix=* | --program-suffix=* | --program-suffi=* \ - | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) - program_suffix=$ac_optarg ;; - - -program-transform-name | --program-transform-name \ - | --program-transform-nam | --program-transform-na \ - | --program-transform-n | --program-transform- \ - | --program-transform | --program-transfor \ - | --program-transfo | --program-transf \ - | --program-trans | --program-tran \ - | --progr-tra | --program-tr | --program-t) - ac_prev=program_transform_name ;; - -program-transform-name=* | --program-transform-name=* \ - | --program-transform-nam=* | --program-transform-na=* \ - | --program-transform-n=* | --program-transform-=* \ - | --program-transform=* | --program-transfor=* \ - | --program-transfo=* | --program-transf=* \ - | --program-trans=* | --program-tran=* \ - | --progr-tra=* | --program-tr=* | --program-t=*) - program_transform_name=$ac_optarg ;; - - -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) - ac_prev=pdfdir ;; - -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) - pdfdir=$ac_optarg ;; - - -psdir | --psdir | --psdi | --psd | --ps) - ac_prev=psdir ;; - -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) - psdir=$ac_optarg ;; - - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - silent=yes ;; - - -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) - ac_prev=sbindir ;; - -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ - | --sbi=* | --sb=*) - sbindir=$ac_optarg ;; - - -sharedstatedir | --sharedstatedir | --sharedstatedi \ - | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ - | --sharedst | --shareds | --shared | --share | --shar \ - | --sha | --sh) - ac_prev=sharedstatedir ;; - -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ - | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ - | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ - | --sha=* | --sh=*) - sharedstatedir=$ac_optarg ;; - - -site | --site | --sit) - ac_prev=site ;; - -site=* | --site=* | --sit=*) - site=$ac_optarg ;; - - -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) - ac_prev=srcdir ;; - -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) - srcdir=$ac_optarg ;; - - -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ - | --syscon | --sysco | --sysc | --sys | --sy) - ac_prev=sysconfdir ;; - -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ - | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) - sysconfdir=$ac_optarg ;; - - -target | --target | --targe | --targ | --tar | --ta | --t) - ac_prev=target_alias ;; - -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) - target_alias=$ac_optarg ;; - - -v | -verbose | --verbose | --verbos | --verbo | --verb) - verbose=yes ;; - - -version | --version | --versio | --versi | --vers | -V) - ac_init_version=: ;; - - -with-* | --with-*) - ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid package name: $ac_useropt" - ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` - case $ac_user_opts in - *" -"with_$ac_useropt" -"*) ;; - *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" - ac_unrecognized_sep=', ';; - esac - eval with_$ac_useropt=\$ac_optarg ;; - - -without-* | --without-*) - ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid package name: $ac_useropt" - ac_useropt_orig=$ac_useropt - ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` - case $ac_user_opts in - *" -"with_$ac_useropt" -"*) ;; - *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" - ac_unrecognized_sep=', ';; - esac - eval with_$ac_useropt=no ;; - - --x) - # Obsolete; use --with-x. - with_x=yes ;; - - -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ - | --x-incl | --x-inc | --x-in | --x-i) - ac_prev=x_includes ;; - -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ - | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) - x_includes=$ac_optarg ;; - - -x-libraries | --x-libraries | --x-librarie | --x-librari \ - | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) - ac_prev=x_libraries ;; - -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ - | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) - x_libraries=$ac_optarg ;; - - -*) as_fn_error $? "unrecognized option: \`$ac_option' -Try \`$0 --help' for more information" - ;; - - *=*) - ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` - # Reject names that are not valid shell variable names. - case $ac_envvar in #( - '' | [0-9]* | *[!_$as_cr_alnum]* ) - as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; - esac - eval $ac_envvar=\$ac_optarg - export $ac_envvar ;; - - *) - # FIXME: should be removed in autoconf 3.0. - $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 - expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && - $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 - : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" - ;; - - esac -done - -if test -n "$ac_prev"; then - ac_option=--`echo $ac_prev | sed 's/_/-/g'` - as_fn_error $? "missing argument to $ac_option" -fi - -if test -n "$ac_unrecognized_opts"; then - case $enable_option_checking in - no) ;; - fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; - *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; - esac -fi - -# Check all directory arguments for consistency. -for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ - datadir sysconfdir sharedstatedir localstatedir includedir \ - oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir -do - eval ac_val=\$$ac_var - # Remove trailing slashes. - case $ac_val in - */ ) - ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` - eval $ac_var=\$ac_val;; - esac - # Be sure to have absolute directory names. - case $ac_val in - [\\/$]* | ?:[\\/]* ) continue;; - NONE | '' ) case $ac_var in *prefix ) continue;; esac;; - esac - as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" -done - -# There might be people who depend on the old broken behavior: `$host' -# used to hold the argument of --host etc. -# FIXME: To remove some day. -build=$build_alias -host=$host_alias -target=$target_alias - -# FIXME: To remove some day. -if test "x$host_alias" != x; then - if test "x$build_alias" = x; then - cross_compiling=maybe - elif test "x$build_alias" != "x$host_alias"; then - cross_compiling=yes - fi -fi - -ac_tool_prefix= -test -n "$host_alias" && ac_tool_prefix=$host_alias- - -test "$silent" = yes && exec 6>/dev/null - - -ac_pwd=`pwd` && test -n "$ac_pwd" && -ac_ls_di=`ls -di .` && -ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || - as_fn_error $? "working directory cannot be determined" -test "X$ac_ls_di" = "X$ac_pwd_ls_di" || - as_fn_error $? "pwd does not report name of working directory" - - -# Find the source files, if location was not specified. -if test -z "$srcdir"; then - ac_srcdir_defaulted=yes - # Try the directory containing this script, then the parent directory. - ac_confdir=`$as_dirname -- "$as_myself" || -$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_myself" : 'X\(//\)[^/]' \| \ - X"$as_myself" : 'X\(//\)$' \| \ - X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_myself" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - srcdir=$ac_confdir - if test ! -r "$srcdir/$ac_unique_file"; then - srcdir=.. - fi -else - ac_srcdir_defaulted=no -fi -if test ! -r "$srcdir/$ac_unique_file"; then - test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." - as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" -fi -ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" -ac_abs_confdir=`( - cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" - pwd)` -# When building in place, set srcdir=. -if test "$ac_abs_confdir" = "$ac_pwd"; then - srcdir=. -fi -# Remove unnecessary trailing slashes from srcdir. -# Double slashes in file names in object file debugging info -# mess up M-x gdb in Emacs. -case $srcdir in -*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; -esac -for ac_var in $ac_precious_vars; do - eval ac_env_${ac_var}_set=\${${ac_var}+set} - eval ac_env_${ac_var}_value=\$${ac_var} - eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} - eval ac_cv_env_${ac_var}_value=\$${ac_var} -done - -# -# Report the --help message. -# -if test "$ac_init_help" = "long"; then - # Omit some internal or obsolete options to make the list less imposing. - # This message is too long to be a string in the A/UX 3.1 sh. - cat <<_ACEOF -\`configure' configures this package to adapt to many kinds of systems. - -Usage: $0 [OPTION]... [VAR=VALUE]... - -To assign environment variables (e.g., CC, CFLAGS...), specify them as -VAR=VALUE. See below for descriptions of some of the useful variables. - -Defaults for the options are specified in brackets. - -Configuration: - -h, --help display this help and exit - --help=short display options specific to this package - --help=recursive display the short help of all the included packages - -V, --version display version information and exit - -q, --quiet, --silent do not print \`checking ...' messages - --cache-file=FILE cache test results in FILE [disabled] - -C, --config-cache alias for \`--cache-file=config.cache' - -n, --no-create do not create output files - --srcdir=DIR find the sources in DIR [configure dir or \`..'] - -Installation directories: - --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] - --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [PREFIX] - -By default, \`make install' will install all the files in -\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify -an installation prefix other than \`$ac_default_prefix' using \`--prefix', -for instance \`--prefix=\$HOME'. - -For better control, use the options below. - -Fine tuning of the installation directories: - --bindir=DIR user executables [EPREFIX/bin] - --sbindir=DIR system admin executables [EPREFIX/sbin] - --libexecdir=DIR program executables [EPREFIX/libexec] - --sysconfdir=DIR read-only single-machine data [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] - --localstatedir=DIR modifiable single-machine data [PREFIX/var] - --libdir=DIR object code libraries [EPREFIX/lib] - --includedir=DIR C header files [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc [/usr/include] - --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] - --datadir=DIR read-only architecture-independent data [DATAROOTDIR] - --infodir=DIR info documentation [DATAROOTDIR/info] - --localedir=DIR locale-dependent data [DATAROOTDIR/locale] - --mandir=DIR man documentation [DATAROOTDIR/man] - --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE] - --htmldir=DIR html documentation [DOCDIR] - --dvidir=DIR dvi documentation [DOCDIR] - --pdfdir=DIR pdf documentation [DOCDIR] - --psdir=DIR ps documentation [DOCDIR] -_ACEOF - - cat <<\_ACEOF - -Program names: - --program-prefix=PREFIX prepend PREFIX to installed program names - --program-suffix=SUFFIX append SUFFIX to installed program names - --program-transform-name=PROGRAM run sed PROGRAM on installed program names - -System types: - --build=BUILD configure for building on BUILD [guessed] - --host=HOST cross-compile to build programs to run on HOST [BUILD] -_ACEOF -fi - -if test -n "$ac_init_help"; then - - cat <<\_ACEOF - -Optional Features: - --disable-option-checking ignore unrecognized --enable/--with options - --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) - --enable-FEATURE[=ARG] include FEATURE [ARG=yes] - --enable-silent-rules less verbose build output (undo: "make V=1") - --disable-silent-rules verbose build output (undo: "make V=0") - --enable-dependency-tracking - do not reject slow dependency extractors - --disable-dependency-tracking - speeds up one-time build - --enable-shared[=PKGS] build shared libraries [default=no] - --enable-static[=PKGS] build static libraries [default=yes] - --enable-maintainer-mode - enable make rules and dependencies not useful (and - sometimes confusing) to the casual installer - --enable-fast-install[=PKGS] - optimize for fast installation [default=yes] - --disable-libtool-lock avoid locking (might break parallel builds) - --disable-largefile omit support for large files - --enable-shadowgrp enable shadow group support [default=yes] - --enable-man regenerate roff man pages from Docbook [default=no] - --enable-account-tools-setuid - Install the user and group management tools setuid - and authenticate the callers. This requires - --with-pam. - --enable-utmpx enable loggin in utmpx / wtmpx [default=no] - --enable-subordinate-ids - support subordinate ids [default=yes] - --disable-nls do not use Native Language Support - --disable-rpath do not hardcode runtime library paths - -Optional Packages: - --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] - --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use - both] - --with-gnu-ld assume the C compiler uses GNU ld [default=no] - --with-sysroot=DIR Search for dependent libraries within DIR - (or the compiler's sysroot if not specified). - --with-audit use auditing support [default=yes if found] - --with-libpam use libpam for PAM support [default=yes if found] - --with-selinux use SELinux support [default=yes if found] - --with-acl use ACL support [default=yes if found] - --with-attr use Extended Attribute support [default=yes if - found] - --with-skey use S/Key support [default=no] - --with-tcb use tcb support (incomplete) [default=yes if found] - --with-libcrack use libcrack [default=no] - --with-sha-crypt allow the SHA256 and SHA512 password encryption - algorithms [default=yes] - --with-nscd enable support for nscd [default=yes] - --with-group-name-max-length - set max group name length [default=16] - --with-xml-catalog=CATALOG - path to xml catalog to use - --with-gnu-ld assume the C compiler uses GNU ld [default=no] - --with-libiconv-prefix[=DIR] search for libiconv in DIR/include and DIR/lib - --without-libiconv-prefix don't search for libiconv in includedir and libdir - --with-libintl-prefix[=DIR] search for libintl in DIR/include and DIR/lib - --without-libintl-prefix don't search for libintl in includedir and libdir - -Some influential environment variables: - CC C compiler command - CFLAGS C compiler flags - LDFLAGS linker flags, e.g. -L if you have libraries in a - nonstandard directory - LIBS libraries to pass to the linker, e.g. -l - CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if - you have headers in a nonstandard directory - CPP C preprocessor - YACC The `Yet Another Compiler Compiler' implementation to use. - Defaults to the first program found out of: `bison -y', `byacc', - `yacc'. - YFLAGS The list of arguments that will be passed by default to $YACC. - This script will default YFLAGS to the empty string to avoid a - default value of `-d' given by some make applications. - -Use these variables to override the choices made by `configure' or to help -it to find libraries and programs with nonstandard names/locations. - -Report bugs to the package provider. -_ACEOF -ac_status=$? -fi - -if test "$ac_init_help" = "recursive"; then - # If there are subdirs, report their specific --help. - for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue - test -d "$ac_dir" || - { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || - continue - ac_builddir=. - -case "$ac_dir" in -.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; -*) - ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` - # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` - case $ac_top_builddir_sub in - "") ac_top_builddir_sub=. ac_top_build_prefix= ;; - *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; - esac ;; -esac -ac_abs_top_builddir=$ac_pwd -ac_abs_builddir=$ac_pwd$ac_dir_suffix -# for backward compatibility: -ac_top_builddir=$ac_top_build_prefix - -case $srcdir in - .) # We are building in place. - ac_srcdir=. - ac_top_srcdir=$ac_top_builddir_sub - ac_abs_top_srcdir=$ac_pwd ;; - [\\/]* | ?:[\\/]* ) # Absolute name. - ac_srcdir=$srcdir$ac_dir_suffix; - ac_top_srcdir=$srcdir - ac_abs_top_srcdir=$srcdir ;; - *) # Relative name. - ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix - ac_top_srcdir=$ac_top_build_prefix$srcdir - ac_abs_top_srcdir=$ac_pwd/$srcdir ;; -esac -ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix - - cd "$ac_dir" || { ac_status=$?; continue; } - # Check for guested configure. - if test -f "$ac_srcdir/configure.gnu"; then - echo && - $SHELL "$ac_srcdir/configure.gnu" --help=recursive - elif test -f "$ac_srcdir/configure"; then - echo && - $SHELL "$ac_srcdir/configure" --help=recursive - else - $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 - fi || ac_status=$? - cd "$ac_pwd" || { ac_status=$?; break; } - done -fi - -test -n "$ac_init_help" && exit $ac_status -if $ac_init_version; then - cat <<\_ACEOF -configure -generated by GNU Autoconf 2.69 - -Copyright (C) 2012 Free Software Foundation, Inc. -This configure script is free software; the Free Software Foundation -gives unlimited permission to copy, distribute and modify it. -_ACEOF - exit -fi - -## ------------------------ ## -## Autoconf initialization. ## -## ------------------------ ## - -# ac_fn_c_try_compile LINENO -# -------------------------- -# Try to compile conftest.$ac_ext, and return whether this succeeded. -ac_fn_c_try_compile () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext - if { { ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_compile") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - grep -v '^ *+' conftest.err >conftest.er1 - cat conftest.er1 >&5 - mv -f conftest.er1 conftest.err - fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then : - ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=1 -fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_compile - -# ac_fn_c_try_cpp LINENO -# ---------------------- -# Try to preprocess conftest.$ac_ext, and return whether this succeeded. -ac_fn_c_try_cpp () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if { { ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - grep -v '^ *+' conftest.err >conftest.er1 - cat conftest.er1 >&5 - mv -f conftest.er1 conftest.err - fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } > conftest.i && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then : - ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=1 -fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_cpp - -# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists, giving a warning if it cannot be compiled using -# the include files in INCLUDES and setting the cache variable VAR -# accordingly. -ac_fn_c_check_header_mongrel () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if eval \${$3+:} false; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -else - # Is the header compilable? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 -$as_echo_n "checking $2 usability... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -#include <$2> -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_header_compiler=yes -else - ac_header_compiler=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 -$as_echo "$ac_header_compiler" >&6; } - -# Is the header present? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 -$as_echo_n "checking $2 presence... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include <$2> -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - ac_header_preproc=yes -else - ac_header_preproc=no -fi -rm -f conftest.err conftest.i conftest.$ac_ext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 -$as_echo "$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( - yes:no: ) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 -$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 -$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} - ;; - no:yes:* ) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 -$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 -$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 -$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 -$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 -$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} - ;; -esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - eval "$3=\$ac_header_compiler" -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_header_mongrel - -# ac_fn_c_try_run LINENO -# ---------------------- -# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes -# that executables *can* be run. -ac_fn_c_try_run () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' - { { case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; }; then : - ac_retval=0 -else - $as_echo "$as_me: program exited with status $ac_status" >&5 - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=$ac_status -fi - rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_run - -# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists and can be compiled using the include files in -# INCLUDES, setting the cache variable VAR accordingly. -ac_fn_c_check_header_compile () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -#include <$2> -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_header_compile - -# ac_fn_c_try_link LINENO -# ----------------------- -# Try to link conftest.$ac_ext, and return whether this succeeded. -ac_fn_c_try_link () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext conftest$ac_exeext - if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - grep -v '^ *+' conftest.err >conftest.er1 - cat conftest.er1 >&5 - mv -f conftest.er1 conftest.err - fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && { - test "$cross_compiling" = yes || - test -x conftest$ac_exeext - }; then : - ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=1 -fi - # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information - # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would - # interfere with the next link command; also delete a directory that is - # left behind by Apple's compiler. We do this before executing the actions. - rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_link - -# ac_fn_c_check_func LINENO FUNC VAR -# ---------------------------------- -# Tests whether FUNC exists, setting the cache variable VAR accordingly -ac_fn_c_check_func () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -/* Define $2 to an innocuous variant, in case declares $2. - For example, HP-UX 11i declares gettimeofday. */ -#define $2 innocuous_$2 - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $2 (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $2 - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $2 (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$2 || defined __stub___$2 -choke me -#endif - -int -main () -{ -return $2 (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_func - -# ac_fn_c_check_type LINENO TYPE VAR INCLUDES -# ------------------------------------------- -# Tests whether TYPE exists after having included INCLUDES, setting cache -# variable VAR accordingly. -ac_fn_c_check_type () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - eval "$3=no" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -if (sizeof ($2)) - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -if (sizeof (($2))) - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -else - eval "$3=yes" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_type - -# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES -# ---------------------------------------------------- -# Tries to find if the field MEMBER exists in type AGGR, after including -# INCLUDES, setting cache variable VAR accordingly. -ac_fn_c_check_member () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5 -$as_echo_n "checking for $2.$3... " >&6; } -if eval \${$4+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$5 -int -main () -{ -static $2 ac_aggr; -if (ac_aggr.$3) -return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$4=yes" -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$5 -int -main () -{ -static $2 ac_aggr; -if (sizeof ac_aggr.$3) -return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$4=yes" -else - eval "$4=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$4 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_member - -# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES -# --------------------------------------------- -# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR -# accordingly. -ac_fn_c_check_decl () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - as_decl_name=`echo $2|sed 's/ *(.*//'` - as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5 -$as_echo_n "checking whether $as_decl_name is declared... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main () -{ -#ifndef $as_decl_name -#ifdef __cplusplus - (void) $as_decl_use; -#else - (void) $as_decl_name; -#endif -#endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_decl -cat >config.log <<_ACEOF -This file contains any messages produced by compilers while -running configure, to aid debugging if configure makes a mistake. - -It was created by $as_me, which was -generated by GNU Autoconf 2.69. Invocation command line was - - $ $0 $@ - -_ACEOF -exec 5>>config.log -{ -cat <<_ASUNAME -## --------- ## -## Platform. ## -## --------- ## - -hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` - -/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` -/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` -/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` -/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` - -_ASUNAME - -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - $as_echo "PATH: $as_dir" - done -IFS=$as_save_IFS - -} >&5 - -cat >&5 <<_ACEOF - - -## ----------- ## -## Core tests. ## -## ----------- ## - -_ACEOF - - -# Keep a trace of the command line. -# Strip out --no-create and --no-recursion so they do not pile up. -# Strip out --silent because we don't want to record it for future runs. -# Also quote any args containing shell meta-characters. -# Make two passes to allow for proper duplicate-argument suppression. -ac_configure_args= -ac_configure_args0= -ac_configure_args1= -ac_must_keep_next=false -for ac_pass in 1 2 -do - for ac_arg - do - case $ac_arg in - -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - continue ;; - *\'*) - ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; - esac - case $ac_pass in - 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; - 2) - as_fn_append ac_configure_args1 " '$ac_arg'" - if test $ac_must_keep_next = true; then - ac_must_keep_next=false # Got value, back to normal. - else - case $ac_arg in - *=* | --config-cache | -C | -disable-* | --disable-* \ - | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ - | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ - | -with-* | --with-* | -without-* | --without-* | --x) - case "$ac_configure_args0 " in - "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; - esac - ;; - -* ) ac_must_keep_next=true ;; - esac - fi - as_fn_append ac_configure_args " '$ac_arg'" - ;; - esac - done -done -{ ac_configure_args0=; unset ac_configure_args0;} -{ ac_configure_args1=; unset ac_configure_args1;} - -# When interrupted or exit'd, cleanup temporary files, and complete -# config.log. We remove comments because anyway the quotes in there -# would cause problems or look ugly. -# WARNING: Use '\'' to represent an apostrophe within the trap. -# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. -trap 'exit_status=$? - # Save into config.log some information that might help in debugging. - { - echo - - $as_echo "## ---------------- ## -## Cache variables. ## -## ---------------- ##" - echo - # The following way of writing the cache mishandles newlines in values, -( - for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do - eval ac_val=\$$ac_var - case $ac_val in #( - *${as_nl}*) - case $ac_var in #( - *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 -$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; - esac - case $ac_var in #( - _ | IFS | as_nl) ;; #( - BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( - *) { eval $ac_var=; unset $ac_var;} ;; - esac ;; - esac - done - (set) 2>&1 | - case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( - *${as_nl}ac_space=\ *) - sed -n \ - "s/'\''/'\''\\\\'\'''\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" - ;; #( - *) - sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" - ;; - esac | - sort -) - echo - - $as_echo "## ----------------- ## -## Output variables. ## -## ----------------- ##" - echo - for ac_var in $ac_subst_vars - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - $as_echo "$ac_var='\''$ac_val'\''" - done | sort - echo - - if test -n "$ac_subst_files"; then - $as_echo "## ------------------- ## -## File substitutions. ## -## ------------------- ##" - echo - for ac_var in $ac_subst_files - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - $as_echo "$ac_var='\''$ac_val'\''" - done | sort - echo - fi - - if test -s confdefs.h; then - $as_echo "## ----------- ## -## confdefs.h. ## -## ----------- ##" - echo - cat confdefs.h - echo - fi - test "$ac_signal" != 0 && - $as_echo "$as_me: caught signal $ac_signal" - $as_echo "$as_me: exit $exit_status" - } >&5 - rm -f core *.core core.conftest.* && - rm -f -r conftest* confdefs* conf$$* $ac_clean_files && - exit $exit_status -' 0 -for ac_signal in 1 2 13 15; do - trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal -done -ac_signal=0 - -# confdefs.h avoids OS command line length limits that DEFS can exceed. -rm -f -r conftest* confdefs.h - -$as_echo "/* confdefs.h */" > confdefs.h - -# Predefined preprocessor variables. - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_NAME "$PACKAGE_NAME" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_TARNAME "$PACKAGE_TARNAME" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_VERSION "$PACKAGE_VERSION" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_STRING "$PACKAGE_STRING" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" -_ACEOF - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_URL "$PACKAGE_URL" -_ACEOF - - -# Let the site file select an alternate cache file if it wants to. -# Prefer an explicitly selected file to automatically selected ones. -ac_site_file1=NONE -ac_site_file2=NONE -if test -n "$CONFIG_SITE"; then - # We do not want a PATH search for config.site. - case $CONFIG_SITE in #(( - -*) ac_site_file1=./$CONFIG_SITE;; - */*) ac_site_file1=$CONFIG_SITE;; - *) ac_site_file1=./$CONFIG_SITE;; - esac -elif test "x$prefix" != xNONE; then - ac_site_file1=$prefix/share/config.site - ac_site_file2=$prefix/etc/config.site -else - ac_site_file1=$ac_default_prefix/share/config.site - ac_site_file2=$ac_default_prefix/etc/config.site -fi -for ac_site_file in "$ac_site_file1" "$ac_site_file2" -do - test "x$ac_site_file" = xNONE && continue - if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 -$as_echo "$as_me: loading site script $ac_site_file" >&6;} - sed 's/^/| /' "$ac_site_file" >&5 - . "$ac_site_file" \ - || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "failed to load site script $ac_site_file -See \`config.log' for more details" "$LINENO" 5; } - fi -done - -if test -r "$cache_file"; then - # Some versions of bash will fail to source /dev/null (special files - # actually), so we avoid doing that. DJGPP emulates it as a regular file. - if test /dev/null != "$cache_file" && test -f "$cache_file"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 -$as_echo "$as_me: loading cache $cache_file" >&6;} - case $cache_file in - [\\/]* | ?:[\\/]* ) . "$cache_file";; - *) . "./$cache_file";; - esac - fi -else - { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 -$as_echo "$as_me: creating cache $cache_file" >&6;} - >$cache_file -fi - -as_fn_append ac_header_list " utime.h" -gt_needs="$gt_needs need-ngettext" -# Check that the precious variables saved in the cache have kept the same -# value. -ac_cache_corrupted=false -for ac_var in $ac_precious_vars; do - eval ac_old_set=\$ac_cv_env_${ac_var}_set - eval ac_new_set=\$ac_env_${ac_var}_set - eval ac_old_val=\$ac_cv_env_${ac_var}_value - eval ac_new_val=\$ac_env_${ac_var}_value - case $ac_old_set,$ac_new_set in - set,) - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 -$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,set) - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 -$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,);; - *) - if test "x$ac_old_val" != "x$ac_new_val"; then - # differences in whitespace do not lead to failure. - ac_old_val_w=`echo x $ac_old_val` - ac_new_val_w=`echo x $ac_new_val` - if test "$ac_old_val_w" != "$ac_new_val_w"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 -$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} - ac_cache_corrupted=: - else - { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 -$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} - eval $ac_var=\$ac_old_val - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 -$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 -$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} - fi;; - esac - # Pass precious variables to config.status. - if test "$ac_new_set" = set; then - case $ac_new_val in - *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; - *) ac_arg=$ac_var=$ac_new_val ;; - esac - case " $ac_configure_args " in - *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. - *) as_fn_append ac_configure_args " '$ac_arg'" ;; - esac - fi -done -if $ac_cache_corrupted; then - { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 -$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} - as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 -fi -## -------------------- ## -## Main body of script. ## -## -------------------- ## - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -am__api_version='1.13' - -ac_aux_dir= -for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 -fi - -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - -# Find a good install program. We prefer a C program (faster), -# so one script is as good as another. But avoid the broken or -# incompatible versions: -# SysV /etc/install, /usr/sbin/install -# SunOS /usr/etc/install -# IRIX /sbin/install -# AIX /bin/install -# AmigaOS /C/install, which installs bootblocks on floppy discs -# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag -# AFS /usr/afsws/bin/install, which mishandles nonexistent args -# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" -# OS/2's system install, which has a completely different semantic -# ./install, which can be erroneously created by make from ./install.sh. -# Reject install programs that cannot install multiple files. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 -$as_echo_n "checking for a BSD-compatible install... " >&6; } -if test -z "$INSTALL"; then -if ${ac_cv_path_install+:} false; then : - $as_echo_n "(cached) " >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - # Account for people who put trailing slashes in PATH elements. -case $as_dir/ in #(( - ./ | .// | /[cC]/* | \ - /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ - ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ - /usr/ucb/* ) ;; - *) - # OSF1 and SCO ODT 3.0 have their own names for install. - # Don't use installbsd from OSF since it installs stuff as root - # by default. - for ac_prog in ginstall scoinst install; do - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then - if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - rm -rf conftest.one conftest.two conftest.dir - echo one > conftest.one - echo two > conftest.two - mkdir conftest.dir - if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && - test -s conftest.one && test -s conftest.two && - test -s conftest.dir/conftest.one && - test -s conftest.dir/conftest.two - then - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 - fi - fi - fi - done - done - ;; -esac - - done -IFS=$as_save_IFS - -rm -rf conftest.one conftest.two conftest.dir - -fi - if test "${ac_cv_path_install+set}" = set; then - INSTALL=$ac_cv_path_install - else - # As a last resort, use the slow shell script. Don't cache a - # value for INSTALL within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - INSTALL=$ac_install_sh - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 -$as_echo "$INSTALL" >&6; } - -# Use test -z because SunOS4 sh mishandles braces in ${var-val}. -# It thinks the first close brace ends the variable substitution. -test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' - -test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' - -test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 -$as_echo_n "checking whether build environment is sane... " >&6; } -# Reject unsafe characters in $srcdir or the absolute working directory -# name. Accept space and tab only in the latter. -am_lf=' -' -case `pwd` in - *[\\\"\#\$\&\'\`$am_lf]*) - as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;; -esac -case $srcdir in - *[\\\"\#\$\&\'\`$am_lf\ \ ]*) - as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;; -esac - -# Do 'set' in a subshell so we don't clobber the current shell's -# arguments. Must try -L first in case configure is actually a -# symlink; some systems play weird games with the mod time of symlinks -# (eg FreeBSD returns the mod time of the symlink's containing -# directory). -if ( - am_has_slept=no - for am_try in 1 2; do - echo "timestamp, slept: $am_has_slept" > conftest.file - set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` - if test "$*" = "X"; then - # -L didn't work. - set X `ls -t "$srcdir/configure" conftest.file` - fi - if test "$*" != "X $srcdir/configure conftest.file" \ - && test "$*" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - as_fn_error $? "ls -t appears to fail. Make sure there is not a broken - alias in your environment" "$LINENO" 5 - fi - if test "$2" = conftest.file || test $am_try -eq 2; then - break - fi - # Just in case. - sleep 1 - am_has_slept=yes - done - test "$2" = conftest.file - ) -then - # Ok. - : -else - as_fn_error $? "newly created file is older than distributed files! -Check your system clock" "$LINENO" 5 -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -# If we didn't sleep, we still need to ensure time stamps of config.status and -# generated files are strictly newer. -am_sleep_pid= -if grep 'slept: no' conftest.file >/dev/null 2>&1; then - ( sleep 1 ) & - am_sleep_pid=$! -fi - -rm -f conftest.file - -test "$program_prefix" != NONE && - program_transform_name="s&^&$program_prefix&;$program_transform_name" -# Use a double $ so make ignores it. -test "$program_suffix" != NONE && - program_transform_name="s&\$&$program_suffix&;$program_transform_name" -# Double any \ or $. -# By default was `s,x,x', remove it if useless. -ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' -program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` - -# expand $ac_aux_dir to an absolute path -am_aux_dir=`cd $ac_aux_dir && pwd` - -if test x"${MISSING+set}" != xset; then - case $am_aux_dir in - *\ * | *\ *) - MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; - *) - MISSING="\${SHELL} $am_aux_dir/missing" ;; - esac -fi -# Use eval to expand $SHELL -if eval "$MISSING --is-lightweight"; then - am_missing_run="$MISSING " -else - am_missing_run= - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5 -$as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;} -fi - -if test x"${install_sh}" != xset; then - case $am_aux_dir in - *\ * | *\ *) - install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; - *) - install_sh="\${SHELL} $am_aux_dir/install-sh" - esac -fi - -# Installed binaries are usually stripped using 'strip' when the user -# run "make install-strip". However 'strip' might not be the right -# tool to use in cross-compilation environments, therefore Automake -# will honor the 'STRIP' environment variable to overrule this program. -if test "$cross_compiling" != no; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. -set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_STRIP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$STRIP"; then - ac_cv_prog_STRIP="$STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_STRIP="${ac_tool_prefix}strip" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -STRIP=$ac_cv_prog_STRIP -if test -n "$STRIP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 -$as_echo "$STRIP" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_STRIP"; then - ac_ct_STRIP=$STRIP - # Extract the first word of "strip", so it can be a program name with args. -set dummy strip; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_STRIP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_STRIP"; then - ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_STRIP="strip" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP -if test -n "$ac_ct_STRIP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 -$as_echo "$ac_ct_STRIP" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_STRIP" = x; then - STRIP=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - STRIP=$ac_ct_STRIP - fi -else - STRIP="$ac_cv_prog_STRIP" -fi - -fi -INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 -$as_echo_n "checking for a thread-safe mkdir -p... " >&6; } -if test -z "$MKDIR_P"; then - if ${ac_cv_path_mkdir+:} false; then : - $as_echo_n "(cached) " >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in mkdir gmkdir; do - for ac_exec_ext in '' $ac_executable_extensions; do - as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue - case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( - 'mkdir (GNU coreutils) '* | \ - 'mkdir (coreutils) '* | \ - 'mkdir (fileutils) '4.1*) - ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext - break 3;; - esac - done - done - done -IFS=$as_save_IFS - -fi - - test -d ./--version && rmdir ./--version - if test "${ac_cv_path_mkdir+set}" = set; then - MKDIR_P="$ac_cv_path_mkdir -p" - else - # As a last resort, use the slow shell script. Don't cache a - # value for MKDIR_P within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - MKDIR_P="$ac_install_sh -d" - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 -$as_echo "$MKDIR_P" >&6; } - -for ac_prog in gawk mawk nawk awk -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_AWK+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$AWK"; then - ac_cv_prog_AWK="$AWK" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_AWK="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -AWK=$ac_cv_prog_AWK -if test -n "$AWK"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 -$as_echo "$AWK" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$AWK" && break -done - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 -$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } -set x ${MAKE-make} -ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat >conftest.make <<\_ACEOF -SHELL = /bin/sh -all: - @echo '@@@%%%=$(MAKE)=@@@%%%' -_ACEOF -# GNU make sometimes prints "make[1]: Entering ...", which would confuse us. -case `${MAKE-make} -f conftest.make 2>/dev/null` in - *@@@%%%=?*=@@@%%%*) - eval ac_cv_prog_make_${ac_make}_set=yes;; - *) - eval ac_cv_prog_make_${ac_make}_set=no;; -esac -rm -f conftest.make -fi -if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - SET_MAKE= -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - SET_MAKE="MAKE=${MAKE-make}" -fi - -rm -rf .tst 2>/dev/null -mkdir .tst 2>/dev/null -if test -d .tst; then - am__leading_dot=. -else - am__leading_dot=_ -fi -rmdir .tst 2>/dev/null - -# Check whether --enable-silent-rules was given. -if test "${enable_silent_rules+set}" = set; then : - enableval=$enable_silent_rules; -fi - -case $enable_silent_rules in # ((( - yes) AM_DEFAULT_VERBOSITY=0;; - no) AM_DEFAULT_VERBOSITY=1;; - *) AM_DEFAULT_VERBOSITY=1;; -esac -am_make=${MAKE-make} -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 -$as_echo_n "checking whether $am_make supports nested variables... " >&6; } -if ${am_cv_make_support_nested_variables+:} false; then : - $as_echo_n "(cached) " >&6 -else - if $as_echo 'TRUE=$(BAR$(V)) -BAR0=false -BAR1=true -V=1 -am__doit: - @$(TRUE) -.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then - am_cv_make_support_nested_variables=yes -else - am_cv_make_support_nested_variables=no -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 -$as_echo "$am_cv_make_support_nested_variables" >&6; } -if test $am_cv_make_support_nested_variables = yes; then - AM_V='$(V)' - AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' -else - AM_V=$AM_DEFAULT_VERBOSITY - AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY -fi -AM_BACKSLASH='\' - -if test "`cd $srcdir && pwd`" != "`pwd`"; then - # Use -I$(srcdir) only when $(srcdir) != ., so that make's output - # is not polluted with repeated "-I." - am__isrc=' -I$(srcdir)' - # test to see if srcdir already configured - if test -f $srcdir/config.status; then - as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 - fi -fi - -# test whether we have cygpath -if test -z "$CYGPATH_W"; then - if (cygpath --version) >/dev/null 2>/dev/null; then - CYGPATH_W='cygpath -w' - else - CYGPATH_W=echo - fi -fi - - -# Define the identity of the package. - - PACKAGE=shadow - VERSION=4.2.1 - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE "$PACKAGE" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define VERSION "$VERSION" -_ACEOF - -# Some tools Automake needs. - -ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} - - -AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} - - -AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} - - -AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} - - -MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} - -# For better backward compatibility. To be removed once Automake 1.9.x -# dies out for good. For more background, see: -# -# -mkdir_p='$(MKDIR_P)' - -# We need awk for the "check" target. The system "awk" is bad on -# some platforms. -# Always define AMTAR for backward compatibility. Yes, it's still used -# in the wild :-( We should find a proper way to deprecate it ... -AMTAR='$${TAR-tar}' - - -# We'll loop over all known methods to create a tar archive until one works. -_am_tools='gnutar pax cpio none' - -am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -' - - - - - - -ac_config_headers="$ac_config_headers config.h" - - -test "$prefix" = "NONE" && prefix="/usr" -test "$prefix" = "/usr" && exec_prefix="" - -DEPDIR="${am__leading_dot}deps" - -ac_config_commands="$ac_config_commands depfiles" - - -am_make=${MAKE-make} -cat > confinc << 'END' -am__doit: - @echo this is the am__doit target -.PHONY: am__doit -END -# If we don't find an include directive, just comment out the code. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5 -$as_echo_n "checking for style of include used by $am_make... " >&6; } -am__include="#" -am__quote= -_am_result=none -# First try GNU make style include. -echo "include confinc" > confmf -# Ignore all kinds of additional output from 'make'. -case `$am_make -s -f confmf 2> /dev/null` in #( -*the\ am__doit\ target*) - am__include=include - am__quote= - _am_result=GNU - ;; -esac -# Now try BSD make style include. -if test "$am__include" = "#"; then - echo '.include "confinc"' > confmf - case `$am_make -s -f confmf 2> /dev/null` in #( - *the\ am__doit\ target*) - am__include=.include - am__quote="\"" - _am_result=BSD - ;; - esac -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 -$as_echo "$_am_result" >&6; } -rm -f confinc confmf - -# Check whether --enable-dependency-tracking was given. -if test "${enable_dependency_tracking+set}" = set; then : - enableval=$enable_dependency_tracking; -fi - -if test "x$enable_dependency_tracking" != xno; then - am_depcomp="$ac_aux_dir/depcomp" - AMDEPBACKSLASH='\' - am__nodep='_no' -fi - if test "x$enable_dependency_tracking" != xno; then - AMDEP_TRUE= - AMDEP_FALSE='#' -else - AMDEP_TRUE='#' - AMDEP_FALSE= -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. -set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="${ac_tool_prefix}gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_CC"; then - ac_ct_CC=$CC - # Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_CC="gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -else - CC="$ac_cv_prog_CC" -fi - -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. -set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="${ac_tool_prefix}cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - fi -fi -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - ac_prog_rejected=no -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# != 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" - fi -fi -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - for ac_prog in cl.exe - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$CC" && break - done -fi -if test -z "$CC"; then - ac_ct_CC=$CC - for ac_prog in cl.exe -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_CC="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$ac_ct_CC" && break -done - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -fi - -fi - - -test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "no acceptable C compiler found in \$PATH -See \`config.log' for more details" "$LINENO" 5; } - -# Provide some information about the compiler. -$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 -set X $ac_compile -ac_compiler=$2 -for ac_option in --version -v -V -qversion; do - { { ac_try="$ac_compiler $ac_option >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_compiler $ac_option >&5") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - sed '10a\ -... rest of stderr output deleted ... - 10q' conftest.err >conftest.er1 - cat conftest.er1 >&5 - fi - rm -f conftest.er1 conftest.err - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } -done - -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" -# Try to create an executable without -o first, disregard a.out. -# It will help us diagnose broken compilers, and finding out an intuition -# of exeext. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 -$as_echo_n "checking whether the C compiler works... " >&6; } -ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` - -# The possible output files: -ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" - -ac_rmfiles= -for ac_file in $ac_files -do - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; - * ) ac_rmfiles="$ac_rmfiles $ac_file";; - esac -done -rm -f $ac_rmfiles - -if { { ac_try="$ac_link_default" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link_default") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : - # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. -# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' -# in a Makefile. We should not override ac_cv_exeext if it was cached, -# so that the user can short-circuit this test for compilers unknown to -# Autoconf. -for ac_file in $ac_files '' -do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) - ;; - [ab].out ) - # We found the default executable, but exeext='' is most - # certainly right. - break;; - *.* ) - if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; - then :; else - ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - fi - # We set ac_cv_exeext here because the later test for it is not - # safe: cross compilers may not add the suffix if given an `-o' - # argument, so we may need to know it at that point already. - # Even if this section looks crufty: it has the advantage of - # actually working. - break;; - * ) - break;; - esac -done -test "$ac_cv_exeext" = no && ac_cv_exeext= - -else - ac_file='' -fi -if test -z "$ac_file"; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -$as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error 77 "C compiler cannot create executables -See \`config.log' for more details" "$LINENO" 5; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 -$as_echo_n "checking for C compiler default output file name... " >&6; } -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 -$as_echo "$ac_file" >&6; } -ac_exeext=$ac_cv_exeext - -rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out -ac_clean_files=$ac_clean_files_save -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 -$as_echo_n "checking for suffix of executables... " >&6; } -if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : - # If both `conftest.exe' and `conftest' are `present' (well, observable) -# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will -# work properly (i.e., refer to `conftest.exe'), while it won't with -# `rm'. -for ac_file in conftest.exe conftest conftest.*; do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; - *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - break;; - * ) break;; - esac -done -else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details" "$LINENO" 5; } -fi -rm -f conftest conftest$ac_cv_exeext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 -$as_echo "$ac_cv_exeext" >&6; } - -rm -f conftest.$ac_ext -EXEEXT=$ac_cv_exeext -ac_exeext=$EXEEXT -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -FILE *f = fopen ("conftest.out", "w"); - return ferror (f) || fclose (f) != 0; - - ; - return 0; -} -_ACEOF -ac_clean_files="$ac_clean_files conftest.out" -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 -$as_echo_n "checking whether we are cross compiling... " >&6; } -if test "$cross_compiling" != yes; then - { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } - if { ac_try='./conftest$ac_cv_exeext' - { { case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; }; then - cross_compiling=no - else - if test "$cross_compiling" = maybe; then - cross_compiling=yes - else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details" "$LINENO" 5; } - fi - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 -$as_echo "$cross_compiling" >&6; } - -rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out -ac_clean_files=$ac_clean_files_save -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 -$as_echo_n "checking for suffix of object files... " >&6; } -if ${ac_cv_objext+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.o conftest.obj -if { { ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_compile") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then : - for ac_file in conftest.o conftest.obj conftest.*; do - test -f "$ac_file" || continue; - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; - *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` - break;; - esac -done -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot compute suffix of object files: cannot compile -See \`config.log' for more details" "$LINENO" 5; } -fi -rm -f conftest.$ac_cv_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 -$as_echo "$ac_cv_objext" >&6; } -OBJEXT=$ac_cv_objext -ac_objext=$OBJEXT -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 -$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } -if ${ac_cv_c_compiler_gnu+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ -#ifndef __GNUC__ - choke me -#endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_compiler_gnu=yes -else - ac_compiler_gnu=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_c_compiler_gnu=$ac_compiler_gnu - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 -$as_echo "$ac_cv_c_compiler_gnu" >&6; } -if test $ac_compiler_gnu = yes; then - GCC=yes -else - GCC= -fi -ac_test_CFLAGS=${CFLAGS+set} -ac_save_CFLAGS=$CFLAGS -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 -$as_echo_n "checking whether $CC accepts -g... " >&6; } -if ${ac_cv_prog_cc_g+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_save_c_werror_flag=$ac_c_werror_flag - ac_c_werror_flag=yes - ac_cv_prog_cc_g=no - CFLAGS="-g" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_g=yes -else - CFLAGS="" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -else - ac_c_werror_flag=$ac_save_c_werror_flag - CFLAGS="-g" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_g=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 -$as_echo "$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then - CFLAGS=$ac_save_CFLAGS -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi -else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 -$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } -if ${ac_cv_prog_cc_c89+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_prog_cc_c89=no -ac_save_CC=$CC -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -struct stat; -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} - -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; - -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; - -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -int -main () -{ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - ; - return 0; -} -_ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_c89=$ac_arg -fi -rm -f core conftest.err conftest.$ac_objext - test "x$ac_cv_prog_cc_c89" != "xno" && break -done -rm -f conftest.$ac_ext -CC=$ac_save_CC - -fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 -$as_echo "none needed" >&6; } ;; - xno) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 -$as_echo "unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 -$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; -esac -if test "x$ac_cv_prog_cc_c89" != xno; then : - -fi - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -depcc="$CC" am_compiler_list= - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 -$as_echo_n "checking dependency style of $depcc... " >&6; } -if ${am_cv_CC_dependencies_compiler_type+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then - # We make a subdir and do the tests there. Otherwise we can end up - # making bogus files that we don't know about and never remove. For - # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named 'D' -- because '-MD' means "put the output - # in D". - rm -rf conftest.dir - mkdir conftest.dir - # Copy depcomp to subdir because otherwise we won't find it if we're - # using a relative directory. - cp "$am_depcomp" conftest.dir - cd conftest.dir - # We will build objects and dependencies in a subdirectory because - # it helps to detect inapplicable dependency modes. For instance - # both Tru64's cc and ICC support -MD to output dependencies as a - # side effect of compilation, but ICC will put the dependencies in - # the current directory while Tru64 will put them in the object - # directory. - mkdir sub - - am_cv_CC_dependencies_compiler_type=none - if test "$am_compiler_list" = ""; then - am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` - fi - am__universal=false - case " $depcc " in #( - *\ -arch\ *\ -arch\ *) am__universal=true ;; - esac - - for depmode in $am_compiler_list; do - # Setup a source with many dependencies, because some compilers - # like to wrap large dependency lists on column 80 (with \), and - # we should not choose a depcomp mode which is confused by this. - # - # We need to recreate these files for each test, as the compiler may - # overwrite some of them when testing with obscure command lines. - # This happens at least with the AIX C compiler. - : > sub/conftest.c - for i in 1 2 3 4 5 6; do - echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with - # Solaris 10 /bin/sh. - echo '/* dummy */' > sub/conftst$i.h - done - echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf - - # We check with '-c' and '-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle '-M -o', and we need to detect this. Also, some Intel - # versions had trouble with output in subdirs. - am__obj=sub/conftest.${OBJEXT-o} - am__minus_obj="-o $am__obj" - case $depmode in - gcc) - # This depmode causes a compiler race in universal mode. - test "$am__universal" = false || continue - ;; - nosideeffect) - # After this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested. - if test "x$enable_dependency_tracking" = xyes; then - continue - else - break - fi - ;; - msvc7 | msvc7msys | msvisualcpp | msvcmsys) - # This compiler won't grok '-c -o', but also, the minuso test has - # not run yet. These depmodes are late enough in the game, and - # so weak that their functioning should not be impacted. - am__obj=conftest.${OBJEXT-o} - am__minus_obj= - ;; - none) break ;; - esac - if depmode=$depmode \ - source=sub/conftest.c object=$am__obj \ - depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ - >/dev/null 2>conftest.err && - grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep $am__obj sub/conftest.Po > /dev/null 2>&1 && - ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - # icc doesn't choke on unknown options, it will just issue warnings - # or remarks (even with -Werror). So we grep stderr for any message - # that says an option was ignored or not supported. - # When given -MP, icc 7.0 and 7.1 complain thusly: - # icc: Command line warning: ignoring option '-M'; no argument required - # The diagnosis changed in icc 8.0: - # icc: Command line remark: option '-MP' not supported - if (grep 'ignoring option' conftest.err || - grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else - am_cv_CC_dependencies_compiler_type=$depmode - break - fi - fi - done - - cd .. - rm -rf conftest.dir -else - am_cv_CC_dependencies_compiler_type=none -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 -$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } -CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type - - if - test "x$enable_dependency_tracking" != xno \ - && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then - am__fastdepCC_TRUE= - am__fastdepCC_FALSE='#' -else - am__fastdepCC_TRUE='#' - am__fastdepCC_FALSE= -fi - - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 -$as_echo_n "checking how to run the C preprocessor... " >&6; } -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then - if ${ac_cv_prog_CPP+:} false; then : - $as_echo_n "(cached) " >&6 -else - # Double quotes because CPP needs to be expanded - for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" - do - ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - -else - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - # Broken: success on invalid input. -continue -else - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : - break -fi - - done - ac_cv_prog_CPP=$CPP - -fi - CPP=$ac_cv_prog_CPP -else - ac_cv_prog_CPP=$CPP -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 -$as_echo "$CPP" >&6; } -ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - -else - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - # Broken: success on invalid input. -continue -else - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok; then : - -else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details" "$LINENO" 5; } -fi - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 -$as_echo_n "checking for grep that handles long lines and -e... " >&6; } -if ${ac_cv_path_GREP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -z "$GREP"; then - ac_path_GREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in grep ggrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_GREP" || continue -# Check for GNU ac_path_GREP and select it if it is found. - # Check for GNU $ac_path_GREP -case `"$ac_path_GREP" --version 2>&1` in -*GNU*) - ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo 'GREP' >> "conftest.nl" - "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_GREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_GREP="$ac_path_GREP" - ac_path_GREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_GREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_GREP"; then - as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_GREP=$GREP -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 -$as_echo "$ac_cv_path_GREP" >&6; } - GREP="$ac_cv_path_GREP" - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 -$as_echo_n "checking for egrep... " >&6; } -if ${ac_cv_path_EGREP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 - then ac_cv_path_EGREP="$GREP -E" - else - if test -z "$EGREP"; then - ac_path_EGREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in egrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_EGREP" || continue -# Check for GNU ac_path_EGREP and select it if it is found. - # Check for GNU $ac_path_EGREP -case `"$ac_path_EGREP" --version 2>&1` in -*GNU*) - ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo 'EGREP' >> "conftest.nl" - "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_EGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_EGREP="$ac_path_EGREP" - ac_path_EGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_EGREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_EGREP"; then - as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_EGREP=$EGREP -fi - - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 -$as_echo "$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 -$as_echo_n "checking for ANSI C header files... " >&6; } -if ${ac_cv_header_stdc+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#include -#include - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_stdc=yes -else - ac_cv_header_stdc=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then : - -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then : - -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then : - : -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif - -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int -main () -{ - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - -else - ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 -$as_echo "$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then - -$as_echo "#define STDC_HEADERS 1" >>confdefs.h - -fi - -# On IRIX 5.3, sys/types and inttypes.h are conflicting. -for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ - inttypes.h stdint.h unistd.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default -" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - ac_fn_c_check_header_mongrel "$LINENO" "minix/config.h" "ac_cv_header_minix_config_h" "$ac_includes_default" -if test "x$ac_cv_header_minix_config_h" = xyes; then : - MINIX=yes -else - MINIX= -fi - - - if test "$MINIX" = yes; then - -$as_echo "#define _POSIX_SOURCE 1" >>confdefs.h - - -$as_echo "#define _POSIX_1_SOURCE 2" >>confdefs.h - - -$as_echo "#define _MINIX 1" >>confdefs.h - - fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether it is safe to define __EXTENSIONS__" >&5 -$as_echo_n "checking whether it is safe to define __EXTENSIONS__... " >&6; } -if ${ac_cv_safe_to_define___extensions__+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -# define __EXTENSIONS__ 1 - $ac_includes_default -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_safe_to_define___extensions__=yes -else - ac_cv_safe_to_define___extensions__=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_safe_to_define___extensions__" >&5 -$as_echo "$ac_cv_safe_to_define___extensions__" >&6; } - test $ac_cv_safe_to_define___extensions__ = yes && - $as_echo "#define __EXTENSIONS__ 1" >>confdefs.h - - $as_echo "#define _ALL_SOURCE 1" >>confdefs.h - - $as_echo "#define _GNU_SOURCE 1" >>confdefs.h - - $as_echo "#define _POSIX_PTHREAD_SEMANTICS 1" >>confdefs.h - - $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h - - - - -# Check whether --enable-shared was given. -if test "${enable_shared+set}" = set; then : - enableval=$enable_shared; p=${PACKAGE-default} - case $enableval in - yes) enable_shared=yes ;; - no) enable_shared=no ;; - *) - enable_shared=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_shared=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_shared=no -fi - - - - - - - - - -# Check whether --enable-static was given. -if test "${enable_static+set}" = set; then : - enableval=$enable_static; p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_static=yes -fi - - - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 -$as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } - # Check whether --enable-maintainer-mode was given. -if test "${enable_maintainer_mode+set}" = set; then : - enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval -else - USE_MAINTAINER_MODE=no -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 -$as_echo "$USE_MAINTAINER_MODE" >&6; } - if test $USE_MAINTAINER_MODE = yes; then - MAINTAINER_MODE_TRUE= - MAINTAINER_MODE_FALSE='#' -else - MAINTAINER_MODE_TRUE='#' - MAINTAINER_MODE_FALSE= -fi - - MAINT=$MAINTAINER_MODE_TRUE - - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. -set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="${ac_tool_prefix}gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_CC"; then - ac_ct_CC=$CC - # Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_CC="gcc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -else - CC="$ac_cv_prog_CC" -fi - -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. -set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="${ac_tool_prefix}cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - fi -fi -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - ac_prog_rejected=no -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# != 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" - fi -fi -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - for ac_prog in cl.exe - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 -$as_echo "$CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$CC" && break - done -fi -if test -z "$CC"; then - ac_ct_CC=$CC - for ac_prog in cl.exe -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_CC="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 -$as_echo "$ac_ct_CC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$ac_ct_CC" && break -done - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -fi - -fi - - -test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "no acceptable C compiler found in \$PATH -See \`config.log' for more details" "$LINENO" 5; } - -# Provide some information about the compiler. -$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 -set X $ac_compile -ac_compiler=$2 -for ac_option in --version -v -V -qversion; do - { { ac_try="$ac_compiler $ac_option >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_compiler $ac_option >&5") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - sed '10a\ -... rest of stderr output deleted ... - 10q' conftest.err >conftest.er1 - cat conftest.er1 >&5 - fi - rm -f conftest.er1 conftest.err - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } -done - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 -$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } -if ${ac_cv_c_compiler_gnu+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ -#ifndef __GNUC__ - choke me -#endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_compiler_gnu=yes -else - ac_compiler_gnu=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_c_compiler_gnu=$ac_compiler_gnu - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 -$as_echo "$ac_cv_c_compiler_gnu" >&6; } -if test $ac_compiler_gnu = yes; then - GCC=yes -else - GCC= -fi -ac_test_CFLAGS=${CFLAGS+set} -ac_save_CFLAGS=$CFLAGS -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 -$as_echo_n "checking whether $CC accepts -g... " >&6; } -if ${ac_cv_prog_cc_g+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_save_c_werror_flag=$ac_c_werror_flag - ac_c_werror_flag=yes - ac_cv_prog_cc_g=no - CFLAGS="-g" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_g=yes -else - CFLAGS="" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -else - ac_c_werror_flag=$ac_save_c_werror_flag - CFLAGS="-g" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_g=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 -$as_echo "$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then - CFLAGS=$ac_save_CFLAGS -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi -else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 -$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } -if ${ac_cv_prog_cc_c89+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_prog_cc_c89=no -ac_save_CC=$CC -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -struct stat; -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} - -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; - -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; - -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -int -main () -{ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - ; - return 0; -} -_ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_c89=$ac_arg -fi -rm -f core conftest.err conftest.$ac_objext - test "x$ac_cv_prog_cc_c89" != "xno" && break -done -rm -f conftest.$ac_ext -CC=$ac_save_CC - -fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 -$as_echo "none needed" >&6; } ;; - xno) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 -$as_echo "unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 -$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; -esac -if test "x$ac_cv_prog_cc_c89" != xno; then : - -fi - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -depcc="$CC" am_compiler_list= - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 -$as_echo_n "checking dependency style of $depcc... " >&6; } -if ${am_cv_CC_dependencies_compiler_type+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then - # We make a subdir and do the tests there. Otherwise we can end up - # making bogus files that we don't know about and never remove. For - # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named 'D' -- because '-MD' means "put the output - # in D". - rm -rf conftest.dir - mkdir conftest.dir - # Copy depcomp to subdir because otherwise we won't find it if we're - # using a relative directory. - cp "$am_depcomp" conftest.dir - cd conftest.dir - # We will build objects and dependencies in a subdirectory because - # it helps to detect inapplicable dependency modes. For instance - # both Tru64's cc and ICC support -MD to output dependencies as a - # side effect of compilation, but ICC will put the dependencies in - # the current directory while Tru64 will put them in the object - # directory. - mkdir sub - - am_cv_CC_dependencies_compiler_type=none - if test "$am_compiler_list" = ""; then - am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` - fi - am__universal=false - case " $depcc " in #( - *\ -arch\ *\ -arch\ *) am__universal=true ;; - esac - - for depmode in $am_compiler_list; do - # Setup a source with many dependencies, because some compilers - # like to wrap large dependency lists on column 80 (with \), and - # we should not choose a depcomp mode which is confused by this. - # - # We need to recreate these files for each test, as the compiler may - # overwrite some of them when testing with obscure command lines. - # This happens at least with the AIX C compiler. - : > sub/conftest.c - for i in 1 2 3 4 5 6; do - echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with - # Solaris 10 /bin/sh. - echo '/* dummy */' > sub/conftst$i.h - done - echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf - - # We check with '-c' and '-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle '-M -o', and we need to detect this. Also, some Intel - # versions had trouble with output in subdirs. - am__obj=sub/conftest.${OBJEXT-o} - am__minus_obj="-o $am__obj" - case $depmode in - gcc) - # This depmode causes a compiler race in universal mode. - test "$am__universal" = false || continue - ;; - nosideeffect) - # After this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested. - if test "x$enable_dependency_tracking" = xyes; then - continue - else - break - fi - ;; - msvc7 | msvc7msys | msvisualcpp | msvcmsys) - # This compiler won't grok '-c -o', but also, the minuso test has - # not run yet. These depmodes are late enough in the game, and - # so weak that their functioning should not be impacted. - am__obj=conftest.${OBJEXT-o} - am__minus_obj= - ;; - none) break ;; - esac - if depmode=$depmode \ - source=sub/conftest.c object=$am__obj \ - depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ - >/dev/null 2>conftest.err && - grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep $am__obj sub/conftest.Po > /dev/null 2>&1 && - ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - # icc doesn't choke on unknown options, it will just issue warnings - # or remarks (even with -Werror). So we grep stderr for any message - # that says an option was ignored or not supported. - # When given -MP, icc 7.0 and 7.1 complain thusly: - # icc: Command line warning: ignoring option '-M'; no argument required - # The diagnosis changed in icc 8.0: - # icc: Command line remark: option '-MP' not supported - if (grep 'ignoring option' conftest.err || - grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else - am_cv_CC_dependencies_compiler_type=$depmode - break - fi - fi - done - - cd .. - rm -rf conftest.dir -else - am_cv_CC_dependencies_compiler_type=none -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 -$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } -CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type - - if - test "x$enable_dependency_tracking" != xno \ - && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then - am__fastdepCC_TRUE= - am__fastdepCC_FALSE='#' -else - am__fastdepCC_TRUE='#' - am__fastdepCC_FALSE= -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing strerror" >&5 -$as_echo_n "checking for library containing strerror... " >&6; } -if ${ac_cv_search_strerror+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strerror (); -int -main () -{ -return strerror (); - ; - return 0; -} -_ACEOF -for ac_lib in '' cposix; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_strerror=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_strerror+:} false; then : - break -fi -done -if ${ac_cv_search_strerror+:} false; then : - -else - ac_cv_search_strerror=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_strerror" >&5 -$as_echo "$ac_cv_search_strerror" >&6; } -ac_res=$ac_cv_search_strerror -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 -$as_echo_n "checking whether ln -s works... " >&6; } -LN_S=$as_ln_s -if test "$LN_S" = "ln -s"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 -$as_echo "no, using $LN_S" >&6; } -fi - -for ac_prog in 'bison -y' byacc -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_YACC+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$YACC"; then - ac_cv_prog_YACC="$YACC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_YACC="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -YACC=$ac_cv_prog_YACC -if test -n "$YACC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $YACC" >&5 -$as_echo "$YACC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$YACC" && break -done -test -n "$YACC" || YACC="yacc" - -case `pwd` in - *\ * | *\ *) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 -$as_echo "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; -esac - - - -macro_version='2.4.2' -macro_revision='1.3337' - - - - - - - - - - - - - -ltmain="$ac_aux_dir/ltmain.sh" - -# Make sure we can run config.sub. -$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 -$as_echo_n "checking build system type... " >&6; } -if ${ac_cv_build+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_build_alias=$build_alias -test "x$ac_build_alias" = x && - ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` -test "x$ac_build_alias" = x && - as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 -ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 -$as_echo "$ac_cv_build" >&6; } -case $ac_cv_build in -*-*-*) ;; -*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; -esac -build=$ac_cv_build -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_build -shift -build_cpu=$1 -build_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -build_os=$* -IFS=$ac_save_IFS -case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 -$as_echo_n "checking host system type... " >&6; } -if ${ac_cv_host+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "x$host_alias" = x; then - ac_cv_host=$ac_cv_build -else - ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 -$as_echo "$ac_cv_host" >&6; } -case $ac_cv_host in -*-*-*) ;; -*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; -esac -host=$ac_cv_host -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_host -shift -host_cpu=$1 -host_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -host_os=$* -IFS=$ac_save_IFS -case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac - - -# Backslashify metacharacters that are still active within -# double-quoted strings. -sed_quote_subst='s/\(["`$\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\(["`\\]\)/\\\1/g' - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# Sed substitution to delay expansion of an escaped single quote. -delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' - -# Sed substitution to avoid accidental globbing in evaled expressions -no_glob_subst='s/\*/\\\*/g' - -ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO -ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5 -$as_echo_n "checking how to print strings... " >&6; } -# Test print first, because it will be a builtin if present. -if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ - test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then - ECHO='print -r --' -elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then - ECHO='printf %s\n' -else - # Use this function as a fallback that always works. - func_fallback_echo () - { - eval 'cat <<_LTECHO_EOF -$1 -_LTECHO_EOF' - } - ECHO='func_fallback_echo' -fi - -# func_echo_all arg... -# Invoke $ECHO with all args, space-separated. -func_echo_all () -{ - $ECHO "" -} - -case "$ECHO" in - printf*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: printf" >&5 -$as_echo "printf" >&6; } ;; - print*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: print -r" >&5 -$as_echo "print -r" >&6; } ;; - *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: cat" >&5 -$as_echo "cat" >&6; } ;; -esac - - - - - - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 -$as_echo_n "checking for a sed that does not truncate output... " >&6; } -if ${ac_cv_path_SED+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ - for ac_i in 1 2 3 4 5 6 7; do - ac_script="$ac_script$as_nl$ac_script" - done - echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed - { ac_script=; unset ac_script;} - if test -z "$SED"; then - ac_path_SED_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in sed gsed; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_SED" || continue -# Check for GNU ac_path_SED and select it if it is found. - # Check for GNU $ac_path_SED -case `"$ac_path_SED" --version 2>&1` in -*GNU*) - ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo '' >> "conftest.nl" - "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_SED_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_SED="$ac_path_SED" - ac_path_SED_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_SED_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_SED"; then - as_fn_error $? "no acceptable sed could be found in \$PATH" "$LINENO" 5 - fi -else - ac_cv_path_SED=$SED -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 -$as_echo "$ac_cv_path_SED" >&6; } - SED="$ac_cv_path_SED" - rm -f conftest.sed - -test -z "$SED" && SED=sed -Xsed="$SED -e 1s/^X//" - - - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5 -$as_echo_n "checking for fgrep... " >&6; } -if ${ac_cv_path_FGREP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1 - then ac_cv_path_FGREP="$GREP -F" - else - if test -z "$FGREP"; then - ac_path_FGREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in fgrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_FGREP" || continue -# Check for GNU ac_path_FGREP and select it if it is found. - # Check for GNU $ac_path_FGREP -case `"$ac_path_FGREP" --version 2>&1` in -*GNU*) - ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;; -*) - ac_count=0 - $as_echo_n 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - $as_echo 'FGREP' >> "conftest.nl" - "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_FGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_FGREP="$ac_path_FGREP" - ac_path_FGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_FGREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_FGREP"; then - as_fn_error $? "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_FGREP=$FGREP -fi - - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5 -$as_echo "$ac_cv_path_FGREP" >&6; } - FGREP="$ac_cv_path_FGREP" - - -test -z "$GREP" && GREP=grep - - - - - - - - - - - - - - - - - - - -# Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then : - withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes -else - with_gnu_ld=no -fi - -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 -$as_echo_n "checking for ld used by $CC... " >&6; } - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [\\/]* | ?:[\\/]*) - re_direlt='/[^/][^/]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` - while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do - ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 -$as_echo_n "checking for GNU ld... " >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 -$as_echo_n "checking for non-GNU ld... " >&6; } -fi -if ${lt_cv_path_LD+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -z "$LD"; then - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &5 -$as_echo "$LD" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 -$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } -if ${lt_cv_prog_gnu_ld+:} false; then : - $as_echo_n "(cached) " >&6 -else - # I'd rather use --version here, but apparently some GNU lds only accept -v. -case `$LD -v 2>&1 &5 -$as_echo "$lt_cv_prog_gnu_ld" >&6; } -with_gnu_ld=$lt_cv_prog_gnu_ld - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5 -$as_echo_n "checking for BSD- or MS-compatible name lister (nm)... " >&6; } -if ${lt_cv_path_NM+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$NM"; then - # Let the user override the test. - lt_cv_path_NM="$NM" -else - lt_nm_to_check="${ac_tool_prefix}nm" - if test -n "$ac_tool_prefix" && test "$build" = "$host"; then - lt_nm_to_check="$lt_nm_to_check nm" - fi - for lt_tmp_nm in $lt_nm_to_check; do - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - tmp_nm="$ac_dir/$lt_tmp_nm" - if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then - # Check to see if the nm accepts a BSD-compat flag. - # Adding the `sed 1q' prevents false positives on HP-UX, which says: - # nm: unknown option "B" ignored - # Tru64's nm complains that /dev/null is an invalid object file - case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in - */dev/null* | *'Invalid file or object type'*) - lt_cv_path_NM="$tmp_nm -B" - break - ;; - *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in - */dev/null*) - lt_cv_path_NM="$tmp_nm -p" - break - ;; - *) - lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but - continue # so that we can try to find one that supports BSD flags - ;; - esac - ;; - esac - fi - done - IFS="$lt_save_ifs" - done - : ${lt_cv_path_NM=no} -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5 -$as_echo "$lt_cv_path_NM" >&6; } -if test "$lt_cv_path_NM" != "no"; then - NM="$lt_cv_path_NM" -else - # Didn't find any BSD compatible name lister, look for dumpbin. - if test -n "$DUMPBIN"; then : - # Let the user override the test. - else - if test -n "$ac_tool_prefix"; then - for ac_prog in dumpbin "link -dump" - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_DUMPBIN+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$DUMPBIN"; then - ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -DUMPBIN=$ac_cv_prog_DUMPBIN -if test -n "$DUMPBIN"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5 -$as_echo "$DUMPBIN" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$DUMPBIN" && break - done -fi -if test -z "$DUMPBIN"; then - ac_ct_DUMPBIN=$DUMPBIN - for ac_prog in dumpbin "link -dump" -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_DUMPBIN+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_DUMPBIN"; then - ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN -if test -n "$ac_ct_DUMPBIN"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5 -$as_echo "$ac_ct_DUMPBIN" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$ac_ct_DUMPBIN" && break -done - - if test "x$ac_ct_DUMPBIN" = x; then - DUMPBIN=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - DUMPBIN=$ac_ct_DUMPBIN - fi -fi - - case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in - *COFF*) - DUMPBIN="$DUMPBIN -symbols" - ;; - *) - DUMPBIN=: - ;; - esac - fi - - if test "$DUMPBIN" != ":"; then - NM="$DUMPBIN" - fi -fi -test -z "$NM" && NM=nm - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5 -$as_echo_n "checking the name lister ($NM) interface... " >&6; } -if ${lt_cv_nm_interface+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_nm_interface="BSD nm" - echo "int some_variable = 0;" > conftest.$ac_ext - (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5) - (eval "$ac_compile" 2>conftest.err) - cat conftest.err >&5 - (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5) - (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) - cat conftest.err >&5 - (eval echo "\"\$as_me:$LINENO: output\"" >&5) - cat conftest.out >&5 - if $GREP 'External.*some_variable' conftest.out > /dev/null; then - lt_cv_nm_interface="MS dumpbin" - fi - rm -f conftest* -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 -$as_echo "$lt_cv_nm_interface" >&6; } - -# find the maximum length of command line arguments -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 -$as_echo_n "checking the maximum length of command line arguments... " >&6; } -if ${lt_cv_sys_max_cmd_len+:} false; then : - $as_echo_n "(cached) " >&6 -else - i=0 - teststring="ABCD" - - case $build_os in - msdosdjgpp*) - # On DJGPP, this test can blow up pretty badly due to problems in libc - # (any single argument exceeding 2000 bytes causes a buffer overrun - # during glob expansion). Even if it were fixed, the result of this - # check would be larger than it should be. - lt_cv_sys_max_cmd_len=12288; # 12K is about right - ;; - - gnu*) - # Under GNU Hurd, this test is not required because there is - # no limit to the length of command line arguments. - # Libtool will interpret -1 as no limit whatsoever - lt_cv_sys_max_cmd_len=-1; - ;; - - cygwin* | mingw* | cegcc*) - # On Win9x/ME, this test blows up -- it succeeds, but takes - # about 5 minutes as the teststring grows exponentially. - # Worse, since 9x/ME are not pre-emptively multitasking, - # you end up with a "frozen" computer, even though with patience - # the test eventually succeeds (with a max line length of 256k). - # Instead, let's just punt: use the minimum linelength reported by - # all of the supported platforms: 8192 (on NT/2K/XP). - lt_cv_sys_max_cmd_len=8192; - ;; - - mint*) - # On MiNT this can take a long time and run out of memory. - lt_cv_sys_max_cmd_len=8192; - ;; - - amigaos*) - # On AmigaOS with pdksh, this test takes hours, literally. - # So we just punt and use a minimum line length of 8192. - lt_cv_sys_max_cmd_len=8192; - ;; - - netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) - # This has been around since 386BSD, at least. Likely further. - if test -x /sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` - elif test -x /usr/sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` - else - lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs - fi - # And add a safety zone - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - ;; - - interix*) - # We know the value 262144 and hardcode it with a safety zone (like BSD) - lt_cv_sys_max_cmd_len=196608 - ;; - - os2*) - # The test takes a long time on OS/2. - lt_cv_sys_max_cmd_len=8192 - ;; - - osf*) - # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure - # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not - # nice to cause kernel panics so lets avoid the loop below. - # First set a reasonable default. - lt_cv_sys_max_cmd_len=16384 - # - if test -x /sbin/sysconfig; then - case `/sbin/sysconfig -q proc exec_disable_arg_limit` in - *1*) lt_cv_sys_max_cmd_len=-1 ;; - esac - fi - ;; - sco3.2v5*) - lt_cv_sys_max_cmd_len=102400 - ;; - sysv5* | sco5v6* | sysv4.2uw2*) - kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` - if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` - else - lt_cv_sys_max_cmd_len=32768 - fi - ;; - *) - lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` - if test -n "$lt_cv_sys_max_cmd_len" && \ - test undefined != "$lt_cv_sys_max_cmd_len"; then - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - else - # Make teststring a little bigger before we do anything with it. - # a 1K string should be a reasonable start. - for i in 1 2 3 4 5 6 7 8 ; do - teststring=$teststring$teststring - done - SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \ - = "X$teststring$teststring"; } >/dev/null 2>&1 && - test $i != 17 # 1/2 MB should be enough - do - i=`expr $i + 1` - teststring=$teststring$teststring - done - # Only check the string length outside the loop. - lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` - teststring= - # Add a significant safety factor because C++ compilers can tack on - # massive amounts of additional arguments before passing them to the - # linker. It appears as though 1/2 is a usable value. - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` - fi - ;; - esac - -fi - -if test -n $lt_cv_sys_max_cmd_len ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5 -$as_echo "$lt_cv_sys_max_cmd_len" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: none" >&5 -$as_echo "none" >&6; } -fi -max_cmd_len=$lt_cv_sys_max_cmd_len - - - - - - -: ${CP="cp -f"} -: ${MV="mv -f"} -: ${RM="rm -f"} - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands some XSI constructs" >&5 -$as_echo_n "checking whether the shell understands some XSI constructs... " >&6; } -# Try some XSI features -xsi_shell=no -( _lt_dummy="a/b/c" - test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \ - = c,a/b,b/c, \ - && eval 'test $(( 1 + 1 )) -eq 2 \ - && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ - && xsi_shell=yes -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $xsi_shell" >&5 -$as_echo "$xsi_shell" >&6; } - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands \"+=\"" >&5 -$as_echo_n "checking whether the shell understands \"+=\"... " >&6; } -lt_shell_append=no -( foo=bar; set foo baz; eval "$1+=\$2" && test "$foo" = barbaz ) \ - >/dev/null 2>&1 \ - && lt_shell_append=yes -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_shell_append" >&5 -$as_echo "$lt_shell_append" >&6; } - - -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - lt_unset=unset -else - lt_unset=false -fi - - - - - -# test EBCDIC or ASCII -case `echo X|tr X '\101'` in - A) # ASCII based system - # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr - lt_SP2NL='tr \040 \012' - lt_NL2SP='tr \015\012 \040\040' - ;; - *) # EBCDIC based system - lt_SP2NL='tr \100 \n' - lt_NL2SP='tr \r\n \100\100' - ;; -esac - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5 -$as_echo_n "checking how to convert $build file names to $host format... " >&6; } -if ${lt_cv_to_host_file_cmd+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $host in - *-*-mingw* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 - ;; - *-*-cygwin* ) - lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 - ;; - * ) # otherwise, assume *nix - lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 - ;; - esac - ;; - *-*-cygwin* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin - ;; - *-*-cygwin* ) - lt_cv_to_host_file_cmd=func_convert_file_noop - ;; - * ) # otherwise, assume *nix - lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin - ;; - esac - ;; - * ) # unhandled hosts (and "normal" native builds) - lt_cv_to_host_file_cmd=func_convert_file_noop - ;; -esac - -fi - -to_host_file_cmd=$lt_cv_to_host_file_cmd -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5 -$as_echo "$lt_cv_to_host_file_cmd" >&6; } - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5 -$as_echo_n "checking how to convert $build file names to toolchain format... " >&6; } -if ${lt_cv_to_tool_file_cmd+:} false; then : - $as_echo_n "(cached) " >&6 -else - #assume ordinary cross tools, or native build. -lt_cv_to_tool_file_cmd=func_convert_file_noop -case $host in - *-*-mingw* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 - ;; - esac - ;; -esac - -fi - -to_tool_file_cmd=$lt_cv_to_tool_file_cmd -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5 -$as_echo "$lt_cv_to_tool_file_cmd" >&6; } - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5 -$as_echo_n "checking for $LD option to reload object files... " >&6; } -if ${lt_cv_ld_reload_flag+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_ld_reload_flag='-r' -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5 -$as_echo "$lt_cv_ld_reload_flag" >&6; } -reload_flag=$lt_cv_ld_reload_flag -case $reload_flag in -"" | " "*) ;; -*) reload_flag=" $reload_flag" ;; -esac -reload_cmds='$LD$reload_flag -o $output$reload_objs' -case $host_os in - cygwin* | mingw* | pw32* | cegcc*) - if test "$GCC" != yes; then - reload_cmds=false - fi - ;; - darwin*) - if test "$GCC" = yes; then - reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs' - else - reload_cmds='$LD$reload_flag -o $output$reload_objs' - fi - ;; -esac - - - - - - - - - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. -set dummy ${ac_tool_prefix}objdump; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_OBJDUMP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$OBJDUMP"; then - ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -OBJDUMP=$ac_cv_prog_OBJDUMP -if test -n "$OBJDUMP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 -$as_echo "$OBJDUMP" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_OBJDUMP"; then - ac_ct_OBJDUMP=$OBJDUMP - # Extract the first word of "objdump", so it can be a program name with args. -set dummy objdump; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_OBJDUMP"; then - ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_OBJDUMP="objdump" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP -if test -n "$ac_ct_OBJDUMP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 -$as_echo "$ac_ct_OBJDUMP" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_OBJDUMP" = x; then - OBJDUMP="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - OBJDUMP=$ac_ct_OBJDUMP - fi -else - OBJDUMP="$ac_cv_prog_OBJDUMP" -fi - -test -z "$OBJDUMP" && OBJDUMP=objdump - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5 -$as_echo_n "checking how to recognize dependent libraries... " >&6; } -if ${lt_cv_deplibs_check_method+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_file_magic_cmd='$MAGIC_CMD' -lt_cv_file_magic_test_file= -lt_cv_deplibs_check_method='unknown' -# Need to set the preceding variable on all platforms that support -# interlibrary dependencies. -# 'none' -- dependencies not supported. -# `unknown' -- same as none, but documents that we really don't know. -# 'pass_all' -- all dependencies passed with no checks. -# 'test_compile' -- check by making test program. -# 'file_magic [[regex]]' -- check by looking for files in library path -# which responds to the $file_magic_cmd with a given extended regex. -# If you have `file' or equivalent on your system and you're not sure -# whether `pass_all' will *always* work, you probably want this one. - -case $host_os in -aix[4-9]*) - lt_cv_deplibs_check_method=pass_all - ;; - -beos*) - lt_cv_deplibs_check_method=pass_all - ;; - -bsdi[45]*) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' - lt_cv_file_magic_cmd='/usr/bin/file -L' - lt_cv_file_magic_test_file=/shlib/libc.so - ;; - -cygwin*) - # func_win32_libid is a shell function defined in ltmain.sh - lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='func_win32_libid' - ;; - -mingw* | pw32*) - # Base MSYS/MinGW do not provide the 'file' command needed by - # func_win32_libid shell function, so use a weaker test based on 'objdump', - # unless we find 'file', for example because we are cross-compiling. - # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin. - if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then - lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='func_win32_libid' - else - # Keep this pattern in sync with the one in func_win32_libid. - lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' - lt_cv_file_magic_cmd='$OBJDUMP -f' - fi - ;; - -cegcc*) - # use the weaker test based on 'objdump'. See mingw*. - lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' - lt_cv_file_magic_cmd='$OBJDUMP -f' - ;; - -darwin* | rhapsody*) - lt_cv_deplibs_check_method=pass_all - ;; - -freebsd* | dragonfly*) - if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then - case $host_cpu in - i*86 ) - # Not sure whether the presence of OpenBSD here was a mistake. - # Let's accept both of them until this is cleared up. - lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` - ;; - esac - else - lt_cv_deplibs_check_method=pass_all - fi - ;; - -haiku*) - lt_cv_deplibs_check_method=pass_all - ;; - -hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file - case $host_cpu in - ia64*) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' - lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so - ;; - hppa*64*) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]' - lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl - ;; - *) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library' - lt_cv_file_magic_test_file=/usr/lib/libc.sl - ;; - esac - ;; - -interix[3-9]*) - # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$' - ;; - -irix5* | irix6* | nonstopux*) - case $LD in - *-32|*"-32 ") libmagic=32-bit;; - *-n32|*"-n32 ") libmagic=N32;; - *-64|*"-64 ") libmagic=64-bit;; - *) libmagic=never-match;; - esac - lt_cv_deplibs_check_method=pass_all - ;; - -# This must be glibc/ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - -netbsd* | netbsdelf*-gnu) - if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$' - fi - ;; - -newos6*) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=/usr/lib/libnls.so - ;; - -*nto* | *qnx*) - lt_cv_deplibs_check_method=pass_all - ;; - -openbsd*) - if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' - fi - ;; - -osf3* | osf4* | osf5*) - lt_cv_deplibs_check_method=pass_all - ;; - -rdos*) - lt_cv_deplibs_check_method=pass_all - ;; - -solaris*) - lt_cv_deplibs_check_method=pass_all - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - lt_cv_deplibs_check_method=pass_all - ;; - -sysv4 | sysv4.3*) - case $host_vendor in - motorola) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]' - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` - ;; - ncr) - lt_cv_deplibs_check_method=pass_all - ;; - sequent) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )' - ;; - sni) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib" - lt_cv_file_magic_test_file=/lib/libc.so - ;; - siemens) - lt_cv_deplibs_check_method=pass_all - ;; - pc) - lt_cv_deplibs_check_method=pass_all - ;; - esac - ;; - -tpf*) - lt_cv_deplibs_check_method=pass_all - ;; -esac - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5 -$as_echo "$lt_cv_deplibs_check_method" >&6; } - -file_magic_glob= -want_nocaseglob=no -if test "$build" = "$host"; then - case $host_os in - mingw* | pw32*) - if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then - want_nocaseglob=yes - else - file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[\1]\/[\1]\/g;/g"` - fi - ;; - esac -fi - -file_magic_cmd=$lt_cv_file_magic_cmd -deplibs_check_method=$lt_cv_deplibs_check_method -test -z "$deplibs_check_method" && deplibs_check_method=unknown - - - - - - - - - - - - - - - - - - - - - - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. -set dummy ${ac_tool_prefix}dlltool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_DLLTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$DLLTOOL"; then - ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -DLLTOOL=$ac_cv_prog_DLLTOOL -if test -n "$DLLTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 -$as_echo "$DLLTOOL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_DLLTOOL"; then - ac_ct_DLLTOOL=$DLLTOOL - # Extract the first word of "dlltool", so it can be a program name with args. -set dummy dlltool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_DLLTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_DLLTOOL"; then - ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_DLLTOOL="dlltool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL -if test -n "$ac_ct_DLLTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 -$as_echo "$ac_ct_DLLTOOL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_DLLTOOL" = x; then - DLLTOOL="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - DLLTOOL=$ac_ct_DLLTOOL - fi -else - DLLTOOL="$ac_cv_prog_DLLTOOL" -fi - -test -z "$DLLTOOL" && DLLTOOL=dlltool - - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5 -$as_echo_n "checking how to associate runtime and link libraries... " >&6; } -if ${lt_cv_sharedlib_from_linklib_cmd+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_sharedlib_from_linklib_cmd='unknown' - -case $host_os in -cygwin* | mingw* | pw32* | cegcc*) - # two different shell functions defined in ltmain.sh - # decide which to use based on capabilities of $DLLTOOL - case `$DLLTOOL --help 2>&1` in - *--identify-strict*) - lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib - ;; - *) - lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback - ;; - esac - ;; -*) - # fallback: assume linklib IS sharedlib - lt_cv_sharedlib_from_linklib_cmd="$ECHO" - ;; -esac - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5 -$as_echo "$lt_cv_sharedlib_from_linklib_cmd" >&6; } -sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd -test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO - - - - - - - -if test -n "$ac_tool_prefix"; then - for ac_prog in ar - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_AR+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$AR"; then - ac_cv_prog_AR="$AR" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_AR="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -AR=$ac_cv_prog_AR -if test -n "$AR"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 -$as_echo "$AR" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$AR" && break - done -fi -if test -z "$AR"; then - ac_ct_AR=$AR - for ac_prog in ar -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_AR+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_AR"; then - ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_AR="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_AR=$ac_cv_prog_ac_ct_AR -if test -n "$ac_ct_AR"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 -$as_echo "$ac_ct_AR" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$ac_ct_AR" && break -done - - if test "x$ac_ct_AR" = x; then - AR="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - AR=$ac_ct_AR - fi -fi - -: ${AR=ar} -: ${AR_FLAGS=cru} - - - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5 -$as_echo_n "checking for archiver @FILE support... " >&6; } -if ${lt_cv_ar_at_file+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_ar_at_file=no - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - echo conftest.$ac_objext > conftest.lst - lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5' - { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 - (eval $lt_ar_try) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } - if test "$ac_status" -eq 0; then - # Ensure the archiver fails upon bogus file names. - rm -f conftest.$ac_objext libconftest.a - { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 - (eval $lt_ar_try) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } - if test "$ac_status" -ne 0; then - lt_cv_ar_at_file=@ - fi - fi - rm -f conftest.* libconftest.a - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5 -$as_echo "$lt_cv_ar_at_file" >&6; } - -if test "x$lt_cv_ar_at_file" = xno; then - archiver_list_spec= -else - archiver_list_spec=$lt_cv_ar_at_file -fi - - - - - - - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. -set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_STRIP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$STRIP"; then - ac_cv_prog_STRIP="$STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_STRIP="${ac_tool_prefix}strip" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -STRIP=$ac_cv_prog_STRIP -if test -n "$STRIP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 -$as_echo "$STRIP" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_STRIP"; then - ac_ct_STRIP=$STRIP - # Extract the first word of "strip", so it can be a program name with args. -set dummy strip; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_STRIP+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_STRIP"; then - ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_STRIP="strip" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP -if test -n "$ac_ct_STRIP"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 -$as_echo "$ac_ct_STRIP" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_STRIP" = x; then - STRIP=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - STRIP=$ac_ct_STRIP - fi -else - STRIP="$ac_cv_prog_STRIP" -fi - -test -z "$STRIP" && STRIP=: - - - - - - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. -set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_RANLIB+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$RANLIB"; then - ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -RANLIB=$ac_cv_prog_RANLIB -if test -n "$RANLIB"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 -$as_echo "$RANLIB" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_RANLIB"; then - ac_ct_RANLIB=$RANLIB - # Extract the first word of "ranlib", so it can be a program name with args. -set dummy ranlib; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_RANLIB"; then - ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_RANLIB="ranlib" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB -if test -n "$ac_ct_RANLIB"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 -$as_echo "$ac_ct_RANLIB" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_RANLIB" = x; then - RANLIB=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - RANLIB=$ac_ct_RANLIB - fi -else - RANLIB="$ac_cv_prog_RANLIB" -fi - -test -z "$RANLIB" && RANLIB=: - - - - - - -# Determine commands to create old-style static archives. -old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' -old_postinstall_cmds='chmod 644 $oldlib' -old_postuninstall_cmds= - -if test -n "$RANLIB"; then - case $host_os in - openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib" - ;; - *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib" - ;; - esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib" -fi - -case $host_os in - darwin*) - lock_old_archive_extraction=yes ;; - *) - lock_old_archive_extraction=no ;; -esac - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# Check for command to grab the raw symbol name followed by C symbol from nm. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5 -$as_echo_n "checking command to parse $NM output from $compiler object... " >&6; } -if ${lt_cv_sys_global_symbol_pipe+:} false; then : - $as_echo_n "(cached) " >&6 -else - -# These are sane defaults that work on at least a few old systems. -# [They come from Ultrix. What could be older than Ultrix?!! ;)] - -# Character class describing NM global symbol codes. -symcode='[BCDEGRST]' - -# Regexp to match symbols that can be accessed directly from C. -sympat='\([_A-Za-z][_A-Za-z0-9]*\)' - -# Define system-specific variables. -case $host_os in -aix*) - symcode='[BCDT]' - ;; -cygwin* | mingw* | pw32* | cegcc*) - symcode='[ABCDGISTW]' - ;; -hpux*) - if test "$host_cpu" = ia64; then - symcode='[ABCDEGRST]' - fi - ;; -irix* | nonstopux*) - symcode='[BCDEGRST]' - ;; -osf*) - symcode='[BCDEGQRST]' - ;; -solaris*) - symcode='[BDRT]' - ;; -sco3.2v5*) - symcode='[DT]' - ;; -sysv4.2uw2*) - symcode='[DT]' - ;; -sysv5* | sco5v6* | unixware* | OpenUNIX*) - symcode='[ABDT]' - ;; -sysv4) - symcode='[DFNSTU]' - ;; -esac - -# If we're using GNU nm, then use its standard symbol codes. -case `$NM -V 2>&1` in -*GNU* | *'with BFD'*) - symcode='[ABCDGIRSTW]' ;; -esac - -# Transform an extracted symbol line into a proper C declaration. -# Some systems (esp. on ia64) link data and code symbols differently, -# so use this general approach. -lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - -# Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (void *) \&\2},/p'" -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"lib\2\", (void *) \&\2},/p'" - -# Handle CRLF in mingw tool chain -opt_cr= -case $build_os in -mingw*) - opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp - ;; -esac - -# Try without a prefix underscore, then with it. -for ac_symprfx in "" "_"; do - - # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. - symxfrm="\\1 $ac_symprfx\\2 \\2" - - # Write the raw and C identifiers. - if test "$lt_cv_nm_interface" = "MS dumpbin"; then - # Fake it for dumpbin and say T for any non-static function - # and D for any global variable. - # Also find C++ and __fastcall symbols from MSVC++, - # which start with @ or ?. - lt_cv_sys_global_symbol_pipe="$AWK '"\ -" {last_section=section; section=\$ 3};"\ -" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\ -" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ -" \$ 0!~/External *\|/{next};"\ -" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ -" {if(hide[section]) next};"\ -" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\ -" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\ -" s[1]~/^[@?]/{print s[1], s[1]; next};"\ -" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\ -" ' prfx=^$ac_symprfx" - else - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" - fi - lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" - - # Check to see that the pipe works correctly. - pipe_works=no - - rm -f conftest* - cat > conftest.$ac_ext <<_LT_EOF -#ifdef __cplusplus -extern "C" { -#endif -char nm_test_var; -void nm_test_func(void); -void nm_test_func(void){} -#ifdef __cplusplus -} -#endif -int main(){nm_test_var='a';nm_test_func();return(0);} -_LT_EOF - - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - # Now try to grab the symbols. - nlist=conftest.nm - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5 - (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && test -s "$nlist"; then - # Try sorting and uniquifying the output. - if sort "$nlist" | uniq > "$nlist"T; then - mv -f "$nlist"T "$nlist" - else - rm -f "$nlist"T - fi - - # Make sure that we snagged all the symbols we need. - if $GREP ' nm_test_var$' "$nlist" >/dev/null; then - if $GREP ' nm_test_func$' "$nlist" >/dev/null; then - cat <<_LT_EOF > conftest.$ac_ext -/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ -#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) -/* DATA imports from DLLs on WIN32 con't be const, because runtime - relocations are performed -- see ld's documentation on pseudo-relocs. */ -# define LT_DLSYM_CONST -#elif defined(__osf__) -/* This system does not cope well with relocations in const data. */ -# define LT_DLSYM_CONST -#else -# define LT_DLSYM_CONST const -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -_LT_EOF - # Now generate the symbol file. - eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' - - cat <<_LT_EOF >> conftest.$ac_ext - -/* The mapping between symbol names and symbols. */ -LT_DLSYM_CONST struct { - const char *name; - void *address; -} -lt__PROGRAM__LTX_preloaded_symbols[] = -{ - { "@PROGRAM@", (void *) 0 }, -_LT_EOF - $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext - cat <<\_LT_EOF >> conftest.$ac_ext - {0, (void *) 0} -}; - -/* This works around a problem in FreeBSD linker */ -#ifdef FREEBSD_WORKAROUND -static const void *lt_preloaded_setup() { - return lt__PROGRAM__LTX_preloaded_symbols; -} -#endif - -#ifdef __cplusplus -} -#endif -_LT_EOF - # Now try linking the two files. - mv conftest.$ac_objext conftstm.$ac_objext - lt_globsym_save_LIBS=$LIBS - lt_globsym_save_CFLAGS=$CFLAGS - LIBS="conftstm.$ac_objext" - CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag" - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 - (eval $ac_link) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && test -s conftest${ac_exeext}; then - pipe_works=yes - fi - LIBS=$lt_globsym_save_LIBS - CFLAGS=$lt_globsym_save_CFLAGS - else - echo "cannot find nm_test_func in $nlist" >&5 - fi - else - echo "cannot find nm_test_var in $nlist" >&5 - fi - else - echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5 - fi - else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - fi - rm -rf conftest* conftst* - - # Do not use the global_symbol_pipe unless it works. - if test "$pipe_works" = yes; then - break - else - lt_cv_sys_global_symbol_pipe= - fi -done - -fi - -if test -z "$lt_cv_sys_global_symbol_pipe"; then - lt_cv_sys_global_symbol_to_cdecl= -fi -if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5 -$as_echo "failed" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5 -$as_echo "ok" >&6; } -fi - -# Response file support. -if test "$lt_cv_nm_interface" = "MS dumpbin"; then - nm_file_list_spec='@' -elif $NM --help 2>/dev/null | grep '[@]FILE' >/dev/null; then - nm_file_list_spec='@' -fi - - - - - - - - - - - - - - - - - - - - - - - - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5 -$as_echo_n "checking for sysroot... " >&6; } - -# Check whether --with-sysroot was given. -if test "${with_sysroot+set}" = set; then : - withval=$with_sysroot; -else - with_sysroot=no -fi - - -lt_sysroot= -case ${with_sysroot} in #( - yes) - if test "$GCC" = yes; then - lt_sysroot=`$CC --print-sysroot 2>/dev/null` - fi - ;; #( - /*) - lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` - ;; #( - no|'') - ;; #( - *) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${with_sysroot}" >&5 -$as_echo "${with_sysroot}" >&6; } - as_fn_error $? "The sysroot must be an absolute path." "$LINENO" 5 - ;; -esac - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5 -$as_echo "${lt_sysroot:-no}" >&6; } - - - - - -# Check whether --enable-libtool-lock was given. -if test "${enable_libtool_lock+set}" = set; then : - enableval=$enable_libtool_lock; -fi - -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - -# Some flags need to be propagated to the compiler or linker for good -# libtool support. -case $host in -ia64-*-hpux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - case `/usr/bin/file conftest.$ac_objext` in - *ELF-32*) - HPUX_IA64_MODE="32" - ;; - *ELF-64*) - HPUX_IA64_MODE="64" - ;; - esac - fi - rm -rf conftest* - ;; -*-*-irix6*) - # Find out which ABI we are using. - echo '#line '$LINENO' "configure"' > conftest.$ac_ext - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - if test "$lt_cv_prog_gnu_ld" = yes; then - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -melf32bsmip" - ;; - *N32*) - LD="${LD-ld} -melf32bmipn32" - ;; - *64-bit*) - LD="${LD-ld} -melf64bmip" - ;; - esac - else - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -32" - ;; - *N32*) - LD="${LD-ld} -n32" - ;; - *64-bit*) - LD="${LD-ld} -64" - ;; - esac - fi - fi - rm -rf conftest* - ;; - -x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ -s390*-*linux*|s390*-*tpf*|sparc*-*linux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - case `/usr/bin/file conftest.o` in - *32-bit*) - case $host in - x86_64-*kfreebsd*-gnu) - LD="${LD-ld} -m elf_i386_fbsd" - ;; - x86_64-*linux*) - case `/usr/bin/file conftest.o` in - *x86-64*) - LD="${LD-ld} -m elf32_x86_64" - ;; - *) - LD="${LD-ld} -m elf_i386" - ;; - esac - ;; - ppc64-*linux*|powerpc64-*linux*) - LD="${LD-ld} -m elf32ppclinux" - ;; - s390x-*linux*) - LD="${LD-ld} -m elf_s390" - ;; - sparc64-*linux*) - LD="${LD-ld} -m elf32_sparc" - ;; - esac - ;; - *64-bit*) - case $host in - x86_64-*kfreebsd*-gnu) - LD="${LD-ld} -m elf_x86_64_fbsd" - ;; - x86_64-*linux*) - LD="${LD-ld} -m elf_x86_64" - ;; - ppc*-*linux*|powerpc*-*linux*) - LD="${LD-ld} -m elf64ppc" - ;; - s390*-*linux*|s390*-*tpf*) - LD="${LD-ld} -m elf64_s390" - ;; - sparc*-*linux*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - -*-*-sco3.2v5*) - # On SCO OpenServer 5, we need -belf to get full-featured binaries. - SAVE_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -belf" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5 -$as_echo_n "checking whether the C compiler needs -belf... " >&6; } -if ${lt_cv_cc_needs_belf+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - lt_cv_cc_needs_belf=yes -else - lt_cv_cc_needs_belf=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5 -$as_echo "$lt_cv_cc_needs_belf" >&6; } - if test x"$lt_cv_cc_needs_belf" != x"yes"; then - # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf - CFLAGS="$SAVE_CFLAGS" - fi - ;; -*-*solaris*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - case `/usr/bin/file conftest.o` in - *64-bit*) - case $lt_cv_prog_gnu_ld in - yes*) - case $host in - i?86-*-solaris*) - LD="${LD-ld} -m elf_x86_64" - ;; - sparc*-*-solaris*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - # GNU ld 2.21 introduced _sol2 emulations. Use them if available. - if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then - LD="${LD-ld}_sol2" - fi - ;; - *) - if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then - LD="${LD-ld} -64" - fi - ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; -esac - -need_locks="$enable_libtool_lock" - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args. -set dummy ${ac_tool_prefix}mt; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_MANIFEST_TOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$MANIFEST_TOOL"; then - ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL -if test -n "$MANIFEST_TOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5 -$as_echo "$MANIFEST_TOOL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_MANIFEST_TOOL"; then - ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL - # Extract the first word of "mt", so it can be a program name with args. -set dummy mt; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_MANIFEST_TOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_MANIFEST_TOOL"; then - ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_MANIFEST_TOOL="mt" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL -if test -n "$ac_ct_MANIFEST_TOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5 -$as_echo "$ac_ct_MANIFEST_TOOL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_MANIFEST_TOOL" = x; then - MANIFEST_TOOL=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL - fi -else - MANIFEST_TOOL="$ac_cv_prog_MANIFEST_TOOL" -fi - -test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5 -$as_echo_n "checking if $MANIFEST_TOOL is a manifest tool... " >&6; } -if ${lt_cv_path_mainfest_tool+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_path_mainfest_tool=no - echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5 - $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out - cat conftest.err >&5 - if $GREP 'Manifest Tool' conftest.out > /dev/null; then - lt_cv_path_mainfest_tool=yes - fi - rm -f conftest* -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5 -$as_echo "$lt_cv_path_mainfest_tool" >&6; } -if test "x$lt_cv_path_mainfest_tool" != xyes; then - MANIFEST_TOOL=: -fi - - - - - - - case $host_os in - rhapsody* | darwin*) - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args. -set dummy ${ac_tool_prefix}dsymutil; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_DSYMUTIL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$DSYMUTIL"; then - ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -DSYMUTIL=$ac_cv_prog_DSYMUTIL -if test -n "$DSYMUTIL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DSYMUTIL" >&5 -$as_echo "$DSYMUTIL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_DSYMUTIL"; then - ac_ct_DSYMUTIL=$DSYMUTIL - # Extract the first word of "dsymutil", so it can be a program name with args. -set dummy dsymutil; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_DSYMUTIL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_DSYMUTIL"; then - ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL -if test -n "$ac_ct_DSYMUTIL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DSYMUTIL" >&5 -$as_echo "$ac_ct_DSYMUTIL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_DSYMUTIL" = x; then - DSYMUTIL=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - DSYMUTIL=$ac_ct_DSYMUTIL - fi -else - DSYMUTIL="$ac_cv_prog_DSYMUTIL" -fi - - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args. -set dummy ${ac_tool_prefix}nmedit; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_NMEDIT+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$NMEDIT"; then - ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -NMEDIT=$ac_cv_prog_NMEDIT -if test -n "$NMEDIT"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NMEDIT" >&5 -$as_echo "$NMEDIT" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_NMEDIT"; then - ac_ct_NMEDIT=$NMEDIT - # Extract the first word of "nmedit", so it can be a program name with args. -set dummy nmedit; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_NMEDIT+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_NMEDIT"; then - ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_NMEDIT="nmedit" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT -if test -n "$ac_ct_NMEDIT"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NMEDIT" >&5 -$as_echo "$ac_ct_NMEDIT" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_NMEDIT" = x; then - NMEDIT=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - NMEDIT=$ac_ct_NMEDIT - fi -else - NMEDIT="$ac_cv_prog_NMEDIT" -fi - - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args. -set dummy ${ac_tool_prefix}lipo; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_LIPO+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$LIPO"; then - ac_cv_prog_LIPO="$LIPO" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_LIPO="${ac_tool_prefix}lipo" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -LIPO=$ac_cv_prog_LIPO -if test -n "$LIPO"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIPO" >&5 -$as_echo "$LIPO" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_LIPO"; then - ac_ct_LIPO=$LIPO - # Extract the first word of "lipo", so it can be a program name with args. -set dummy lipo; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_LIPO+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_LIPO"; then - ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_LIPO="lipo" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO -if test -n "$ac_ct_LIPO"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_LIPO" >&5 -$as_echo "$ac_ct_LIPO" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_LIPO" = x; then - LIPO=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - LIPO=$ac_ct_LIPO - fi -else - LIPO="$ac_cv_prog_LIPO" -fi - - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args. -set dummy ${ac_tool_prefix}otool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_OTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$OTOOL"; then - ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_OTOOL="${ac_tool_prefix}otool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -OTOOL=$ac_cv_prog_OTOOL -if test -n "$OTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL" >&5 -$as_echo "$OTOOL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_OTOOL"; then - ac_ct_OTOOL=$OTOOL - # Extract the first word of "otool", so it can be a program name with args. -set dummy otool; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_OTOOL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_OTOOL"; then - ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_OTOOL="otool" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL -if test -n "$ac_ct_OTOOL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL" >&5 -$as_echo "$ac_ct_OTOOL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_OTOOL" = x; then - OTOOL=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - OTOOL=$ac_ct_OTOOL - fi -else - OTOOL="$ac_cv_prog_OTOOL" -fi - - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args. -set dummy ${ac_tool_prefix}otool64; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_OTOOL64+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$OTOOL64"; then - ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -OTOOL64=$ac_cv_prog_OTOOL64 -if test -n "$OTOOL64"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL64" >&5 -$as_echo "$OTOOL64" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_OTOOL64"; then - ac_ct_OTOOL64=$OTOOL64 - # Extract the first word of "otool64", so it can be a program name with args. -set dummy otool64; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_OTOOL64+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_OTOOL64"; then - ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_OTOOL64="otool64" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64 -if test -n "$ac_ct_OTOOL64"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL64" >&5 -$as_echo "$ac_ct_OTOOL64" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_OTOOL64" = x; then - OTOOL64=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - OTOOL64=$ac_ct_OTOOL64 - fi -else - OTOOL64="$ac_cv_prog_OTOOL64" -fi - - - - - - - - - - - - - - - - - - - - - - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5 -$as_echo_n "checking for -single_module linker flag... " >&6; } -if ${lt_cv_apple_cc_single_mod+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_apple_cc_single_mod=no - if test -z "${LT_MULTI_MODULE}"; then - # By default we will add the -single_module flag. You can override - # by either setting the environment variable LT_MULTI_MODULE - # non-empty at configure time, or by adding -multi_module to the - # link flags. - rm -rf libconftest.dylib* - echo "int foo(void){return 1;}" > conftest.c - echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ --dynamiclib -Wl,-single_module conftest.c" >&5 - $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ - -dynamiclib -Wl,-single_module conftest.c 2>conftest.err - _lt_result=$? - # If there is a non-empty error log, and "single_module" - # appears in it, assume the flag caused a linker warning - if test -s conftest.err && $GREP single_module conftest.err; then - cat conftest.err >&5 - # Otherwise, if the output was created with a 0 exit code from - # the compiler, it worked. - elif test -f libconftest.dylib && test $_lt_result -eq 0; then - lt_cv_apple_cc_single_mod=yes - else - cat conftest.err >&5 - fi - rm -rf libconftest.dylib* - rm -f conftest.* - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5 -$as_echo "$lt_cv_apple_cc_single_mod" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5 -$as_echo_n "checking for -exported_symbols_list linker flag... " >&6; } -if ${lt_cv_ld_exported_symbols_list+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_ld_exported_symbols_list=no - save_LDFLAGS=$LDFLAGS - echo "_main" > conftest.sym - LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - lt_cv_ld_exported_symbols_list=yes -else - lt_cv_ld_exported_symbols_list=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LDFLAGS="$save_LDFLAGS" - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5 -$as_echo "$lt_cv_ld_exported_symbols_list" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5 -$as_echo_n "checking for -force_load linker flag... " >&6; } -if ${lt_cv_ld_force_load+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_ld_force_load=no - cat > conftest.c << _LT_EOF -int forced_loaded() { return 2;} -_LT_EOF - echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5 - $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5 - echo "$AR cru libconftest.a conftest.o" >&5 - $AR cru libconftest.a conftest.o 2>&5 - echo "$RANLIB libconftest.a" >&5 - $RANLIB libconftest.a 2>&5 - cat > conftest.c << _LT_EOF -int main() { return 0;} -_LT_EOF - echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5 - $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err - _lt_result=$? - if test -s conftest.err && $GREP force_load conftest.err; then - cat conftest.err >&5 - elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then - lt_cv_ld_force_load=yes - else - cat conftest.err >&5 - fi - rm -f conftest.err libconftest.a conftest conftest.c - rm -rf conftest.dSYM - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5 -$as_echo "$lt_cv_ld_force_load" >&6; } - case $host_os in - rhapsody* | darwin1.[012]) - _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; - darwin1.*) - _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; - darwin*) # darwin 5.x on - # if running on 10.5 or later, the deployment target defaults - # to the OS version, if on x86, and 10.4, the deployment - # target defaults to 10.4. Don't you love it? - case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in - 10.0,*86*-darwin8*|10.0,*-darwin[91]*) - _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; - 10.[012]*) - _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; - 10.*) - _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; - esac - ;; - esac - if test "$lt_cv_apple_cc_single_mod" = "yes"; then - _lt_dar_single_mod='$single_module' - fi - if test "$lt_cv_ld_exported_symbols_list" = "yes"; then - _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' - else - _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then - _lt_dsymutil='~$DSYMUTIL $lib || :' - else - _lt_dsymutil= - fi - ;; - esac - -for ac_header in dlfcn.h -do : - ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default -" -if test "x$ac_cv_header_dlfcn_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_DLFCN_H 1 -_ACEOF - -fi - -done - - - - - -# Set options - - - - enable_dlopen=no - - - enable_win32_dll=no - - - - - -# Check whether --with-pic was given. -if test "${with_pic+set}" = set; then : - withval=$with_pic; lt_p=${PACKAGE-default} - case $withval in - yes|no) pic_mode=$withval ;; - *) - pic_mode=default - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for lt_pkg in $withval; do - IFS="$lt_save_ifs" - if test "X$lt_pkg" = "X$lt_p"; then - pic_mode=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - pic_mode=default -fi - - -test -z "$pic_mode" && pic_mode=default - - - - - - - - # Check whether --enable-fast-install was given. -if test "${enable_fast_install+set}" = set; then : - enableval=$enable_fast_install; p=${PACKAGE-default} - case $enableval in - yes) enable_fast_install=yes ;; - no) enable_fast_install=no ;; - *) - enable_fast_install=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_fast_install=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_fast_install=yes -fi - - - - - - - - - - - -# This can be used to rebuild libtool when needed -LIBTOOL_DEPS="$ltmain" - -# Always use our own libtool. -LIBTOOL='$(SHELL) $(top_builddir)/libtool' - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -test -z "$LN_S" && LN_S="ln -s" - - - - - - - - - - - - - - -if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5 -$as_echo_n "checking for objdir... " >&6; } -if ${lt_cv_objdir+:} false; then : - $as_echo_n "(cached) " >&6 -else - rm -f .libs 2>/dev/null -mkdir .libs 2>/dev/null -if test -d .libs; then - lt_cv_objdir=.libs -else - # MS-DOS does not allow filenames that begin with a dot. - lt_cv_objdir=_libs -fi -rmdir .libs 2>/dev/null -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5 -$as_echo "$lt_cv_objdir" >&6; } -objdir=$lt_cv_objdir - - - - - -cat >>confdefs.h <<_ACEOF -#define LT_OBJDIR "$lt_cv_objdir/" -_ACEOF - - - - -case $host_os in -aix3*) - # AIX sometimes has problems with the GCC collect2 program. For some - # reason, if we set the COLLECT_NAMES environment variable, the problems - # vanish in a puff of smoke. - if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES - fi - ;; -esac - -# Global variables: -ofile=libtool -can_build_shared=yes - -# All known linkers require a `.a' archive for static linking (except MSVC, -# which needs '.lib'). -libext=a - -with_gnu_ld="$lt_cv_prog_gnu_ld" - -old_CC="$CC" -old_CFLAGS="$CFLAGS" - -# Set sane defaults for various variables -test -z "$CC" && CC=cc -test -z "$LTCC" && LTCC=$CC -test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS -test -z "$LD" && LD=ld -test -z "$ac_objext" && ac_objext=o - -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"` - - -# Only perform the check for file, if the check method requires it -test -z "$MAGIC_CMD" && MAGIC_CMD=file -case $deplibs_check_method in -file_magic*) - if test "$file_magic_cmd" = '$MAGIC_CMD'; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5 -$as_echo_n "checking for ${ac_tool_prefix}file... " >&6; } -if ${lt_cv_path_MAGIC_CMD+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $MAGIC_CMD in -[\\/*] | ?:[\\/]*) - lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. - ;; -*) - lt_save_MAGIC_CMD="$MAGIC_CMD" - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - ac_dummy="/usr/bin$PATH_SEPARATOR$PATH" - for ac_dir in $ac_dummy; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/${ac_tool_prefix}file; then - lt_cv_path_MAGIC_CMD="$ac_dir/${ac_tool_prefix}file" - if test -n "$file_magic_test_file"; then - case $deplibs_check_method in - "file_magic "*) - file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` - MAGIC_CMD="$lt_cv_path_MAGIC_CMD" - if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | - $EGREP "$file_magic_regex" > /dev/null; then - : - else - cat <<_LT_EOF 1>&2 - -*** Warning: the command libtool uses to detect shared libraries, -*** $file_magic_cmd, produces output that libtool cannot recognize. -*** The result is that libtool may fail to recognize shared libraries -*** as such. This will affect the creation of libtool libraries that -*** depend on shared libraries, but programs linked with such libtool -*** libraries will work regardless of this problem. Nevertheless, you -*** may want to report the problem to your system manager and/or to -*** bug-libtool@gnu.org - -_LT_EOF - fi ;; - esac - fi - break - fi - done - IFS="$lt_save_ifs" - MAGIC_CMD="$lt_save_MAGIC_CMD" - ;; -esac -fi - -MAGIC_CMD="$lt_cv_path_MAGIC_CMD" -if test -n "$MAGIC_CMD"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 -$as_echo "$MAGIC_CMD" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - - - -if test -z "$lt_cv_path_MAGIC_CMD"; then - if test -n "$ac_tool_prefix"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for file" >&5 -$as_echo_n "checking for file... " >&6; } -if ${lt_cv_path_MAGIC_CMD+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $MAGIC_CMD in -[\\/*] | ?:[\\/]*) - lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. - ;; -*) - lt_save_MAGIC_CMD="$MAGIC_CMD" - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - ac_dummy="/usr/bin$PATH_SEPARATOR$PATH" - for ac_dir in $ac_dummy; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/file; then - lt_cv_path_MAGIC_CMD="$ac_dir/file" - if test -n "$file_magic_test_file"; then - case $deplibs_check_method in - "file_magic "*) - file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` - MAGIC_CMD="$lt_cv_path_MAGIC_CMD" - if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | - $EGREP "$file_magic_regex" > /dev/null; then - : - else - cat <<_LT_EOF 1>&2 - -*** Warning: the command libtool uses to detect shared libraries, -*** $file_magic_cmd, produces output that libtool cannot recognize. -*** The result is that libtool may fail to recognize shared libraries -*** as such. This will affect the creation of libtool libraries that -*** depend on shared libraries, but programs linked with such libtool -*** libraries will work regardless of this problem. Nevertheless, you -*** may want to report the problem to your system manager and/or to -*** bug-libtool@gnu.org - -_LT_EOF - fi ;; - esac - fi - break - fi - done - IFS="$lt_save_ifs" - MAGIC_CMD="$lt_save_MAGIC_CMD" - ;; -esac -fi - -MAGIC_CMD="$lt_cv_path_MAGIC_CMD" -if test -n "$MAGIC_CMD"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 -$as_echo "$MAGIC_CMD" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - else - MAGIC_CMD=: - fi -fi - - fi - ;; -esac - -# Use C for the default configuration in the libtool script - -lt_save_CC="$CC" -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -# Source file extension for C test sources. -ac_ext=c - -# Object file extension for compiled C test sources. -objext=o -objext=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(){return(0);}' - - - - - - - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - -# Save the default compiler, since it gets overwritten when the other -# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP. -compiler_DEFAULT=$CC - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -echo "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$RM conftest* - -ac_outfile=conftest.$ac_objext -echo "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$RM -r conftest* - - -if test -n "$compiler"; then - -lt_prog_compiler_no_builtin_flag= - -if test "$GCC" = yes; then - case $cc_basename in - nvcc*) - lt_prog_compiler_no_builtin_flag=' -Xcompiler -fno-builtin' ;; - *) - lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;; - esac - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 -$as_echo_n "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; } -if ${lt_cv_prog_compiler_rtti_exceptions+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_prog_compiler_rtti_exceptions=no - ac_outfile=conftest.$ac_objext - echo "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="-fno-rtti -fno-exceptions" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_cv_prog_compiler_rtti_exceptions=yes - fi - fi - $RM conftest* - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 -$as_echo "$lt_cv_prog_compiler_rtti_exceptions" >&6; } - -if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then - lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions" -else - : -fi - -fi - - - - - - - lt_prog_compiler_wl= -lt_prog_compiler_pic= -lt_prog_compiler_static= - - - if test "$GCC" = yes; then - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_static='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static='-Bstatic' - fi - ;; - - amigaos*) - case $host_cpu in - powerpc) - # see comment about AmigaOS4 .so support - lt_prog_compiler_pic='-fPIC' - ;; - m68k) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4' - ;; - esac - ;; - - beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | cygwin* | pw32* | os2* | cegcc*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - # Although the cygwin gcc ignores -fPIC, still need this for old-style - # (--disable-auto-import) libraries - lt_prog_compiler_pic='-DDLL_EXPORT' - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - lt_prog_compiler_pic='-fno-common' - ;; - - haiku*) - # PIC is the default for Haiku. - # The "-static" flag exists, but is broken. - lt_prog_compiler_static= - ;; - - hpux*) - # PIC is the default for 64-bit PA HP-UX, but not for 32-bit - # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag - # sets the default TLS model and affects inlining. - case $host_cpu in - hppa*64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic='-fPIC' - ;; - esac - ;; - - interix[3-9]*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - lt_prog_compiler_can_build_shared=no - enable_shared=no - ;; - - *nto* | *qnx*) - # QNX uses GNU C++, but need to define -shared option too, otherwise - # it will coredump. - lt_prog_compiler_pic='-fPIC -shared' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - lt_prog_compiler_pic=-Kconform_pic - fi - ;; - - *) - lt_prog_compiler_pic='-fPIC' - ;; - esac - - case $cc_basename in - nvcc*) # Cuda Compiler Driver 2.2 - lt_prog_compiler_wl='-Xlinker ' - if test -n "$lt_prog_compiler_pic"; then - lt_prog_compiler_pic="-Xcompiler $lt_prog_compiler_pic" - fi - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - lt_prog_compiler_wl='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static='-Bstatic' - else - lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp' - fi - ;; - - mingw* | cygwin* | pw32* | os2* | cegcc*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic='-DDLL_EXPORT' - ;; - - hpux9* | hpux10* | hpux11*) - lt_prog_compiler_wl='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - lt_prog_compiler_static='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - lt_prog_compiler_wl='-Wl,' - # PIC (with -KPIC) is the default. - lt_prog_compiler_static='-non_shared' - ;; - - linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) - case $cc_basename in - # old Intel for x86_64 which still supported -KPIC. - ecc*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-static' - ;; - # icc used to be incompatible with GCC. - # ICC 10 doesn't accept -KPIC any more. - icc* | ifort*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-fPIC' - lt_prog_compiler_static='-static' - ;; - # Lahey Fortran 8.1. - lf95*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='--shared' - lt_prog_compiler_static='--static' - ;; - nagfor*) - # NAG Fortran compiler - lt_prog_compiler_wl='-Wl,-Wl,,' - lt_prog_compiler_pic='-PIC' - lt_prog_compiler_static='-Bstatic' - ;; - pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-fpic' - lt_prog_compiler_static='-Bstatic' - ;; - ccc*) - lt_prog_compiler_wl='-Wl,' - # All Alpha code is PIC. - lt_prog_compiler_static='-non_shared' - ;; - xl* | bgxl* | bgf* | mpixl*) - # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-qpic' - lt_prog_compiler_static='-qstaticlink' - ;; - *) - case `$CC -V 2>&1 | sed 5q` in - *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*) - # Sun Fortran 8.3 passes all unrecognized flags to the linker - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - lt_prog_compiler_wl='' - ;; - *Sun\ F* | *Sun*Fortran*) - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - lt_prog_compiler_wl='-Qoption ld ' - ;; - *Sun\ C*) - # Sun C 5.9 - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - lt_prog_compiler_wl='-Wl,' - ;; - *Intel*\ [CF]*Compiler*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-fPIC' - lt_prog_compiler_static='-static' - ;; - *Portland\ Group*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-fpic' - lt_prog_compiler_static='-Bstatic' - ;; - esac - ;; - esac - ;; - - newsos6) - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - ;; - - *nto* | *qnx*) - # QNX uses GNU C++, but need to define -shared option too, otherwise - # it will coredump. - lt_prog_compiler_pic='-fPIC -shared' - ;; - - osf3* | osf4* | osf5*) - lt_prog_compiler_wl='-Wl,' - # All OSF/1 code is PIC. - lt_prog_compiler_static='-non_shared' - ;; - - rdos*) - lt_prog_compiler_static='-non_shared' - ;; - - solaris*) - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - case $cc_basename in - f77* | f90* | f95* | sunf77* | sunf90* | sunf95*) - lt_prog_compiler_wl='-Qoption ld ';; - *) - lt_prog_compiler_wl='-Wl,';; - esac - ;; - - sunos4*) - lt_prog_compiler_wl='-Qoption ld ' - lt_prog_compiler_pic='-PIC' - lt_prog_compiler_static='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - lt_prog_compiler_pic='-Kconform_pic' - lt_prog_compiler_static='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - ;; - - unicos*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_can_build_shared=no - ;; - - uts4*) - lt_prog_compiler_pic='-pic' - lt_prog_compiler_static='-Bstatic' - ;; - - *) - lt_prog_compiler_can_build_shared=no - ;; - esac - fi - -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - lt_prog_compiler_pic= - ;; - *) - lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC" - ;; -esac - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 -$as_echo_n "checking for $compiler option to produce PIC... " >&6; } -if ${lt_cv_prog_compiler_pic+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_prog_compiler_pic=$lt_prog_compiler_pic -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5 -$as_echo "$lt_cv_prog_compiler_pic" >&6; } -lt_prog_compiler_pic=$lt_cv_prog_compiler_pic - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 -$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; } -if ${lt_cv_prog_compiler_pic_works+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_prog_compiler_pic_works=no - ac_outfile=conftest.$ac_objext - echo "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic -DPIC" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_cv_prog_compiler_pic_works=yes - fi - fi - $RM conftest* - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5 -$as_echo "$lt_cv_prog_compiler_pic_works" >&6; } - -if test x"$lt_cv_prog_compiler_pic_works" = xyes; then - case $lt_prog_compiler_pic in - "" | " "*) ;; - *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;; - esac -else - lt_prog_compiler_pic= - lt_prog_compiler_can_build_shared=no -fi - -fi - - - - - - - - - - - -# -# Check to make sure the static flag actually works. -# -wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } -if ${lt_cv_prog_compiler_static_works+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_prog_compiler_static_works=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - echo "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_cv_prog_compiler_static_works=yes - fi - else - lt_cv_prog_compiler_static_works=yes - fi - fi - $RM -r conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5 -$as_echo "$lt_cv_prog_compiler_static_works" >&6; } - -if test x"$lt_cv_prog_compiler_static_works" = xyes; then - : -else - lt_prog_compiler_static= -fi - - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 -$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } -if ${lt_cv_prog_compiler_c_o+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_prog_compiler_c_o=no - $RM -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - echo "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o=yes - fi - fi - chmod u+w . 2>&5 - $RM conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files - $RM out/* && rmdir out - cd .. - $RM -r conftest - $RM conftest* - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 -$as_echo "$lt_cv_prog_compiler_c_o" >&6; } - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 -$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } -if ${lt_cv_prog_compiler_c_o+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_prog_compiler_c_o=no - $RM -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - echo "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o=yes - fi - fi - chmod u+w . 2>&5 - $RM conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files - $RM out/* && rmdir out - cd .. - $RM -r conftest - $RM conftest* - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 -$as_echo "$lt_cv_prog_compiler_c_o" >&6; } - - - - -hard_links="nottested" -if test "$lt_cv_prog_compiler_c_o" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 -$as_echo_n "checking if we can lock with hard links... " >&6; } - hard_links=yes - $RM conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 -$as_echo "$hard_links" >&6; } - if test "$hard_links" = no; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -$as_echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} - need_locks=warn - fi -else - need_locks=no -fi - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } - - runpath_var= - allow_undefined_flag= - always_export_symbols=no - archive_cmds= - archive_expsym_cmds= - compiler_needs_object=no - enable_shared_with_static_runtimes=no - export_dynamic_flag_spec= - export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - hardcode_automatic=no - hardcode_direct=no - hardcode_direct_absolute=no - hardcode_libdir_flag_spec= - hardcode_libdir_separator= - hardcode_minus_L=no - hardcode_shlibpath_var=unsupported - inherit_rpath=no - link_all_deplibs=unknown - module_cmds= - module_expsym_cmds= - old_archive_from_new_cmds= - old_archive_from_expsyms_cmds= - thread_safe_flag_spec= - whole_archive_flag_spec= - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - include_expsyms= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - exclude_expsyms='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - # Exclude shared library initialization/finalization symbols. - extract_expsyms_cmds= - - case $host_os in - cygwin* | mingw* | pw32* | cegcc*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - linux* | k*bsd*-gnu | gnu*) - link_all_deplibs=no - ;; - esac - - ld_shlibs=yes - - # On some targets, GNU ld is compatible enough with the native linker - # that we're better off using the native interface for both. - lt_use_gnu_ld_interface=no - if test "$with_gnu_ld" = yes; then - case $host_os in - aix*) - # The AIX port of GNU ld has always aspired to compatibility - # with the native linker. However, as the warning in the GNU ld - # block says, versions before 2.19.5* couldn't really create working - # shared libraries, regardless of the interface used. - case `$LD -v 2>&1` in - *\ \(GNU\ Binutils\)\ 2.19.5*) ;; - *\ \(GNU\ Binutils\)\ 2.[2-9]*) ;; - *\ \(GNU\ Binutils\)\ [3-9]*) ;; - *) - lt_use_gnu_ld_interface=yes - ;; - esac - ;; - *) - lt_use_gnu_ld_interface=yes - ;; - esac - fi - - if test "$lt_use_gnu_ld_interface" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - export_dynamic_flag_spec='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec= - fi - supports_anon_versioning=no - case `$LD -v 2>&1` in - *GNU\ gold*) supports_anon_versioning=yes ;; - *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix[3-9]*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - ld_shlibs=no - cat <<_LT_EOF 1>&2 - -*** Warning: the GNU linker, at least up to release 2.19, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to install binutils -*** 2.20 or above, or modify your PATH so that a non-GNU linker is found. -*** You will then need to restart the configuration process. - -_LT_EOF - fi - ;; - - amigaos*) - case $host_cpu in - powerpc) - # see comment about AmigaOS4 .so support - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='' - ;; - m68k) - archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - ;; - esac - ;; - - beos*) - if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - allow_undefined_flag=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - archive_cmds='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - ld_shlibs=no - fi - ;; - - cygwin* | mingw* | pw32* | cegcc*) - # _LT_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec='-L$libdir' - export_dynamic_flag_spec='${wl}--export-all-symbols' - allow_undefined_flag=unsupported - always_export_symbols=no - enable_shared_with_static_runtimes=yes - export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols' - exclude_expsyms='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname' - - if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs=no - fi - ;; - - haiku*) - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - link_all_deplibs=yes - ;; - - interix[3-9]*) - hardcode_direct=no - hardcode_shlibpath_var=no - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - export_dynamic_flag_spec='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) - tmp_diet=no - if test "$host_os" = linux-dietlibc; then - case $cc_basename in - diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn) - esac - fi - if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ - && test "$tmp_diet" = no - then - tmp_addflag=' $pic_flag' - tmp_sharedflag='-shared' - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95* | pgfortran*) - # Portland Group f77 and f90 compilers - whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - lf95*) # Lahey Fortran 8.1 - whole_archive_flag_spec= - tmp_sharedflag='--shared' ;; - xl[cC]* | bgxl[cC]* | mpixl[cC]*) # IBM XL C 8.0 on PPC (deal with xlf below) - tmp_sharedflag='-qmkshrobj' - tmp_addflag= ;; - nvcc*) # Cuda Compiler Driver 2.2 - whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - compiler_needs_object=yes - ;; - esac - case `$CC -V 2>&1 | sed 5q` in - *Sun\ C*) # Sun C 5.9 - whole_archive_flag_spec='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' - compiler_needs_object=yes - tmp_sharedflag='-G' ;; - *Sun\ F*) # Sun Fortran 8.3 - tmp_sharedflag='-G' ;; - esac - archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test "x$supports_anon_versioning" = xyes; then - archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - - case $cc_basename in - xlf* | bgf* | bgxlf* | mpixlf*) - # IBM XL Fortran 10.1 on PPC cannot create shared libs itself - whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive' - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' - if test "x$supports_anon_versioning" = xyes; then - archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - echo "local: *; };" >> $output_objdir/$libname.ver~ - $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' - fi - ;; - esac - else - ld_shlibs=no - fi - ;; - - netbsd* | netbsdelf*-gnu) - if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then - archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then - ld_shlibs=no - cat <<_LT_EOF 1>&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) - ld_shlibs=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - # For security reasons, it is highly recommended that you always - # use absolute paths for naming shared libraries, and exclude the - # DT_RUNPATH tag from executables and libraries. But doing so - # requires that you compile everything twice, which is a pain. - if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs=no - fi - ;; - esac - ;; - - sunos4*) - archive_cmds='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - hardcode_direct=yes - hardcode_shlibpath_var=no - ;; - - *) - if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs=no - fi - ;; - esac - - if test "$ld_shlibs" = no; then - runpath_var= - hardcode_libdir_flag_spec= - export_dynamic_flag_spec= - whole_archive_flag_spec= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - allow_undefined_flag=unsupported - always_export_symbols=yes - archive_expsym_cmds='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - hardcode_minus_L=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - hardcode_direct=unsupported - fi - ;; - - aix[4-9]*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - # Also, AIX nm treats weak defined symbols like other global - # defined symbols, whereas GNU nm marks them as "W". - if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then - export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - archive_cmds='' - hardcode_direct=yes - hardcode_direct_absolute=yes - hardcode_libdir_separator=':' - link_all_deplibs=yes - file_list_spec='${wl}-f,' - - if test "$GCC" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && - strings "$collect2name" | $GREP resolve_lib_name >/dev/null - then - # We have reworked collect2 - : - else - # We have old collect2 - hardcode_direct=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L=yes - hardcode_libdir_flag_spec='-L$libdir' - hardcode_libdir_separator= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - link_all_deplibs=no - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - export_dynamic_flag_spec='${wl}-bexpall' - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - always_export_symbols=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - allow_undefined_flag='-berok' - # Determine the default libpath from the value encoded in an - # empty executable. - if test "${lt_cv_aix_libpath+set}" = set; then - aix_libpath=$lt_cv_aix_libpath -else - if ${lt_cv_aix_libpath_+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - lt_aix_libpath_sed=' - /Import File Strings/,/^$/ { - /^0/ { - s/^0 *\([^ ]*\) *$/\1/ - p - } - }' - lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` - # Check for a 64-bit object if we didn't find anything. - if test -z "$lt_cv_aix_libpath_"; then - lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` - fi -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - if test -z "$lt_cv_aix_libpath_"; then - lt_cv_aix_libpath_="/usr/lib:/lib" - fi - -fi - - aix_libpath=$lt_cv_aix_libpath_ -fi - - hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" - archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib' - allow_undefined_flag="-z nodefs" - archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an - # empty executable. - if test "${lt_cv_aix_libpath+set}" = set; then - aix_libpath=$lt_cv_aix_libpath -else - if ${lt_cv_aix_libpath_+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - - lt_aix_libpath_sed=' - /Import File Strings/,/^$/ { - /^0/ { - s/^0 *\([^ ]*\) *$/\1/ - p - } - }' - lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` - # Check for a 64-bit object if we didn't find anything. - if test -z "$lt_cv_aix_libpath_"; then - lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` - fi -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - if test -z "$lt_cv_aix_libpath_"; then - lt_cv_aix_libpath_="/usr/lib:/lib" - fi - -fi - - aix_libpath=$lt_cv_aix_libpath_ -fi - - hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - no_undefined_flag=' ${wl}-bernotok' - allow_undefined_flag=' ${wl}-berok' - if test "$with_gnu_ld" = yes; then - # We only use this code for GNU lds that support --whole-archive. - whole_archive_flag_spec='${wl}--whole-archive$convenience ${wl}--no-whole-archive' - else - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec='$convenience' - fi - archive_cmds_need_lc=yes - # This is similar to how AIX traditionally builds its shared libraries. - archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - amigaos*) - case $host_cpu in - powerpc) - # see comment about AmigaOS4 .so support - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='' - ;; - m68k) - archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - ;; - esac - ;; - - bsdi[45]*) - export_dynamic_flag_spec=-rdynamic - ;; - - cygwin* | mingw* | pw32* | cegcc*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - case $cc_basename in - cl*) - # Native MSVC - hardcode_libdir_flag_spec=' ' - allow_undefined_flag=unsupported - always_export_symbols=yes - file_list_spec='@' - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' - archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; - else - sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; - fi~ - $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ - linknames=' - # The linker will not automatically build a static lib if we build a DLL. - # _LT_TAGVAR(old_archive_from_new_cmds, )='true' - enable_shared_with_static_runtimes=yes - exclude_expsyms='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' - export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols' - # Don't use ranlib - old_postinstall_cmds='chmod 644 $oldlib' - postlink_cmds='lt_outputfile="@OUTPUT@"~ - lt_tool_outputfile="@TOOL_OUTPUT@"~ - case $lt_outputfile in - *.exe|*.EXE) ;; - *) - lt_outputfile="$lt_outputfile.exe" - lt_tool_outputfile="$lt_tool_outputfile.exe" - ;; - esac~ - if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then - $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; - $RM "$lt_outputfile.manifest"; - fi' - ;; - *) - # Assume MSVC wrapper - hardcode_libdir_flag_spec=' ' - allow_undefined_flag=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - old_archive_from_new_cmds='true' - # FIXME: Should let the user specify the lib program. - old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs' - enable_shared_with_static_runtimes=yes - ;; - esac - ;; - - darwin* | rhapsody*) - - - archive_cmds_need_lc=no - hardcode_direct=no - hardcode_automatic=yes - hardcode_shlibpath_var=unsupported - if test "$lt_cv_ld_force_load" = "yes"; then - whole_archive_flag_spec='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' - - else - whole_archive_flag_spec='' - fi - link_all_deplibs=yes - allow_undefined_flag="$_lt_dar_allow_undefined" - case $cc_basename in - ifort*) _lt_dar_can_shared=yes ;; - *) _lt_dar_can_shared=$GCC ;; - esac - if test "$_lt_dar_can_shared" = "yes"; then - output_verbose_link_cmd=func_echo_all - archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" - module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" - archive_expsym_cmds="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" - module_expsym_cmds="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" - - else - ld_shlibs=no - fi - - ;; - - dgux*) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_shlibpath_var=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - hardcode_shlibpath_var=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2.*) - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct=yes - hardcode_minus_L=yes - hardcode_shlibpath_var=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | dragonfly*) - archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - hardcode_shlibpath_var=no - ;; - - hpux9*) - if test "$GCC" = yes; then - archive_cmds='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - hardcode_direct=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - export_dynamic_flag_spec='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes && test "$with_gnu_ld" = no; then - archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - hardcode_direct=yes - hardcode_direct_absolute=yes - export_dynamic_flag_spec='${wl}-E' - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes && test "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - archive_cmds='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - - # Older versions of the 11.00 compiler do not understand -b yet - # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5 -$as_echo_n "checking if $CC understands -b... " >&6; } -if ${lt_cv_prog_compiler__b+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_prog_compiler__b=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS -b" - echo "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_cv_prog_compiler__b=yes - fi - else - lt_cv_prog_compiler__b=yes - fi - fi - $RM -r conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5 -$as_echo "$lt_cv_prog_compiler__b" >&6; } - -if test x"$lt_cv_prog_compiler__b" = xyes; then - archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' -else - archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' -fi - - ;; - esac - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - - case $host_cpu in - hppa*64*|ia64*) - hardcode_direct=no - hardcode_shlibpath_var=no - ;; - *) - hardcode_direct=yes - hardcode_direct_absolute=yes - export_dynamic_flag_spec='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - # Try to use the -exported_symbol ld option, if it does not - # work, assume that -exports_file does not work either and - # implicitly export all symbols. - # This should be the same for all languages, so no per-tag cache variable. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5 -$as_echo_n "checking whether the $host_os linker accepts -exported_symbol... " >&6; } -if ${lt_cv_irix_exported_symbol+:} false; then : - $as_echo_n "(cached) " >&6 -else - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -int foo (void) { return 0; } -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - lt_cv_irix_exported_symbol=yes -else - lt_cv_irix_exported_symbol=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LDFLAGS="$save_LDFLAGS" -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 -$as_echo "$lt_cv_irix_exported_symbol" >&6; } - if test "$lt_cv_irix_exported_symbol" = yes; then - archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' - fi - else - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib' - fi - archive_cmds_need_lc='no' - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - inherit_rpath=yes - link_all_deplibs=yes - ;; - - netbsd* | netbsdelf*-gnu) - if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - hardcode_shlibpath_var=no - ;; - - newsos6) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct=yes - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - hardcode_shlibpath_var=no - ;; - - *nto* | *qnx*) - ;; - - openbsd*) - if test -f /usr/libexec/ld.so; then - hardcode_direct=yes - hardcode_shlibpath_var=no - hardcode_direct_absolute=yes - if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - export_dynamic_flag_spec='${wl}-E' - else - case $host_os in - openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec='-R$libdir' - ;; - *) - archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - ;; - esac - fi - else - ld_shlibs=no - fi - ;; - - os2*) - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - allow_undefined_flag=unsupported - archive_cmds='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - old_archive_from_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - allow_undefined_flag=' -expect_unresolved \*' - archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - fi - archive_cmds_need_lc='no' - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - else - allow_undefined_flag=' -expect_unresolved \*' - archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~ - $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp' - - # Both c and cxx compiler support -rpath directly - hardcode_libdir_flag_spec='-rpath $libdir' - fi - archive_cmds_need_lc='no' - hardcode_libdir_separator=: - ;; - - solaris*) - no_undefined_flag=' -z defs' - if test "$GCC" = yes; then - wlarc='${wl}' - archive_cmds='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' - else - case `$CC -V 2>&1` in - *"Compilers 5.0"*) - wlarc='' - archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp' - ;; - *) - wlarc='${wl}' - archive_cmds='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' - ;; - esac - fi - hardcode_libdir_flag_spec='-R$libdir' - hardcode_shlibpath_var=no - case $host_os in - solaris2.[0-5] | solaris2.[0-5].*) ;; - *) - # The compiler driver will combine and reorder linker options, - # but understands `-z linker_flag'. GCC discards it without `$wl', - # but is careful enough not to reorder. - # Supported since Solaris 2.6 (maybe 2.5.1?) - if test "$GCC" = yes; then - whole_archive_flag_spec='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' - else - whole_archive_flag_spec='-z allextract$convenience -z defaultextract' - fi - ;; - esac - link_all_deplibs=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - archive_cmds='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - hardcode_libdir_flag_spec='-L$libdir' - hardcode_direct=yes - hardcode_minus_L=yes - hardcode_shlibpath_var=no - ;; - - sysv4) - case $host_vendor in - sni) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - archive_cmds='$LD -G -o $lib $libobjs $deplibs $linker_flags' - reload_cmds='$CC -r -o $output$reload_objs' - hardcode_direct=no - ;; - motorola) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - hardcode_shlibpath_var=no - ;; - - sysv4.3*) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var=no - export_dynamic_flag_spec='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - ld_shlibs=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*) - no_undefined_flag='${wl}-z,text' - archive_cmds_need_lc=no - hardcode_shlibpath_var=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - no_undefined_flag='${wl}-z,text' - allow_undefined_flag='${wl}-z,nodefs' - archive_cmds_need_lc=no - hardcode_shlibpath_var=no - hardcode_libdir_flag_spec='${wl}-R,$libdir' - hardcode_libdir_separator=':' - link_all_deplibs=yes - export_dynamic_flag_spec='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_shlibpath_var=no - ;; - - *) - ld_shlibs=no - ;; - esac - - if test x$host_vendor = xsni; then - case $host in - sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) - export_dynamic_flag_spec='${wl}-Blargedynsym' - ;; - esac - fi - fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs" >&5 -$as_echo "$ld_shlibs" >&6; } -test "$ld_shlibs" = no && can_build_shared=no - -with_gnu_ld=$with_gnu_ld - - - - - - - - - - - - - - - -# -# Do we need to explicitly link libc? -# -case "x$archive_cmds_need_lc" in -x|xyes) - # Assume -lc should be added - archive_cmds_need_lc=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $archive_cmds in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 -$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; } -if ${lt_cv_archive_cmds_need_lc+:} false; then : - $as_echo_n "(cached) " >&6 -else - $RM conftest* - echo "$lt_simple_compile_test_code" > conftest.$ac_ext - - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl - pic_flag=$lt_prog_compiler_pic - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag - allow_undefined_flag= - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5 - (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } - then - lt_cv_archive_cmds_need_lc=no - else - lt_cv_archive_cmds_need_lc=yes - fi - allow_undefined_flag=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $RM conftest* - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5 -$as_echo "$lt_cv_archive_cmds_need_lc" >&6; } - archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc - ;; - esac - fi - ;; -esac - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 -$as_echo_n "checking dynamic linker characteristics... " >&6; } - -if test "$GCC" = yes; then - case $host_os in - darwin*) lt_awk_arg="/^libraries:/,/LR/" ;; - *) lt_awk_arg="/^libraries:/" ;; - esac - case $host_os in - mingw* | cegcc*) lt_sed_strip_eq="s,=\([A-Za-z]:\),\1,g" ;; - *) lt_sed_strip_eq="s,=/,/,g" ;; - esac - lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq` - case $lt_search_path_spec in - *\;*) - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'` - ;; - *) - lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"` - ;; - esac - # Ok, now we have the path, separated by spaces, we can step through it - # and add multilib dir if necessary. - lt_tmp_lt_search_path_spec= - lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null` - for lt_sys_path in $lt_search_path_spec; do - if test -d "$lt_sys_path/$lt_multi_os_dir"; then - lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir" - else - test -d "$lt_sys_path" && \ - lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path" - fi - done - lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk ' -BEGIN {RS=" "; FS="/|\n";} { - lt_foo=""; - lt_count=0; - for (lt_i = NF; lt_i > 0; lt_i--) { - if ($lt_i != "" && $lt_i != ".") { - if ($lt_i == "..") { - lt_count++; - } else { - if (lt_count == 0) { - lt_foo="/" $lt_i lt_foo; - } else { - lt_count--; - } - } - } - } - if (lt_foo != "") { lt_freq[lt_foo]++; } - if (lt_freq[lt_foo] == 1) { print lt_foo; } -}'` - # AWK program above erroneously prepends '/' to C:/dos/paths - # for these hosts. - case $host_os in - mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\ - $SED 's,/\([A-Za-z]:\),\1,g'` ;; - esac - sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP` -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix[4-9]*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - case $host_cpu in - powerpc) - # Since July 2007 AmigaOS4 officially supports .so libraries. - # When compiling the executable, add -use-dynld -Lsobjs: to the compileline. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - ;; - m68k) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - esac - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[45]*) - version_type=linux # correct to gnu/linux during the next big refactor - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32* | cegcc*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$cc_basename in - yes,*) - # gcc - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname~ - if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then - eval '\''$striplib \$dldir/$dlname'\'' || exit \$?; - fi' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $RM \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - - sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api" - ;; - mingw* | cegcc*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - esac - dynamic_linker='Win32 ld.exe' - ;; - - *,cl*) - # Native MSVC - libname_spec='$name' - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - library_names_spec='${libname}.dll.lib' - - case $build_os in - mingw*) - sys_lib_search_path_spec= - lt_save_ifs=$IFS - IFS=';' - for lt_path in $LIB - do - IFS=$lt_save_ifs - # Let DOS variable expansion print the short 8.3 style file name. - lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` - sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" - done - IFS=$lt_save_ifs - # Convert to MSYS style. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` - ;; - cygwin*) - # Convert to unix form, then to dos form, then back to unix form - # but this time dos style (no spaces!) so that the unix form looks - # like /cygdrive/c/PROGRA~1:/cygdr... - sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` - sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` - sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - ;; - *) - sys_lib_search_path_spec="$LIB" - if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - # FIXME: find the short name or the path components, as spaces are - # common. (e.g. "Program Files" -> "PROGRA~1") - ;; - esac - - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $RM \$dlpath' - shlibpath_overrides_runpath=yes - dynamic_linker='Win32 link.exe' - ;; - - *) - # Assume MSVC wrapper - library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' - dynamic_linker='Win32 ld.exe' - ;; - esac - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - - sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib" - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[23].*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2.*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[01]* | freebsdelf3.[01]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ - freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - *) # from 4.6 on, and DragonFly - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -haiku*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - dynamic_linker="$host_os runtime_loader" - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LIBRARY_PATH - shlibpath_overrides_runpath=yes - sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib' - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555, ... - postinstall_cmds='chmod 555 $lib' - # or fails outright, so override atomically: - install_override_mode=555 - ;; - -interix[3-9]*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux # correct to gnu/linux during the next big refactor - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be glibc/ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - - # Some binutils ld are patched to set DT_RUNPATH - if ${lt_cv_shlibpath_overrides_runpath+:} false; then : - $as_echo_n "(cached) " >&6 -else - lt_cv_shlibpath_overrides_runpath=no - save_LDFLAGS=$LDFLAGS - save_libdir=$libdir - eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \ - LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\"" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then : - lt_cv_shlibpath_overrides_runpath=yes -fi -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LDFLAGS=$save_LDFLAGS - libdir=$save_libdir - -fi - - shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath - - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -netbsdelf*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='NetBSD ld.elf_so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -*nto* | *qnx*) - version_type=qnx - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='ldqnx.so' - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[89] | openbsd2.[89].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -rdos*) - dynamic_linker=no - ;; - -solaris*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -tpf*) - # TPF is a cross-target only. Preferred cross-host = GNU/Linux. - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -uts4*) - version_type=linux # correct to gnu/linux during the next big refactor - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 -$as_echo "$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then - sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" -fi -if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then - sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" -fi - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 -$as_echo_n "checking how to hardcode library paths into programs... " >&6; } -hardcode_action= -if test -n "$hardcode_libdir_flag_spec" || - test -n "$runpath_var" || - test "X$hardcode_automatic" = "Xyes" ; then - - # We can hardcode non-existent directories. - if test "$hardcode_direct" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_TAGVAR(hardcode_shlibpath_var, )" != no && - test "$hardcode_minus_L" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action=unsupported -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action" >&5 -$as_echo "$hardcode_action" >&6; } - -if test "$hardcode_action" = relink || - test "$inherit_rpath" = yes; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - - - - - - - if test "x$enable_dlopen" != xyes; then - enable_dlopen=unknown - enable_dlopen_self=unknown - enable_dlopen_self_static=unknown -else - lt_cv_dlopen=no - lt_cv_dlopen_libs= - - case $host_os in - beos*) - lt_cv_dlopen="load_add_on" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ;; - - mingw* | pw32* | cegcc*) - lt_cv_dlopen="LoadLibrary" - lt_cv_dlopen_libs= - ;; - - cygwin*) - lt_cv_dlopen="dlopen" - lt_cv_dlopen_libs= - ;; - - darwin*) - # if libdl is installed we need to link against it - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 -$as_echo_n "checking for dlopen in -ldl... " >&6; } -if ${ac_cv_lib_dl_dlopen+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_dl_dlopen=yes -else - ac_cv_lib_dl_dlopen=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 -$as_echo "$ac_cv_lib_dl_dlopen" >&6; } -if test "x$ac_cv_lib_dl_dlopen" = xyes; then : - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" -else - - lt_cv_dlopen="dyld" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - -fi - - ;; - - *) - ac_fn_c_check_func "$LINENO" "shl_load" "ac_cv_func_shl_load" -if test "x$ac_cv_func_shl_load" = xyes; then : - lt_cv_dlopen="shl_load" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5 -$as_echo_n "checking for shl_load in -ldld... " >&6; } -if ${ac_cv_lib_dld_shl_load+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldld $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char shl_load (); -int -main () -{ -return shl_load (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_dld_shl_load=yes -else - ac_cv_lib_dld_shl_load=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5 -$as_echo "$ac_cv_lib_dld_shl_load" >&6; } -if test "x$ac_cv_lib_dld_shl_load" = xyes; then : - lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld" -else - ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" -if test "x$ac_cv_func_dlopen" = xyes; then : - lt_cv_dlopen="dlopen" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 -$as_echo_n "checking for dlopen in -ldl... " >&6; } -if ${ac_cv_lib_dl_dlopen+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_dl_dlopen=yes -else - ac_cv_lib_dl_dlopen=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 -$as_echo "$ac_cv_lib_dl_dlopen" >&6; } -if test "x$ac_cv_lib_dl_dlopen" = xyes; then : - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5 -$as_echo_n "checking for dlopen in -lsvld... " >&6; } -if ${ac_cv_lib_svld_dlopen+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lsvld $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_svld_dlopen=yes -else - ac_cv_lib_svld_dlopen=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5 -$as_echo "$ac_cv_lib_svld_dlopen" >&6; } -if test "x$ac_cv_lib_svld_dlopen" = xyes; then : - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5 -$as_echo_n "checking for dld_link in -ldld... " >&6; } -if ${ac_cv_lib_dld_dld_link+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldld $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dld_link (); -int -main () -{ -return dld_link (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_dld_dld_link=yes -else - ac_cv_lib_dld_dld_link=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5 -$as_echo "$ac_cv_lib_dld_dld_link" >&6; } -if test "x$ac_cv_lib_dld_dld_link" = xyes; then : - lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld" -fi - - -fi - - -fi - - -fi - - -fi - - -fi - - ;; - esac - - if test "x$lt_cv_dlopen" != xno; then - enable_dlopen=yes - else - enable_dlopen=no - fi - - case $lt_cv_dlopen in - dlopen) - save_CPPFLAGS="$CPPFLAGS" - test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" - - save_LDFLAGS="$LDFLAGS" - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" - - save_LIBS="$LIBS" - LIBS="$lt_cv_dlopen_libs $LIBS" - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5 -$as_echo_n "checking whether a program can dlopen itself... " >&6; } -if ${lt_cv_dlopen_self+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - lt_cv_dlopen_self=cross -else - lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 - lt_status=$lt_dlunknown - cat > conftest.$ac_ext <<_LT_EOF -#line $LINENO "configure" -#include "confdefs.h" - -#if HAVE_DLFCN_H -#include -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LT_DLGLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LT_DLGLOBAL DL_GLOBAL -# else -# define LT_DLGLOBAL 0 -# endif -#endif - -/* We may have to define LT_DLLAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LT_DLLAZY_OR_NOW -# ifdef RTLD_LAZY -# define LT_DLLAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LT_DLLAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LT_DLLAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LT_DLLAZY_OR_NOW DL_NOW -# else -# define LT_DLLAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -/* When -fvisbility=hidden is used, assume the code has been annotated - correspondingly for the symbols needed. */ -#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) -int fnord () __attribute__((visibility("default"))); -#endif - -int fnord () { return 42; } -int main () -{ - void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); - int status = $lt_dlunknown; - - if (self) - { - if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else - { - if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; - else puts (dlerror ()); - } - /* dlclose (self); */ - } - else - puts (dlerror ()); - - return status; -} -_LT_EOF - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 - (eval $ac_link) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then - (./conftest; exit; ) >&5 2>/dev/null - lt_status=$? - case x$lt_status in - x$lt_dlno_uscore) lt_cv_dlopen_self=yes ;; - x$lt_dlneed_uscore) lt_cv_dlopen_self=yes ;; - x$lt_dlunknown|x*) lt_cv_dlopen_self=no ;; - esac - else : - # compilation failed - lt_cv_dlopen_self=no - fi -fi -rm -fr conftest* - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5 -$as_echo "$lt_cv_dlopen_self" >&6; } - - if test "x$lt_cv_dlopen_self" = xyes; then - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5 -$as_echo_n "checking whether a statically linked program can dlopen itself... " >&6; } -if ${lt_cv_dlopen_self_static+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - lt_cv_dlopen_self_static=cross -else - lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 - lt_status=$lt_dlunknown - cat > conftest.$ac_ext <<_LT_EOF -#line $LINENO "configure" -#include "confdefs.h" - -#if HAVE_DLFCN_H -#include -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LT_DLGLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LT_DLGLOBAL DL_GLOBAL -# else -# define LT_DLGLOBAL 0 -# endif -#endif - -/* We may have to define LT_DLLAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LT_DLLAZY_OR_NOW -# ifdef RTLD_LAZY -# define LT_DLLAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LT_DLLAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LT_DLLAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LT_DLLAZY_OR_NOW DL_NOW -# else -# define LT_DLLAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -/* When -fvisbility=hidden is used, assume the code has been annotated - correspondingly for the symbols needed. */ -#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) -int fnord () __attribute__((visibility("default"))); -#endif - -int fnord () { return 42; } -int main () -{ - void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); - int status = $lt_dlunknown; - - if (self) - { - if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else - { - if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; - else puts (dlerror ()); - } - /* dlclose (self); */ - } - else - puts (dlerror ()); - - return status; -} -_LT_EOF - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 - (eval $ac_link) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then - (./conftest; exit; ) >&5 2>/dev/null - lt_status=$? - case x$lt_status in - x$lt_dlno_uscore) lt_cv_dlopen_self_static=yes ;; - x$lt_dlneed_uscore) lt_cv_dlopen_self_static=yes ;; - x$lt_dlunknown|x*) lt_cv_dlopen_self_static=no ;; - esac - else : - # compilation failed - lt_cv_dlopen_self_static=no - fi -fi -rm -fr conftest* - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5 -$as_echo "$lt_cv_dlopen_self_static" >&6; } - fi - - CPPFLAGS="$save_CPPFLAGS" - LDFLAGS="$save_LDFLAGS" - LIBS="$save_LIBS" - ;; - esac - - case $lt_cv_dlopen_self in - yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; - *) enable_dlopen_self=unknown ;; - esac - - case $lt_cv_dlopen_self_static in - yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; - *) enable_dlopen_self_static=unknown ;; - esac -fi - - - - - - - - - - - - - - - - - -striplib= -old_striplib= -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5 -$as_echo_n "checking whether stripping libraries is possible... " >&6; } -if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP" ; then - striplib="$STRIP -x" - old_striplib="$STRIP -S" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - ;; - *) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - ;; - esac -fi - - - - - - - - - - - - - # Report which library types will actually be built - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if libtool supports shared libraries" >&5 -$as_echo_n "checking if libtool supports shared libraries... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $can_build_shared" >&5 -$as_echo "$can_build_shared" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build shared libraries" >&5 -$as_echo_n "checking whether to build shared libraries... " >&6; } - test "$can_build_shared" = "no" && enable_shared=no - - # On AIX, shared libraries and static libraries use the same namespace, and - # are all built from PIC. - case $host_os in - aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; - - aix[4-9]*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; - esac - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_shared" >&5 -$as_echo "$enable_shared" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build static libraries" >&5 -$as_echo_n "checking whether to build static libraries... " >&6; } - # Make sure either enable_shared or enable_static is yes. - test "$enable_shared" = yes || enable_static=yes - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5 -$as_echo "$enable_static" >&6; } - - - - -fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC="$lt_save_CC" - - - - - - - - - - - - - - - - ac_config_commands="$ac_config_commands libtool" - - - - -# Only expand once: - - - - -ac_header_dirent=no -for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h; do - as_ac_Header=`$as_echo "ac_cv_header_dirent_$ac_hdr" | $as_tr_sh` -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_hdr that defines DIR" >&5 -$as_echo_n "checking for $ac_hdr that defines DIR... " >&6; } -if eval \${$as_ac_Header+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include <$ac_hdr> - -int -main () -{ -if ((DIR *) 0) -return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$as_ac_Header=yes" -else - eval "$as_ac_Header=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$as_ac_Header - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_hdr" | $as_tr_cpp` 1 -_ACEOF - -ac_header_dirent=$ac_hdr; break -fi - -done -# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix. -if test $ac_header_dirent = dirent.h; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5 -$as_echo_n "checking for library containing opendir... " >&6; } -if ${ac_cv_search_opendir+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char opendir (); -int -main () -{ -return opendir (); - ; - return 0; -} -_ACEOF -for ac_lib in '' dir; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_opendir=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_opendir+:} false; then : - break -fi -done -if ${ac_cv_search_opendir+:} false; then : - -else - ac_cv_search_opendir=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5 -$as_echo "$ac_cv_search_opendir" >&6; } -ac_res=$ac_cv_search_opendir -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5 -$as_echo_n "checking for library containing opendir... " >&6; } -if ${ac_cv_search_opendir+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char opendir (); -int -main () -{ -return opendir (); - ; - return 0; -} -_ACEOF -for ac_lib in '' x; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_opendir=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_opendir+:} false; then : - break -fi -done -if ${ac_cv_search_opendir+:} false; then : - -else - ac_cv_search_opendir=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5 -$as_echo "$ac_cv_search_opendir" >&6; } -ac_res=$ac_cv_search_opendir -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 -$as_echo_n "checking for ANSI C header files... " >&6; } -if ${ac_cv_header_stdc+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#include -#include - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_stdc=yes -else - ac_cv_header_stdc=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then : - -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then : - -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then : - : -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif - -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int -main () -{ - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - -else - ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 -$as_echo "$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then - -$as_echo "#define STDC_HEADERS 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sys/wait.h that is POSIX.1 compatible" >&5 -$as_echo_n "checking for sys/wait.h that is POSIX.1 compatible... " >&6; } -if ${ac_cv_header_sys_wait_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#ifndef WEXITSTATUS -# define WEXITSTATUS(stat_val) ((unsigned int) (stat_val) >> 8) -#endif -#ifndef WIFEXITED -# define WIFEXITED(stat_val) (((stat_val) & 255) == 0) -#endif - -int -main () -{ - int s; - wait (&s); - s = WIFEXITED (s) ? WEXITSTATUS (s) : 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_sys_wait_h=yes -else - ac_cv_header_sys_wait_h=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_sys_wait_h" >&5 -$as_echo "$ac_cv_header_sys_wait_h" >&6; } -if test $ac_cv_header_sys_wait_h = yes; then - -$as_echo "#define HAVE_SYS_WAIT_H 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdbool.h that conforms to C99" >&5 -$as_echo_n "checking for stdbool.h that conforms to C99... " >&6; } -if ${ac_cv_header_stdbool_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #ifndef bool - "error: bool is not defined" - #endif - #ifndef false - "error: false is not defined" - #endif - #if false - "error: false is not 0" - #endif - #ifndef true - "error: true is not defined" - #endif - #if true != 1 - "error: true is not 1" - #endif - #ifndef __bool_true_false_are_defined - "error: __bool_true_false_are_defined is not defined" - #endif - - struct s { _Bool s: 1; _Bool t; } s; - - char a[true == 1 ? 1 : -1]; - char b[false == 0 ? 1 : -1]; - char c[__bool_true_false_are_defined == 1 ? 1 : -1]; - char d[(bool) 0.5 == true ? 1 : -1]; - /* See body of main program for 'e'. */ - char f[(_Bool) 0.0 == false ? 1 : -1]; - char g[true]; - char h[sizeof (_Bool)]; - char i[sizeof s.t]; - enum { j = false, k = true, l = false * true, m = true * 256 }; - /* The following fails for - HP aC++/ANSI C B3910B A.05.55 [Dec 04 2003]. */ - _Bool n[m]; - char o[sizeof n == m * sizeof n[0] ? 1 : -1]; - char p[-1 - (_Bool) 0 < 0 && -1 - (bool) 0 < 0 ? 1 : -1]; - /* Catch a bug in an HP-UX C compiler. See - http://gcc.gnu.org/ml/gcc-patches/2003-12/msg02303.html - http://lists.gnu.org/archive/html/bug-coreutils/2005-11/msg00161.html - */ - _Bool q = true; - _Bool *pq = &q; - -int -main () -{ - - bool e = &s; - *pq |= q; - *pq |= ! q; - /* Refer to every declared value, to avoid compiler optimizations. */ - return (!a + !b + !c + !d + !e + !f + !g + !h + !i + !!j + !k + !!l - + !m + !n + !o + !p + !q + !pq); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_stdbool_h=yes -else - ac_cv_header_stdbool_h=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdbool_h" >&5 -$as_echo "$ac_cv_header_stdbool_h" >&6; } - ac_fn_c_check_type "$LINENO" "_Bool" "ac_cv_type__Bool" "$ac_includes_default" -if test "x$ac_cv_type__Bool" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE__BOOL 1 -_ACEOF - - -fi - - -if test $ac_cv_header_stdbool_h = yes; then - -$as_echo "#define HAVE_STDBOOL_H 1" >>confdefs.h - -fi - - -for ac_header in errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \ - utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \ - utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \ - locale.h rpc/key_prot.h netdb.h acl/libacl.h attr/libattr.h \ - attr/error_context.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - -ac_fn_c_check_header_mongrel "$LINENO" "shadow.h" "ac_cv_header_shadow_h" "$ac_includes_default" -if test "x$ac_cv_header_shadow_h" = xyes; then : - -else - as_fn_error $? "You need a libc with shadow.h" "$LINENO" 5 -fi - - - -for ac_func in l64a fchmod fchown fsync futimes getgroups gethostname getspnam \ - gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \ - lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \ - getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo \ - ruserok -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -# Check whether --enable-largefile was given. -if test "${enable_largefile+set}" = set; then : - enableval=$enable_largefile; -fi - -if test "$enable_largefile" != no; then - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5 -$as_echo_n "checking for special C compiler options needed for large files... " >&6; } -if ${ac_cv_sys_largefile_CC+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_sys_largefile_CC=no - if test "$GCC" != yes; then - ac_save_CC=$CC - while :; do - # IRIX 6.2 and later do not support large files by default, - # so use the C compiler's -n32 option if that helps. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF - if ac_fn_c_try_compile "$LINENO"; then : - break -fi -rm -f core conftest.err conftest.$ac_objext - CC="$CC -n32" - if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_largefile_CC=' -n32'; break -fi -rm -f core conftest.err conftest.$ac_objext - break - done - CC=$ac_save_CC - rm -f conftest.$ac_ext - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5 -$as_echo "$ac_cv_sys_largefile_CC" >&6; } - if test "$ac_cv_sys_largefile_CC" != no; then - CC=$CC$ac_cv_sys_largefile_CC - fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5 -$as_echo_n "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; } -if ${ac_cv_sys_file_offset_bits+:} false; then : - $as_echo_n "(cached) " >&6 -else - while :; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_file_offset_bits=no; break -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#define _FILE_OFFSET_BITS 64 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_file_offset_bits=64; break -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cv_sys_file_offset_bits=unknown - break -done -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5 -$as_echo "$ac_cv_sys_file_offset_bits" >&6; } -case $ac_cv_sys_file_offset_bits in #( - no | unknown) ;; - *) -cat >>confdefs.h <<_ACEOF -#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits -_ACEOF -;; -esac -rm -rf conftest* - if test $ac_cv_sys_file_offset_bits = unknown; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5 -$as_echo_n "checking for _LARGE_FILES value needed for large files... " >&6; } -if ${ac_cv_sys_large_files+:} false; then : - $as_echo_n "(cached) " >&6 -else - while :; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_large_files=no; break -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#define _LARGE_FILES 1 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_sys_large_files=1; break -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cv_sys_large_files=unknown - break -done -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5 -$as_echo "$ac_cv_sys_large_files" >&6; } -case $ac_cv_sys_large_files in #( - no | unknown) ;; - *) -cat >>confdefs.h <<_ACEOF -#define _LARGE_FILES $ac_cv_sys_large_files -_ACEOF -;; -esac -rm -rf conftest* - fi - - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 -$as_echo_n "checking for an ANSI C-conforming const... " >&6; } -if ${ac_cv_c_const+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - -#ifndef __cplusplus - /* Ultrix mips cc rejects this sort of thing. */ - typedef int charset[2]; - const charset cs = { 0, 0 }; - /* SunOS 4.1.1 cc rejects this. */ - char const *const *pcpcc; - char **ppc; - /* NEC SVR4.0.2 mips cc rejects this. */ - struct point {int x, y;}; - static struct point const zero = {0,0}; - /* AIX XL C 1.02.0.0 rejects this. - It does not let you subtract one const X* pointer from another in - an arm of an if-expression whose if-part is not a constant - expression */ - const char *g = "string"; - pcpcc = &g + (g ? g-g : 0); - /* HPUX 7.0 cc rejects these. */ - ++pcpcc; - ppc = (char**) pcpcc; - pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this sort of thing. */ - char tx; - char *t = &tx; - char const *s = 0 ? (char *) 0 : (char const *) 0; - - *t++ = 0; - if (s) return 0; - } - { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ - int x[] = {25, 17}; - const int *foo = &x[0]; - ++foo; - } - { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ - typedef const int *iptr; - iptr p = 0; - ++p; - } - { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying - "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; } bx; - struct s *b = &bx; b->j = 5; - } - { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ - const int foo = 10; - if (!foo) return 0; - } - return !cs[0] && !zero.x; -#endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_c_const=yes -else - ac_cv_c_const=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 -$as_echo "$ac_cv_c_const" >&6; } -if test $ac_cv_c_const = no; then - -$as_echo "#define const /**/" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uid_t in sys/types.h" >&5 -$as_echo_n "checking for uid_t in sys/types.h... " >&6; } -if ${ac_cv_type_uid_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "uid_t" >/dev/null 2>&1; then : - ac_cv_type_uid_t=yes -else - ac_cv_type_uid_t=no -fi -rm -f conftest* - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_uid_t" >&5 -$as_echo "$ac_cv_type_uid_t" >&6; } -if test $ac_cv_type_uid_t = no; then - -$as_echo "#define uid_t int" >>confdefs.h - - -$as_echo "#define gid_t int" >>confdefs.h - -fi - -ac_fn_c_check_type "$LINENO" "off_t" "ac_cv_type_off_t" "$ac_includes_default" -if test "x$ac_cv_type_off_t" = xyes; then : - -else - -cat >>confdefs.h <<_ACEOF -#define off_t long int -_ACEOF - -fi - -ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" -if test "x$ac_cv_type_pid_t" = xyes; then : - -else - -cat >>confdefs.h <<_ACEOF -#define pid_t int -_ACEOF - -fi - -ac_fn_c_check_type "$LINENO" "mode_t" "ac_cv_type_mode_t" "$ac_includes_default" -if test "x$ac_cv_type_mode_t" = xyes; then : - -else - -cat >>confdefs.h <<_ACEOF -#define mode_t int -_ACEOF - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stat file-mode macros are broken" >&5 -$as_echo_n "checking whether stat file-mode macros are broken... " >&6; } -if ${ac_cv_header_stat_broken+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include - -#if defined S_ISBLK && defined S_IFDIR -extern char c1[S_ISBLK (S_IFDIR) ? -1 : 1]; -#endif - -#if defined S_ISBLK && defined S_IFCHR -extern char c2[S_ISBLK (S_IFCHR) ? -1 : 1]; -#endif - -#if defined S_ISLNK && defined S_IFREG -extern char c3[S_ISLNK (S_IFREG) ? -1 : 1]; -#endif - -#if defined S_ISSOCK && defined S_IFREG -extern char c4[S_ISSOCK (S_IFREG) ? -1 : 1]; -#endif - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_stat_broken=no -else - ac_cv_header_stat_broken=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stat_broken" >&5 -$as_echo "$ac_cv_header_stat_broken" >&6; } -if test $ac_cv_header_stat_broken = yes; then - -$as_echo "#define STAT_MACROS_BROKEN 1" >>confdefs.h - -fi - -ac_fn_c_check_member "$LINENO" "struct stat" "st_rdev" "ac_cv_member_struct_stat_st_rdev" "$ac_includes_default" -if test "x$ac_cv_member_struct_stat_st_rdev" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_STAT_ST_RDEV 1 -_ACEOF - - -fi - -ac_fn_c_check_member "$LINENO" "struct stat" "st_atim" "ac_cv_member_struct_stat_st_atim" "$ac_includes_default" -if test "x$ac_cv_member_struct_stat_st_atim" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_STAT_ST_ATIM 1 -_ACEOF - - -fi - -ac_fn_c_check_member "$LINENO" "struct stat" "st_atimensec" "ac_cv_member_struct_stat_st_atimensec" "$ac_includes_default" -if test "x$ac_cv_member_struct_stat_st_atimensec" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_STAT_ST_ATIMENSEC 1 -_ACEOF - - -fi - -ac_fn_c_check_member "$LINENO" "struct stat" "st_mtim" "ac_cv_member_struct_stat_st_mtim" "$ac_includes_default" -if test "x$ac_cv_member_struct_stat_st_mtim" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_STAT_ST_MTIM 1 -_ACEOF - - -fi - -ac_fn_c_check_member "$LINENO" "struct stat" "st_mtimensec" "ac_cv_member_struct_stat_st_mtimensec" "$ac_includes_default" -if test "x$ac_cv_member_struct_stat_st_mtimensec" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_STAT_ST_MTIMENSEC 1 -_ACEOF - - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5 -$as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; } -if ${ac_cv_header_time+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#include - -int -main () -{ -if ((struct tm *) 0) -return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_time=yes -else - ac_cv_header_time=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5 -$as_echo "$ac_cv_header_time" >&6; } -if test $ac_cv_header_time = yes; then - -$as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether struct tm is in sys/time.h or time.h" >&5 -$as_echo_n "checking whether struct tm is in sys/time.h or time.h... " >&6; } -if ${ac_cv_struct_tm+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include - -int -main () -{ -struct tm tm; - int *p = &tm.tm_sec; - return !p; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_struct_tm=time.h -else - ac_cv_struct_tm=sys/time.h -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_tm" >&5 -$as_echo "$ac_cv_struct_tm" >&6; } -if test $ac_cv_struct_tm = sys/time.h; then - -$as_echo "#define TM_IN_SYS_TIME 1" >>confdefs.h - -fi - - -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_type" "ac_cv_member_struct_utmp_ut_type" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_type" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_TYPE 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_id" "ac_cv_member_struct_utmp_ut_id" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_id" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_ID 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_name" "ac_cv_member_struct_utmp_ut_name" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_name" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_NAME 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_user" "ac_cv_member_struct_utmp_ut_user" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_user" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_USER 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_host" "ac_cv_member_struct_utmp_ut_host" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_host" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_HOST 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_syslen" "ac_cv_member_struct_utmp_ut_syslen" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_syslen" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_SYSLEN 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_addr" "ac_cv_member_struct_utmp_ut_addr" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_addr" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_ADDR 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_addr_v6" "ac_cv_member_struct_utmp_ut_addr_v6" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_addr_v6" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_ADDR_V6 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_time" "ac_cv_member_struct_utmp_ut_time" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_time" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_TIME 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_xtime" "ac_cv_member_struct_utmp_ut_xtime" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_xtime" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_XTIME 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmp" "ut_tv" "ac_cv_member_struct_utmp_ut_tv" "#include -" -if test "x$ac_cv_member_struct_utmp_ut_tv" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMP_UT_TV 1 -_ACEOF - - -fi - -if test "$ac_cv_header_utmpx_h" = "yes" && - test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then - as_fn_error $? "Systems with UTMPX and no ut_id field in the utmp structure are not supported" "$LINENO" 5 -fi - -ac_fn_c_check_member "$LINENO" "struct utmpx" "ut_name" "ac_cv_member_struct_utmpx_ut_name" "#include -" -if test "x$ac_cv_member_struct_utmpx_ut_name" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMPX_UT_NAME 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmpx" "ut_host" "ac_cv_member_struct_utmpx_ut_host" "#include -" -if test "x$ac_cv_member_struct_utmpx_ut_host" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMPX_UT_HOST 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmpx" "ut_syslen" "ac_cv_member_struct_utmpx_ut_syslen" "#include -" -if test "x$ac_cv_member_struct_utmpx_ut_syslen" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMPX_UT_SYSLEN 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmpx" "ut_addr" "ac_cv_member_struct_utmpx_ut_addr" "#include -" -if test "x$ac_cv_member_struct_utmpx_ut_addr" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMPX_UT_ADDR 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmpx" "ut_addr_v6" "ac_cv_member_struct_utmpx_ut_addr_v6" "#include -" -if test "x$ac_cv_member_struct_utmpx_ut_addr_v6" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMPX_UT_ADDR_V6 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmpx" "ut_time" "ac_cv_member_struct_utmpx_ut_time" "#include -" -if test "x$ac_cv_member_struct_utmpx_ut_time" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMPX_UT_TIME 1 -_ACEOF - - -fi -ac_fn_c_check_member "$LINENO" "struct utmpx" "ut_xtime" "ac_cv_member_struct_utmpx_ut_xtime" "#include -" -if test "x$ac_cv_member_struct_utmpx_ut_xtime" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_UTMPX_UT_XTIME 1 -_ACEOF - - -fi - - -if test "$ac_cv_header_lastlog_h" = "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ll_host in struct lastlog" >&5 -$as_echo_n "checking for ll_host in struct lastlog... " >&6; } -if ${ac_cv_struct_lastlog_ll_host+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -struct lastlog ll; char *cp = ll.ll_host; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_struct_lastlog_ll_host=yes -else - ac_cv_struct_lastlog_ll_host=no - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_lastlog_ll_host" >&5 -$as_echo "$ac_cv_struct_lastlog_ll_host" >&6; } - - if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then - -$as_echo "#define HAVE_LL_HOST 1" >>confdefs.h - - fi -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking type of array argument to getgroups" >&5 -$as_echo_n "checking type of array argument to getgroups... " >&6; } -if ${ac_cv_type_getgroups+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - ac_cv_type_getgroups=cross -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -/* Thanks to Mike Rendell for this test. */ -$ac_includes_default -#define NGID 256 -#undef MAX -#define MAX(x, y) ((x) > (y) ? (x) : (y)) - -int -main () -{ - gid_t gidset[NGID]; - int i, n; - union { gid_t gval; long int lval; } val; - - val.lval = -1; - for (i = 0; i < NGID; i++) - gidset[i] = val.gval; - n = getgroups (sizeof (gidset) / MAX (sizeof (int), sizeof (gid_t)) - 1, - gidset); - /* Exit non-zero if getgroups seems to require an array of ints. This - happens when gid_t is short int but getgroups modifies an array - of ints. */ - return n > 0 && gidset[n] != val.gval; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ac_cv_type_getgroups=gid_t -else - ac_cv_type_getgroups=int -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -if test $ac_cv_type_getgroups = cross; then - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "getgroups.*int.*gid_t" >/dev/null 2>&1; then : - ac_cv_type_getgroups=gid_t -else - ac_cv_type_getgroups=int -fi -rm -f conftest* - -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_getgroups" >&5 -$as_echo "$ac_cv_type_getgroups" >&6; } - -cat >>confdefs.h <<_ACEOF -#define GETGROUPS_T $ac_cv_type_getgroups -_ACEOF - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 -$as_echo_n "checking return type of signal handlers... " >&6; } -if ${ac_cv_type_signal+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include - -int -main () -{ -return *(signal (0, 0)) (0) == 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_type_signal=int -else - ac_cv_type_signal=void -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5 -$as_echo "$ac_cv_type_signal" >&6; } - -cat >>confdefs.h <<_ACEOF -#define RETSIGTYPE $ac_cv_type_signal -_ACEOF - - - - - - for ac_header in $ac_header_list -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default -" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether utime accepts a null argument" >&5 -$as_echo_n "checking whether utime accepts a null argument... " >&6; } -if ${ac_cv_func_utime_null+:} false; then : - $as_echo_n "(cached) " >&6 -else - rm -f conftest.data; >conftest.data -# Sequent interprets utime(file, 0) to mean use start of epoch. Wrong. -if test "$cross_compiling" = yes; then : - ac_cv_func_utime_null='guessing yes' -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$ac_includes_default - #ifdef HAVE_UTIME_H - # include - #endif -int -main () -{ -struct stat s, t; - return ! (stat ("conftest.data", &s) == 0 - && utime ("conftest.data", 0) == 0 - && stat ("conftest.data", &t) == 0 - && t.st_mtime >= s.st_mtime - && t.st_mtime - s.st_mtime < 120); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ac_cv_func_utime_null=yes -else - ac_cv_func_utime_null=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_utime_null" >&5 -$as_echo "$ac_cv_func_utime_null" >&6; } -if test "x$ac_cv_func_utime_null" != xno; then - ac_cv_func_utime_null=yes - -$as_echo "#define HAVE_UTIME_NULL 1" >>confdefs.h - -fi -rm -f conftest.data - -for ac_func in strftime -do : - ac_fn_c_check_func "$LINENO" "strftime" "ac_cv_func_strftime" -if test "x$ac_cv_func_strftime" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_STRFTIME 1 -_ACEOF - -else - # strftime is in -lintl on SCO UNIX. -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for strftime in -lintl" >&5 -$as_echo_n "checking for strftime in -lintl... " >&6; } -if ${ac_cv_lib_intl_strftime+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lintl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strftime (); -int -main () -{ -return strftime (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_intl_strftime=yes -else - ac_cv_lib_intl_strftime=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_intl_strftime" >&5 -$as_echo "$ac_cv_lib_intl_strftime" >&6; } -if test "x$ac_cv_lib_intl_strftime" = xyes; then : - $as_echo "#define HAVE_STRFTIME 1" >>confdefs.h - -LIBS="-lintl $LIBS" -fi - -fi -done - -ac_fn_c_check_func "$LINENO" "mkdir" "ac_cv_func_mkdir" -if test "x$ac_cv_func_mkdir" = xyes; then : - $as_echo "#define HAVE_MKDIR 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" mkdir.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS mkdir.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "putgrent" "ac_cv_func_putgrent" -if test "x$ac_cv_func_putgrent" = xyes; then : - $as_echo "#define HAVE_PUTGRENT 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" putgrent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS putgrent.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "putpwent" "ac_cv_func_putpwent" -if test "x$ac_cv_func_putpwent" = xyes; then : - $as_echo "#define HAVE_PUTPWENT 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" putpwent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS putpwent.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "putspent" "ac_cv_func_putspent" -if test "x$ac_cv_func_putspent" = xyes; then : - $as_echo "#define HAVE_PUTSPENT 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" putspent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS putspent.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "rename" "ac_cv_func_rename" -if test "x$ac_cv_func_rename" = xyes; then : - $as_echo "#define HAVE_RENAME 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" rename.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS rename.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "rmdir" "ac_cv_func_rmdir" -if test "x$ac_cv_func_rmdir" = xyes; then : - $as_echo "#define HAVE_RMDIR 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" rmdir.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS rmdir.$ac_objext" - ;; -esac - -fi - - -ac_fn_c_check_func "$LINENO" "sgetgrent" "ac_cv_func_sgetgrent" -if test "x$ac_cv_func_sgetgrent" = xyes; then : - $as_echo "#define HAVE_SGETGRENT 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" sgetgrent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS sgetgrent.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "sgetpwent" "ac_cv_func_sgetpwent" -if test "x$ac_cv_func_sgetpwent" = xyes; then : - $as_echo "#define HAVE_SGETPWENT 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" sgetpwent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS sgetpwent.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "sgetspent" "ac_cv_func_sgetspent" -if test "x$ac_cv_func_sgetspent" = xyes; then : - $as_echo "#define HAVE_SGETSPENT 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" sgetspent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS sgetspent.$ac_objext" - ;; -esac - -fi - - -ac_fn_c_check_func "$LINENO" "snprintf" "ac_cv_func_snprintf" -if test "x$ac_cv_func_snprintf" = xyes; then : - $as_echo "#define HAVE_SNPRINTF 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" snprintf.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS snprintf.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "strcasecmp" "ac_cv_func_strcasecmp" -if test "x$ac_cv_func_strcasecmp" = xyes; then : - $as_echo "#define HAVE_STRCASECMP 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" strcasecmp.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strcasecmp.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "strdup" "ac_cv_func_strdup" -if test "x$ac_cv_func_strdup" = xyes; then : - $as_echo "#define HAVE_STRDUP 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" strdup.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strdup.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "strerror" "ac_cv_func_strerror" -if test "x$ac_cv_func_strerror" = xyes; then : - $as_echo "#define HAVE_STRERROR 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" strerror.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strerror.$ac_objext" - ;; -esac - -fi - -ac_fn_c_check_func "$LINENO" "strstr" "ac_cv_func_strstr" -if test "x$ac_cv_func_strstr" = xyes; then : - $as_echo "#define HAVE_STRSTR 1" >>confdefs.h - -else - case " $LIBOBJS " in - *" strstr.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strstr.$ac_objext" - ;; -esac - -fi - - - -ac_fn_c_check_func "$LINENO" "setpgrp" "ac_cv_func_setpgrp" -if test "x$ac_cv_func_setpgrp" = xyes; then : - -fi - - -if test "$ac_cv_header_shadow_h" = "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working shadow group support" >&5 -$as_echo_n "checking for working shadow group support... " >&6; } -if ${ac_cv_libc_shadowgrp+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - ac_cv_libc_shadowgrp=no - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - main() - { - struct sgrp *sg = sgetsgent("test:x::"); - /* NYS libc on Red Hat 3.0.3 has broken shadow group support */ - return !sg || !sg->sg_adm || !sg->sg_mem; - } - -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ac_cv_libc_shadowgrp=yes -else - ac_cv_libc_shadowgrp=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_shadowgrp" >&5 -$as_echo "$ac_cv_libc_shadowgrp" >&6; } - - if test "$ac_cv_libc_shadowgrp" = "yes"; then - -$as_echo "#define HAVE_SHADOWGRP 1" >>confdefs.h - - fi -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking location of shared mail directory" >&5 -$as_echo_n "checking location of shared mail directory... " >&6; } -if ${shadow_cv_maildir+:} false; then : - $as_echo_n "(cached) " >&6 -else - for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do - if test -d $shadow_cv_maildir; then - break - fi -done -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $shadow_cv_maildir" >&5 -$as_echo "$shadow_cv_maildir" >&6; } -if test $shadow_cv_maildir != none; then - -cat >>confdefs.h <<_ACEOF -#define MAIL_SPOOL_DIR "$shadow_cv_maildir" -_ACEOF - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking location of user mail file" >&5 -$as_echo_n "checking location of user mail file... " >&6; } -if ${shadow_cv_mailfile+:} false; then : - $as_echo_n "(cached) " >&6 -else - for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do - if test -f $HOME/$shadow_cv_mailfile; then - break - fi -done -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $shadow_cv_mailfile" >&5 -$as_echo "$shadow_cv_mailfile" >&6; } -if test $shadow_cv_mailfile != none; then - -cat >>confdefs.h <<_ACEOF -#define MAIL_SPOOL_FILE "$shadow_cv_mailfile" -_ACEOF - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking location of utmp" >&5 -$as_echo_n "checking location of utmp... " >&6; } -if ${shadow_cv_utmpdir+:} false; then : - $as_echo_n "(cached) " >&6 -else - for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do - if test -f $shadow_cv_utmpdir/utmp; then - break - fi -done -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $shadow_cv_utmpdir" >&5 -$as_echo "$shadow_cv_utmpdir" >&6; } -if test "$shadow_cv_utmpdir" = "none"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: utmp file not found" >&5 -$as_echo "$as_me: WARNING: utmp file not found" >&2;} -fi - -cat >>confdefs.h <<_ACEOF -#define _UTMP_FILE "$shadow_cv_utmpdir/utmp" -_ACEOF - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking location of faillog/lastlog/wtmp" >&5 -$as_echo_n "checking location of faillog/lastlog/wtmp... " >&6; } -if ${shadow_cv_logdir+:} false; then : - $as_echo_n "(cached) " >&6 -else - for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do - if test -d $shadow_cv_logdir; then - break - fi -done -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $shadow_cv_logdir" >&5 -$as_echo "$shadow_cv_logdir" >&6; } - -cat >>confdefs.h <<_ACEOF -#define _WTMP_FILE "$shadow_cv_logdir/wtmp" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define LASTLOG_FILE "$shadow_cv_logdir/lastlog" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define FAILLOG_FILE "$shadow_cv_logdir/faillog" -_ACEOF - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking location of the passwd program" >&5 -$as_echo_n "checking location of the passwd program... " >&6; } -if ${shadow_cv_passwd_dir+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -f /usr/bin/passwd; then - shadow_cv_passwd_dir=/usr/bin -else - shadow_cv_passwd_dir=/bin -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $shadow_cv_passwd_dir" >&5 -$as_echo "$shadow_cv_passwd_dir" >&6; } - -cat >>confdefs.h <<_ACEOF -#define PASSWD_PROGRAM "$shadow_cv_passwd_dir/passwd" -_ACEOF - - - -$as_echo "#define USE_SYSLOG 1" >>confdefs.h - -if test "$ac_cv_func_ruserok" = "yes"; then - -$as_echo "#define RLOGIN 1" >>confdefs.h - - -$as_echo "#define RUSEROK 0" >>confdefs.h - -fi - -# Check whether --enable-shadowgrp was given. -if test "${enable_shadowgrp+set}" = set; then : - enableval=$enable_shadowgrp; case "${enableval}" in - yes) enable_shadowgrp="yes" ;; - no) enable_shadowgrp="no" ;; - *) as_fn_error $? "bad value ${enableval} for --enable-shadowgrp" "$LINENO" 5 ;; - esac -else - enable_shadowgrp="yes" - -fi - - -# Check whether --enable-man was given. -if test "${enable_man+set}" = set; then : - enableval=$enable_man; enable_man="${enableval}" -else - enable_man="no" - -fi - - -# Check whether --enable-account-tools-setuid was given. -if test "${enable_account_tools_setuid+set}" = set; then : - enableval=$enable_account_tools_setuid; case "${enableval}" in - yes) enable_acct_tools_setuid="yes" ;; - no) enable_acct_tools_setuid="no" ;; - *) as_fn_error $? "bad value ${enableval} for --enable-account-tools-setuid" "$LINENO" 5 - ;; - esac -else - enable_acct_tools_setuid="maybe" - -fi - - -# Check whether --enable-utmpx was given. -if test "${enable_utmpx+set}" = set; then : - enableval=$enable_utmpx; case "${enableval}" in - yes) enable_utmpx="yes" ;; - no) enable_utmpx="no" ;; - *) as_fn_error $? "bad value ${enableval} for --enable-utmpx" "$LINENO" 5 ;; - esac -else - enable_utmpx="no" - -fi - - -# Check whether --enable-subordinate-ids was given. -if test "${enable_subordinate_ids+set}" = set; then : - enableval=$enable_subordinate_ids; enable_subids="${enableval}" -else - enable_subids="maybe" - -fi - - - -# Check whether --with-audit was given. -if test "${with_audit+set}" = set; then : - withval=$with_audit; with_audit=$withval -else - with_audit=maybe -fi - - -# Check whether --with-libpam was given. -if test "${with_libpam+set}" = set; then : - withval=$with_libpam; with_libpam=$withval -else - with_libpam=maybe -fi - - -# Check whether --with-selinux was given. -if test "${with_selinux+set}" = set; then : - withval=$with_selinux; with_selinux=$withval -else - with_selinux=maybe -fi - - -# Check whether --with-acl was given. -if test "${with_acl+set}" = set; then : - withval=$with_acl; with_acl=$withval -else - with_acl=maybe -fi - - -# Check whether --with-attr was given. -if test "${with_attr+set}" = set; then : - withval=$with_attr; with_attr=$withval -else - with_attr=maybe -fi - - -# Check whether --with-skey was given. -if test "${with_skey+set}" = set; then : - withval=$with_skey; with_skey=$withval -else - with_skey=no -fi - - -# Check whether --with-tcb was given. -if test "${with_tcb+set}" = set; then : - withval=$with_tcb; with_tcb=$withval -else - with_tcb=maybe -fi - - -# Check whether --with-libcrack was given. -if test "${with_libcrack+set}" = set; then : - withval=$with_libcrack; with_libcrack=$withval -else - with_libcrack=no -fi - - -# Check whether --with-sha-crypt was given. -if test "${with_sha_crypt+set}" = set; then : - withval=$with_sha_crypt; with_sha_crypt=$withval -else - with_sha_crypt=yes -fi - - -# Check whether --with-nscd was given. -if test "${with_nscd+set}" = set; then : - withval=$with_nscd; with_nscd=$withval -else - with_nscd=yes -fi - - -# Check whether --with-group-name-max-length was given. -if test "${with_group_name_max_length+set}" = set; then : - withval=$with_group_name_max_length; with_group_name_max_length=$withval -else - with_group_name_max_length=yes -fi - - -if test "$with_group_name_max_length" = "no" ; then - with_group_name_max_length=0 -elif test "$with_group_name_max_length" = "yes" ; then - with_group_name_max_length=16 -fi - -cat >>confdefs.h <<_ACEOF -#define GROUP_NAME_MAX_LENGTH $with_group_name_max_length -_ACEOF - - -GROUP_NAME_MAX_LENGTH="$with_group_name_max_length" - - if test "x$with_sha_crypt" = "xyes"; then - USE_SHA_CRYPT_TRUE= - USE_SHA_CRYPT_FALSE='#' -else - USE_SHA_CRYPT_TRUE='#' - USE_SHA_CRYPT_FALSE= -fi - -if test "$with_sha_crypt" = "yes"; then - -$as_echo "#define USE_SHA_CRYPT 1" >>confdefs.h - -fi - -if test "$with_nscd" = "yes"; then - ac_fn_c_check_func "$LINENO" "posix_spawn" "ac_cv_func_posix_spawn" -if test "x$ac_cv_func_posix_spawn" = xyes; then : - -$as_echo "#define USE_NSCD 1" >>confdefs.h - -else - as_fn_error $? "posix_spawn is needed for nscd support" "$LINENO" 5 -fi - -fi - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing inet_ntoa" >&5 -$as_echo_n "checking for library containing inet_ntoa... " >&6; } -if ${ac_cv_search_inet_ntoa+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char inet_ntoa (); -int -main () -{ -return inet_ntoa (); - ; - return 0; -} -_ACEOF -for ac_lib in '' inet; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_inet_ntoa=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_inet_ntoa+:} false; then : - break -fi -done -if ${ac_cv_search_inet_ntoa+:} false; then : - -else - ac_cv_search_inet_ntoa=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_ntoa" >&5 -$as_echo "$ac_cv_search_inet_ntoa" >&6; } -ac_res=$ac_cv_search_inet_ntoa -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5 -$as_echo_n "checking for library containing socket... " >&6; } -if ${ac_cv_search_socket+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char socket (); -int -main () -{ -return socket (); - ; - return 0; -} -_ACEOF -for ac_lib in '' socket; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_socket=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_socket+:} false; then : - break -fi -done -if ${ac_cv_search_socket+:} false; then : - -else - ac_cv_search_socket=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5 -$as_echo "$ac_cv_search_socket" >&6; } -ac_res=$ac_cv_search_socket -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing gethostbyname" >&5 -$as_echo_n "checking for library containing gethostbyname... " >&6; } -if ${ac_cv_search_gethostbyname+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gethostbyname (); -int -main () -{ -return gethostbyname (); - ; - return 0; -} -_ACEOF -for ac_lib in '' nsl; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_gethostbyname=$ac_res -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_gethostbyname+:} false; then : - break -fi -done -if ${ac_cv_search_gethostbyname+:} false; then : - -else - ac_cv_search_gethostbyname=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_gethostbyname" >&5 -$as_echo "$ac_cv_search_gethostbyname" >&6; } -ac_res=$ac_cv_search_gethostbyname -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - -fi - - -if test "$enable_shadowgrp" = "yes"; then - -$as_echo "#define SHADOWGRP 1" >>confdefs.h - -fi - if test "x$enable_shadowgrp" = "xyes"; then - SHADOWGRP_TRUE= - SHADOWGRP_FALSE='#' -else - SHADOWGRP_TRUE='#' - SHADOWGRP_FALSE= -fi - - -if test "$enable_man" = "yes"; then - # Extract the first word of "xsltproc", so it can be a program name with args. -set dummy xsltproc; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_XSLTPROC+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $XSLTPROC in - [\\/]* | ?:[\\/]*) - ac_cv_path_XSLTPROC="$XSLTPROC" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_XSLTPROC="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - ;; -esac -fi -XSLTPROC=$ac_cv_path_XSLTPROC -if test -n "$XSLTPROC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $XSLTPROC" >&5 -$as_echo "$XSLTPROC" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - if test -z "$XSLTPROC"; then - enable_man=no - fi - - - # check for the presence of the XML catalog - -# Check whether --with-xml-catalog was given. -if test "${with_xml_catalog+set}" = set; then : - withval=$with_xml_catalog; -else - with_xml_catalog=/etc/xml/catalog -fi - - jh_found_xmlcatalog=true - XML_CATALOG_FILE="$with_xml_catalog" - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for XML catalog ($XML_CATALOG_FILE)" >&5 -$as_echo_n "checking for XML catalog ($XML_CATALOG_FILE)... " >&6; } - if test -f "$XML_CATALOG_FILE"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: found" >&5 -$as_echo "found" >&6; } - else - jh_found_xmlcatalog=false - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 -$as_echo "not found" >&6; } - fi - - # check for the xmlcatalog program - # Extract the first word of "xmlcatalog", so it can be a program name with args. -set dummy xmlcatalog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_XMLCATALOG+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $XMLCATALOG in - [\\/]* | ?:[\\/]*) - ac_cv_path_XMLCATALOG="$XMLCATALOG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_XMLCATALOG="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - test -z "$ac_cv_path_XMLCATALOG" && ac_cv_path_XMLCATALOG="no" - ;; -esac -fi -XMLCATALOG=$ac_cv_path_XMLCATALOG -if test -n "$XMLCATALOG"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $XMLCATALOG" >&5 -$as_echo "$XMLCATALOG" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - if test "x$XMLCATALOG" = xno; then - jh_found_xmlcatalog=false - fi - - if $jh_found_xmlcatalog; then - : - else - : - fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for DocBook XML DTD V4.1.2 in XML catalog" >&5 -$as_echo_n "checking for DocBook XML DTD V4.1.2 in XML catalog... " >&6; } - if $jh_found_xmlcatalog && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$XMLCATALOG --noout \"\$XML_CATALOG_FILE\" \"-//OASIS//DTD DocBook XML V4.1.2//EN\" >&2"; } >&5 - ($XMLCATALOG --noout "$XML_CATALOG_FILE" "-//OASIS//DTD DocBook XML V4.1.2//EN" >&2) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: found" >&5 -$as_echo "found" >&6; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 -$as_echo "not found" >&6; } - enable_man=no - fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for DocBook XSL Stylesheets >= 1.70.1 in XML catalog" >&5 -$as_echo_n "checking for DocBook XSL Stylesheets >= 1.70.1 in XML catalog... " >&6; } - if $jh_found_xmlcatalog && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$XMLCATALOG --noout \"\$XML_CATALOG_FILE\" \"http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl\" >&2"; } >&5 - ($XMLCATALOG --noout "$XML_CATALOG_FILE" "http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl" >&2) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: found" >&5 -$as_echo "found" >&6; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 -$as_echo "not found" >&6; } - enable_man=no - fi - -fi - if test "x$enable_man" != "xno"; then - ENABLE_REGENERATE_MAN_TRUE= - ENABLE_REGENERATE_MAN_FALSE='#' -else - ENABLE_REGENERATE_MAN_TRUE='#' - ENABLE_REGENERATE_MAN_FALSE= -fi - - -if test "$enable_subids" != "no"; then - if test "$cross_compiling" = yes; then : - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot run test program while cross compiling -See \`config.log' for more details" "$LINENO" 5; } -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -int main(void) { - uid_t u; - gid_t g; - return (sizeof u < 4) || (sizeof g < 4); -} - -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - id32bit="yes" -else - id32bit="no" -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - - if test "x$id32bit" = "xyes"; then - -$as_echo "#define ENABLE_SUBIDS 1" >>confdefs.h - - enable_subids="yes" - else - if test "x$enable_subids" = "xyes"; then - as_fn_error $? "Cannot enable support the subordinate IDs on systems where gid_t or uid_t has less than 32 bits" "$LINENO" 5 - fi - enable_subids="no" - fi -fi - if test "x$enable_subids" != "xno"; then - ENABLE_SUBIDS_TRUE= - ENABLE_SUBIDS_FALSE='#' -else - ENABLE_SUBIDS_TRUE='#' - ENABLE_SUBIDS_FALSE= -fi - - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5 -$as_echo_n "checking for crypt in -lcrypt... " >&6; } -if ${ac_cv_lib_crypt_crypt+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrypt $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char crypt (); -int -main () -{ -return crypt (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crypt_crypt=yes -else - ac_cv_lib_crypt_crypt=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypt_crypt" >&5 -$as_echo "$ac_cv_lib_crypt_crypt" >&6; } -if test "x$ac_cv_lib_crypt_crypt" = xyes; then : - LIBCRYPT=-lcrypt -else - as_fn_error $? "crypt() not found" "$LINENO" 5 -fi - - - -if test "$with_acl" != "no"; then - for ac_header in acl/libacl.h attr/error_context.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - acl_header="yes" -else - acl_header="no" -fi - -done - - if test "$acl_header$with_acl" = "noyes" ; then - as_fn_error $? "acl/libacl.h or attr/error_context.h is missing" "$LINENO" 5 - elif test "$acl_header" = "yes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for perm_copy_file in -lacl" >&5 -$as_echo_n "checking for perm_copy_file in -lacl... " >&6; } -if ${ac_cv_lib_acl_perm_copy_file+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lacl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char perm_copy_file (); -int -main () -{ -return perm_copy_file (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_acl_perm_copy_file=yes -else - ac_cv_lib_acl_perm_copy_file=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_acl_perm_copy_file" >&5 -$as_echo "$ac_cv_lib_acl_perm_copy_file" >&6; } -if test "x$ac_cv_lib_acl_perm_copy_file" = xyes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for perm_copy_fd in -lacl" >&5 -$as_echo_n "checking for perm_copy_fd in -lacl... " >&6; } -if ${ac_cv_lib_acl_perm_copy_fd+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lacl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char perm_copy_fd (); -int -main () -{ -return perm_copy_fd (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_acl_perm_copy_fd=yes -else - ac_cv_lib_acl_perm_copy_fd=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_acl_perm_copy_fd" >&5 -$as_echo "$ac_cv_lib_acl_perm_copy_fd" >&6; } -if test "x$ac_cv_lib_acl_perm_copy_fd" = xyes; then : - acl_lib="yes" -else - acl_lib="no" -fi - -else - acl_lib="no" -fi - - if test "$acl_lib$with_acl" = "noyes" ; then - as_fn_error $? "libacl not found" "$LINENO" 5 - elif test "$acl_lib" = "no" ; then - with_acl="no" - else - -$as_echo "#define WITH_ACL 1" >>confdefs.h - - LIBACL="-lacl" - with_acl="yes" - fi - else - with_acl="no" - fi -fi - - -if test "$with_attr" != "no"; then - for ac_header in attr/libattr.h attr/error_context.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - attr_header="yes" -else - attr_header="no" -fi - -done - - if test "$attr_header$with_attr" = "noyes" ; then - as_fn_error $? "attr/libattr.h or attr/error_context.h is missing" "$LINENO" 5 - elif test "$attr_header" = "yes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for attr_copy_file in -lattr" >&5 -$as_echo_n "checking for attr_copy_file in -lattr... " >&6; } -if ${ac_cv_lib_attr_attr_copy_file+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lattr $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char attr_copy_file (); -int -main () -{ -return attr_copy_file (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_attr_attr_copy_file=yes -else - ac_cv_lib_attr_attr_copy_file=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_attr_attr_copy_file" >&5 -$as_echo "$ac_cv_lib_attr_attr_copy_file" >&6; } -if test "x$ac_cv_lib_attr_attr_copy_file" = xyes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for attr_copy_fd in -lattr" >&5 -$as_echo_n "checking for attr_copy_fd in -lattr... " >&6; } -if ${ac_cv_lib_attr_attr_copy_fd+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lattr $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char attr_copy_fd (); -int -main () -{ -return attr_copy_fd (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_attr_attr_copy_fd=yes -else - ac_cv_lib_attr_attr_copy_fd=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_attr_attr_copy_fd" >&5 -$as_echo "$ac_cv_lib_attr_attr_copy_fd" >&6; } -if test "x$ac_cv_lib_attr_attr_copy_fd" = xyes; then : - attr_lib="yes" -else - attr_lib="no" -fi - -else - attr_lib="no" -fi - - if test "$attr_lib$with_attr" = "noyes" ; then - as_fn_error $? "libattr not found" "$LINENO" 5 - elif test "$attr_lib" = "no" ; then - with_attr="no" - else - -$as_echo "#define WITH_ATTR 1" >>confdefs.h - - LIBATTR="-lattr" - with_attr="yes" - fi - else - with_attr="no" - fi -fi - - -if test "$with_audit" != "no"; then - ac_fn_c_check_header_mongrel "$LINENO" "libaudit.h" "ac_cv_header_libaudit_h" "$ac_includes_default" -if test "x$ac_cv_header_libaudit_h" = xyes; then : - audit_header="yes" -else - audit_header="no" -fi - - - if test "$audit_header$with_audit" = "noyes" ; then - as_fn_error $? "libaudit.h is missing" "$LINENO" 5 - elif test "$audit_header" = "yes"; then - ac_fn_c_check_decl "$LINENO" "AUDIT_ADD_USER" "ac_cv_have_decl_AUDIT_ADD_USER" "#include -" -if test "x$ac_cv_have_decl_AUDIT_ADD_USER" = xyes; then : - -else - audit_header="no" -fi - - ac_fn_c_check_decl "$LINENO" "AUDIT_DEL_USER" "ac_cv_have_decl_AUDIT_DEL_USER" "#include -" -if test "x$ac_cv_have_decl_AUDIT_DEL_USER" = xyes; then : - -else - audit_header="no" -fi - - ac_fn_c_check_decl "$LINENO" "AUDIT_ADD_GROUP" "ac_cv_have_decl_AUDIT_ADD_GROUP" "#include -" -if test "x$ac_cv_have_decl_AUDIT_ADD_GROUP" = xyes; then : - -else - audit_header="no" -fi - - ac_fn_c_check_decl "$LINENO" "AUDIT_DEL_GROUP" "ac_cv_have_decl_AUDIT_DEL_GROUP" "#include -" -if test "x$ac_cv_have_decl_AUDIT_DEL_GROUP" = xyes; then : - -else - audit_header="no" -fi - - if test "$audit_header$with_audit" = "noyes" ; then - as_fn_error $? "AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h" "$LINENO" 5 - fi - fi - if test "$audit_header" = "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for audit_log_acct_message in -laudit" >&5 -$as_echo_n "checking for audit_log_acct_message in -laudit... " >&6; } -if ${ac_cv_lib_audit_audit_log_acct_message+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-laudit $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char audit_log_acct_message (); -int -main () -{ -return audit_log_acct_message (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_audit_audit_log_acct_message=yes -else - ac_cv_lib_audit_audit_log_acct_message=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_audit_audit_log_acct_message" >&5 -$as_echo "$ac_cv_lib_audit_audit_log_acct_message" >&6; } -if test "x$ac_cv_lib_audit_audit_log_acct_message" = xyes; then : - audit_lib="yes" -else - audit_lib="no" -fi - - if test "$audit_lib$with_audit" = "noyes" ; then - as_fn_error $? "libaudit not found" "$LINENO" 5 - elif test "$audit_lib" = "no" ; then - with_audit="no" - else - -$as_echo "#define WITH_AUDIT 1" >>confdefs.h - - LIBAUDIT="-laudit" - with_audit="yes" - fi - else - with_audit="no" - fi -fi - - -if test "$with_libcrack" = "yes"; then - echo "checking cracklib flavour, don't be surprised by the results" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for FascistCheck in -lcrack" >&5 -$as_echo_n "checking for FascistCheck in -lcrack... " >&6; } -if ${ac_cv_lib_crack_FascistCheck+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrack $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char FascistCheck (); -int -main () -{ -return FascistCheck (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crack_FascistCheck=yes -else - ac_cv_lib_crack_FascistCheck=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crack_FascistCheck" >&5 -$as_echo "$ac_cv_lib_crack_FascistCheck" >&6; } -if test "x$ac_cv_lib_crack_FascistCheck" = xyes; then : - LIBCRACK=-lcrack -$as_echo "#define HAVE_LIBCRACK 1" >>confdefs.h - -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for FascistHistory in -lcrack" >&5 -$as_echo_n "checking for FascistHistory in -lcrack... " >&6; } -if ${ac_cv_lib_crack_FascistHistory+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrack $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char FascistHistory (); -int -main () -{ -return FascistHistory (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crack_FascistHistory=yes -else - ac_cv_lib_crack_FascistHistory=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crack_FascistHistory" >&5 -$as_echo "$ac_cv_lib_crack_FascistHistory" >&6; } -if test "x$ac_cv_lib_crack_FascistHistory" = xyes; then : - -$as_echo "#define HAVE_LIBCRACK_HIST 1" >>confdefs.h - -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for FascistHistoryPw in -lcrack" >&5 -$as_echo_n "checking for FascistHistoryPw in -lcrack... " >&6; } -if ${ac_cv_lib_crack_FascistHistoryPw+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrack $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char FascistHistoryPw (); -int -main () -{ -return FascistHistoryPw (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crack_FascistHistoryPw=yes -else - ac_cv_lib_crack_FascistHistoryPw=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crack_FascistHistoryPw" >&5 -$as_echo "$ac_cv_lib_crack_FascistHistoryPw" >&6; } -if test "x$ac_cv_lib_crack_FascistHistoryPw" = xyes; then : - -$as_echo "#define HAVE_LIBCRACK_PW 1" >>confdefs.h - -fi - -fi - - - -if test "$with_selinux" != "no"; then - for ac_header in selinux/selinux.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "selinux/selinux.h" "ac_cv_header_selinux_selinux_h" "$ac_includes_default" -if test "x$ac_cv_header_selinux_selinux_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SELINUX_SELINUX_H 1 -_ACEOF - selinux_header="yes" -else - selinux_header="no" -fi - -done - - if test "$selinux_header$with_selinux" = "noyes" ; then - as_fn_error $? "selinux/selinux.h is missing" "$LINENO" 5 - fi - - for ac_header in semanage/semanage.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "semanage/semanage.h" "ac_cv_header_semanage_semanage_h" "$ac_includes_default" -if test "x$ac_cv_header_semanage_semanage_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SEMANAGE_SEMANAGE_H 1 -_ACEOF - semanage_header="yes" -else - semanage_header="no" -fi - -done - - if test "$semanage_header$with_selinux" = "noyes" ; then - as_fn_error $? "semanage/semanage.h is missing" "$LINENO" 5 - fi - - if test "$selinux_header$semanage_header" = "yesyes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for is_selinux_enabled in -lselinux" >&5 -$as_echo_n "checking for is_selinux_enabled in -lselinux... " >&6; } -if ${ac_cv_lib_selinux_is_selinux_enabled+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lselinux $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char is_selinux_enabled (); -int -main () -{ -return is_selinux_enabled (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_selinux_is_selinux_enabled=yes -else - ac_cv_lib_selinux_is_selinux_enabled=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_is_selinux_enabled" >&5 -$as_echo "$ac_cv_lib_selinux_is_selinux_enabled" >&6; } -if test "x$ac_cv_lib_selinux_is_selinux_enabled" = xyes; then : - selinux_lib="yes" -else - selinux_lib="no" -fi - - if test "$selinux_lib$with_selinux" = "noyes" ; then - as_fn_error $? "libselinux not found" "$LINENO" 5 - fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for semanage_connect in -lsemanage" >&5 -$as_echo_n "checking for semanage_connect in -lsemanage... " >&6; } -if ${ac_cv_lib_semanage_semanage_connect+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lsemanage $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char semanage_connect (); -int -main () -{ -return semanage_connect (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_semanage_semanage_connect=yes -else - ac_cv_lib_semanage_semanage_connect=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_semanage_semanage_connect" >&5 -$as_echo "$ac_cv_lib_semanage_semanage_connect" >&6; } -if test "x$ac_cv_lib_semanage_semanage_connect" = xyes; then : - semanage_lib="yes" -else - semanage_lib="no" -fi - - if test "$semanage_lib$with_selinux" = "noyes" ; then - as_fn_error $? "libsemanage not found" "$LINENO" 5 - fi - - if test "$selinux_lib$semanage_lib" == "yesyes" ; then - -$as_echo "#define WITH_SELINUX 1" >>confdefs.h - - LIBSELINUX="-lselinux" - LIBSEMANAGE="-lsemanage" - with_selinux="yes" - else - with_selinux="no" - fi - else - with_selinux="no" - fi -fi - - -if test "$with_tcb" != "no"; then - for ac_header in tcb.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "tcb.h" "ac_cv_header_tcb_h" "$ac_includes_default" -if test "x$ac_cv_header_tcb_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_TCB_H 1 -_ACEOF - tcb_header="yes" -else - tcb_header="no" -fi - -done - - if test "$tcb_header$with_tcb" = "noyes" ; then - as_fn_error $? "tcb.h is missing" "$LINENO" 5 - elif test "$tcb_header" = "yes" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for tcb_is_suspect in -ltcb" >&5 -$as_echo_n "checking for tcb_is_suspect in -ltcb... " >&6; } -if ${ac_cv_lib_tcb_tcb_is_suspect+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ltcb $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char tcb_is_suspect (); -int -main () -{ -return tcb_is_suspect (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_tcb_tcb_is_suspect=yes -else - ac_cv_lib_tcb_tcb_is_suspect=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_tcb_tcb_is_suspect" >&5 -$as_echo "$ac_cv_lib_tcb_tcb_is_suspect" >&6; } -if test "x$ac_cv_lib_tcb_tcb_is_suspect" = xyes; then : - tcb_lib="yes" -else - tcb_lib="no" -fi - - if test "$tcb_lib$with_tcb" = "noyes" ; then - as_fn_error $? "libtcb not found" "$LINENO" 5 - elif test "$tcb_lib" = "no" ; then - with_tcb="no" - else - -$as_echo "#define WITH_TCB 1" >>confdefs.h - - LIBTCB="-ltcb" - with_tcb="yes" - fi - else - with_tcb="no" - fi -fi - if test x$with_tcb = xyes; then - WITH_TCB_TRUE= - WITH_TCB_FALSE='#' -else - WITH_TCB_TRUE='#' - WITH_TCB_FALSE= -fi - - - -if test "$with_libpam" != "no"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pam_start in -lpam" >&5 -$as_echo_n "checking for pam_start in -lpam... " >&6; } -if ${ac_cv_lib_pam_pam_start+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lpam $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char pam_start (); -int -main () -{ -return pam_start (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_pam_pam_start=yes -else - ac_cv_lib_pam_pam_start=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pam_pam_start" >&5 -$as_echo "$ac_cv_lib_pam_pam_start" >&6; } -if test "x$ac_cv_lib_pam_pam_start" = xyes; then : - pam_lib="yes" -else - pam_lib="no" -fi - - if test "$pam_lib$with_libpam" = "noyes" ; then - as_fn_error $? "libpam not found" "$LINENO" 5 - fi - - LIBPAM="-lpam" - pam_conv_function="no" - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for openpam_ttyconv in -lpam" >&5 -$as_echo_n "checking for openpam_ttyconv in -lpam... " >&6; } -if ${ac_cv_lib_pam_openpam_ttyconv+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lpam $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char openpam_ttyconv (); -int -main () -{ -return openpam_ttyconv (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_pam_openpam_ttyconv=yes -else - ac_cv_lib_pam_openpam_ttyconv=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pam_openpam_ttyconv" >&5 -$as_echo "$ac_cv_lib_pam_openpam_ttyconv" >&6; } -if test "x$ac_cv_lib_pam_openpam_ttyconv" = xyes; then : - pam_conv_function="openpam_ttyconv" -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for misc_conv in -lpam_misc" >&5 -$as_echo_n "checking for misc_conv in -lpam_misc... " >&6; } -if ${ac_cv_lib_pam_misc_misc_conv+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lpam_misc $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char misc_conv (); -int -main () -{ -return misc_conv (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_pam_misc_misc_conv=yes -else - ac_cv_lib_pam_misc_misc_conv=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pam_misc_misc_conv" >&5 -$as_echo "$ac_cv_lib_pam_misc_misc_conv" >&6; } -if test "x$ac_cv_lib_pam_misc_misc_conv" = xyes; then : - pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc" -fi - - -fi - - - if test "$pam_conv_function$with_libpam" = "noyes" ; then - as_fn_error $? "PAM conversation function not found" "$LINENO" 5 - fi - - pam_headers_found=no - for ac_header in security/openpam.h security/pam_misc.h -do : - as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" " #include -" -if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - pam_headers_found=yes ; break -fi - -done - - if test "$pam_headers_found$with_libpam" = "noyes" ; then - as_fn_error $? "PAM headers not found" "$LINENO" 5 - fi - - - if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then - with_libpam="yes" - else - with_libpam="no" - unset LIBPAM - fi -fi -if test "$with_libpam" = "yes"; then - ac_fn_c_check_decl "$LINENO" "PAM_ESTABLISH_CRED" "ac_cv_have_decl_PAM_ESTABLISH_CRED" "#include -" -if test "x$ac_cv_have_decl_PAM_ESTABLISH_CRED" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_PAM_ESTABLISH_CRED $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "PAM_DELETE_CRED" "ac_cv_have_decl_PAM_DELETE_CRED" "#include -" -if test "x$ac_cv_have_decl_PAM_DELETE_CRED" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_PAM_DELETE_CRED $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "PAM_NEW_AUTHTOK_REQD" "ac_cv_have_decl_PAM_NEW_AUTHTOK_REQD" "#include -" -if test "x$ac_cv_have_decl_PAM_NEW_AUTHTOK_REQD" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_PAM_NEW_AUTHTOK_REQD $ac_have_decl -_ACEOF -ac_fn_c_check_decl "$LINENO" "PAM_DATA_SILENT" "ac_cv_have_decl_PAM_DATA_SILENT" "#include -" -if test "x$ac_cv_have_decl_PAM_DATA_SILENT" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_PAM_DATA_SILENT $ac_have_decl -_ACEOF - - - - save_libs=$LIBS - LIBS="$LIBS $LIBPAM" - # We do not use AC_CHECK_FUNCS to avoid duplicated definition with - # Linux PAM. - ac_fn_c_check_func "$LINENO" "pam_fail_delay" "ac_cv_func_pam_fail_delay" -if test "x$ac_cv_func_pam_fail_delay" = xyes; then : - -$as_echo "#define HAS_PAM_FAIL_DELAY 1" >>confdefs.h - -fi - - LIBS=$save_libs - - -$as_echo "#define USE_PAM 1" >>confdefs.h - - -cat >>confdefs.h <<_ACEOF -#define SHADOW_PAM_CONVERSATION $pam_conv_function -_ACEOF - - if true; then - USE_PAM_TRUE= - USE_PAM_FALSE='#' -else - USE_PAM_TRUE='#' - USE_PAM_FALSE= -fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking use login and su access checking if PAM not used" >&5 -$as_echo_n "checking use login and su access checking if PAM not used... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -else - -$as_echo "#define SU_ACCESS 1" >>confdefs.h - - if false; then - USE_PAM_TRUE= - USE_PAM_FALSE='#' -else - USE_PAM_TRUE='#' - USE_PAM_FALSE= -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking use login and su access checking if PAM not used" >&5 -$as_echo_n "checking use login and su access checking if PAM not used... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -fi - -if test "$enable_acct_tools_setuid" != "no"; then - if test "$with_libpam" != "yes"; then - if test "$enable_acct_tools_setuid" = "yes"; then - as_fn_error $? "PAM support is required for --enable-account-tools-setuid" "$LINENO" 5 - else - enable_acct_tools_setuid="no" - fi - else - enable_acct_tools_setuid="yes" - fi - if test "$enable_acct_tools_setuid" = "yes"; then - -$as_echo "#define ACCT_TOOLS_SETUID 1" >>confdefs.h - - fi -fi - if test "x$enable_acct_tools_setuid" = "xyes"; then - ACCT_TOOLS_SETUID_TRUE= - ACCT_TOOLS_SETUID_FALSE='#' -else - ACCT_TOOLS_SETUID_TRUE='#' - ACCT_TOOLS_SETUID_FALSE= -fi - - - - -if test "$with_skey" = "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for MD5Init in -lmd" >&5 -$as_echo_n "checking for MD5Init in -lmd... " >&6; } -if ${ac_cv_lib_md_MD5Init+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lmd $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char MD5Init (); -int -main () -{ -return MD5Init (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_md_MD5Init=yes -else - ac_cv_lib_md_MD5Init=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_md_MD5Init" >&5 -$as_echo "$ac_cv_lib_md_MD5Init" >&6; } -if test "x$ac_cv_lib_md_MD5Init" = xyes; then : - LIBMD=-lmd -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for skeychallenge in -lskey" >&5 -$as_echo_n "checking for skeychallenge in -lskey... " >&6; } -if ${ac_cv_lib_skey_skeychallenge+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lskey $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char skeychallenge (); -int -main () -{ -return skeychallenge (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_skey_skeychallenge=yes -else - ac_cv_lib_skey_skeychallenge=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_skey_skeychallenge" >&5 -$as_echo "$ac_cv_lib_skey_skeychallenge" >&6; } -if test "x$ac_cv_lib_skey_skeychallenge" = xyes; then : - LIBSKEY=-lskey -else - as_fn_error $? "liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2" "$LINENO" 5 -fi - - -$as_echo "#define SKEY 1" >>confdefs.h - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - #include - -int -main () -{ - - skeychallenge((void*)0, (void*)0, (void*)0, 0); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - -$as_echo "#define SKEY_BSD_STYLE 1" >>confdefs.h - -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -if test "$enable_utmpx" = "yes"; then - if test "$ac_cv_header_utmpx_h" != "yes"; then - as_fn_error $? "The utmpx.h header file is required for utmpx support." "$LINENO" 5 - fi - -$as_echo "#define USE_UTMPX 1" >>confdefs.h - -fi - - -cat >>confdefs.h <<_ACEOF -#define SHELL "$SHELL" -_ACEOF - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether NLS is requested" >&5 -$as_echo_n "checking whether NLS is requested... " >&6; } - # Check whether --enable-nls was given. -if test "${enable_nls+set}" = set; then : - enableval=$enable_nls; USE_NLS=$enableval -else - USE_NLS=yes -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_NLS" >&5 -$as_echo "$USE_NLS" >&6; } - - - - - GETTEXT_MACRO_VERSION=0.18 - - - - -# Prepare PATH_SEPARATOR. -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - # Determine PATH_SEPARATOR by trying to find /bin/sh in a PATH which - # contains only /bin. Note that ksh looks also at the FPATH variable, - # so we have to set that as well for the test. - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - || PATH_SEPARATOR=';' - } -fi - -# Find out how to test for executable files. Don't use a zero-byte file, -# as systems may use methods other than mode bits to determine executability. -cat >conf$$.file <<_ASEOF -#! /bin/sh -exit 0 -_ASEOF -chmod +x conf$$.file -if test -x conf$$.file >/dev/null 2>&1; then - ac_executable_p="test -x" -else - ac_executable_p="test -f" -fi -rm -f conf$$.file - -# Extract the first word of "msgfmt", so it can be a program name with args. -set dummy msgfmt; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_MSGFMT+:} false; then : - $as_echo_n "(cached) " >&6 -else - case "$MSGFMT" in - [\\/]* | ?:[\\/]*) - ac_cv_path_MSGFMT="$MSGFMT" # Let the user override the test with a path. - ;; - *) - ac_save_IFS="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$ac_save_IFS" - test -z "$ac_dir" && ac_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if $ac_executable_p "$ac_dir/$ac_word$ac_exec_ext"; then - echo "$as_me: trying $ac_dir/$ac_word..." >&5 - if $ac_dir/$ac_word --statistics /dev/null >&5 2>&1 && - (if $ac_dir/$ac_word --statistics /dev/null 2>&1 >/dev/null | grep usage >/dev/null; then exit 1; else exit 0; fi); then - ac_cv_path_MSGFMT="$ac_dir/$ac_word$ac_exec_ext" - break 2 - fi - fi - done - done - IFS="$ac_save_IFS" - test -z "$ac_cv_path_MSGFMT" && ac_cv_path_MSGFMT=":" - ;; -esac -fi -MSGFMT="$ac_cv_path_MSGFMT" -if test "$MSGFMT" != ":"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MSGFMT" >&5 -$as_echo "$MSGFMT" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - # Extract the first word of "gmsgfmt", so it can be a program name with args. -set dummy gmsgfmt; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_GMSGFMT+:} false; then : - $as_echo_n "(cached) " >&6 -else - case $GMSGFMT in - [\\/]* | ?:[\\/]*) - ac_cv_path_GMSGFMT="$GMSGFMT" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_GMSGFMT="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - - test -z "$ac_cv_path_GMSGFMT" && ac_cv_path_GMSGFMT="$MSGFMT" - ;; -esac -fi -GMSGFMT=$ac_cv_path_GMSGFMT -if test -n "$GMSGFMT"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GMSGFMT" >&5 -$as_echo "$GMSGFMT" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - - case `$MSGFMT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in - '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) MSGFMT_015=: ;; - *) MSGFMT_015=$MSGFMT ;; - esac - - case `$GMSGFMT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in - '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) GMSGFMT_015=: ;; - *) GMSGFMT_015=$GMSGFMT ;; - esac - - - -# Prepare PATH_SEPARATOR. -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - # Determine PATH_SEPARATOR by trying to find /bin/sh in a PATH which - # contains only /bin. Note that ksh looks also at the FPATH variable, - # so we have to set that as well for the test. - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - || PATH_SEPARATOR=';' - } -fi - -# Find out how to test for executable files. Don't use a zero-byte file, -# as systems may use methods other than mode bits to determine executability. -cat >conf$$.file <<_ASEOF -#! /bin/sh -exit 0 -_ASEOF -chmod +x conf$$.file -if test -x conf$$.file >/dev/null 2>&1; then - ac_executable_p="test -x" -else - ac_executable_p="test -f" -fi -rm -f conf$$.file - -# Extract the first word of "xgettext", so it can be a program name with args. -set dummy xgettext; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_XGETTEXT+:} false; then : - $as_echo_n "(cached) " >&6 -else - case "$XGETTEXT" in - [\\/]* | ?:[\\/]*) - ac_cv_path_XGETTEXT="$XGETTEXT" # Let the user override the test with a path. - ;; - *) - ac_save_IFS="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$ac_save_IFS" - test -z "$ac_dir" && ac_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if $ac_executable_p "$ac_dir/$ac_word$ac_exec_ext"; then - echo "$as_me: trying $ac_dir/$ac_word..." >&5 - if $ac_dir/$ac_word --omit-header --copyright-holder= --msgid-bugs-address= /dev/null >&5 2>&1 && - (if $ac_dir/$ac_word --omit-header --copyright-holder= --msgid-bugs-address= /dev/null 2>&1 >/dev/null | grep usage >/dev/null; then exit 1; else exit 0; fi); then - ac_cv_path_XGETTEXT="$ac_dir/$ac_word$ac_exec_ext" - break 2 - fi - fi - done - done - IFS="$ac_save_IFS" - test -z "$ac_cv_path_XGETTEXT" && ac_cv_path_XGETTEXT=":" - ;; -esac -fi -XGETTEXT="$ac_cv_path_XGETTEXT" -if test "$XGETTEXT" != ":"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $XGETTEXT" >&5 -$as_echo "$XGETTEXT" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - rm -f messages.po - - case `$XGETTEXT --version | sed 1q | sed -e 's,^[^0-9]*,,'` in - '' | 0.[0-9] | 0.[0-9].* | 0.1[0-4] | 0.1[0-4].*) XGETTEXT_015=: ;; - *) XGETTEXT_015=$XGETTEXT ;; - esac - - - -# Prepare PATH_SEPARATOR. -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - # Determine PATH_SEPARATOR by trying to find /bin/sh in a PATH which - # contains only /bin. Note that ksh looks also at the FPATH variable, - # so we have to set that as well for the test. - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - || PATH_SEPARATOR=';' - } -fi - -# Find out how to test for executable files. Don't use a zero-byte file, -# as systems may use methods other than mode bits to determine executability. -cat >conf$$.file <<_ASEOF -#! /bin/sh -exit 0 -_ASEOF -chmod +x conf$$.file -if test -x conf$$.file >/dev/null 2>&1; then - ac_executable_p="test -x" -else - ac_executable_p="test -f" -fi -rm -f conf$$.file - -# Extract the first word of "msgmerge", so it can be a program name with args. -set dummy msgmerge; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_MSGMERGE+:} false; then : - $as_echo_n "(cached) " >&6 -else - case "$MSGMERGE" in - [\\/]* | ?:[\\/]*) - ac_cv_path_MSGMERGE="$MSGMERGE" # Let the user override the test with a path. - ;; - *) - ac_save_IFS="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$ac_save_IFS" - test -z "$ac_dir" && ac_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if $ac_executable_p "$ac_dir/$ac_word$ac_exec_ext"; then - echo "$as_me: trying $ac_dir/$ac_word..." >&5 - if $ac_dir/$ac_word --update -q /dev/null /dev/null >&5 2>&1; then - ac_cv_path_MSGMERGE="$ac_dir/$ac_word$ac_exec_ext" - break 2 - fi - fi - done - done - IFS="$ac_save_IFS" - test -z "$ac_cv_path_MSGMERGE" && ac_cv_path_MSGMERGE=":" - ;; -esac -fi -MSGMERGE="$ac_cv_path_MSGMERGE" -if test "$MSGMERGE" != ":"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MSGMERGE" >&5 -$as_echo "$MSGMERGE" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$localedir" || localedir='${datadir}/locale' - - - test -n "${XGETTEXT_EXTRA_OPTIONS+set}" || XGETTEXT_EXTRA_OPTIONS= - - - ac_config_commands="$ac_config_commands po-directories" - - - - if test "X$prefix" = "XNONE"; then - acl_final_prefix="$ac_default_prefix" - else - acl_final_prefix="$prefix" - fi - if test "X$exec_prefix" = "XNONE"; then - acl_final_exec_prefix='${prefix}' - else - acl_final_exec_prefix="$exec_prefix" - fi - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - eval acl_final_exec_prefix=\"$acl_final_exec_prefix\" - prefix="$acl_save_prefix" - - - -# Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then : - withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes -else - with_gnu_ld=no -fi - -# Prepare PATH_SEPARATOR. -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - # Determine PATH_SEPARATOR by trying to find /bin/sh in a PATH which - # contains only /bin. Note that ksh looks also at the FPATH variable, - # so we have to set that as well for the test. - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 \ - || PATH_SEPARATOR=';' - } -fi - -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 -$as_echo_n "checking for ld used by $CC... " >&6; } - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [\\/]* | ?:[\\/]*) - re_direlt='/[^/][^/]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`echo "$ac_prog"| sed 's%\\\\%/%g'` - while echo "$ac_prog" | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 -$as_echo_n "checking for GNU ld... " >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 -$as_echo_n "checking for non-GNU ld... " >&6; } -fi -if ${acl_cv_path_LD+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -z "$LD"; then - acl_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$acl_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - acl_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$acl_cv_path_LD" -v 2>&1 &5 -$as_echo "$LD" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 -$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } -if ${acl_cv_prog_gnu_ld+:} false; then : - $as_echo_n "(cached) " >&6 -else - # I'd rather use --version here, but apparently some GNU lds only accept -v. -case `$LD -v 2>&1 &5 -$as_echo "$acl_cv_prog_gnu_ld" >&6; } -with_gnu_ld=$acl_cv_prog_gnu_ld - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shared library run path origin" >&5 -$as_echo_n "checking for shared library run path origin... " >&6; } -if ${acl_cv_rpath+:} false; then : - $as_echo_n "(cached) " >&6 -else - - CC="$CC" GCC="$GCC" LDFLAGS="$LDFLAGS" LD="$LD" with_gnu_ld="$with_gnu_ld" \ - ${CONFIG_SHELL-/bin/sh} "$ac_aux_dir/config.rpath" "$host" > conftest.sh - . ./conftest.sh - rm -f ./conftest.sh - acl_cv_rpath=done - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $acl_cv_rpath" >&5 -$as_echo "$acl_cv_rpath" >&6; } - wl="$acl_cv_wl" - acl_libext="$acl_cv_libext" - acl_shlibext="$acl_cv_shlibext" - acl_libname_spec="$acl_cv_libname_spec" - acl_library_names_spec="$acl_cv_library_names_spec" - acl_hardcode_libdir_flag_spec="$acl_cv_hardcode_libdir_flag_spec" - acl_hardcode_libdir_separator="$acl_cv_hardcode_libdir_separator" - acl_hardcode_direct="$acl_cv_hardcode_direct" - acl_hardcode_minus_L="$acl_cv_hardcode_minus_L" - # Check whether --enable-rpath was given. -if test "${enable_rpath+set}" = set; then : - enableval=$enable_rpath; : -else - enable_rpath=yes -fi - - - - - acl_libdirstem=lib - acl_libdirstem2= - case "$host_os" in - solaris*) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for 64-bit host" >&5 -$as_echo_n "checking for 64-bit host... " >&6; } -if ${gl_cv_solaris_64bit+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#ifdef _LP64 -sixtyfour bits -#endif - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "sixtyfour bits" >/dev/null 2>&1; then : - gl_cv_solaris_64bit=yes -else - gl_cv_solaris_64bit=no -fi -rm -f conftest* - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_solaris_64bit" >&5 -$as_echo "$gl_cv_solaris_64bit" >&6; } - if test $gl_cv_solaris_64bit = yes; then - acl_libdirstem=lib/64 - case "$host_cpu" in - sparc*) acl_libdirstem2=lib/sparcv9 ;; - i*86 | x86_64) acl_libdirstem2=lib/amd64 ;; - esac - fi - ;; - *) - searchpath=`(LC_ALL=C $CC -print-search-dirs) 2>/dev/null | sed -n -e 's,^libraries: ,,p' | sed -e 's,^=,,'` - if test -n "$searchpath"; then - acl_save_IFS="${IFS= }"; IFS=":" - for searchdir in $searchpath; do - if test -d "$searchdir"; then - case "$searchdir" in - */lib64/ | */lib64 ) acl_libdirstem=lib64 ;; - */../ | */.. ) - # Better ignore directories of this form. They are misleading. - ;; - *) searchdir=`cd "$searchdir" && pwd` - case "$searchdir" in - */lib64 ) acl_libdirstem=lib64 ;; - esac ;; - esac - fi - done - IFS="$acl_save_IFS" - fi - ;; - esac - test -n "$acl_libdirstem2" || acl_libdirstem2="$acl_libdirstem" - - - - - - - - - - - - - use_additional=yes - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - -# Check whether --with-libiconv-prefix was given. -if test "${with_libiconv_prefix+set}" = set; then : - withval=$with_libiconv_prefix; - if test "X$withval" = "Xno"; then - use_additional=no - else - if test "X$withval" = "X"; then - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - else - additional_includedir="$withval/include" - additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && ! test -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi - fi - fi - -fi - - LIBICONV= - LTLIBICONV= - INCICONV= - LIBICONV_PREFIX= - HAVE_LIBICONV= - rpathdirs= - ltrpathdirs= - names_already_handled= - names_next_round='iconv ' - while test -n "$names_next_round"; do - names_this_round="$names_next_round" - names_next_round= - for name in $names_this_round; do - already_handled= - for n in $names_already_handled; do - if test "$n" = "$name"; then - already_handled=yes - break - fi - done - if test -z "$already_handled"; then - names_already_handled="$names_already_handled $name" - uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./+-|ABCDEFGHIJKLMNOPQRSTUVWXYZ____|'` - eval value=\"\$HAVE_LIB$uppername\" - if test -n "$value"; then - if test "$value" = yes; then - eval value=\"\$LIB$uppername\" - test -z "$value" || LIBICONV="${LIBICONV}${LIBICONV:+ }$value" - eval value=\"\$LTLIB$uppername\" - test -z "$value" || LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }$value" - else - : - fi - else - found_dir= - found_la= - found_so= - found_a= - eval libname=\"$acl_libname_spec\" # typically: libname=lib$name - if test -n "$acl_shlibext"; then - shrext=".$acl_shlibext" # typically: shrext=.so - else - shrext= - fi - if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - fi - if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIBICONV; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - case "$x" in - -L*) - dir=`echo "X$x" | sed -e 's/^X-L//'` - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - ;; - esac - if test "X$found_dir" != "X"; then - break - fi - done - fi - if test "X$found_dir" != "X"; then - LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-L$found_dir -l$name" - if test "X$found_so" != "X"; then - if test "$enable_rpath" = no \ - || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then - LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so" - else - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $found_dir" - fi - if test "$acl_hardcode_direct" = yes; then - LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so" - else - if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then - LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so" - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $found_dir" - fi - else - haveit= - for x in $LDFLAGS $LIBICONV; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - LIBICONV="${LIBICONV}${LIBICONV:+ }-L$found_dir" - fi - if test "$acl_hardcode_minus_L" != no; then - LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so" - else - LIBICONV="${LIBICONV}${LIBICONV:+ }-l$name" - fi - fi - fi - fi - else - if test "X$found_a" != "X"; then - LIBICONV="${LIBICONV}${LIBICONV:+ }$found_a" - else - LIBICONV="${LIBICONV}${LIBICONV:+ }-L$found_dir -l$name" - fi - fi - additional_includedir= - case "$found_dir" in - */$acl_libdirstem | */$acl_libdirstem/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` - if test "$name" = 'iconv'; then - LIBICONV_PREFIX="$basedir" - fi - additional_includedir="$basedir/include" - ;; - */$acl_libdirstem2 | */$acl_libdirstem2/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem2/"'*$,,'` - if test "$name" = 'iconv'; then - LIBICONV_PREFIX="$basedir" - fi - additional_includedir="$basedir/include" - ;; - esac - if test "X$additional_includedir" != "X"; then - if test "X$additional_includedir" != "X/usr/include"; then - haveit= - if test "X$additional_includedir" = "X/usr/local/include"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - for x in $CPPFLAGS $INCICONV; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-I$additional_includedir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_includedir"; then - INCICONV="${INCICONV}${INCICONV:+ }-I$additional_includedir" - fi - fi - fi - fi - fi - if test -n "$found_la"; then - save_libdir="$libdir" - case "$found_la" in - */* | *\\*) . "$found_la" ;; - *) . "./$found_la" ;; - esac - libdir="$save_libdir" - for dep in $dependency_libs; do - case "$dep" in - -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then - haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - haveit= - for x in $LDFLAGS $LIBICONV; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBICONV="${LIBICONV}${LIBICONV:+ }-L$additional_libdir" - fi - fi - haveit= - for x in $LDFLAGS $LTLIBICONV; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-L$additional_libdir" - fi - fi - fi - fi - ;; - -R*) - dir=`echo "X$dep" | sed -e 's/^X-R//'` - if test "$enable_rpath" != no; then - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $dir" - fi - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $dir" - fi - fi - ;; - -l*) - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'` - ;; - *.la) - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` - ;; - *) - LIBICONV="${LIBICONV}${LIBICONV:+ }$dep" - LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }$dep" - ;; - esac - done - fi - else - LIBICONV="${LIBICONV}${LIBICONV:+ }-l$name" - LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-l$name" - fi - fi - fi - done - done - if test "X$rpathdirs" != "X"; then - if test -n "$acl_hardcode_libdir_separator"; then - alldirs= - for found_dir in $rpathdirs; do - alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" - done - acl_save_libdir="$libdir" - libdir="$alldirs" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBICONV="${LIBICONV}${LIBICONV:+ }$flag" - else - for found_dir in $rpathdirs; do - acl_save_libdir="$libdir" - libdir="$found_dir" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBICONV="${LIBICONV}${LIBICONV:+ }$flag" - done - fi - fi - if test "X$ltrpathdirs" != "X"; then - for found_dir in $ltrpathdirs; do - LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-R$found_dir" - done - fi - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for CFPreferencesCopyAppValue" >&5 -$as_echo_n "checking for CFPreferencesCopyAppValue... " >&6; } -if ${gt_cv_func_CFPreferencesCopyAppValue+:} false; then : - $as_echo_n "(cached) " >&6 -else - gt_save_LIBS="$LIBS" - LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -CFPreferencesCopyAppValue(NULL, NULL) - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - gt_cv_func_CFPreferencesCopyAppValue=yes -else - gt_cv_func_CFPreferencesCopyAppValue=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$gt_save_LIBS" -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_func_CFPreferencesCopyAppValue" >&5 -$as_echo "$gt_cv_func_CFPreferencesCopyAppValue" >&6; } - if test $gt_cv_func_CFPreferencesCopyAppValue = yes; then - -$as_echo "#define HAVE_CFPREFERENCESCOPYAPPVALUE 1" >>confdefs.h - - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for CFLocaleCopyCurrent" >&5 -$as_echo_n "checking for CFLocaleCopyCurrent... " >&6; } -if ${gt_cv_func_CFLocaleCopyCurrent+:} false; then : - $as_echo_n "(cached) " >&6 -else - gt_save_LIBS="$LIBS" - LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -CFLocaleCopyCurrent(); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - gt_cv_func_CFLocaleCopyCurrent=yes -else - gt_cv_func_CFLocaleCopyCurrent=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$gt_save_LIBS" -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_func_CFLocaleCopyCurrent" >&5 -$as_echo "$gt_cv_func_CFLocaleCopyCurrent" >&6; } - if test $gt_cv_func_CFLocaleCopyCurrent = yes; then - -$as_echo "#define HAVE_CFLOCALECOPYCURRENT 1" >>confdefs.h - - fi - INTL_MACOSX_LIBS= - if test $gt_cv_func_CFPreferencesCopyAppValue = yes || test $gt_cv_func_CFLocaleCopyCurrent = yes; then - INTL_MACOSX_LIBS="-Wl,-framework -Wl,CoreFoundation" - fi - - - - - - - LIBINTL= - LTLIBINTL= - POSUB= - - case " $gt_needs " in - *" need-formatstring-macros "*) gt_api_version=3 ;; - *" need-ngettext "*) gt_api_version=2 ;; - *) gt_api_version=1 ;; - esac - gt_func_gnugettext_libc="gt_cv_func_gnugettext${gt_api_version}_libc" - gt_func_gnugettext_libintl="gt_cv_func_gnugettext${gt_api_version}_libintl" - - if test "$USE_NLS" = "yes"; then - gt_use_preinstalled_gnugettext=no - - - if test $gt_api_version -ge 3; then - gt_revision_test_code=' -#ifndef __GNU_GETTEXT_SUPPORTED_REVISION -#define __GNU_GETTEXT_SUPPORTED_REVISION(major) ((major) == 0 ? 0 : -1) -#endif -typedef int array [2 * (__GNU_GETTEXT_SUPPORTED_REVISION(0) >= 1) - 1]; -' - else - gt_revision_test_code= - fi - if test $gt_api_version -ge 2; then - gt_expression_test_code=' + * ngettext ("", "", 0)' - else - gt_expression_test_code= - fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU gettext in libc" >&5 -$as_echo_n "checking for GNU gettext in libc... " >&6; } -if eval \${$gt_func_gnugettext_libc+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -$gt_revision_test_code -extern int _nl_msg_cat_cntr; -extern int *_nl_domain_bindings; - -int -main () -{ - -bindtextdomain ("", ""); -return * gettext ("")$gt_expression_test_code + _nl_msg_cat_cntr + *_nl_domain_bindings - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - eval "$gt_func_gnugettext_libc=yes" -else - eval "$gt_func_gnugettext_libc=no" -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi -eval ac_res=\$$gt_func_gnugettext_libc - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - - if { eval "gt_val=\$$gt_func_gnugettext_libc"; test "$gt_val" != "yes"; }; then - - - - - - am_save_CPPFLAGS="$CPPFLAGS" - - for element in $INCICONV; do - haveit= - for x in $CPPFLAGS; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X$element"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element" - fi - done - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for iconv" >&5 -$as_echo_n "checking for iconv... " >&6; } -if ${am_cv_func_iconv+:} false; then : - $as_echo_n "(cached) " >&6 -else - - am_cv_func_iconv="no, consider installing GNU libiconv" - am_cv_lib_iconv=no - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ -iconv_t cd = iconv_open("",""); - iconv(cd,NULL,NULL,NULL,NULL); - iconv_close(cd); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - am_cv_func_iconv=yes -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - if test "$am_cv_func_iconv" != yes; then - am_save_LIBS="$LIBS" - LIBS="$LIBS $LIBICONV" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include - -int -main () -{ -iconv_t cd = iconv_open("",""); - iconv(cd,NULL,NULL,NULL,NULL); - iconv_close(cd); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - am_cv_lib_iconv=yes - am_cv_func_iconv=yes -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$am_save_LIBS" - fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_func_iconv" >&5 -$as_echo "$am_cv_func_iconv" >&6; } - if test "$am_cv_func_iconv" = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working iconv" >&5 -$as_echo_n "checking for working iconv... " >&6; } -if ${am_cv_func_iconv_works+:} false; then : - $as_echo_n "(cached) " >&6 -else - - am_save_LIBS="$LIBS" - if test $am_cv_lib_iconv = yes; then - LIBS="$LIBS $LIBICONV" - fi - if test "$cross_compiling" = yes; then : - - case "$host_os" in - aix* | hpux*) am_cv_func_iconv_works="guessing no" ;; - *) am_cv_func_iconv_works="guessing yes" ;; - esac - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -int main () -{ - int result = 0; - /* Test against AIX 5.1 bug: Failures are not distinguishable from successful - returns. */ - { - iconv_t cd_utf8_to_88591 = iconv_open ("ISO8859-1", "UTF-8"); - if (cd_utf8_to_88591 != (iconv_t)(-1)) - { - static const char input[] = "\342\202\254"; /* EURO SIGN */ - char buf[10]; - const char *inptr = input; - size_t inbytesleft = strlen (input); - char *outptr = buf; - size_t outbytesleft = sizeof (buf); - size_t res = iconv (cd_utf8_to_88591, - (char **) &inptr, &inbytesleft, - &outptr, &outbytesleft); - if (res == 0) - result |= 1; - iconv_close (cd_utf8_to_88591); - } - } - /* Test against Solaris 10 bug: Failures are not distinguishable from - successful returns. */ - { - iconv_t cd_ascii_to_88591 = iconv_open ("ISO8859-1", "646"); - if (cd_ascii_to_88591 != (iconv_t)(-1)) - { - static const char input[] = "\263"; - char buf[10]; - const char *inptr = input; - size_t inbytesleft = strlen (input); - char *outptr = buf; - size_t outbytesleft = sizeof (buf); - size_t res = iconv (cd_ascii_to_88591, - (char **) &inptr, &inbytesleft, - &outptr, &outbytesleft); - if (res == 0) - result |= 2; - iconv_close (cd_ascii_to_88591); - } - } - /* Test against AIX 6.1..7.1 bug: Buffer overrun. */ - { - iconv_t cd_88591_to_utf8 = iconv_open ("UTF-8", "ISO-8859-1"); - if (cd_88591_to_utf8 != (iconv_t)(-1)) - { - static const char input[] = "\304"; - static char buf[2] = { (char)0xDE, (char)0xAD }; - const char *inptr = input; - size_t inbytesleft = 1; - char *outptr = buf; - size_t outbytesleft = 1; - size_t res = iconv (cd_88591_to_utf8, - (char **) &inptr, &inbytesleft, - &outptr, &outbytesleft); - if (res != (size_t)(-1) || outptr - buf > 1 || buf[1] != (char)0xAD) - result |= 4; - iconv_close (cd_88591_to_utf8); - } - } -#if 0 /* This bug could be worked around by the caller. */ - /* Test against HP-UX 11.11 bug: Positive return value instead of 0. */ - { - iconv_t cd_88591_to_utf8 = iconv_open ("utf8", "iso88591"); - if (cd_88591_to_utf8 != (iconv_t)(-1)) - { - static const char input[] = "\304rger mit b\366sen B\374bchen ohne Augenma\337"; - char buf[50]; - const char *inptr = input; - size_t inbytesleft = strlen (input); - char *outptr = buf; - size_t outbytesleft = sizeof (buf); - size_t res = iconv (cd_88591_to_utf8, - (char **) &inptr, &inbytesleft, - &outptr, &outbytesleft); - if ((int)res > 0) - result |= 8; - iconv_close (cd_88591_to_utf8); - } - } -#endif - /* Test against HP-UX 11.11 bug: No converter from EUC-JP to UTF-8 is - provided. */ - if (/* Try standardized names. */ - iconv_open ("UTF-8", "EUC-JP") == (iconv_t)(-1) - /* Try IRIX, OSF/1 names. */ - && iconv_open ("UTF-8", "eucJP") == (iconv_t)(-1) - /* Try AIX names. */ - && iconv_open ("UTF-8", "IBM-eucJP") == (iconv_t)(-1) - /* Try HP-UX names. */ - && iconv_open ("utf8", "eucJP") == (iconv_t)(-1)) - result |= 16; - return result; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - am_cv_func_iconv_works=yes -else - am_cv_func_iconv_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - LIBS="$am_save_LIBS" - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_func_iconv_works" >&5 -$as_echo "$am_cv_func_iconv_works" >&6; } - case "$am_cv_func_iconv_works" in - *no) am_func_iconv=no am_cv_lib_iconv=no ;; - *) am_func_iconv=yes ;; - esac - else - am_func_iconv=no am_cv_lib_iconv=no - fi - if test "$am_func_iconv" = yes; then - -$as_echo "#define HAVE_ICONV 1" >>confdefs.h - - fi - if test "$am_cv_lib_iconv" = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libiconv" >&5 -$as_echo_n "checking how to link with libiconv... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBICONV" >&5 -$as_echo "$LIBICONV" >&6; } - else - CPPFLAGS="$am_save_CPPFLAGS" - LIBICONV= - LTLIBICONV= - fi - - - - - - - - - - - - use_additional=yes - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - -# Check whether --with-libintl-prefix was given. -if test "${with_libintl_prefix+set}" = set; then : - withval=$with_libintl_prefix; - if test "X$withval" = "Xno"; then - use_additional=no - else - if test "X$withval" = "X"; then - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - else - additional_includedir="$withval/include" - additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && ! test -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi - fi - fi - -fi - - LIBINTL= - LTLIBINTL= - INCINTL= - LIBINTL_PREFIX= - HAVE_LIBINTL= - rpathdirs= - ltrpathdirs= - names_already_handled= - names_next_round='intl ' - while test -n "$names_next_round"; do - names_this_round="$names_next_round" - names_next_round= - for name in $names_this_round; do - already_handled= - for n in $names_already_handled; do - if test "$n" = "$name"; then - already_handled=yes - break - fi - done - if test -z "$already_handled"; then - names_already_handled="$names_already_handled $name" - uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./+-|ABCDEFGHIJKLMNOPQRSTUVWXYZ____|'` - eval value=\"\$HAVE_LIB$uppername\" - if test -n "$value"; then - if test "$value" = yes; then - eval value=\"\$LIB$uppername\" - test -z "$value" || LIBINTL="${LIBINTL}${LIBINTL:+ }$value" - eval value=\"\$LTLIB$uppername\" - test -z "$value" || LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }$value" - else - : - fi - else - found_dir= - found_la= - found_so= - found_a= - eval libname=\"$acl_libname_spec\" # typically: libname=lib$name - if test -n "$acl_shlibext"; then - shrext=".$acl_shlibext" # typically: shrext=.so - else - shrext= - fi - if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - fi - if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIBINTL; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - case "$x" in - -L*) - dir=`echo "X$x" | sed -e 's/^X-L//'` - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - ;; - esac - if test "X$found_dir" != "X"; then - break - fi - done - fi - if test "X$found_dir" != "X"; then - LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-L$found_dir -l$name" - if test "X$found_so" != "X"; then - if test "$enable_rpath" = no \ - || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then - LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so" - else - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $found_dir" - fi - if test "$acl_hardcode_direct" = yes; then - LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so" - else - if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then - LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so" - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $found_dir" - fi - else - haveit= - for x in $LDFLAGS $LIBINTL; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - LIBINTL="${LIBINTL}${LIBINTL:+ }-L$found_dir" - fi - if test "$acl_hardcode_minus_L" != no; then - LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so" - else - LIBINTL="${LIBINTL}${LIBINTL:+ }-l$name" - fi - fi - fi - fi - else - if test "X$found_a" != "X"; then - LIBINTL="${LIBINTL}${LIBINTL:+ }$found_a" - else - LIBINTL="${LIBINTL}${LIBINTL:+ }-L$found_dir -l$name" - fi - fi - additional_includedir= - case "$found_dir" in - */$acl_libdirstem | */$acl_libdirstem/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` - if test "$name" = 'intl'; then - LIBINTL_PREFIX="$basedir" - fi - additional_includedir="$basedir/include" - ;; - */$acl_libdirstem2 | */$acl_libdirstem2/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem2/"'*$,,'` - if test "$name" = 'intl'; then - LIBINTL_PREFIX="$basedir" - fi - additional_includedir="$basedir/include" - ;; - esac - if test "X$additional_includedir" != "X"; then - if test "X$additional_includedir" != "X/usr/include"; then - haveit= - if test "X$additional_includedir" = "X/usr/local/include"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - for x in $CPPFLAGS $INCINTL; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-I$additional_includedir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_includedir"; then - INCINTL="${INCINTL}${INCINTL:+ }-I$additional_includedir" - fi - fi - fi - fi - fi - if test -n "$found_la"; then - save_libdir="$libdir" - case "$found_la" in - */* | *\\*) . "$found_la" ;; - *) . "./$found_la" ;; - esac - libdir="$save_libdir" - for dep in $dependency_libs; do - case "$dep" in - -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then - haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - haveit= - for x in $LDFLAGS $LIBINTL; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBINTL="${LIBINTL}${LIBINTL:+ }-L$additional_libdir" - fi - fi - haveit= - for x in $LDFLAGS $LTLIBINTL; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-L$additional_libdir" - fi - fi - fi - fi - ;; - -R*) - dir=`echo "X$dep" | sed -e 's/^X-R//'` - if test "$enable_rpath" != no; then - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $dir" - fi - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $dir" - fi - fi - ;; - -l*) - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'` - ;; - *.la) - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` - ;; - *) - LIBINTL="${LIBINTL}${LIBINTL:+ }$dep" - LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }$dep" - ;; - esac - done - fi - else - LIBINTL="${LIBINTL}${LIBINTL:+ }-l$name" - LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-l$name" - fi - fi - fi - done - done - if test "X$rpathdirs" != "X"; then - if test -n "$acl_hardcode_libdir_separator"; then - alldirs= - for found_dir in $rpathdirs; do - alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" - done - acl_save_libdir="$libdir" - libdir="$alldirs" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBINTL="${LIBINTL}${LIBINTL:+ }$flag" - else - for found_dir in $rpathdirs; do - acl_save_libdir="$libdir" - libdir="$found_dir" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBINTL="${LIBINTL}${LIBINTL:+ }$flag" - done - fi - fi - if test "X$ltrpathdirs" != "X"; then - for found_dir in $ltrpathdirs; do - LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-R$found_dir" - done - fi - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU gettext in libintl" >&5 -$as_echo_n "checking for GNU gettext in libintl... " >&6; } -if eval \${$gt_func_gnugettext_libintl+:} false; then : - $as_echo_n "(cached) " >&6 -else - gt_save_CPPFLAGS="$CPPFLAGS" - CPPFLAGS="$CPPFLAGS $INCINTL" - gt_save_LIBS="$LIBS" - LIBS="$LIBS $LIBINTL" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -$gt_revision_test_code -extern int _nl_msg_cat_cntr; -extern -#ifdef __cplusplus -"C" -#endif -const char *_nl_expand_alias (const char *); - -int -main () -{ - -bindtextdomain ("", ""); -return * gettext ("")$gt_expression_test_code + _nl_msg_cat_cntr + *_nl_expand_alias ("") - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - eval "$gt_func_gnugettext_libintl=yes" -else - eval "$gt_func_gnugettext_libintl=no" -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - if { eval "gt_val=\$$gt_func_gnugettext_libintl"; test "$gt_val" != yes; } && test -n "$LIBICONV"; then - LIBS="$LIBS $LIBICONV" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -$gt_revision_test_code -extern int _nl_msg_cat_cntr; -extern -#ifdef __cplusplus -"C" -#endif -const char *_nl_expand_alias (const char *); - -int -main () -{ - -bindtextdomain ("", ""); -return * gettext ("")$gt_expression_test_code + _nl_msg_cat_cntr + *_nl_expand_alias ("") - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - LIBINTL="$LIBINTL $LIBICONV" - LTLIBINTL="$LTLIBINTL $LTLIBICONV" - eval "$gt_func_gnugettext_libintl=yes" - -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - fi - CPPFLAGS="$gt_save_CPPFLAGS" - LIBS="$gt_save_LIBS" -fi -eval ac_res=\$$gt_func_gnugettext_libintl - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - fi - - if { eval "gt_val=\$$gt_func_gnugettext_libc"; test "$gt_val" = "yes"; } \ - || { { eval "gt_val=\$$gt_func_gnugettext_libintl"; test "$gt_val" = "yes"; } \ - && test "$PACKAGE" != gettext-runtime \ - && test "$PACKAGE" != gettext-tools; }; then - gt_use_preinstalled_gnugettext=yes - else - LIBINTL= - LTLIBINTL= - INCINTL= - fi - - - - if test -n "$INTL_MACOSX_LIBS"; then - if test "$gt_use_preinstalled_gnugettext" = "yes" \ - || test "$nls_cv_use_gnu_gettext" = "yes"; then - LIBINTL="$LIBINTL $INTL_MACOSX_LIBS" - LTLIBINTL="$LTLIBINTL $INTL_MACOSX_LIBS" - fi - fi - - if test "$gt_use_preinstalled_gnugettext" = "yes" \ - || test "$nls_cv_use_gnu_gettext" = "yes"; then - -$as_echo "#define ENABLE_NLS 1" >>confdefs.h - - else - USE_NLS=no - fi - fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to use NLS" >&5 -$as_echo_n "checking whether to use NLS... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_NLS" >&5 -$as_echo "$USE_NLS" >&6; } - if test "$USE_NLS" = "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking where the gettext function comes from" >&5 -$as_echo_n "checking where the gettext function comes from... " >&6; } - if test "$gt_use_preinstalled_gnugettext" = "yes"; then - if { eval "gt_val=\$$gt_func_gnugettext_libintl"; test "$gt_val" = "yes"; }; then - gt_source="external libintl" - else - gt_source="libc" - fi - else - gt_source="included intl directory" - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_source" >&5 -$as_echo "$gt_source" >&6; } - fi - - if test "$USE_NLS" = "yes"; then - - if test "$gt_use_preinstalled_gnugettext" = "yes"; then - if { eval "gt_val=\$$gt_func_gnugettext_libintl"; test "$gt_val" = "yes"; }; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libintl" >&5 -$as_echo_n "checking how to link with libintl... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBINTL" >&5 -$as_echo "$LIBINTL" >&6; } - - for element in $INCINTL; do - haveit= - for x in $CPPFLAGS; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - if test "X$x" = "X$element"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element" - fi - done - - fi - - -$as_echo "#define HAVE_GETTEXT 1" >>confdefs.h - - -$as_echo "#define HAVE_DCGETTEXT 1" >>confdefs.h - - fi - - POSUB=po - fi - - - - INTLLIBS="$LIBINTL" - - - - - - - if test "x$USE_NLS" = "xyes"; then - USE_NLS_TRUE= - USE_NLS_FALSE='#' -else - USE_NLS_TRUE='#' - USE_NLS_FALSE= -fi - - -ac_config_files="$ac_config_files Makefile po/Makefile.in doc/Makefile man/Makefile man/config.xml man/po/Makefile man/cs/Makefile man/da/Makefile man/de/Makefile man/es/Makefile man/fi/Makefile man/fr/Makefile man/hu/Makefile man/id/Makefile man/it/Makefile man/ja/Makefile man/ko/Makefile man/pl/Makefile man/pt_BR/Makefile man/ru/Makefile man/sv/Makefile man/tr/Makefile man/zh_CN/Makefile man/zh_TW/Makefile libmisc/Makefile lib/Makefile src/Makefile contrib/Makefile etc/Makefile etc/pam.d/Makefile shadow.spec" - -cat >confcache <<\_ACEOF -# This file is a shell script that caches the results of configure -# tests run on this system so they can be shared between configure -# scripts and configure runs, see configure's option --config-cache. -# It is not useful on other systems. If it contains results you don't -# want to keep, you may remove or edit it. -# -# config.status only pays attention to the cache file if you give it -# the --recheck option to rerun configure. -# -# `ac_cv_env_foo' variables (set or unset) will be overridden when -# loading this file, other *unset* `ac_cv_foo' will be assigned the -# following values. - -_ACEOF - -# The following way of writing the cache mishandles newlines in values, -# but we know of no workaround that is simple, portable, and efficient. -# So, we kill variables containing newlines. -# Ultrix sh set writes to stderr and can't be redirected directly, -# and sets the high bit in the cache file unless we assign to the vars. -( - for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do - eval ac_val=\$$ac_var - case $ac_val in #( - *${as_nl}*) - case $ac_var in #( - *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 -$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; - esac - case $ac_var in #( - _ | IFS | as_nl) ;; #( - BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( - *) { eval $ac_var=; unset $ac_var;} ;; - esac ;; - esac - done - - (set) 2>&1 | - case $as_nl`(ac_space=' '; set) 2>&1` in #( - *${as_nl}ac_space=\ *) - # `set' does not quote correctly, so add quotes: double-quote - # substitution turns \\\\ into \\, and sed turns \\ into \. - sed -n \ - "s/'/'\\\\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" - ;; #( - *) - # `set' quotes correctly as required by POSIX, so do not add quotes. - sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" - ;; - esac | - sort -) | - sed ' - /^ac_cv_env_/b end - t clear - :clear - s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ - t end - s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ - :end' >>confcache -if diff "$cache_file" confcache >/dev/null 2>&1; then :; else - if test -w "$cache_file"; then - if test "x$cache_file" != "x/dev/null"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 -$as_echo "$as_me: updating cache $cache_file" >&6;} - if test ! -f "$cache_file" || test -h "$cache_file"; then - cat confcache >"$cache_file" - else - case $cache_file in #( - */* | ?:*) - mv -f confcache "$cache_file"$$ && - mv -f "$cache_file"$$ "$cache_file" ;; #( - *) - mv -f confcache "$cache_file" ;; - esac - fi - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 -$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} - fi -fi -rm -f confcache - -test "x$prefix" = xNONE && prefix=$ac_default_prefix -# Let make expand exec_prefix. -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - -DEFS=-DHAVE_CONFIG_H - -ac_libobjs= -ac_ltlibobjs= -U= -for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue - # 1. Remove the extension, and $U if already installed. - ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' - ac_i=`$as_echo "$ac_i" | sed "$ac_script"` - # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR - # will be set to the directory where LIBOBJS objects are built. - as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" - as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' -done -LIBOBJS=$ac_libobjs - -LTLIBOBJS=$ac_ltlibobjs - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5 -$as_echo_n "checking that generated files are newer than configure... " >&6; } - if test -n "$am_sleep_pid"; then - # Hide warnings about reused PIDs. - wait $am_sleep_pid 2>/dev/null - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5 -$as_echo "done" >&6; } - if test -n "$EXEEXT"; then - am__EXEEXT_TRUE= - am__EXEEXT_FALSE='#' -else - am__EXEEXT_TRUE='#' - am__EXEEXT_FALSE= -fi - -if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then - as_fn_error $? "conditional \"AMDEP\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then - as_fn_error $? "conditional \"am__fastdepCC\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then - as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then - as_fn_error $? "conditional \"am__fastdepCC\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${USE_SHA_CRYPT_TRUE}" && test -z "${USE_SHA_CRYPT_FALSE}"; then - as_fn_error $? "conditional \"USE_SHA_CRYPT\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${SHADOWGRP_TRUE}" && test -z "${SHADOWGRP_FALSE}"; then - as_fn_error $? "conditional \"SHADOWGRP\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${ENABLE_REGENERATE_MAN_TRUE}" && test -z "${ENABLE_REGENERATE_MAN_FALSE}"; then - as_fn_error $? "conditional \"ENABLE_REGENERATE_MAN\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${ENABLE_SUBIDS_TRUE}" && test -z "${ENABLE_SUBIDS_FALSE}"; then - as_fn_error $? "conditional \"ENABLE_SUBIDS\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${WITH_TCB_TRUE}" && test -z "${WITH_TCB_FALSE}"; then - as_fn_error $? "conditional \"WITH_TCB\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${USE_PAM_TRUE}" && test -z "${USE_PAM_FALSE}"; then - as_fn_error $? "conditional \"USE_PAM\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${USE_PAM_TRUE}" && test -z "${USE_PAM_FALSE}"; then - as_fn_error $? "conditional \"USE_PAM\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${ACCT_TOOLS_SETUID_TRUE}" && test -z "${ACCT_TOOLS_SETUID_FALSE}"; then - as_fn_error $? "conditional \"ACCT_TOOLS_SETUID\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${USE_NLS_TRUE}" && test -z "${USE_NLS_FALSE}"; then - as_fn_error $? "conditional \"USE_NLS\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi - -: "${CONFIG_STATUS=./config.status}" -ac_write_fail=0 -ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files $CONFIG_STATUS" -{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 -$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} -as_write_fail=0 -cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 -#! $SHELL -# Generated by $as_me. -# Run this file to recreate the current configuration. -# Compiler output produced by configure, useful for debugging -# configure, is in config.log if it exists. - -debug=false -ac_cs_recheck=false -ac_cs_silent=false - -SHELL=\${CONFIG_SHELL-$SHELL} -export SHELL -_ASEOF -cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 -## -------------------- ## -## M4sh Initialization. ## -## -------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi - - -as_nl=' -' -export as_nl -# Printing a long string crashes Solaris 7 /usr/bin/printf. -as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo -# Prefer a ksh shell builtin over an external printf program on Solaris, -# but without wasting forks for bash or zsh. -if test -z "$BASH_VERSION$ZSH_VERSION" \ - && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='print -r --' - as_echo_n='print -rn --' -elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='printf %s\n' - as_echo_n='printf %s' -else - if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then - as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' - as_echo_n='/usr/ucb/echo -n' - else - as_echo_body='eval expr "X$1" : "X\\(.*\\)"' - as_echo_n_body='eval - arg=$1; - case $arg in #( - *"$as_nl"*) - expr "X$arg" : "X\\(.*\\)$as_nl"; - arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; - esac; - expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" - ' - export as_echo_n_body - as_echo_n='sh -c $as_echo_n_body as_echo' - fi - export as_echo_body - as_echo='sh -c $as_echo_body as_echo' -fi - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { - (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || - PATH_SEPARATOR=';' - } -fi - - -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -IFS=" "" $as_nl" - -# Find who we are. Look in the path if we contain no directory separator. -as_myself= -case $0 in #(( - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break - done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - exit 1 -fi - -# Unset variables that we do not need and which cause bugs (e.g. in -# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" -# suppresses any "Segmentation fault" message there. '((' could -# trigger a bug in pdksh 5.2.14. -for as_var in BASH_ENV ENV MAIL MAILPATH -do eval test x\${$as_var+set} = xset \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# CDPATH. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - - -# as_fn_error STATUS ERROR [LINENO LOG_FD] -# ---------------------------------------- -# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are -# provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with STATUS, using 1 if that was 0. -as_fn_error () -{ - as_status=$1; test $as_status -eq 0 && as_status=1 - if test "$4"; then - as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 - fi - $as_echo "$as_me: error: $2" >&2 - as_fn_exit $as_status -} # as_fn_error - - -# as_fn_set_status STATUS -# ----------------------- -# Set $? to STATUS, without forking. -as_fn_set_status () -{ - return $1 -} # as_fn_set_status - -# as_fn_exit STATUS -# ----------------- -# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. -as_fn_exit () -{ - set +e - as_fn_set_status $1 - exit $1 -} # as_fn_exit - -# as_fn_unset VAR -# --------------- -# Portably unset VAR. -as_fn_unset () -{ - { eval $1=; unset $1;} -} -as_unset=as_fn_unset -# as_fn_append VAR VALUE -# ---------------------- -# Append the text in VALUE to the end of the definition contained in VAR. Take -# advantage of any shell optimizations that allow amortized linear growth over -# repeated appends, instead of the typical quadratic growth present in naive -# implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : - eval 'as_fn_append () - { - eval $1+=\$2 - }' -else - as_fn_append () - { - eval $1=\$$1\$2 - } -fi # as_fn_append - -# as_fn_arith ARG... -# ------------------ -# Perform arithmetic evaluation on the ARGs, and store the result in the -# global $as_val. Take advantage of shells that can avoid forks. The arguments -# must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : - eval 'as_fn_arith () - { - as_val=$(( $* )) - }' -else - as_fn_arith () - { - as_val=`expr "$@" || test $? -eq 1` - } -fi # as_fn_arith - - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in #((((( --n*) - case `echo 'xy\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - xy) ECHO_C='\c';; - *) echo `echo ksh88 bug on AIX 6.1` > /dev/null - ECHO_T=' ';; - esac;; -*) - ECHO_N='-n';; -esac - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir 2>/dev/null -fi -if (echo >conf$$.file) 2>/dev/null; then - if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' - elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln - else - as_ln_s='cp -pR' - fi -else - as_ln_s='cp -pR' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - - -# as_fn_mkdir_p -# ------------- -# Create "$as_dir" as a directory, including parents if necessary. -as_fn_mkdir_p () -{ - - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || eval $as_mkdir_p || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" - - -} # as_fn_mkdir_p -if mkdir -p . 2>/dev/null; then - as_mkdir_p='mkdir -p "$as_dir"' -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -as_test_x='test -x' -as_executable_p=as_fn_executable_p - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - - -exec 6>&1 -## ----------------------------------- ## -## Main body of $CONFIG_STATUS script. ## -## ----------------------------------- ## -_ASEOF -test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -# Save the log message, to keep $0 and so on meaningful, and to -# report actual input values of CONFIG_FILES etc. instead of their -# values after options handling. -ac_log=" -This file was extended by $as_me, which was -generated by GNU Autoconf 2.69. Invocation command line was - - CONFIG_FILES = $CONFIG_FILES - CONFIG_HEADERS = $CONFIG_HEADERS - CONFIG_LINKS = $CONFIG_LINKS - CONFIG_COMMANDS = $CONFIG_COMMANDS - $ $0 $@ - -on `(hostname || uname -n) 2>/dev/null | sed 1q` -" - -_ACEOF - -case $ac_config_files in *" -"*) set x $ac_config_files; shift; ac_config_files=$*;; -esac - -case $ac_config_headers in *" -"*) set x $ac_config_headers; shift; ac_config_headers=$*;; -esac - - -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -# Files that config.status was made for. -config_files="$ac_config_files" -config_headers="$ac_config_headers" -config_commands="$ac_config_commands" - -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -ac_cs_usage="\ -\`$as_me' instantiates files and other configuration actions -from templates according to the current configuration. Unless the files -and actions are specified as TAGs, all are instantiated by default. - -Usage: $0 [OPTION]... [TAG]... - - -h, --help print this help, then exit - -V, --version print version number and configuration settings, then exit - --config print configuration, then exit - -q, --quiet, --silent - do not print progress messages - -d, --debug don't remove temporary files - --recheck update $as_me by reconfiguring in the same conditions - --file=FILE[:TEMPLATE] - instantiate the configuration file FILE - --header=FILE[:TEMPLATE] - instantiate the configuration header FILE - -Configuration files: -$config_files - -Configuration headers: -$config_headers - -Configuration commands: -$config_commands - -Report bugs to the package provider." - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" -ac_cs_version="\\ -config.status -configured by $0, generated by GNU Autoconf 2.69, - with options \\"\$ac_cs_config\\" - -Copyright (C) 2012 Free Software Foundation, Inc. -This config.status script is free software; the Free Software Foundation -gives unlimited permission to copy, distribute and modify it." - -ac_pwd='$ac_pwd' -srcdir='$srcdir' -INSTALL='$INSTALL' -MKDIR_P='$MKDIR_P' -AWK='$AWK' -test -n "\$AWK" || AWK=awk -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -# The default lists apply if the user does not specify any file. -ac_need_defaults=: -while test $# != 0 -do - case $1 in - --*=?*) - ac_option=`expr "X$1" : 'X\([^=]*\)='` - ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` - ac_shift=: - ;; - --*=) - ac_option=`expr "X$1" : 'X\([^=]*\)='` - ac_optarg= - ac_shift=: - ;; - *) - ac_option=$1 - ac_optarg=$2 - ac_shift=shift - ;; - esac - - case $ac_option in - # Handling of the options. - -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) - ac_cs_recheck=: ;; - --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) - $as_echo "$ac_cs_version"; exit ;; - --config | --confi | --conf | --con | --co | --c ) - $as_echo "$ac_cs_config"; exit ;; - --debug | --debu | --deb | --de | --d | -d ) - debug=: ;; - --file | --fil | --fi | --f ) - $ac_shift - case $ac_optarg in - *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; - '') as_fn_error $? "missing file argument" ;; - esac - as_fn_append CONFIG_FILES " '$ac_optarg'" - ac_need_defaults=false;; - --header | --heade | --head | --hea ) - $ac_shift - case $ac_optarg in - *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; - esac - as_fn_append CONFIG_HEADERS " '$ac_optarg'" - ac_need_defaults=false;; - --he | --h) - # Conflict between --help and --header - as_fn_error $? "ambiguous option: \`$1' -Try \`$0 --help' for more information.";; - --help | --hel | -h ) - $as_echo "$ac_cs_usage"; exit ;; - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil | --si | --s) - ac_cs_silent=: ;; - - # This is an error. - -*) as_fn_error $? "unrecognized option: \`$1' -Try \`$0 --help' for more information." ;; - - *) as_fn_append ac_config_targets " $1" - ac_need_defaults=false ;; - - esac - shift -done - -ac_configure_extra_args= - -if $ac_cs_silent; then - exec 6>/dev/null - ac_configure_extra_args="$ac_configure_extra_args --silent" -fi - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -if \$ac_cs_recheck; then - set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion - shift - \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 - CONFIG_SHELL='$SHELL' - export CONFIG_SHELL - exec "\$@" -fi - -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -exec 5>>config.log -{ - echo - sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX -## Running $as_me. ## -_ASBOX - $as_echo "$ac_log" -} >&5 - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -# -# INIT-COMMANDS -# -AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir" - - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -sed_quote_subst='$sed_quote_subst' -double_quote_subst='$double_quote_subst' -delay_variable_subst='$delay_variable_subst' -enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' -enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`' -macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' -macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' -pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' -enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`' -SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`' -ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`' -PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`' -host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`' -host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`' -host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`' -build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`' -build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`' -build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`' -SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`' -Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`' -GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`' -EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`' -FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`' -LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`' -NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`' -LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`' -max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`' -ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`' -exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`' -lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`' -lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`' -lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`' -lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`' -lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`' -reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`' -reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`' -OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' -deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`' -file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`' -file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`' -want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`' -DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' -sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`' -AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`' -AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`' -archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`' -STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`' -RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`' -old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`' -old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`' -old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`' -lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`' -CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`' -CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`' -compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`' -GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`' -nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`' -lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`' -objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`' -MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`' -lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`' -need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`' -MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`' -DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`' -NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`' -LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`' -OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`' -OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`' -libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`' -shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`' -extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`' -archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`' -enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`' -export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`' -whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`' -compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`' -old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`' -old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`' -archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`' -archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`' -module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`' -module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`' -with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`' -allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`' -no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`' -hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`' -hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`' -hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`' -hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`' -hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`' -hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`' -hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`' -inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`' -link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`' -always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`' -export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`' -exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`' -include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`' -prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`' -postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`' -file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`' -variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`' -need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`' -need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`' -version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`' -runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`' -shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`' -shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`' -libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`' -library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`' -soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`' -install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`' -postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`' -postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`' -finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`' -finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`' -hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`' -sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`' -sys_lib_dlsearch_path_spec='`$ECHO "$sys_lib_dlsearch_path_spec" | $SED "$delay_single_quote_subst"`' -hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`' -enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`' -enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`' -enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`' -old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`' -striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`' - -LTCC='$LTCC' -LTCFLAGS='$LTCFLAGS' -compiler='$compiler_DEFAULT' - -# A function that is used when there is no print builtin or printf. -func_fallback_echo () -{ - eval 'cat <<_LTECHO_EOF -\$1 -_LTECHO_EOF' -} - -# Quote evaled strings. -for var in SHELL \ -ECHO \ -PATH_SEPARATOR \ -SED \ -GREP \ -EGREP \ -FGREP \ -LD \ -NM \ -LN_S \ -lt_SP2NL \ -lt_NL2SP \ -reload_flag \ -OBJDUMP \ -deplibs_check_method \ -file_magic_cmd \ -file_magic_glob \ -want_nocaseglob \ -DLLTOOL \ -sharedlib_from_linklib_cmd \ -AR \ -AR_FLAGS \ -archiver_list_spec \ -STRIP \ -RANLIB \ -CC \ -CFLAGS \ -compiler \ -lt_cv_sys_global_symbol_pipe \ -lt_cv_sys_global_symbol_to_cdecl \ -lt_cv_sys_global_symbol_to_c_name_address \ -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \ -nm_file_list_spec \ -lt_prog_compiler_no_builtin_flag \ -lt_prog_compiler_pic \ -lt_prog_compiler_wl \ -lt_prog_compiler_static \ -lt_cv_prog_compiler_c_o \ -need_locks \ -MANIFEST_TOOL \ -DSYMUTIL \ -NMEDIT \ -LIPO \ -OTOOL \ -OTOOL64 \ -shrext_cmds \ -export_dynamic_flag_spec \ -whole_archive_flag_spec \ -compiler_needs_object \ -with_gnu_ld \ -allow_undefined_flag \ -no_undefined_flag \ -hardcode_libdir_flag_spec \ -hardcode_libdir_separator \ -exclude_expsyms \ -include_expsyms \ -file_list_spec \ -variables_saved_for_relink \ -libname_spec \ -library_names_spec \ -soname_spec \ -install_override_mode \ -finish_eval \ -old_striplib \ -striplib; do - case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in - *[\\\\\\\`\\"\\\$]*) - eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" - ;; - *) - eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" - ;; - esac -done - -# Double-quote double-evaled strings. -for var in reload_cmds \ -old_postinstall_cmds \ -old_postuninstall_cmds \ -old_archive_cmds \ -extract_expsyms_cmds \ -old_archive_from_new_cmds \ -old_archive_from_expsyms_cmds \ -archive_cmds \ -archive_expsym_cmds \ -module_cmds \ -module_expsym_cmds \ -export_symbols_cmds \ -prelink_cmds \ -postlink_cmds \ -postinstall_cmds \ -postuninstall_cmds \ -finish_cmds \ -sys_lib_search_path_spec \ -sys_lib_dlsearch_path_spec; do - case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in - *[\\\\\\\`\\"\\\$]*) - eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" - ;; - *) - eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" - ;; - esac -done - -ac_aux_dir='$ac_aux_dir' -xsi_shell='$xsi_shell' -lt_shell_append='$lt_shell_append' - -# See if we are running on zsh, and set the options which allow our -# commands through without removal of \ escapes INIT. -if test -n "\${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST -fi - - - PACKAGE='$PACKAGE' - VERSION='$VERSION' - TIMESTAMP='$TIMESTAMP' - RM='$RM' - ofile='$ofile' - - - -# Capture the value of obsolete ALL_LINGUAS because we need it to compute - # POFILES, UPDATEPOFILES, DUMMYPOFILES, GMOFILES, CATALOGS. But hide it - # from automake < 1.5. - eval 'OBSOLETE_ALL_LINGUAS''="$ALL_LINGUAS"' - # Capture the value of LINGUAS because we need it to compute CATALOGS. - LINGUAS="${LINGUAS-%UNSET%}" - - -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 - -# Handling of arguments. -for ac_config_target in $ac_config_targets -do - case $ac_config_target in - "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; - "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; - "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;; - "po-directories") CONFIG_COMMANDS="$CONFIG_COMMANDS po-directories" ;; - "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; - "po/Makefile.in") CONFIG_FILES="$CONFIG_FILES po/Makefile.in" ;; - "doc/Makefile") CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;; - "man/Makefile") CONFIG_FILES="$CONFIG_FILES man/Makefile" ;; - "man/config.xml") CONFIG_FILES="$CONFIG_FILES man/config.xml" ;; - "man/po/Makefile") CONFIG_FILES="$CONFIG_FILES man/po/Makefile" ;; - "man/cs/Makefile") CONFIG_FILES="$CONFIG_FILES man/cs/Makefile" ;; - "man/da/Makefile") CONFIG_FILES="$CONFIG_FILES man/da/Makefile" ;; - "man/de/Makefile") CONFIG_FILES="$CONFIG_FILES man/de/Makefile" ;; - "man/es/Makefile") CONFIG_FILES="$CONFIG_FILES man/es/Makefile" ;; - "man/fi/Makefile") CONFIG_FILES="$CONFIG_FILES man/fi/Makefile" ;; - "man/fr/Makefile") CONFIG_FILES="$CONFIG_FILES man/fr/Makefile" ;; - "man/hu/Makefile") CONFIG_FILES="$CONFIG_FILES man/hu/Makefile" ;; - "man/id/Makefile") CONFIG_FILES="$CONFIG_FILES man/id/Makefile" ;; - "man/it/Makefile") CONFIG_FILES="$CONFIG_FILES man/it/Makefile" ;; - "man/ja/Makefile") CONFIG_FILES="$CONFIG_FILES man/ja/Makefile" ;; - "man/ko/Makefile") CONFIG_FILES="$CONFIG_FILES man/ko/Makefile" ;; - "man/pl/Makefile") CONFIG_FILES="$CONFIG_FILES man/pl/Makefile" ;; - "man/pt_BR/Makefile") CONFIG_FILES="$CONFIG_FILES man/pt_BR/Makefile" ;; - "man/ru/Makefile") CONFIG_FILES="$CONFIG_FILES man/ru/Makefile" ;; - "man/sv/Makefile") CONFIG_FILES="$CONFIG_FILES man/sv/Makefile" ;; - "man/tr/Makefile") CONFIG_FILES="$CONFIG_FILES man/tr/Makefile" ;; - "man/zh_CN/Makefile") CONFIG_FILES="$CONFIG_FILES man/zh_CN/Makefile" ;; - "man/zh_TW/Makefile") CONFIG_FILES="$CONFIG_FILES man/zh_TW/Makefile" ;; - "libmisc/Makefile") CONFIG_FILES="$CONFIG_FILES libmisc/Makefile" ;; - "lib/Makefile") CONFIG_FILES="$CONFIG_FILES lib/Makefile" ;; - "src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;; - "contrib/Makefile") CONFIG_FILES="$CONFIG_FILES contrib/Makefile" ;; - "etc/Makefile") CONFIG_FILES="$CONFIG_FILES etc/Makefile" ;; - "etc/pam.d/Makefile") CONFIG_FILES="$CONFIG_FILES etc/pam.d/Makefile" ;; - "shadow.spec") CONFIG_FILES="$CONFIG_FILES shadow.spec" ;; - - *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; - esac -done - - -# If the user did not use the arguments to specify the items to instantiate, -# then the envvar interface is used. Set only those that are not. -# We use the long form for the default assignment because of an extremely -# bizarre bug on SunOS 4.1.3. -if $ac_need_defaults; then - test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files - test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers - test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands -fi - -# Have a temporary directory for convenience. Make it in the build tree -# simply because there is no reason against having it here, and in addition, -# creating and moving files from /tmp can sometimes cause problems. -# Hook for its removal unless debugging. -# Note that there is a small window in which the directory will not be cleaned: -# after its creation but before its name has been assigned to `$tmp'. -$debug || -{ - tmp= ac_tmp= - trap 'exit_status=$? - : "${ac_tmp:=$tmp}" - { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status -' 0 - trap 'as_fn_exit 1' 1 2 13 15 -} -# Create a (secure) tmp directory for tmp files. - -{ - tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && - test -d "$tmp" -} || -{ - tmp=./conf$$-$RANDOM - (umask 077 && mkdir "$tmp") -} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 -ac_tmp=$tmp - -# Set up the scripts for CONFIG_FILES section. -# No need to generate them if there are no CONFIG_FILES. -# This happens for instance with `./config.status config.h'. -if test -n "$CONFIG_FILES"; then - - -ac_cr=`echo X | tr X '\015'` -# On cygwin, bash can eat \r inside `` if the user requested igncr. -# But we know of no other shell where ac_cr would be empty at this -# point, so we can use a bashism as a fallback. -if test "x$ac_cr" = x; then - eval ac_cr=\$\'\\r\' -fi -ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` -if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then - ac_cs_awk_cr='\\r' -else - ac_cs_awk_cr=$ac_cr -fi - -echo 'BEGIN {' >"$ac_tmp/subs1.awk" && -_ACEOF - - -{ - echo "cat >conf$$subs.awk <<_ACEOF" && - echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && - echo "_ACEOF" -} >conf$$subs.sh || - as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 -ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` -ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - . ./conf$$subs.sh || - as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 - - ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` - if test $ac_delim_n = $ac_delim_num; then - break - elif $ac_last_try; then - as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done -rm -f conf$$subs.sh - -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && -_ACEOF -sed -n ' -h -s/^/S["/; s/!.*/"]=/ -p -g -s/^[^!]*!// -:repl -t repl -s/'"$ac_delim"'$// -t delim -:nl -h -s/\(.\{148\}\)..*/\1/ -t more1 -s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ -p -n -b repl -:more1 -s/["\\]/\\&/g; s/^/"/; s/$/"\\/ -p -g -s/.\{148\}// -t nl -:delim -h -s/\(.\{148\}\)..*/\1/ -t more2 -s/["\\]/\\&/g; s/^/"/; s/$/"/ -p -b -:more2 -s/["\\]/\\&/g; s/^/"/; s/$/"\\/ -p -g -s/.\{148\}// -t delim -' >$CONFIG_STATUS || ac_write_fail=1 -rm -f conf$$subs.awk -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -_ACAWK -cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && - for (key in S) S_is_set[key] = 1 - FS = "" - -} -{ - line = $ 0 - nfields = split(line, field, "@") - substed = 0 - len = length(field[1]) - for (i = 2; i < nfields; i++) { - key = field[i] - keylen = length(key) - if (S_is_set[key]) { - value = S[key] - line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) - len += length(value) + length(field[++i]) - substed = 1 - } else - len += 1 + keylen - } - - print line -} - -_ACAWK -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then - sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" -else - cat -fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ - || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 -_ACEOF - -# VPATH may cause trouble with some makes, so we remove sole $(srcdir), -# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and -# trailing colons and then remove the whole line if VPATH becomes empty -# (actually we leave an empty line to preserve line numbers). -if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ -h -s/// -s/^/:/ -s/[ ]*$/:/ -s/:\$(srcdir):/:/g -s/:\${srcdir}:/:/g -s/:@srcdir@:/:/g -s/^:*// -s/:*$// -x -s/\(=[ ]*\).*/\1/ -G -s/\n// -s/^[^=]*=[ ]*$// -}' -fi - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -fi # test -n "$CONFIG_FILES" - -# Set up the scripts for CONFIG_HEADERS section. -# No need to generate them if there are no CONFIG_HEADERS. -# This happens for instance with `./config.status Makefile'. -if test -n "$CONFIG_HEADERS"; then -cat >"$ac_tmp/defines.awk" <<\_ACAWK || -BEGIN { -_ACEOF - -# Transform confdefs.h into an awk script `defines.awk', embedded as -# here-document in config.status, that substitutes the proper values into -# config.h.in to produce config.h. - -# Create a delimiter string that does not exist in confdefs.h, to ease -# handling of long lines. -ac_delim='%!_!# ' -for ac_last_try in false false :; do - ac_tt=`sed -n "/$ac_delim/p" confdefs.h` - if test -z "$ac_tt"; then - break - elif $ac_last_try; then - as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done - -# For the awk script, D is an array of macro values keyed by name, -# likewise P contains macro parameters if any. Preserve backslash -# newline sequences. - -ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* -sed -n ' -s/.\{148\}/&'"$ac_delim"'/g -t rset -:rset -s/^[ ]*#[ ]*define[ ][ ]*/ / -t def -d -:def -s/\\$// -t bsnl -s/["\\]/\\&/g -s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ -D["\1"]=" \3"/p -s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p -d -:bsnl -s/["\\]/\\&/g -s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ -D["\1"]=" \3\\\\\\n"\\/p -t cont -s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p -t cont -d -:cont -n -s/.\{148\}/&'"$ac_delim"'/g -t clear -:clear -s/\\$// -t bsnlc -s/["\\]/\\&/g; s/^/"/; s/$/"/p -d -:bsnlc -s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p -b cont -' >$CONFIG_STATUS || ac_write_fail=1 - -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 - for (key in D) D_is_set[key] = 1 - FS = "" -} -/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { - line = \$ 0 - split(line, arg, " ") - if (arg[1] == "#") { - defundef = arg[2] - mac1 = arg[3] - } else { - defundef = substr(arg[1], 2) - mac1 = arg[2] - } - split(mac1, mac2, "(") #) - macro = mac2[1] - prefix = substr(line, 1, index(line, defundef) - 1) - if (D_is_set[macro]) { - # Preserve the white space surrounding the "#". - print prefix "define", macro P[macro] D[macro] - next - } else { - # Replace #undef with comments. This is necessary, for example, - # in the case of _POSIX_SOURCE, which is predefined and required - # on some systems where configure will not decide to define it. - if (defundef == "undef") { - print "/*", prefix defundef, macro, "*/" - next - } - } -} -{ print } -_ACAWK -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 - as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 -fi # test -n "$CONFIG_HEADERS" - - -eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" -shift -for ac_tag -do - case $ac_tag in - :[FHLC]) ac_mode=$ac_tag; continue;; - esac - case $ac_mode$ac_tag in - :[FHL]*:*);; - :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; - :[FH]-) ac_tag=-:-;; - :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; - esac - ac_save_IFS=$IFS - IFS=: - set x $ac_tag - IFS=$ac_save_IFS - shift - ac_file=$1 - shift - - case $ac_mode in - :L) ac_source=$1;; - :[FH]) - ac_file_inputs= - for ac_f - do - case $ac_f in - -) ac_f="$ac_tmp/stdin";; - *) # Look for the file first in the build tree, then in the source tree - # (if the path is not absolute). The absolute path cannot be DOS-style, - # because $ac_f cannot contain `:'. - test -f "$ac_f" || - case $ac_f in - [\\/$]*) false;; - *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; - esac || - as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; - esac - case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac - as_fn_append ac_file_inputs " '$ac_f'" - done - - # Let's still pretend it is `configure' which instantiates (i.e., don't - # use $as_me), people would be surprised to read: - # /* config.h. Generated by config.status. */ - configure_input='Generated from '` - $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' - `' by configure.' - if test x"$ac_file" != x-; then - configure_input="$ac_file. $configure_input" - { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 -$as_echo "$as_me: creating $ac_file" >&6;} - fi - # Neutralize special characters interpreted by sed in replacement strings. - case $configure_input in #( - *\&* | *\|* | *\\* ) - ac_sed_conf_input=`$as_echo "$configure_input" | - sed 's/[\\\\&|]/\\\\&/g'`;; #( - *) ac_sed_conf_input=$configure_input;; - esac - - case $ac_tag in - *:-:* | *:-) cat >"$ac_tmp/stdin" \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; - esac - ;; - esac - - ac_dir=`$as_dirname -- "$ac_file" || -$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$ac_file" : 'X\(//\)[^/]' \| \ - X"$ac_file" : 'X\(//\)$' \| \ - X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$ac_file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - as_dir="$ac_dir"; as_fn_mkdir_p - ac_builddir=. - -case "$ac_dir" in -.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; -*) - ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` - # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` - case $ac_top_builddir_sub in - "") ac_top_builddir_sub=. ac_top_build_prefix= ;; - *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; - esac ;; -esac -ac_abs_top_builddir=$ac_pwd -ac_abs_builddir=$ac_pwd$ac_dir_suffix -# for backward compatibility: -ac_top_builddir=$ac_top_build_prefix - -case $srcdir in - .) # We are building in place. - ac_srcdir=. - ac_top_srcdir=$ac_top_builddir_sub - ac_abs_top_srcdir=$ac_pwd ;; - [\\/]* | ?:[\\/]* ) # Absolute name. - ac_srcdir=$srcdir$ac_dir_suffix; - ac_top_srcdir=$srcdir - ac_abs_top_srcdir=$srcdir ;; - *) # Relative name. - ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix - ac_top_srcdir=$ac_top_build_prefix$srcdir - ac_abs_top_srcdir=$ac_pwd/$srcdir ;; -esac -ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix - - - case $ac_mode in - :F) - # - # CONFIG_FILE - # - - case $INSTALL in - [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; - *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; - esac - ac_MKDIR_P=$MKDIR_P - case $MKDIR_P in - [\\/$]* | ?:[\\/]* ) ;; - */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; - esac -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -# If the template does not know about datarootdir, expand it. -# FIXME: This hack should be removed a few years after 2.60. -ac_datarootdir_hack=; ac_datarootdir_seen= -ac_sed_dataroot=' -/datarootdir/ { - p - q -} -/@datadir@/p -/@docdir@/p -/@infodir@/p -/@localedir@/p -/@mandir@/p' -case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in -*datarootdir*) ac_datarootdir_seen=yes;; -*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 -$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 - ac_datarootdir_hack=' - s&@datadir@&$datadir&g - s&@docdir@&$docdir&g - s&@infodir@&$infodir&g - s&@localedir@&$localedir&g - s&@mandir@&$mandir&g - s&\\\${datarootdir}&$datarootdir&g' ;; -esac -_ACEOF - -# Neutralize VPATH when `$srcdir' = `.'. -# Shell code in configure.ac might set extrasub. -# FIXME: do we really want to maintain this feature? -cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -ac_sed_extra="$ac_vpsub -$extrasub -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 -:t -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -s|@configure_input@|$ac_sed_conf_input|;t t -s&@top_builddir@&$ac_top_builddir_sub&;t t -s&@top_build_prefix@&$ac_top_build_prefix&;t t -s&@srcdir@&$ac_srcdir&;t t -s&@abs_srcdir@&$ac_abs_srcdir&;t t -s&@top_srcdir@&$ac_top_srcdir&;t t -s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t -s&@builddir@&$ac_builddir&;t t -s&@abs_builddir@&$ac_abs_builddir&;t t -s&@abs_top_builddir@&$ac_abs_top_builddir&;t t -s&@INSTALL@&$ac_INSTALL&;t t -s&@MKDIR_P@&$ac_MKDIR_P&;t t -$ac_datarootdir_hack -" -eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ - >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 - -test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && - { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && - { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ - "$ac_tmp/out"`; test -z "$ac_out"; } && - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined" >&5 -$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined" >&2;} - - rm -f "$ac_tmp/stdin" - case $ac_file in - -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; - *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; - esac \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 - ;; - :H) - # - # CONFIG_HEADER - # - if test x"$ac_file" != x-; then - { - $as_echo "/* $configure_input */" \ - && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" - } >"$ac_tmp/config.h" \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 - if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then - { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 -$as_echo "$as_me: $ac_file is unchanged" >&6;} - else - rm -f "$ac_file" - mv "$ac_tmp/config.h" "$ac_file" \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 - fi - else - $as_echo "/* $configure_input */" \ - && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ - || as_fn_error $? "could not create -" "$LINENO" 5 - fi -# Compute "$ac_file"'s index in $config_headers. -_am_arg="$ac_file" -_am_stamp_count=1 -for _am_header in $config_headers :; do - case $_am_header in - $_am_arg | $_am_arg:* ) - break ;; - * ) - _am_stamp_count=`expr $_am_stamp_count + 1` ;; - esac -done -echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || -$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$_am_arg" : 'X\(//\)[^/]' \| \ - X"$_am_arg" : 'X\(//\)$' \| \ - X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$_am_arg" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'`/stamp-h$_am_stamp_count - ;; - - :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 -$as_echo "$as_me: executing $ac_file commands" >&6;} - ;; - esac - - - case $ac_file$ac_mode in - "depfiles":C) test x"$AMDEP_TRUE" != x"" || { - # Older Autoconf quotes --file arguments for eval, but not when files - # are listed without --file. Let's play safe and only enable the eval - # if we detect the quoting. - case $CONFIG_FILES in - *\'*) eval set x "$CONFIG_FILES" ;; - *) set x $CONFIG_FILES ;; - esac - shift - for mf - do - # Strip MF so we end up with the name of the file. - mf=`echo "$mf" | sed -e 's/:.*$//'` - # Check whether this is an Automake generated Makefile or not. - # We used to match only the files named 'Makefile.in', but - # some people rename them; so instead we look at the file content. - # Grep'ing the first line is not enough: some people post-process - # each Makefile.in and add a new line on top of each file to say so. - # Grep'ing the whole file is not good either: AIX grep has a line - # limit of 2048, but all sed's we know have understand at least 4000. - if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then - dirpart=`$as_dirname -- "$mf" || -$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$mf" : 'X\(//\)[^/]' \| \ - X"$mf" : 'X\(//\)$' \| \ - X"$mf" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$mf" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - else - continue - fi - # Extract the definition of DEPDIR, am__include, and am__quote - # from the Makefile without running 'make'. - DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` - test -z "$DEPDIR" && continue - am__include=`sed -n 's/^am__include = //p' < "$mf"` - test -z "$am__include" && continue - am__quote=`sed -n 's/^am__quote = //p' < "$mf"` - # Find all dependency output files, they are included files with - # $(DEPDIR) in their names. We invoke sed twice because it is the - # simplest approach to changing $(DEPDIR) to its actual value in the - # expansion. - for file in `sed -n " - s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ - sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do - # Make sure the directory exists. - test -f "$dirpart/$file" && continue - fdir=`$as_dirname -- "$file" || -$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$file" : 'X\(//\)[^/]' \| \ - X"$file" : 'X\(//\)$' \| \ - X"$file" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - as_dir=$dirpart/$fdir; as_fn_mkdir_p - # echo "creating $dirpart/$file" - echo '# dummy' > "$dirpart/$file" - done - done -} - ;; - "libtool":C) - - # See if we are running on zsh, and set the options which allow our - # commands through without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - - cfgfile="${ofile}T" - trap "$RM \"$cfgfile\"; exit 1" 1 2 15 - $RM "$cfgfile" - - cat <<_LT_EOF >> "$cfgfile" -#! $SHELL - -# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. -# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: -# NOTE: Changes made to this file will be lost: look at ltmain.sh. -# -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. -# Written by Gordon Matzigkeit, 1996 -# -# This file is part of GNU Libtool. -# -# GNU Libtool is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; either version 2 of -# the License, or (at your option) any later version. -# -# As a special exception to the GNU General Public License, -# if you distribute this file as part of a program or library that -# is built using GNU Libtool, you may include this file under the -# same distribution terms that you use for the rest of that program. -# -# GNU Libtool is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with GNU Libtool; see the file COPYING. If not, a copy -# can be downloaded from http://www.gnu.org/licenses/gpl.html, or -# obtained by writing to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - - -# The names of the tagged configurations supported by this script. -available_tags="" - -# ### BEGIN LIBTOOL CONFIG - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Which release of libtool.m4 was used? -macro_version=$macro_version -macro_revision=$macro_revision - -# What type of objects to build. -pic_mode=$pic_mode - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# An echo program that protects backslashes. -ECHO=$lt_ECHO - -# The PATH separator for the build system. -PATH_SEPARATOR=$lt_PATH_SEPARATOR - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# A sed program that does not truncate output. -SED=$lt_SED - -# Sed that helps us avoid accidentally triggering echo(1) options like -n. -Xsed="\$SED -e 1s/^X//" - -# A grep program that handles long lines. -GREP=$lt_GREP - -# An ERE matcher. -EGREP=$lt_EGREP - -# A literal string matcher. -FGREP=$lt_FGREP - -# A BSD- or MS-compatible name lister. -NM=$lt_NM - -# Whether we need soft or hard links. -LN_S=$lt_LN_S - -# What is the maximum length of a command? -max_cmd_len=$max_cmd_len - -# Object file suffix (normally "o"). -objext=$ac_objext - -# Executable file suffix (normally ""). -exeext=$exeext - -# whether the shell understands "unset". -lt_unset=$lt_unset - -# turn spaces into newlines. -SP2NL=$lt_lt_SP2NL - -# turn newlines into spaces. -NL2SP=$lt_lt_NL2SP - -# convert \$build file names to \$host format. -to_host_file_cmd=$lt_cv_to_host_file_cmd - -# convert \$build files to toolchain format. -to_tool_file_cmd=$lt_cv_to_tool_file_cmd - -# An object symbol dumper. -OBJDUMP=$lt_OBJDUMP - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method = "file_magic". -file_magic_cmd=$lt_file_magic_cmd - -# How to find potential files when deplibs_check_method = "file_magic". -file_magic_glob=$lt_file_magic_glob - -# Find potential files using nocaseglob when deplibs_check_method = "file_magic". -want_nocaseglob=$lt_want_nocaseglob - -# DLL creation program. -DLLTOOL=$lt_DLLTOOL - -# Command to associate shared and link libraries. -sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd - -# The archiver. -AR=$lt_AR - -# Flags to create an archive. -AR_FLAGS=$lt_AR_FLAGS - -# How to feed a file listing to the archiver. -archiver_list_spec=$lt_archiver_list_spec - -# A symbol stripping program. -STRIP=$lt_STRIP - -# Commands used to install an old-style archive. -RANLIB=$lt_RANLIB -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Whether to use a lock for old archive extraction. -lock_old_archive_extraction=$lock_old_archive_extraction - -# A C compiler. -LTCC=$lt_CC - -# LTCC compiler flags. -LTCFLAGS=$lt_CFLAGS - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration. -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair. -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# Transform the output of nm in a C name address pair when lib prefix is needed. -global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix - -# Specify filename containing input files for \$NM. -nm_file_list_spec=$lt_nm_file_list_spec - -# The root where to search for dependent libraries,and in which our libraries should be installed. -lt_sysroot=$lt_sysroot - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# Used to examine libraries when file_magic_cmd begins with "file". -MAGIC_CMD=$MAGIC_CMD - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Manifest tool. -MANIFEST_TOOL=$lt_MANIFEST_TOOL - -# Tool to manipulate archived DWARF debug symbol files on Mac OS X. -DSYMUTIL=$lt_DSYMUTIL - -# Tool to change global to local symbols on Mac OS X. -NMEDIT=$lt_NMEDIT - -# Tool to manipulate fat objects and archives on Mac OS X. -LIPO=$lt_LIPO - -# ldd/readelf like tool for Mach-O binaries on Mac OS X. -OTOOL=$lt_OTOOL - -# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4. -OTOOL64=$lt_OTOOL64 - -# Old archive suffix (normally "a"). -libext=$libext - -# Shared library suffix (normally ".so"). -shrext_cmds=$lt_shrext_cmds - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at link time. -variables_saved_for_relink=$lt_variables_saved_for_relink - -# Do we need the "lib" prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Library versioning type. -version_type=$version_type - -# Shared library runtime path variable. -runpath_var=$runpath_var - -# Shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Permission mode override for installation of shared libraries. -install_override_mode=$lt_install_override_mode - -# Command to use after installation of a shared archive. -postinstall_cmds=$lt_postinstall_cmds - -# Command to use after uninstallation of a shared archive. -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# As "finish_cmds", except a single script fragment to be evaled but -# not shown. -finish_eval=$lt_finish_eval - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Compile-time system search path for libraries. -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries. -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - - -# The linker used to build libraries. -LD=$lt_LD - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# Commands used to build an old-style archive. -old_archive_cmds=$lt_old_archive_cmds - -# A language specific compiler. -CC=$lt_compiler - -# Is the compiler the GNU compiler? -with_gcc=$GCC - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc - -# Whether or not to disallow shared libs when runtime libs are static. -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec - -# Whether the compiler copes with passing no objects directly. -compiler_needs_object=$lt_compiler_needs_object - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds - -# Commands used to build a shared archive. -archive_cmds=$lt_archive_cmds -archive_expsym_cmds=$lt_archive_expsym_cmds - -# Commands used to build a loadable module if different from building -# a shared archive. -module_cmds=$lt_module_cmds -module_expsym_cmds=$lt_module_expsym_cmds - -# Whether we are building with GNU ld or not. -with_gnu_ld=$lt_with_gnu_ld - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag - -# Flag that enforces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec - -# Whether we need a single "-rpath" flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator - -# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes -# DIR into the resulting binary. -hardcode_direct=$hardcode_direct - -# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes -# DIR into the resulting binary and the resulting library dependency is -# "absolute",i.e impossible to change by setting \${shlibpath_var} if the -# library is relocated. -hardcode_direct_absolute=$hardcode_direct_absolute - -# Set to "yes" if using the -LDIR flag during linking hardcodes DIR -# into the resulting binary. -hardcode_minus_L=$hardcode_minus_L - -# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR -# into the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var - -# Set to "yes" if building a shared library automatically hardcodes DIR -# into the library and all subsequent libraries and executables linked -# against it. -hardcode_automatic=$hardcode_automatic - -# Set to yes if linker adds runtime paths of dependent libraries -# to runtime path list. -inherit_rpath=$inherit_rpath - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs - -# Set to "yes" if exported symbols are required. -always_export_symbols=$always_export_symbols - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms - -# Commands necessary for linking programs (against libraries) with templates. -prelink_cmds=$lt_prelink_cmds - -# Commands necessary for finishing linking programs. -postlink_cmds=$lt_postlink_cmds - -# Specify filename containing input files. -file_list_spec=$lt_file_list_spec - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action - -# ### END LIBTOOL CONFIG - -_LT_EOF - - case $host_os in - aix3*) - cat <<\_LT_EOF >> "$cfgfile" -# AIX sometimes has problems with the GCC collect2 program. For some -# reason, if we set the COLLECT_NAMES environment variable, the problems -# vanish in a puff of smoke. -if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES -fi -_LT_EOF - ;; - esac - - -ltmain="$ac_aux_dir/ltmain.sh" - - - # We use sed instead of cat because bash on DJGPP gets confused if - # if finds mixed CR/LF and LF-only lines. Since sed operates in - # text mode, it properly converts lines to CR/LF. This bash problem - # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" \ - || (rm -f "$cfgfile"; exit 1) - - if test x"$xsi_shell" = xyes; then - sed -e '/^func_dirname ()$/,/^} # func_dirname /c\ -func_dirname ()\ -{\ -\ case ${1} in\ -\ */*) func_dirname_result="${1%/*}${2}" ;;\ -\ * ) func_dirname_result="${3}" ;;\ -\ esac\ -} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_basename ()$/,/^} # func_basename /c\ -func_basename ()\ -{\ -\ func_basename_result="${1##*/}"\ -} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\ -func_dirname_and_basename ()\ -{\ -\ case ${1} in\ -\ */*) func_dirname_result="${1%/*}${2}" ;;\ -\ * ) func_dirname_result="${3}" ;;\ -\ esac\ -\ func_basename_result="${1##*/}"\ -} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_stripname ()$/,/^} # func_stripname /c\ -func_stripname ()\ -{\ -\ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\ -\ # positional parameters, so assign one to ordinary parameter first.\ -\ func_stripname_result=${3}\ -\ func_stripname_result=${func_stripname_result#"${1}"}\ -\ func_stripname_result=${func_stripname_result%"${2}"}\ -} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\ -func_split_long_opt ()\ -{\ -\ func_split_long_opt_name=${1%%=*}\ -\ func_split_long_opt_arg=${1#*=}\ -} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\ -func_split_short_opt ()\ -{\ -\ func_split_short_opt_arg=${1#??}\ -\ func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\ -} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\ -func_lo2o ()\ -{\ -\ case ${1} in\ -\ *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\ -\ *) func_lo2o_result=${1} ;;\ -\ esac\ -} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_xform ()$/,/^} # func_xform /c\ -func_xform ()\ -{\ - func_xform_result=${1%.*}.lo\ -} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_arith ()$/,/^} # func_arith /c\ -func_arith ()\ -{\ - func_arith_result=$(( $* ))\ -} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_len ()$/,/^} # func_len /c\ -func_len ()\ -{\ - func_len_result=${#1}\ -} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - -fi - -if test x"$lt_shell_append" = xyes; then - sed -e '/^func_append ()$/,/^} # func_append /c\ -func_append ()\ -{\ - eval "${1}+=\\${2}"\ -} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\ -func_append_quoted ()\ -{\ -\ func_quote_for_eval "${2}"\ -\ eval "${1}+=\\\\ \\$func_quote_for_eval_result"\ -} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - # Save a `func_append' function call where possible by direct use of '+=' - sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") - test 0 -eq $? || _lt_function_replace_fail=: -else - # Save a `func_append' function call even when '+=' is not available - sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") - test 0 -eq $? || _lt_function_replace_fail=: -fi - -if test x"$_lt_function_replace_fail" = x":"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Unable to substitute extended shell functions in $ofile" >&5 -$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;} -fi - - - mv -f "$cfgfile" "$ofile" || - (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") - chmod +x "$ofile" - - ;; - "po-directories":C) - for ac_file in $CONFIG_FILES; do - # Support "outfile[:infile[:infile...]]" - case "$ac_file" in - *:*) ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; - esac - # PO directories have a Makefile.in generated from Makefile.in.in. - case "$ac_file" in */Makefile.in) - # Adjust a relative srcdir. - ac_dir=`echo "$ac_file"|sed 's%/[^/][^/]*$%%'` - ac_dir_suffix=/`echo "$ac_dir"|sed 's%^\./%%'` - ac_dots=`echo "$ac_dir_suffix"|sed 's%/[^/]*%../%g'` - # In autoconf-2.13 it is called $ac_given_srcdir. - # In autoconf-2.50 it is called $srcdir. - test -n "$ac_given_srcdir" || ac_given_srcdir="$srcdir" - case "$ac_given_srcdir" in - .) top_srcdir=`echo $ac_dots|sed 's%/$%%'` ;; - /*) top_srcdir="$ac_given_srcdir" ;; - *) top_srcdir="$ac_dots$ac_given_srcdir" ;; - esac - # Treat a directory as a PO directory if and only if it has a - # POTFILES.in file. This allows packages to have multiple PO - # directories under different names or in different locations. - if test -f "$ac_given_srcdir/$ac_dir/POTFILES.in"; then - rm -f "$ac_dir/POTFILES" - test -n "$as_me" && echo "$as_me: creating $ac_dir/POTFILES" || echo "creating $ac_dir/POTFILES" - gt_tab=`printf '\t'` - cat "$ac_given_srcdir/$ac_dir/POTFILES.in" | sed -e "/^#/d" -e "/^[ ${gt_tab}]*\$/d" -e "s,.*, $top_srcdir/& \\\\," | sed -e "\$s/\(.*\) \\\\/\1/" > "$ac_dir/POTFILES" - POMAKEFILEDEPS="POTFILES.in" - # ALL_LINGUAS, POFILES, UPDATEPOFILES, DUMMYPOFILES, GMOFILES depend - # on $ac_dir but don't depend on user-specified configuration - # parameters. - if test -f "$ac_given_srcdir/$ac_dir/LINGUAS"; then - # The LINGUAS file contains the set of available languages. - if test -n "$OBSOLETE_ALL_LINGUAS"; then - test -n "$as_me" && echo "$as_me: setting ALL_LINGUAS in configure.in is obsolete" || echo "setting ALL_LINGUAS in configure.in is obsolete" - fi - ALL_LINGUAS_=`sed -e "/^#/d" -e "s/#.*//" "$ac_given_srcdir/$ac_dir/LINGUAS"` - # Hide the ALL_LINGUAS assignment from automake < 1.5. - eval 'ALL_LINGUAS''=$ALL_LINGUAS_' - POMAKEFILEDEPS="$POMAKEFILEDEPS LINGUAS" - else - # The set of available languages was given in configure.in. - # Hide the ALL_LINGUAS assignment from automake < 1.5. - eval 'ALL_LINGUAS''=$OBSOLETE_ALL_LINGUAS' - fi - # Compute POFILES - # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).po) - # Compute UPDATEPOFILES - # as $(foreach lang, $(ALL_LINGUAS), $(lang).po-update) - # Compute DUMMYPOFILES - # as $(foreach lang, $(ALL_LINGUAS), $(lang).nop) - # Compute GMOFILES - # as $(foreach lang, $(ALL_LINGUAS), $(srcdir)/$(lang).gmo) - case "$ac_given_srcdir" in - .) srcdirpre= ;; - *) srcdirpre='$(srcdir)/' ;; - esac - POFILES= - UPDATEPOFILES= - DUMMYPOFILES= - GMOFILES= - for lang in $ALL_LINGUAS; do - POFILES="$POFILES $srcdirpre$lang.po" - UPDATEPOFILES="$UPDATEPOFILES $lang.po-update" - DUMMYPOFILES="$DUMMYPOFILES $lang.nop" - GMOFILES="$GMOFILES $srcdirpre$lang.gmo" - done - # CATALOGS depends on both $ac_dir and the user's LINGUAS - # environment variable. - INST_LINGUAS= - if test -n "$ALL_LINGUAS"; then - for presentlang in $ALL_LINGUAS; do - useit=no - if test "%UNSET%" != "$LINGUAS"; then - desiredlanguages="$LINGUAS" - else - desiredlanguages="$ALL_LINGUAS" - fi - for desiredlang in $desiredlanguages; do - # Use the presentlang catalog if desiredlang is - # a. equal to presentlang, or - # b. a variant of presentlang (because in this case, - # presentlang can be used as a fallback for messages - # which are not translated in the desiredlang catalog). - case "$desiredlang" in - "$presentlang"*) useit=yes;; - esac - done - if test $useit = yes; then - INST_LINGUAS="$INST_LINGUAS $presentlang" - fi - done - fi - CATALOGS= - if test -n "$INST_LINGUAS"; then - for lang in $INST_LINGUAS; do - CATALOGS="$CATALOGS $lang.gmo" - done - fi - test -n "$as_me" && echo "$as_me: creating $ac_dir/Makefile" || echo "creating $ac_dir/Makefile" - sed -e "/^POTFILES =/r $ac_dir/POTFILES" -e "/^# Makevars/r $ac_given_srcdir/$ac_dir/Makevars" -e "s|@POFILES@|$POFILES|g" -e "s|@UPDATEPOFILES@|$UPDATEPOFILES|g" -e "s|@DUMMYPOFILES@|$DUMMYPOFILES|g" -e "s|@GMOFILES@|$GMOFILES|g" -e "s|@CATALOGS@|$CATALOGS|g" -e "s|@POMAKEFILEDEPS@|$POMAKEFILEDEPS|g" "$ac_dir/Makefile.in" > "$ac_dir/Makefile" - for f in "$ac_given_srcdir/$ac_dir"/Rules-*; do - if test -f "$f"; then - case "$f" in - *.orig | *.bak | *~) ;; - *) cat "$f" >> "$ac_dir/Makefile" ;; - esac - fi - done - fi - ;; - esac - done ;; - - esac -done # for ac_tag - - -as_fn_exit 0 -_ACEOF -ac_clean_files=$ac_clean_files_save - -test $ac_write_fail = 0 || - as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 - - -# configure is writing to config.log, and then calls config.status. -# config.status does its own redirection, appending to config.log. -# Unfortunately, on DOS this fails, as config.log is still kept open -# by configure, so config.status won't be able to write to it; its -# output is simply discarded. So we exec the FD to /dev/null, -# effectively closing config.log, so it can be properly (re)opened and -# appended to by config.status. When coming back to configure, we -# need to make the FD available again. -if test "$no_create" != yes; then - ac_cs_success=: - ac_config_status_args= - test "$silent" = yes && - ac_config_status_args="$ac_config_status_args --quiet" - exec 5>/dev/null - $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false - exec 5>>config.log - # Use ||, not &&, to avoid exiting from the if with $? = 1, which - # would make configure fail if this is the last instruction. - $ac_cs_success || as_fn_exit 1 -fi -if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 -$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} -fi - - -echo -echo "shadow will be compiled with the following features:" -echo -echo " auditing support: $with_audit" -echo " CrackLib support: $with_libcrack" -echo " PAM support: $with_libpam" -if test "$with_libpam" = "yes"; then -echo " suid account management tools: $enable_acct_tools_setuid" -fi -echo " SELinux support: $with_selinux" -echo " ACL support: $with_acl" -echo " Extended Attributes support: $with_attr" -echo " tcb support (incomplete): $with_tcb" -echo " shadow group support: $enable_shadowgrp" -echo " S/Key support: $with_skey" -echo " SHA passwords encryption: $with_sha_crypt" -echo " nscd support: $with_nscd" -echo " subordinate IDs support: $enable_subids" -echo diff --git a/configure.ac b/configure.ac new file mode 100644 index 00000000..b389838a --- /dev/null +++ b/configure.ac @@ -0,0 +1,679 @@ +dnl Process this file with autoconf to produce a configure script. +AC_INIT +AM_INIT_AUTOMAKE(shadow, 4.4) +AC_CONFIG_HEADERS([config.h]) + +dnl Some hacks... +test "$prefix" = "NONE" && prefix="/usr" +test "$prefix" = "/usr" && exec_prefix="" + +AC_GNU_SOURCE + +AM_DISABLE_SHARED +AM_ENABLE_STATIC + +AM_MAINTAINER_MODE + +dnl Checks for programs. +AC_PROG_CC +AC_ISC_POSIX +AC_PROG_LN_S +AC_PROG_YACC +AM_PROG_LIBTOOL + +dnl Checks for libraries. + +dnl Checks for header files. +AC_HEADER_DIRENT +AC_HEADER_STDC +AC_HEADER_SYS_WAIT +AC_HEADER_STDBOOL + +AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \ + utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \ + utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \ + locale.h rpc/key_prot.h netdb.h acl/libacl.h attr/libattr.h \ + attr/error_context.h) + +dnl shadow now uses the libc's shadow implementation +AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])]) + +AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \ + gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \ + lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \ + getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo \ + ruserok) +AC_SYS_LARGEFILE + +dnl Checks for typedefs, structures, and compiler characteristics. +AC_C_CONST +AC_TYPE_UID_T +AC_TYPE_OFF_T +AC_TYPE_PID_T +AC_TYPE_MODE_T +AC_HEADER_STAT +AC_CHECK_MEMBERS([struct stat.st_rdev]) +AC_CHECK_MEMBERS([struct stat.st_atim]) +AC_CHECK_MEMBERS([struct stat.st_atimensec]) +AC_CHECK_MEMBERS([struct stat.st_mtim]) +AC_CHECK_MEMBERS([struct stat.st_mtimensec]) +AC_HEADER_TIME +AC_STRUCT_TM + +AC_CHECK_MEMBERS([struct utmp.ut_type, + struct utmp.ut_id, + struct utmp.ut_name, + struct utmp.ut_user, + struct utmp.ut_host, + struct utmp.ut_syslen, + struct utmp.ut_addr, + struct utmp.ut_addr_v6, + struct utmp.ut_time, + struct utmp.ut_xtime, + struct utmp.ut_tv],,,[[#include ]]) +dnl There are dependencies: +dnl If UTMPX has to be used, the utmp structure shall have a ut_id field. +if test "$ac_cv_header_utmpx_h" = "yes" && + test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then + AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported) +fi + +AC_CHECK_MEMBERS([struct utmpx.ut_name, + struct utmpx.ut_host, + struct utmpx.ut_syslen, + struct utmpx.ut_addr, + struct utmpx.ut_addr_v6, + struct utmpx.ut_time, + struct utmpx.ut_xtime],,,[[#include ]]) + +if test "$ac_cv_header_lastlog_h" = "yes"; then + AC_CACHE_CHECK(for ll_host in struct lastlog, + ac_cv_struct_lastlog_ll_host, + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include ], + [struct lastlog ll; char *cp = ll.ll_host;] + )], + [ac_cv_struct_lastlog_ll_host=yes], + [ac_cv_struct_lastlog_ll_host=no] + ) + ) + + if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then + AC_DEFINE(HAVE_LL_HOST, 1, + [Define if struct lastlog has ll_host]) + fi +fi + +dnl Checks for library functions. +AC_TYPE_GETGROUPS +AC_TYPE_SIGNAL +AC_FUNC_UTIME_NULL +AC_FUNC_STRFTIME +AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir) +AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent) +AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr) + +AC_CHECK_FUNC(setpgrp) + +if test "$ac_cv_header_shadow_h" = "yes"; then + AC_CACHE_CHECK(for working shadow group support, + ac_cv_libc_shadowgrp, + AC_RUN_IFELSE([AC_LANG_SOURCE([ + #include + main() + { + struct sgrp *sg = sgetsgent("test:x::"); + /* NYS libc on Red Hat 3.0.3 has broken shadow group support */ + return !sg || !sg->sg_adm || !sg->sg_mem; + }] + )], + [ac_cv_libc_shadowgrp=yes], + [ac_cv_libc_shadowgrp=no], + [ac_cv_libc_shadowgrp=no] + ) + ) + + if test "$ac_cv_libc_shadowgrp" = "yes"; then + AC_DEFINE(HAVE_SHADOWGRP, 1, [Have working shadow group support in libc]) + fi +fi + +AC_CACHE_CHECK([location of shared mail directory], shadow_cv_maildir, +[for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do + if test -d $shadow_cv_maildir; then + break + fi +done]) +if test $shadow_cv_maildir != none; then + AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIR, "$shadow_cv_maildir", + [Location of system mail spool directory.]) +fi + +AC_CACHE_CHECK([location of user mail file], shadow_cv_mailfile, +[for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do + if test -f $HOME/$shadow_cv_mailfile; then + break + fi +done]) +if test $shadow_cv_mailfile != none; then + AC_DEFINE_UNQUOTED(MAIL_SPOOL_FILE, "$shadow_cv_mailfile", + [Name of user's mail spool file if stored in user's home directory.]) +fi + +AC_CACHE_CHECK([location of utmp], shadow_cv_utmpdir, +[for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do + if test -f $shadow_cv_utmpdir/utmp; then + break + fi +done]) +if test "$shadow_cv_utmpdir" = "none"; then + AC_MSG_WARN(utmp file not found) +fi +AC_DEFINE_UNQUOTED(_UTMP_FILE, "$shadow_cv_utmpdir/utmp", + [Path for utmp file.]) + +AC_CACHE_CHECK([location of faillog/lastlog/wtmp], shadow_cv_logdir, +[for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do + if test -d $shadow_cv_logdir; then + break + fi +done]) +AC_DEFINE_UNQUOTED(_WTMP_FILE, "$shadow_cv_logdir/wtmp", + [Path for wtmp file.]) +AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog", + [Path for lastlog file.]) +AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog", + [Path for faillog file.]) + +AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir, +[if test -f /usr/bin/passwd; then + shadow_cv_passwd_dir=/usr/bin +else + shadow_cv_passwd_dir=/bin +fi]) +AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd", + [Path to passwd program.]) + +dnl XXX - quick hack, should disappear before anyone notices :). +AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().]) +if test "$ac_cv_func_ruserok" = "yes"; then + AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.]) + AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).]) +fi + +AC_ARG_ENABLE(shadowgrp, + [AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])], + [case "${enableval}" in + yes) enable_shadowgrp="yes" ;; + no) enable_shadowgrp="no" ;; + *) AC_MSG_ERROR(bad value ${enableval} for --enable-shadowgrp) ;; + esac], + [enable_shadowgrp="yes"] +) + +AC_ARG_ENABLE(man, + [AC_HELP_STRING([--enable-man], + [regenerate roff man pages from Docbook @<:@default=no@:>@])], + [enable_man="${enableval}"], + [enable_man="no"] +) + +AC_ARG_ENABLE(account-tools-setuid, + [AC_HELP_STRING([--enable-account-tools-setuid], + [Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])], + [case "${enableval}" in + yes) enable_acct_tools_setuid="yes" ;; + no) enable_acct_tools_setuid="no" ;; + *) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid) + ;; + esac], + [enable_acct_tools_setuid="maybe"] +) + +AC_ARG_ENABLE(utmpx, + [AC_HELP_STRING([--enable-utmpx], + [enable loggin in utmpx / wtmpx @<:@default=no@:>@])], + [case "${enableval}" in + yes) enable_utmpx="yes" ;; + no) enable_utmpx="no" ;; + *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;; + esac], + [enable_utmpx="no"] +) + +AC_ARG_ENABLE(subordinate-ids, + [AC_HELP_STRING([--enable-subordinate-ids], + [support subordinate ids @<:@default=yes@:>@])], + [enable_subids="${enableval}"], + [enable_subids="maybe"] +) + +AC_ARG_WITH(audit, + [AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])], + [with_audit=$withval], [with_audit=maybe]) +AC_ARG_WITH(libpam, + [AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])], + [with_libpam=$withval], [with_libpam=maybe]) +AC_ARG_WITH(selinux, + [AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])], + [with_selinux=$withval], [with_selinux=maybe]) +AC_ARG_WITH(acl, + [AC_HELP_STRING([--with-acl], [use ACL support @<:@default=yes if found@:>@])], + [with_acl=$withval], [with_acl=maybe]) +AC_ARG_WITH(attr, + [AC_HELP_STRING([--with-attr], [use Extended Attribute support @<:@default=yes if found@:>@])], + [with_attr=$withval], [with_attr=maybe]) +AC_ARG_WITH(skey, + [AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])], + [with_skey=$withval], [with_skey=no]) +AC_ARG_WITH(tcb, + [AC_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])], + [with_tcb=$withval], [with_tcb=maybe]) +AC_ARG_WITH(libcrack, + [AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=no@:>@])], + [with_libcrack=$withval], [with_libcrack=no]) +AC_ARG_WITH(sha-crypt, + [AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])], + [with_sha_crypt=$withval], [with_sha_crypt=yes]) +AC_ARG_WITH(nscd, + [AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])], + [with_nscd=$withval], [with_nscd=yes]) +AC_ARG_WITH(group-name-max-length, + [AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])], + [with_group_name_max_length=$withval], [with_group_name_max_length=yes]) + +if test "$with_group_name_max_length" = "no" ; then + with_group_name_max_length=0 +elif test "$with_group_name_max_length" = "yes" ; then + with_group_name_max_length=16 +fi +AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length]) +AC_SUBST(GROUP_NAME_MAX_LENGTH) +GROUP_NAME_MAX_LENGTH="$with_group_name_max_length" + +AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes") +if test "$with_sha_crypt" = "yes"; then + AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms]) +fi + +if test "$with_nscd" = "yes"; then + AC_CHECK_FUNC(posix_spawn, + [AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])], + [AC_MSG_ERROR([posix_spawn is needed for nscd support])]) +fi + +dnl Check for some functions in libc first, only if not found check for +dnl other libraries. This should prevent linking libnsl if not really +dnl needed (Linux glibc, Irix), but still link it if needed (Solaris). + +AC_SEARCH_LIBS(inet_ntoa, inet) +AC_SEARCH_LIBS(socket, socket) +AC_SEARCH_LIBS(gethostbyname, nsl) + +if test "$enable_shadowgrp" = "yes"; then + AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.]) +fi +AM_CONDITIONAL(SHADOWGRP, test "x$enable_shadowgrp" = "xyes") + +if test "$enable_man" = "yes"; then + dnl + dnl Check for xsltproc + dnl + AC_PATH_PROG([XSLTPROC], [xsltproc]) + if test -z "$XSLTPROC"; then + enable_man=no + fi + + dnl check for DocBook DTD and stylesheets in the local catalog. + JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.1.2//EN], + [DocBook XML DTD V4.1.2], [], enable_man=no) + JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl], + [DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no) +fi +AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno") + +if test "$enable_subids" != "no"; then + dnl + dnl FIXME: check if 32 bit UIDs/GIDs are supported by libc + dnl + AC_CHECK_SIZEOF([uid_t],, [#include "sys/types.h"]) + AC_CHECK_SIZEOF([gid_t],, [#include "sys/types.h"]) + + if test "$ac_cv_sizeof_uid_t" -ge 4 && test "$ac_cv_sizeof_gid_t" -ge 4; then + AC_DEFINE(ENABLE_SUBIDS, 1, [Define to support the subordinate IDs.]) + enable_subids="yes" + else + if test "x$enable_subids" = "xyes"; then + AC_MSG_ERROR([Cannot enable support the subordinate IDs on systems where gid_t or uid_t has less than 32 bits]) + fi + enable_subids="no" + fi +fi +AM_CONDITIONAL(ENABLE_SUBIDS, test "x$enable_subids" != "xno") + +AC_SUBST(LIBCRYPT) +AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt], + [AC_MSG_ERROR([crypt() not found])]) + +AC_SUBST(LIBACL) +if test "$with_acl" != "no"; then + AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"]) + if test "$acl_header$with_acl" = "noyes" ; then + AC_MSG_ERROR([acl/libacl.h or attr/error_context.h is missing]) + elif test "$acl_header" = "yes" ; then + AC_CHECK_LIB(acl, perm_copy_file, + [AC_CHECK_LIB(acl, perm_copy_fd, + [acl_lib="yes"], + [acl_lib="no"])], + [acl_lib="no"]) + if test "$acl_lib$with_acl" = "noyes" ; then + AC_MSG_ERROR([libacl not found]) + elif test "$acl_lib" = "no" ; then + with_acl="no" + else + AC_DEFINE(WITH_ACL, 1, + [Build shadow with ACL support]) + LIBACL="-lacl" + with_acl="yes" + fi + else + with_acl="no" + fi +fi + +AC_SUBST(LIBATTR) +if test "$with_attr" != "no"; then + AC_CHECK_HEADERS(attr/libattr.h attr/error_context.h, [attr_header="yes"], [attr_header="no"]) + if test "$attr_header$with_attr" = "noyes" ; then + AC_MSG_ERROR([attr/libattr.h or attr/error_context.h is missing]) + elif test "$attr_header" = "yes" ; then + AC_CHECK_LIB(attr, attr_copy_file, + [AC_CHECK_LIB(attr, attr_copy_fd, + [attr_lib="yes"], + [attr_lib="no"])], + [attr_lib="no"]) + if test "$attr_lib$with_attr" = "noyes" ; then + AC_MSG_ERROR([libattr not found]) + elif test "$attr_lib" = "no" ; then + with_attr="no" + else + AC_DEFINE(WITH_ATTR, 1, + [Build shadow with Extended Attributes support]) + LIBATTR="-lattr" + with_attr="yes" + fi + else + with_attr="no" + fi +fi + +AC_SUBST(LIBAUDIT) +if test "$with_audit" != "no"; then + AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"]) + if test "$audit_header$with_audit" = "noyes" ; then + AC_MSG_ERROR([libaudit.h is missing]) + elif test "$audit_header" = "yes"; then + AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include ]) + AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include ]) + AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include ]) + AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include ]) + if test "$audit_header$with_audit" = "noyes" ; then + AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h]) + fi + fi + if test "$audit_header" = "yes"; then + AC_CHECK_LIB(audit, audit_log_acct_message, + [audit_lib="yes"], [audit_lib="no"]) + if test "$audit_lib$with_audit" = "noyes" ; then + AC_MSG_ERROR([libaudit not found]) + elif test "$audit_lib" = "no" ; then + with_audit="no" + else + AC_DEFINE(WITH_AUDIT, 1, + [Define if you want to enable Audit messages]) + LIBAUDIT="-laudit" + with_audit="yes" + fi + else + with_audit="no" + fi +fi + +AC_SUBST(LIBCRACK) +if test "$with_libcrack" = "yes"; then + echo "checking cracklib flavour, don't be surprised by the results" + AC_CHECK_LIB(crack, FascistCheck, + [LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])]) + AC_CHECK_LIB(crack, FascistHistory, + AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.])) + AC_CHECK_LIB(crack, FascistHistoryPw, + AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.])) +fi + +AC_SUBST(LIBSELINUX) +AC_SUBST(LIBSEMANAGE) +if test "$with_selinux" != "no"; then + AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"]) + if test "$selinux_header$with_selinux" = "noyes" ; then + AC_MSG_ERROR([selinux/selinux.h is missing]) + fi + + AC_CHECK_HEADERS(semanage/semanage.h, [semanage_header="yes"], [semanage_header="no"]) + if test "$semanage_header$with_selinux" = "noyes" ; then + AC_MSG_ERROR([semanage/semanage.h is missing]) + fi + + if test "$selinux_header$semanage_header" = "yesyes" ; then + AC_CHECK_LIB(selinux, is_selinux_enabled, [selinux_lib="yes"], [selinux_lib="no"]) + if test "$selinux_lib$with_selinux" = "noyes" ; then + AC_MSG_ERROR([libselinux not found]) + fi + + AC_CHECK_LIB(semanage, semanage_connect, [semanage_lib="yes"], [semanage_lib="no"]) + if test "$semanage_lib$with_selinux" = "noyes" ; then + AC_MSG_ERROR([libsemanage not found]) + fi + + if test "$selinux_lib$semanage_lib" == "yesyes" ; then + AC_DEFINE(WITH_SELINUX, 1, + [Build shadow with SELinux support]) + LIBSELINUX="-lselinux" + LIBSEMANAGE="-lsemanage" + with_selinux="yes" + else + with_selinux="no" + fi + else + with_selinux="no" + fi +fi + +AC_SUBST(LIBTCB) +if test "$with_tcb" != "no"; then + AC_CHECK_HEADERS(tcb.h, [tcb_header="yes"], [tcb_header="no"]) + if test "$tcb_header$with_tcb" = "noyes" ; then + AC_MSG_ERROR([tcb.h is missing]) + elif test "$tcb_header" = "yes" ; then + AC_CHECK_LIB(tcb, tcb_is_suspect, [tcb_lib="yes"], [tcb_lib="no"]) + if test "$tcb_lib$with_tcb" = "noyes" ; then + AC_MSG_ERROR([libtcb not found]) + elif test "$tcb_lib" = "no" ; then + with_tcb="no" + else + AC_DEFINE(WITH_TCB, 1, [Build shadow with tcb support (incomplete)]) + LIBTCB="-ltcb" + with_tcb="yes" + fi + else + with_tcb="no" + fi +fi +AM_CONDITIONAL(WITH_TCB, test x$with_tcb = xyes) + +AC_SUBST(LIBPAM) +if test "$with_libpam" != "no"; then + AC_CHECK_LIB(pam, pam_start, + [pam_lib="yes"], [pam_lib="no"]) + if test "$pam_lib$with_libpam" = "noyes" ; then + AC_MSG_ERROR(libpam not found) + fi + + LIBPAM="-lpam" + pam_conv_function="no" + + AC_CHECK_LIB(pam, openpam_ttyconv, + [pam_conv_function="openpam_ttyconv"], + AC_CHECK_LIB(pam_misc, misc_conv, + [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"]) + ) + + if test "$pam_conv_function$with_libpam" = "noyes" ; then + AC_MSG_ERROR(PAM conversation function not found) + fi + + pam_headers_found=no + AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h], + [ pam_headers_found=yes ; break ], [], + [ #include ] ) + if test "$pam_headers_found$with_libpam" = "noyes" ; then + AC_MSG_ERROR(PAM headers not found) + fi + + + if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then + with_libpam="yes" + else + with_libpam="no" + unset LIBPAM + fi +fi +dnl Now with_libpam is either yes or no +if test "$with_libpam" = "yes"; then + AC_CHECK_DECLS([PAM_ESTABLISH_CRED, + PAM_DELETE_CRED, + PAM_NEW_AUTHTOK_REQD, + PAM_DATA_SILENT], + [], [], [#include ]) + + + save_libs=$LIBS + LIBS="$LIBS $LIBPAM" + # We do not use AC_CHECK_FUNCS to avoid duplicated definition with + # Linux PAM. + AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])]) + LIBS=$save_libs + + AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules]) + AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use]) + AM_CONDITIONAL(USE_PAM, [true]) + + AC_MSG_CHECKING(use login and su access checking if PAM not used) + AC_MSG_RESULT(no) +else + AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.]) + AM_CONDITIONAL(USE_PAM, [false]) + AC_MSG_CHECKING(use login and su access checking if PAM not used) + AC_MSG_RESULT(yes) +fi + +if test "$enable_acct_tools_setuid" != "no"; then + if test "$with_libpam" != "yes"; then + if test "$enable_acct_tools_setuid" = "yes"; then + AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid) + else + enable_acct_tools_setuid="no" + fi + else + enable_acct_tools_setuid="yes" + fi + if test "$enable_acct_tools_setuid" = "yes"; then + AC_DEFINE(ACCT_TOOLS_SETUID, + 1, + [Define if account management tools should be installed setuid and authenticate the callers]) + fi +fi +AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes") + +AC_SUBST(LIBSKEY) +AC_SUBST(LIBMD) +if test "$with_skey" = "yes"; then + AC_CHECK_LIB(md, MD5Init, [LIBMD=-lmd]) + AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey], + [AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])]) + AC_DEFINE(SKEY, 1, [Define to support S/Key logins.]) + AC_TRY_COMPILE([ + #include + #include + ],[ + skeychallenge((void*)0, (void*)0, (void*)0, 0); + ],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])]) +fi + +if test "$enable_utmpx" = "yes"; then + if test "$ac_cv_header_utmpx_h" != "yes"; then + AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.]) + fi + AC_DEFINE(USE_UTMPX, + 1, + [Define if utmpx should be used]) +fi + +AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.]) + +AM_GNU_GETTEXT_VERSION(0.16) +AM_GNU_GETTEXT([external], [need-ngettext]) +AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes") + +AC_CONFIG_FILES([ + Makefile + po/Makefile.in + doc/Makefile + man/Makefile + man/config.xml + man/po/Makefile + man/cs/Makefile + man/da/Makefile + man/de/Makefile + man/es/Makefile + man/fi/Makefile + man/fr/Makefile + man/hu/Makefile + man/id/Makefile + man/it/Makefile + man/ja/Makefile + man/ko/Makefile + man/pl/Makefile + man/pt_BR/Makefile + man/ru/Makefile + man/sv/Makefile + man/tr/Makefile + man/zh_CN/Makefile + man/zh_TW/Makefile + libmisc/Makefile + lib/Makefile + src/Makefile + contrib/Makefile + etc/Makefile + etc/pam.d/Makefile + shadow.spec +]) +AC_OUTPUT + +echo +echo "shadow will be compiled with the following features:" +echo +echo " auditing support: $with_audit" +echo " CrackLib support: $with_libcrack" +echo " PAM support: $with_libpam" +if test "$with_libpam" = "yes"; then +echo " suid account management tools: $enable_acct_tools_setuid" +fi +echo " SELinux support: $with_selinux" +echo " ACL support: $with_acl" +echo " Extended Attributes support: $with_attr" +echo " tcb support (incomplete): $with_tcb" +echo " shadow group support: $enable_shadowgrp" +echo " S/Key support: $with_skey" +echo " SHA passwords encryption: $with_sha_crypt" +echo " nscd support: $with_nscd" +echo " subordinate IDs support: $enable_subids" +echo diff --git a/configure.in b/configure.in deleted file mode 100644 index a55f125d..00000000 --- a/configure.in +++ /dev/null @@ -1,685 +0,0 @@ -dnl Process this file with autoconf to produce a configure script. -AC_INIT -AM_INIT_AUTOMAKE(shadow, 4.2.1) -AC_CONFIG_HEADERS([config.h]) - -dnl Some hacks... -test "$prefix" = "NONE" && prefix="/usr" -test "$prefix" = "/usr" && exec_prefix="" - -AC_GNU_SOURCE - -AM_DISABLE_SHARED -AM_ENABLE_STATIC - -AM_MAINTAINER_MODE - -dnl Checks for programs. -AC_PROG_CC -AC_ISC_POSIX -AC_PROG_LN_S -AC_PROG_YACC -AM_PROG_LIBTOOL - -dnl Checks for libraries. - -dnl Checks for header files. -AC_HEADER_DIRENT -AC_HEADER_STDC -AC_HEADER_SYS_WAIT -AC_HEADER_STDBOOL - -AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \ - utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \ - utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \ - locale.h rpc/key_prot.h netdb.h acl/libacl.h attr/libattr.h \ - attr/error_context.h) - -dnl shadow now uses the libc's shadow implementation -AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])]) - -AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \ - gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \ - lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \ - getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo \ - ruserok) -AC_SYS_LARGEFILE - -dnl Checks for typedefs, structures, and compiler characteristics. -AC_C_CONST -AC_TYPE_UID_T -AC_TYPE_OFF_T -AC_TYPE_PID_T -AC_TYPE_MODE_T -AC_HEADER_STAT -AC_CHECK_MEMBERS([struct stat.st_rdev]) -AC_CHECK_MEMBERS([struct stat.st_atim]) -AC_CHECK_MEMBERS([struct stat.st_atimensec]) -AC_CHECK_MEMBERS([struct stat.st_mtim]) -AC_CHECK_MEMBERS([struct stat.st_mtimensec]) -AC_HEADER_TIME -AC_STRUCT_TM - -AC_CHECK_MEMBERS([struct utmp.ut_type, - struct utmp.ut_id, - struct utmp.ut_name, - struct utmp.ut_user, - struct utmp.ut_host, - struct utmp.ut_syslen, - struct utmp.ut_addr, - struct utmp.ut_addr_v6, - struct utmp.ut_time, - struct utmp.ut_xtime, - struct utmp.ut_tv],,,[[#include ]]) -dnl There are dependencies: -dnl If UTMPX has to be used, the utmp structure shall have a ut_id field. -if test "$ac_cv_header_utmpx_h" = "yes" && - test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then - AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported) -fi - -AC_CHECK_MEMBERS([struct utmpx.ut_name, - struct utmpx.ut_host, - struct utmpx.ut_syslen, - struct utmpx.ut_addr, - struct utmpx.ut_addr_v6, - struct utmpx.ut_time, - struct utmpx.ut_xtime],,,[[#include ]]) - -if test "$ac_cv_header_lastlog_h" = "yes"; then - AC_CACHE_CHECK(for ll_host in struct lastlog, - ac_cv_struct_lastlog_ll_host, - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include ], - [struct lastlog ll; char *cp = ll.ll_host;] - )], - [ac_cv_struct_lastlog_ll_host=yes], - [ac_cv_struct_lastlog_ll_host=no] - ) - ) - - if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then - AC_DEFINE(HAVE_LL_HOST, 1, - [Define if struct lastlog has ll_host]) - fi -fi - -dnl Checks for library functions. -AC_TYPE_GETGROUPS -AC_TYPE_SIGNAL -AC_FUNC_UTIME_NULL -AC_FUNC_STRFTIME -AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir) -AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent) -AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr) - -AC_CHECK_FUNC(setpgrp) - -if test "$ac_cv_header_shadow_h" = "yes"; then - AC_CACHE_CHECK(for working shadow group support, - ac_cv_libc_shadowgrp, - AC_RUN_IFELSE([AC_LANG_SOURCE([ - #include - main() - { - struct sgrp *sg = sgetsgent("test:x::"); - /* NYS libc on Red Hat 3.0.3 has broken shadow group support */ - return !sg || !sg->sg_adm || !sg->sg_mem; - }] - )], - [ac_cv_libc_shadowgrp=yes], - [ac_cv_libc_shadowgrp=no], - [ac_cv_libc_shadowgrp=no] - ) - ) - - if test "$ac_cv_libc_shadowgrp" = "yes"; then - AC_DEFINE(HAVE_SHADOWGRP, 1, [Have working shadow group support in libc]) - fi -fi - -AC_CACHE_CHECK([location of shared mail directory], shadow_cv_maildir, -[for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do - if test -d $shadow_cv_maildir; then - break - fi -done]) -if test $shadow_cv_maildir != none; then - AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIR, "$shadow_cv_maildir", - [Location of system mail spool directory.]) -fi - -AC_CACHE_CHECK([location of user mail file], shadow_cv_mailfile, -[for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do - if test -f $HOME/$shadow_cv_mailfile; then - break - fi -done]) -if test $shadow_cv_mailfile != none; then - AC_DEFINE_UNQUOTED(MAIL_SPOOL_FILE, "$shadow_cv_mailfile", - [Name of user's mail spool file if stored in user's home directory.]) -fi - -AC_CACHE_CHECK([location of utmp], shadow_cv_utmpdir, -[for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do - if test -f $shadow_cv_utmpdir/utmp; then - break - fi -done]) -if test "$shadow_cv_utmpdir" = "none"; then - AC_MSG_WARN(utmp file not found) -fi -AC_DEFINE_UNQUOTED(_UTMP_FILE, "$shadow_cv_utmpdir/utmp", - [Path for utmp file.]) - -AC_CACHE_CHECK([location of faillog/lastlog/wtmp], shadow_cv_logdir, -[for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do - if test -d $shadow_cv_logdir; then - break - fi -done]) -AC_DEFINE_UNQUOTED(_WTMP_FILE, "$shadow_cv_logdir/wtmp", - [Path for wtmp file.]) -AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog", - [Path for lastlog file.]) -AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog", - [Path for faillog file.]) - -AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir, -[if test -f /usr/bin/passwd; then - shadow_cv_passwd_dir=/usr/bin -else - shadow_cv_passwd_dir=/bin -fi]) -AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd", - [Path to passwd program.]) - -dnl XXX - quick hack, should disappear before anyone notices :). -AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().]) -if test "$ac_cv_func_ruserok" = "yes"; then - AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.]) - AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).]) -fi - -AC_ARG_ENABLE(shadowgrp, - [AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])], - [case "${enableval}" in - yes) enable_shadowgrp="yes" ;; - no) enable_shadowgrp="no" ;; - *) AC_MSG_ERROR(bad value ${enableval} for --enable-shadowgrp) ;; - esac], - [enable_shadowgrp="yes"] -) - -AC_ARG_ENABLE(man, - [AC_HELP_STRING([--enable-man], - [regenerate roff man pages from Docbook @<:@default=no@:>@])], - [enable_man="${enableval}"], - [enable_man="no"] -) - -AC_ARG_ENABLE(account-tools-setuid, - [AC_HELP_STRING([--enable-account-tools-setuid], - [Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])], - [case "${enableval}" in - yes) enable_acct_tools_setuid="yes" ;; - no) enable_acct_tools_setuid="no" ;; - *) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid) - ;; - esac], - [enable_acct_tools_setuid="maybe"] -) - -AC_ARG_ENABLE(utmpx, - [AC_HELP_STRING([--enable-utmpx], - [enable loggin in utmpx / wtmpx @<:@default=no@:>@])], - [case "${enableval}" in - yes) enable_utmpx="yes" ;; - no) enable_utmpx="no" ;; - *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;; - esac], - [enable_utmpx="no"] -) - -AC_ARG_ENABLE(subordinate-ids, - [AC_HELP_STRING([--enable-subordinate-ids], - [support subordinate ids @<:@default=yes@:>@])], - [enable_subids="${enableval}"], - [enable_subids="maybe"] -) - -AC_ARG_WITH(audit, - [AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])], - [with_audit=$withval], [with_audit=maybe]) -AC_ARG_WITH(libpam, - [AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])], - [with_libpam=$withval], [with_libpam=maybe]) -AC_ARG_WITH(selinux, - [AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])], - [with_selinux=$withval], [with_selinux=maybe]) -AC_ARG_WITH(acl, - [AC_HELP_STRING([--with-acl], [use ACL support @<:@default=yes if found@:>@])], - [with_acl=$withval], [with_acl=maybe]) -AC_ARG_WITH(attr, - [AC_HELP_STRING([--with-attr], [use Extended Attribute support @<:@default=yes if found@:>@])], - [with_attr=$withval], [with_attr=maybe]) -AC_ARG_WITH(skey, - [AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])], - [with_skey=$withval], [with_skey=no]) -AC_ARG_WITH(tcb, - [AC_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])], - [with_tcb=$withval], [with_tcb=maybe]) -AC_ARG_WITH(libcrack, - [AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=no@:>@])], - [with_libcrack=$withval], [with_libcrack=no]) -AC_ARG_WITH(sha-crypt, - [AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])], - [with_sha_crypt=$withval], [with_sha_crypt=yes]) -AC_ARG_WITH(nscd, - [AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])], - [with_nscd=$withval], [with_nscd=yes]) -AC_ARG_WITH(group-name-max-length, - [AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])], - [with_group_name_max_length=$withval], [with_group_name_max_length=yes]) - -if test "$with_group_name_max_length" = "no" ; then - with_group_name_max_length=0 -elif test "$with_group_name_max_length" = "yes" ; then - with_group_name_max_length=16 -fi -AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length]) -AC_SUBST(GROUP_NAME_MAX_LENGTH) -GROUP_NAME_MAX_LENGTH="$with_group_name_max_length" - -AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes") -if test "$with_sha_crypt" = "yes"; then - AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms]) -fi - -if test "$with_nscd" = "yes"; then - AC_CHECK_FUNC(posix_spawn, - [AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])], - [AC_MSG_ERROR([posix_spawn is needed for nscd support])]) -fi - -dnl Check for some functions in libc first, only if not found check for -dnl other libraries. This should prevent linking libnsl if not really -dnl needed (Linux glibc, Irix), but still link it if needed (Solaris). - -AC_SEARCH_LIBS(inet_ntoa, inet) -AC_SEARCH_LIBS(socket, socket) -AC_SEARCH_LIBS(gethostbyname, nsl) - -if test "$enable_shadowgrp" = "yes"; then - AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.]) -fi -AM_CONDITIONAL(SHADOWGRP, test "x$enable_shadowgrp" = "xyes") - -if test "$enable_man" = "yes"; then - dnl - dnl Check for xsltproc - dnl - AC_PATH_PROG([XSLTPROC], [xsltproc]) - if test -z "$XSLTPROC"; then - enable_man=no - fi - - dnl check for DocBook DTD and stylesheets in the local catalog. - JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.1.2//EN], - [DocBook XML DTD V4.1.2], [], enable_man=no) - JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl], - [DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no) -fi -AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno") - -if test "$enable_subids" != "no"; then - dnl - dnl FIXME: check if 32 bit UIDs/GIDs are supported by libc - dnl - AC_RUN_IFELSE([AC_LANG_SOURCE([ -#include -int main(void) { - uid_t u; - gid_t g; - return (sizeof u < 4) || (sizeof g < 4); -} - ])], [id32bit="yes"], [id32bit="no"]) - - if test "x$id32bit" = "xyes"; then - AC_DEFINE(ENABLE_SUBIDS, 1, [Define to support the subordinate IDs.]) - enable_subids="yes" - else - if test "x$enable_subids" = "xyes"; then - AC_MSG_ERROR([Cannot enable support the subordinate IDs on systems where gid_t or uid_t has less than 32 bits]) - fi - enable_subids="no" - fi -fi -AM_CONDITIONAL(ENABLE_SUBIDS, test "x$enable_subids" != "xno") - -AC_SUBST(LIBCRYPT) -AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt], - [AC_MSG_ERROR([crypt() not found])]) - -AC_SUBST(LIBACL) -if test "$with_acl" != "no"; then - AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"]) - if test "$acl_header$with_acl" = "noyes" ; then - AC_MSG_ERROR([acl/libacl.h or attr/error_context.h is missing]) - elif test "$acl_header" = "yes" ; then - AC_CHECK_LIB(acl, perm_copy_file, - [AC_CHECK_LIB(acl, perm_copy_fd, - [acl_lib="yes"], - [acl_lib="no"])], - [acl_lib="no"]) - if test "$acl_lib$with_acl" = "noyes" ; then - AC_MSG_ERROR([libacl not found]) - elif test "$acl_lib" = "no" ; then - with_acl="no" - else - AC_DEFINE(WITH_ACL, 1, - [Build shadow with ACL support]) - LIBACL="-lacl" - with_acl="yes" - fi - else - with_acl="no" - fi -fi - -AC_SUBST(LIBATTR) -if test "$with_attr" != "no"; then - AC_CHECK_HEADERS(attr/libattr.h attr/error_context.h, [attr_header="yes"], [attr_header="no"]) - if test "$attr_header$with_attr" = "noyes" ; then - AC_MSG_ERROR([attr/libattr.h or attr/error_context.h is missing]) - elif test "$attr_header" = "yes" ; then - AC_CHECK_LIB(attr, attr_copy_file, - [AC_CHECK_LIB(attr, attr_copy_fd, - [attr_lib="yes"], - [attr_lib="no"])], - [attr_lib="no"]) - if test "$attr_lib$with_attr" = "noyes" ; then - AC_MSG_ERROR([libattr not found]) - elif test "$attr_lib" = "no" ; then - with_attr="no" - else - AC_DEFINE(WITH_ATTR, 1, - [Build shadow with Extended Attributes support]) - LIBATTR="-lattr" - with_attr="yes" - fi - else - with_attr="no" - fi -fi - -AC_SUBST(LIBAUDIT) -if test "$with_audit" != "no"; then - AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"]) - if test "$audit_header$with_audit" = "noyes" ; then - AC_MSG_ERROR([libaudit.h is missing]) - elif test "$audit_header" = "yes"; then - AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include ]) - AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include ]) - AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include ]) - AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include ]) - if test "$audit_header$with_audit" = "noyes" ; then - AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h]) - fi - fi - if test "$audit_header" = "yes"; then - AC_CHECK_LIB(audit, audit_log_acct_message, - [audit_lib="yes"], [audit_lib="no"]) - if test "$audit_lib$with_audit" = "noyes" ; then - AC_MSG_ERROR([libaudit not found]) - elif test "$audit_lib" = "no" ; then - with_audit="no" - else - AC_DEFINE(WITH_AUDIT, 1, - [Define if you want to enable Audit messages]) - LIBAUDIT="-laudit" - with_audit="yes" - fi - else - with_audit="no" - fi -fi - -AC_SUBST(LIBCRACK) -if test "$with_libcrack" = "yes"; then - echo "checking cracklib flavour, don't be surprised by the results" - AC_CHECK_LIB(crack, FascistCheck, - [LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])]) - AC_CHECK_LIB(crack, FascistHistory, - AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.])) - AC_CHECK_LIB(crack, FascistHistoryPw, - AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.])) -fi - -AC_SUBST(LIBSELINUX) -AC_SUBST(LIBSEMANAGE) -if test "$with_selinux" != "no"; then - AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"]) - if test "$selinux_header$with_selinux" = "noyes" ; then - AC_MSG_ERROR([selinux/selinux.h is missing]) - fi - - AC_CHECK_HEADERS(semanage/semanage.h, [semanage_header="yes"], [semanage_header="no"]) - if test "$semanage_header$with_selinux" = "noyes" ; then - AC_MSG_ERROR([semanage/semanage.h is missing]) - fi - - if test "$selinux_header$semanage_header" = "yesyes" ; then - AC_CHECK_LIB(selinux, is_selinux_enabled, [selinux_lib="yes"], [selinux_lib="no"]) - if test "$selinux_lib$with_selinux" = "noyes" ; then - AC_MSG_ERROR([libselinux not found]) - fi - - AC_CHECK_LIB(semanage, semanage_connect, [semanage_lib="yes"], [semanage_lib="no"]) - if test "$semanage_lib$with_selinux" = "noyes" ; then - AC_MSG_ERROR([libsemanage not found]) - fi - - if test "$selinux_lib$semanage_lib" == "yesyes" ; then - AC_DEFINE(WITH_SELINUX, 1, - [Build shadow with SELinux support]) - LIBSELINUX="-lselinux" - LIBSEMANAGE="-lsemanage" - with_selinux="yes" - else - with_selinux="no" - fi - else - with_selinux="no" - fi -fi - -AC_SUBST(LIBTCB) -if test "$with_tcb" != "no"; then - AC_CHECK_HEADERS(tcb.h, [tcb_header="yes"], [tcb_header="no"]) - if test "$tcb_header$with_tcb" = "noyes" ; then - AC_MSG_ERROR([tcb.h is missing]) - elif test "$tcb_header" = "yes" ; then - AC_CHECK_LIB(tcb, tcb_is_suspect, [tcb_lib="yes"], [tcb_lib="no"]) - if test "$tcb_lib$with_tcb" = "noyes" ; then - AC_MSG_ERROR([libtcb not found]) - elif test "$tcb_lib" = "no" ; then - with_tcb="no" - else - AC_DEFINE(WITH_TCB, 1, [Build shadow with tcb support (incomplete)]) - LIBTCB="-ltcb" - with_tcb="yes" - fi - else - with_tcb="no" - fi -fi -AM_CONDITIONAL(WITH_TCB, test x$with_tcb = xyes) - -AC_SUBST(LIBPAM) -if test "$with_libpam" != "no"; then - AC_CHECK_LIB(pam, pam_start, - [pam_lib="yes"], [pam_lib="no"]) - if test "$pam_lib$with_libpam" = "noyes" ; then - AC_MSG_ERROR(libpam not found) - fi - - LIBPAM="-lpam" - pam_conv_function="no" - - AC_CHECK_LIB(pam, openpam_ttyconv, - [pam_conv_function="openpam_ttyconv"], - AC_CHECK_LIB(pam_misc, misc_conv, - [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"]) - ) - - if test "$pam_conv_function$with_libpam" = "noyes" ; then - AC_MSG_ERROR(PAM conversation function not found) - fi - - pam_headers_found=no - AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h], - [ pam_headers_found=yes ; break ], [], - [ #include ] ) - if test "$pam_headers_found$with_libpam" = "noyes" ; then - AC_MSG_ERROR(PAM headers not found) - fi - - - if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then - with_libpam="yes" - else - with_libpam="no" - unset LIBPAM - fi -fi -dnl Now with_libpam is either yes or no -if test "$with_libpam" = "yes"; then - AC_CHECK_DECLS([PAM_ESTABLISH_CRED, - PAM_DELETE_CRED, - PAM_NEW_AUTHTOK_REQD, - PAM_DATA_SILENT], - [], [], [#include ]) - - - save_libs=$LIBS - LIBS="$LIBS $LIBPAM" - # We do not use AC_CHECK_FUNCS to avoid duplicated definition with - # Linux PAM. - AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])]) - LIBS=$save_libs - - AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules]) - AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use]) - AM_CONDITIONAL(USE_PAM, [true]) - - AC_MSG_CHECKING(use login and su access checking if PAM not used) - AC_MSG_RESULT(no) -else - AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.]) - AM_CONDITIONAL(USE_PAM, [false]) - AC_MSG_CHECKING(use login and su access checking if PAM not used) - AC_MSG_RESULT(yes) -fi - -if test "$enable_acct_tools_setuid" != "no"; then - if test "$with_libpam" != "yes"; then - if test "$enable_acct_tools_setuid" = "yes"; then - AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid) - else - enable_acct_tools_setuid="no" - fi - else - enable_acct_tools_setuid="yes" - fi - if test "$enable_acct_tools_setuid" = "yes"; then - AC_DEFINE(ACCT_TOOLS_SETUID, - 1, - [Define if account management tools should be installed setuid and authenticate the callers]) - fi -fi -AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes") - -AC_SUBST(LIBSKEY) -AC_SUBST(LIBMD) -if test "$with_skey" = "yes"; then - AC_CHECK_LIB(md, MD5Init, [LIBMD=-lmd]) - AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey], - [AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])]) - AC_DEFINE(SKEY, 1, [Define to support S/Key logins.]) - AC_TRY_COMPILE([ - #include - #include - ],[ - skeychallenge((void*)0, (void*)0, (void*)0, 0); - ],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])]) -fi - -if test "$enable_utmpx" = "yes"; then - if test "$ac_cv_header_utmpx_h" != "yes"; then - AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.]) - fi - AC_DEFINE(USE_UTMPX, - 1, - [Define if utmpx should be used]) -fi - -AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.]) - -AM_GNU_GETTEXT_VERSION(0.16) -AM_GNU_GETTEXT([external], [need-ngettext]) -AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes") - -AC_CONFIG_FILES([ - Makefile - po/Makefile.in - doc/Makefile - man/Makefile - man/config.xml - man/po/Makefile - man/cs/Makefile - man/da/Makefile - man/de/Makefile - man/es/Makefile - man/fi/Makefile - man/fr/Makefile - man/hu/Makefile - man/id/Makefile - man/it/Makefile - man/ja/Makefile - man/ko/Makefile - man/pl/Makefile - man/pt_BR/Makefile - man/ru/Makefile - man/sv/Makefile - man/tr/Makefile - man/zh_CN/Makefile - man/zh_TW/Makefile - libmisc/Makefile - lib/Makefile - src/Makefile - contrib/Makefile - etc/Makefile - etc/pam.d/Makefile - shadow.spec -]) -AC_OUTPUT - -echo -echo "shadow will be compiled with the following features:" -echo -echo " auditing support: $with_audit" -echo " CrackLib support: $with_libcrack" -echo " PAM support: $with_libpam" -if test "$with_libpam" = "yes"; then -echo " suid account management tools: $enable_acct_tools_setuid" -fi -echo " SELinux support: $with_selinux" -echo " ACL support: $with_acl" -echo " Extended Attributes support: $with_attr" -echo " tcb support (incomplete): $with_tcb" -echo " shadow group support: $enable_shadowgrp" -echo " S/Key support: $with_skey" -echo " SHA passwords encryption: $with_sha_crypt" -echo " nscd support: $with_nscd" -echo " subordinate IDs support: $enable_subids" -echo diff --git a/contrib/Makefile.in b/contrib/Makefile.in deleted file mode 100644 index 957e87ad..00000000 --- a/contrib/Makefile.in +++ /dev/null @@ -1,461 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# This is a dummy Makefile.am to get automake work flawlessly, -# and also cooperate to make a distribution for `make dist' -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = contrib -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am README -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -EXTRA_DIST = README adduser.c adduser-old.c adduser.sh adduser2.sh \ - atudel groupmems.shar pwdauth.c shadow-anonftp.patch \ - udbachk.tgz - -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu contrib/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu contrib/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/depcomp b/depcomp deleted file mode 100755 index 4ebd5b3a..00000000 --- a/depcomp +++ /dev/null @@ -1,791 +0,0 @@ -#! /bin/sh -# depcomp - compile a program generating dependencies as side-effects - -scriptversion=2013-05-30.07; # UTC - -# Copyright (C) 1999-2013 Free Software Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# Originally written by Alexandre Oliva . - -case $1 in - '') - echo "$0: No command. Try '$0 --help' for more information." 1>&2 - exit 1; - ;; - -h | --h*) - cat <<\EOF -Usage: depcomp [--help] [--version] PROGRAM [ARGS] - -Run PROGRAMS ARGS to compile a file, generating dependencies -as side-effects. - -Environment variables: - depmode Dependency tracking mode. - source Source file read by 'PROGRAMS ARGS'. - object Object file output by 'PROGRAMS ARGS'. - DEPDIR directory where to store dependencies. - depfile Dependency file to output. - tmpdepfile Temporary file to use when outputting dependencies. - libtool Whether libtool is used (yes/no). - -Report bugs to . -EOF - exit $? - ;; - -v | --v*) - echo "depcomp $scriptversion" - exit $? - ;; -esac - -# Get the directory component of the given path, and save it in the -# global variables '$dir'. Note that this directory component will -# be either empty or ending with a '/' character. This is deliberate. -set_dir_from () -{ - case $1 in - */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;; - *) dir=;; - esac -} - -# Get the suffix-stripped basename of the given path, and save it the -# global variable '$base'. -set_base_from () -{ - base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'` -} - -# If no dependency file was actually created by the compiler invocation, -# we still have to create a dummy depfile, to avoid errors with the -# Makefile "include basename.Plo" scheme. -make_dummy_depfile () -{ - echo "#dummy" > "$depfile" -} - -# Factor out some common post-processing of the generated depfile. -# Requires the auxiliary global variable '$tmpdepfile' to be set. -aix_post_process_depfile () -{ - # If the compiler actually managed to produce a dependency file, - # post-process it. - if test -f "$tmpdepfile"; then - # Each line is of the form 'foo.o: dependency.h'. - # Do two passes, one to just change these to - # $object: dependency.h - # and one to simply output - # dependency.h: - # which is needed to avoid the deleted-header problem. - { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile" - sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile" - } > "$depfile" - rm -f "$tmpdepfile" - else - make_dummy_depfile - fi -} - -# A tabulation character. -tab=' ' -# A newline character. -nl=' -' -# Character ranges might be problematic outside the C locale. -# These definitions help. -upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ -lower=abcdefghijklmnopqrstuvwxyz -digits=0123456789 -alpha=${upper}${lower} - -if test -z "$depmode" || test -z "$source" || test -z "$object"; then - echo "depcomp: Variables source, object and depmode must be set" 1>&2 - exit 1 -fi - -# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. -depfile=${depfile-`echo "$object" | - sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} -tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} - -rm -f "$tmpdepfile" - -# Avoid interferences from the environment. -gccflag= dashmflag= - -# Some modes work just like other modes, but use different flags. We -# parameterize here, but still list the modes in the big case below, -# to make depend.m4 easier to write. Note that we *cannot* use a case -# here, because this file can only contain one case statement. -if test "$depmode" = hp; then - # HP compiler uses -M and no extra arg. - gccflag=-M - depmode=gcc -fi - -if test "$depmode" = dashXmstdout; then - # This is just like dashmstdout with a different argument. - dashmflag=-xM - depmode=dashmstdout -fi - -cygpath_u="cygpath -u -f -" -if test "$depmode" = msvcmsys; then - # This is just like msvisualcpp but w/o cygpath translation. - # Just convert the backslash-escaped backslashes to single forward - # slashes to satisfy depend.m4 - cygpath_u='sed s,\\\\,/,g' - depmode=msvisualcpp -fi - -if test "$depmode" = msvc7msys; then - # This is just like msvc7 but w/o cygpath translation. - # Just convert the backslash-escaped backslashes to single forward - # slashes to satisfy depend.m4 - cygpath_u='sed s,\\\\,/,g' - depmode=msvc7 -fi - -if test "$depmode" = xlc; then - # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information. - gccflag=-qmakedep=gcc,-MF - depmode=gcc -fi - -case "$depmode" in -gcc3) -## gcc 3 implements dependency tracking that does exactly what -## we want. Yay! Note: for some reason libtool 1.4 doesn't like -## it if -MD -MP comes after the -MF stuff. Hmm. -## Unfortunately, FreeBSD c89 acceptance of flags depends upon -## the command line argument order; so add the flags where they -## appear in depend2.am. Note that the slowdown incurred here -## affects only configure: in makefiles, %FASTDEP% shortcuts this. - for arg - do - case $arg in - -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; - *) set fnord "$@" "$arg" ;; - esac - shift # fnord - shift # $arg - done - "$@" - stat=$? - if test $stat -ne 0; then - rm -f "$tmpdepfile" - exit $stat - fi - mv "$tmpdepfile" "$depfile" - ;; - -gcc) -## Note that this doesn't just cater to obsosete pre-3.x GCC compilers. -## but also to in-use compilers like IMB xlc/xlC and the HP C compiler. -## (see the conditional assignment to $gccflag above). -## There are various ways to get dependency output from gcc. Here's -## why we pick this rather obscure method: -## - Don't want to use -MD because we'd like the dependencies to end -## up in a subdir. Having to rename by hand is ugly. -## (We might end up doing this anyway to support other compilers.) -## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like -## -MM, not -M (despite what the docs say). Also, it might not be -## supported by the other compilers which use the 'gcc' depmode. -## - Using -M directly means running the compiler twice (even worse -## than renaming). - if test -z "$gccflag"; then - gccflag=-MD, - fi - "$@" -Wp,"$gccflag$tmpdepfile" - stat=$? - if test $stat -ne 0; then - rm -f "$tmpdepfile" - exit $stat - fi - rm -f "$depfile" - echo "$object : \\" > "$depfile" - # The second -e expression handles DOS-style file names with drive - # letters. - sed -e 's/^[^:]*: / /' \ - -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" -## This next piece of magic avoids the "deleted header file" problem. -## The problem is that when a header file which appears in a .P file -## is deleted, the dependency causes make to die (because there is -## typically no way to rebuild the header). We avoid this by adding -## dummy dependencies for each header file. Too bad gcc doesn't do -## this for us directly. -## Some versions of gcc put a space before the ':'. On the theory -## that the space means something, we add a space to the output as -## well. hp depmode also adds that space, but also prefixes the VPATH -## to the object. Take care to not repeat it in the output. -## Some versions of the HPUX 10.20 sed can't process this invocation -## correctly. Breaking it into two sed invocations is a workaround. - tr ' ' "$nl" < "$tmpdepfile" \ - | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ - | sed -e 's/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -hp) - # This case exists only to let depend.m4 do its work. It works by - # looking at the text of this script. This case will never be run, - # since it is checked for above. - exit 1 - ;; - -sgi) - if test "$libtool" = yes; then - "$@" "-Wp,-MDupdate,$tmpdepfile" - else - "$@" -MDupdate "$tmpdepfile" - fi - stat=$? - if test $stat -ne 0; then - rm -f "$tmpdepfile" - exit $stat - fi - rm -f "$depfile" - - if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files - echo "$object : \\" > "$depfile" - # Clip off the initial element (the dependent). Don't try to be - # clever and replace this with sed code, as IRIX sed won't handle - # lines with more than a fixed number of characters (4096 in - # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; - # the IRIX cc adds comments like '#:fec' to the end of the - # dependency line. - tr ' ' "$nl" < "$tmpdepfile" \ - | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \ - | tr "$nl" ' ' >> "$depfile" - echo >> "$depfile" - # The second pass generates a dummy entry for each header file. - tr ' ' "$nl" < "$tmpdepfile" \ - | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ - >> "$depfile" - else - make_dummy_depfile - fi - rm -f "$tmpdepfile" - ;; - -xlc) - # This case exists only to let depend.m4 do its work. It works by - # looking at the text of this script. This case will never be run, - # since it is checked for above. - exit 1 - ;; - -aix) - # The C for AIX Compiler uses -M and outputs the dependencies - # in a .u file. In older versions, this file always lives in the - # current directory. Also, the AIX compiler puts '$object:' at the - # start of each line; $object doesn't have directory information. - # Version 6 uses the directory in both cases. - set_dir_from "$object" - set_base_from "$object" - if test "$libtool" = yes; then - tmpdepfile1=$dir$base.u - tmpdepfile2=$base.u - tmpdepfile3=$dir.libs/$base.u - "$@" -Wc,-M - else - tmpdepfile1=$dir$base.u - tmpdepfile2=$dir$base.u - tmpdepfile3=$dir$base.u - "$@" -M - fi - stat=$? - if test $stat -ne 0; then - rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" - exit $stat - fi - - for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" - do - test -f "$tmpdepfile" && break - done - aix_post_process_depfile - ;; - -tcc) - # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26 - # FIXME: That version still under development at the moment of writing. - # Make that this statement remains true also for stable, released - # versions. - # It will wrap lines (doesn't matter whether long or short) with a - # trailing '\', as in: - # - # foo.o : \ - # foo.c \ - # foo.h \ - # - # It will put a trailing '\' even on the last line, and will use leading - # spaces rather than leading tabs (at least since its commit 0394caf7 - # "Emit spaces for -MD"). - "$@" -MD -MF "$tmpdepfile" - stat=$? - if test $stat -ne 0; then - rm -f "$tmpdepfile" - exit $stat - fi - rm -f "$depfile" - # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'. - # We have to change lines of the first kind to '$object: \'. - sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile" - # And for each line of the second kind, we have to emit a 'dep.h:' - # dummy dependency, to avoid the deleted-header problem. - sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile" - rm -f "$tmpdepfile" - ;; - -## The order of this option in the case statement is important, since the -## shell code in configure will try each of these formats in the order -## listed in this file. A plain '-MD' option would be understood by many -## compilers, so we must ensure this comes after the gcc and icc options. -pgcc) - # Portland's C compiler understands '-MD'. - # Will always output deps to 'file.d' where file is the root name of the - # source file under compilation, even if file resides in a subdirectory. - # The object file name does not affect the name of the '.d' file. - # pgcc 10.2 will output - # foo.o: sub/foo.c sub/foo.h - # and will wrap long lines using '\' : - # foo.o: sub/foo.c ... \ - # sub/foo.h ... \ - # ... - set_dir_from "$object" - # Use the source, not the object, to determine the base name, since - # that's sadly what pgcc will do too. - set_base_from "$source" - tmpdepfile=$base.d - - # For projects that build the same source file twice into different object - # files, the pgcc approach of using the *source* file root name can cause - # problems in parallel builds. Use a locking strategy to avoid stomping on - # the same $tmpdepfile. - lockdir=$base.d-lock - trap " - echo '$0: caught signal, cleaning up...' >&2 - rmdir '$lockdir' - exit 1 - " 1 2 13 15 - numtries=100 - i=$numtries - while test $i -gt 0; do - # mkdir is a portable test-and-set. - if mkdir "$lockdir" 2>/dev/null; then - # This process acquired the lock. - "$@" -MD - stat=$? - # Release the lock. - rmdir "$lockdir" - break - else - # If the lock is being held by a different process, wait - # until the winning process is done or we timeout. - while test -d "$lockdir" && test $i -gt 0; do - sleep 1 - i=`expr $i - 1` - done - fi - i=`expr $i - 1` - done - trap - 1 2 13 15 - if test $i -le 0; then - echo "$0: failed to acquire lock after $numtries attempts" >&2 - echo "$0: check lockdir '$lockdir'" >&2 - exit 1 - fi - - if test $stat -ne 0; then - rm -f "$tmpdepfile" - exit $stat - fi - rm -f "$depfile" - # Each line is of the form `foo.o: dependent.h', - # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. - # Do two passes, one to just change these to - # `$object: dependent.h' and one to simply `dependent.h:'. - sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" - # Some versions of the HPUX 10.20 sed can't process this invocation - # correctly. Breaking it into two sed invocations is a workaround. - sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \ - | sed -e 's/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -hp2) - # The "hp" stanza above does not work with aCC (C++) and HP's ia64 - # compilers, which have integrated preprocessors. The correct option - # to use with these is +Maked; it writes dependencies to a file named - # 'foo.d', which lands next to the object file, wherever that - # happens to be. - # Much of this is similar to the tru64 case; see comments there. - set_dir_from "$object" - set_base_from "$object" - if test "$libtool" = yes; then - tmpdepfile1=$dir$base.d - tmpdepfile2=$dir.libs/$base.d - "$@" -Wc,+Maked - else - tmpdepfile1=$dir$base.d - tmpdepfile2=$dir$base.d - "$@" +Maked - fi - stat=$? - if test $stat -ne 0; then - rm -f "$tmpdepfile1" "$tmpdepfile2" - exit $stat - fi - - for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" - do - test -f "$tmpdepfile" && break - done - if test -f "$tmpdepfile"; then - sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile" - # Add 'dependent.h:' lines. - sed -ne '2,${ - s/^ *// - s/ \\*$// - s/$/:/ - p - }' "$tmpdepfile" >> "$depfile" - else - make_dummy_depfile - fi - rm -f "$tmpdepfile" "$tmpdepfile2" - ;; - -tru64) - # The Tru64 compiler uses -MD to generate dependencies as a side - # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. - # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put - # dependencies in 'foo.d' instead, so we check for that too. - # Subdirectories are respected. - set_dir_from "$object" - set_base_from "$object" - - if test "$libtool" = yes; then - # Libtool generates 2 separate objects for the 2 libraries. These - # two compilations output dependencies in $dir.libs/$base.o.d and - # in $dir$base.o.d. We have to check for both files, because - # one of the two compilations can be disabled. We should prefer - # $dir$base.o.d over $dir.libs/$base.o.d because the latter is - # automatically cleaned when .libs/ is deleted, while ignoring - # the former would cause a distcleancheck panic. - tmpdepfile1=$dir$base.o.d # libtool 1.5 - tmpdepfile2=$dir.libs/$base.o.d # Likewise. - tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504 - "$@" -Wc,-MD - else - tmpdepfile1=$dir$base.d - tmpdepfile2=$dir$base.d - tmpdepfile3=$dir$base.d - "$@" -MD - fi - - stat=$? - if test $stat -ne 0; then - rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" - exit $stat - fi - - for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" - do - test -f "$tmpdepfile" && break - done - # Same post-processing that is required for AIX mode. - aix_post_process_depfile - ;; - -msvc7) - if test "$libtool" = yes; then - showIncludes=-Wc,-showIncludes - else - showIncludes=-showIncludes - fi - "$@" $showIncludes > "$tmpdepfile" - stat=$? - grep -v '^Note: including file: ' "$tmpdepfile" - if test $stat -ne 0; then - rm -f "$tmpdepfile" - exit $stat - fi - rm -f "$depfile" - echo "$object : \\" > "$depfile" - # The first sed program below extracts the file names and escapes - # backslashes for cygpath. The second sed program outputs the file - # name when reading, but also accumulates all include files in the - # hold buffer in order to output them again at the end. This only - # works with sed implementations that can handle large buffers. - sed < "$tmpdepfile" -n ' -/^Note: including file: *\(.*\)/ { - s//\1/ - s/\\/\\\\/g - p -}' | $cygpath_u | sort -u | sed -n ' -s/ /\\ /g -s/\(.*\)/'"$tab"'\1 \\/p -s/.\(.*\) \\/\1:/ -H -$ { - s/.*/'"$tab"'/ - G - p -}' >> "$depfile" - echo >> "$depfile" # make sure the fragment doesn't end with a backslash - rm -f "$tmpdepfile" - ;; - -msvc7msys) - # This case exists only to let depend.m4 do its work. It works by - # looking at the text of this script. This case will never be run, - # since it is checked for above. - exit 1 - ;; - -#nosideeffect) - # This comment above is used by automake to tell side-effect - # dependency tracking mechanisms from slower ones. - -dashmstdout) - # Important note: in order to support this mode, a compiler *must* - # always write the preprocessed file to stdout, regardless of -o. - "$@" || exit $? - - # Remove the call to Libtool. - if test "$libtool" = yes; then - while test "X$1" != 'X--mode=compile'; do - shift - done - shift - fi - - # Remove '-o $object'. - IFS=" " - for arg - do - case $arg in - -o) - shift - ;; - $object) - shift - ;; - *) - set fnord "$@" "$arg" - shift # fnord - shift # $arg - ;; - esac - done - - test -z "$dashmflag" && dashmflag=-M - # Require at least two characters before searching for ':' - # in the target name. This is to cope with DOS-style filenames: - # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise. - "$@" $dashmflag | - sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile" - rm -f "$depfile" - cat < "$tmpdepfile" > "$depfile" - # Some versions of the HPUX 10.20 sed can't process this sed invocation - # correctly. Breaking it into two sed invocations is a workaround. - tr ' ' "$nl" < "$tmpdepfile" \ - | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ - | sed -e 's/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -dashXmstdout) - # This case only exists to satisfy depend.m4. It is never actually - # run, as this mode is specially recognized in the preamble. - exit 1 - ;; - -makedepend) - "$@" || exit $? - # Remove any Libtool call - if test "$libtool" = yes; then - while test "X$1" != 'X--mode=compile'; do - shift - done - shift - fi - # X makedepend - shift - cleared=no eat=no - for arg - do - case $cleared in - no) - set ""; shift - cleared=yes ;; - esac - if test $eat = yes; then - eat=no - continue - fi - case "$arg" in - -D*|-I*) - set fnord "$@" "$arg"; shift ;; - # Strip any option that makedepend may not understand. Remove - # the object too, otherwise makedepend will parse it as a source file. - -arch) - eat=yes ;; - -*|$object) - ;; - *) - set fnord "$@" "$arg"; shift ;; - esac - done - obj_suffix=`echo "$object" | sed 's/^.*\././'` - touch "$tmpdepfile" - ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" - rm -f "$depfile" - # makedepend may prepend the VPATH from the source file name to the object. - # No need to regex-escape $object, excess matching of '.' is harmless. - sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile" - # Some versions of the HPUX 10.20 sed can't process the last invocation - # correctly. Breaking it into two sed invocations is a workaround. - sed '1,2d' "$tmpdepfile" \ - | tr ' ' "$nl" \ - | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ - | sed -e 's/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" "$tmpdepfile".bak - ;; - -cpp) - # Important note: in order to support this mode, a compiler *must* - # always write the preprocessed file to stdout. - "$@" || exit $? - - # Remove the call to Libtool. - if test "$libtool" = yes; then - while test "X$1" != 'X--mode=compile'; do - shift - done - shift - fi - - # Remove '-o $object'. - IFS=" " - for arg - do - case $arg in - -o) - shift - ;; - $object) - shift - ;; - *) - set fnord "$@" "$arg" - shift # fnord - shift # $arg - ;; - esac - done - - "$@" -E \ - | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ - -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ - | sed '$ s: \\$::' > "$tmpdepfile" - rm -f "$depfile" - echo "$object : \\" > "$depfile" - cat < "$tmpdepfile" >> "$depfile" - sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -msvisualcpp) - # Important note: in order to support this mode, a compiler *must* - # always write the preprocessed file to stdout. - "$@" || exit $? - - # Remove the call to Libtool. - if test "$libtool" = yes; then - while test "X$1" != 'X--mode=compile'; do - shift - done - shift - fi - - IFS=" " - for arg - do - case "$arg" in - -o) - shift - ;; - $object) - shift - ;; - "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") - set fnord "$@" - shift - shift - ;; - *) - set fnord "$@" "$arg" - shift - shift - ;; - esac - done - "$@" -E 2>/dev/null | - sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" - rm -f "$depfile" - echo "$object : \\" > "$depfile" - sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile" - echo "$tab" >> "$depfile" - sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -msvcmsys) - # This case exists only to let depend.m4 do its work. It works by - # looking at the text of this script. This case will never be run, - # since it is checked for above. - exit 1 - ;; - -none) - exec "$@" - ;; - -*) - echo "Unknown depmode $depmode" 1>&2 - exit 1 - ;; -esac - -exit 0 - -# Local Variables: -# mode: shell-script -# sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-time-zone: "UTC" -# time-stamp-end: "; # UTC" -# End: diff --git a/doc/Makefile.in b/doc/Makefile.in deleted file mode 100644 index b7b3ca4d..00000000 --- a/doc/Makefile.in +++ /dev/null @@ -1,460 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# This is a dummy Makefile.am to get automake work flawlessly, -# and also cooperate to make a distribution for `make dist' -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = doc -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -EXTRA_DIST = HOWTO README.limits \ - README.platforms WISHLIST console.c.spec.txt cracklib26.diff - -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu doc/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/etc/Makefile.in b/etc/Makefile.in deleted file mode 100644 index 8e911387..00000000 --- a/etc/Makefile.in +++ /dev/null @@ -1,755 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# This is a dummy Makefile.am to get automake work flawlessly, -# and also cooperate to make a distribution for `make dist' - -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = etc -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ - ctags-recursive dvi-recursive html-recursive info-recursive \ - install-data-recursive install-dvi-recursive \ - install-exec-recursive install-html-recursive \ - install-info-recursive install-pdf-recursive \ - install-ps-recursive install-recursive installcheck-recursive \ - installdirs-recursive pdf-recursive ps-recursive \ - tags-recursive uninstall-recursive -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -am__installdirs = "$(DESTDIR)$(defaultdir)" "$(DESTDIR)$(nonpamdir)" \ - "$(DESTDIR)$(sysconfdir)" -DATA = $(default_DATA) $(nonpam_DATA) $(sysconf_DATA) -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -am__recursive_targets = \ - $(RECURSIVE_TARGETS) \ - $(RECURSIVE_CLEAN_TARGETS) \ - $(am__extra_recursive_targets) -AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ - distdir -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = $(SUBDIRS) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -am__relativize = \ - dir0=`pwd`; \ - sed_first='s,^\([^/]*\)/.*$$,\1,'; \ - sed_rest='s,^[^/]*/*,,'; \ - sed_last='s,^.*/\([^/]*\)$$,\1,'; \ - sed_butlast='s,/*[^/]*$$,,'; \ - while test -n "$$dir1"; do \ - first=`echo "$$dir1" | sed -e "$$sed_first"`; \ - if test "$$first" != "."; then \ - if test "$$first" = ".."; then \ - dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ - dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ - else \ - first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ - if test "$$first2" = "$$first"; then \ - dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ - else \ - dir2="../$$dir2"; \ - fi; \ - dir0="$$dir0"/"$$first"; \ - fi; \ - fi; \ - dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ - done; \ - reldir="$$dir2" -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -sysconf_DATA = login.defs -defaultdir = $(sysconfdir)/default -default_DATA = \ - useradd - -nonpam_files = \ - limits \ - login.access - -@USE_PAM_FALSE@nonpamdir = $(sysconfdir) -@USE_PAM_FALSE@nonpam_DATA = $(nonpam_files) -EXTRA_DIST = \ - $(nonpam_files) \ - $(sysconf_DATA) \ - $(default_DATA) - -SUBDIRS = pam.d -all: all-recursive - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu etc/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu etc/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-defaultDATA: $(default_DATA) - @$(NORMAL_INSTALL) - @list='$(default_DATA)'; test -n "$(defaultdir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(defaultdir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(defaultdir)" || exit 1; \ - fi; \ - for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; \ - done | $(am__base_list) | \ - while read files; do \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(defaultdir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(defaultdir)" || exit $$?; \ - done - -uninstall-defaultDATA: - @$(NORMAL_UNINSTALL) - @list='$(default_DATA)'; test -n "$(defaultdir)" || list=; \ - files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ - dir='$(DESTDIR)$(defaultdir)'; $(am__uninstall_files_from_dir) -install-nonpamDATA: $(nonpam_DATA) - @$(NORMAL_INSTALL) - @list='$(nonpam_DATA)'; test -n "$(nonpamdir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(nonpamdir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(nonpamdir)" || exit 1; \ - fi; \ - for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; \ - done | $(am__base_list) | \ - while read files; do \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(nonpamdir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(nonpamdir)" || exit $$?; \ - done - -uninstall-nonpamDATA: - @$(NORMAL_UNINSTALL) - @list='$(nonpam_DATA)'; test -n "$(nonpamdir)" || list=; \ - files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ - dir='$(DESTDIR)$(nonpamdir)'; $(am__uninstall_files_from_dir) -install-sysconfDATA: $(sysconf_DATA) - @$(NORMAL_INSTALL) - @list='$(sysconf_DATA)'; test -n "$(sysconfdir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(sysconfdir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(sysconfdir)" || exit 1; \ - fi; \ - for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; \ - done | $(am__base_list) | \ - while read files; do \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(sysconfdir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(sysconfdir)" || exit $$?; \ - done - -uninstall-sysconfDATA: - @$(NORMAL_UNINSTALL) - @list='$(sysconf_DATA)'; test -n "$(sysconfdir)" || list=; \ - files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ - dir='$(DESTDIR)$(sysconfdir)'; $(am__uninstall_files_from_dir) - -# This directory's subdirectories are mostly independent; you can cd -# into them and run 'make' without going through this Makefile. -# To change the values of 'make' variables: instead of editing Makefiles, -# (1) if the variable is set in 'config.status', edit 'config.status' -# (which will cause the Makefiles to be regenerated when you run 'make'); -# (2) otherwise, pass the desired values on the 'make' command line. -$(am__recursive_targets): - @fail=; \ - if $(am__make_keepgoing); then \ - failcom='fail=yes'; \ - else \ - failcom='exit 1'; \ - fi; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-recursive -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-recursive - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscopelist: cscopelist-recursive - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done - @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - $(am__make_dryrun) \ - || test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ - $(am__relativize); \ - new_distdir=$$reldir; \ - dir1=$$subdir; dir2="$(top_distdir)"; \ - $(am__relativize); \ - new_top_distdir=$$reldir; \ - echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ - echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ - ($(am__cd) $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$new_top_distdir" \ - distdir="$$new_distdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - am__skip_mode_fix=: \ - distdir) \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-recursive -all-am: Makefile $(DATA) -installdirs: installdirs-recursive -installdirs-am: - for dir in "$(DESTDIR)$(defaultdir)" "$(DESTDIR)$(nonpamdir)" "$(DESTDIR)$(sysconfdir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -html-am: - -info: info-recursive - -info-am: - -install-data-am: install-defaultDATA install-nonpamDATA - -install-dvi: install-dvi-recursive - -install-dvi-am: - -install-exec-am: install-sysconfDATA - -install-html: install-html-recursive - -install-html-am: - -install-info: install-info-recursive - -install-info-am: - -install-man: - -install-pdf: install-pdf-recursive - -install-pdf-am: - -install-ps: install-ps-recursive - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: uninstall-defaultDATA uninstall-nonpamDATA \ - uninstall-sysconfDATA - -.MAKE: $(am__recursive_targets) install-am install-strip - -.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \ - check-am clean clean-generic clean-libtool cscopelist-am ctags \ - ctags-am distclean distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-defaultDATA install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-nonpamDATA install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - install-sysconfDATA installcheck installcheck-am installdirs \ - installdirs-am maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am tags tags-am uninstall uninstall-am \ - uninstall-defaultDATA uninstall-nonpamDATA \ - uninstall-sysconfDATA - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/etc/login.defs b/etc/login.defs index 8dd7c444..ca660a9e 100644 --- a/etc/login.defs +++ b/etc/login.defs @@ -393,3 +393,8 @@ USERGROUPS_ENAB yes # #CREATE_HOME yes +# +# Force use shadow, even if shadow passwd & shadow group files are +# missing. +# +#FORCE_SHADOW yes diff --git a/etc/pam.d/Makefile.in b/etc/pam.d/Makefile.in deleted file mode 100644 index ee35fac5..00000000 --- a/etc/pam.d/Makefile.in +++ /dev/null @@ -1,535 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# This is a dummy Makefile.am to get automake work flawlessly, -# and also cooperate to make a distribution for `make dist' - -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@ACCT_TOOLS_SETUID_TRUE@@USE_PAM_TRUE@am__append_1 = $(pamd_acct_tools_files) -subdir = etc/pam.d -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -am__installdirs = "$(DESTDIR)$(pamddir)" -DATA = $(pamd_DATA) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -pamd_files = \ - chfn \ - chsh \ - groupmems \ - login \ - passwd \ - su - -pamd_acct_tools_files = \ - chage \ - chgpasswd \ - chpasswd \ - groupadd \ - groupdel \ - groupmod \ - newusers \ - useradd \ - userdel \ - usermod - -@USE_PAM_TRUE@pamddir = $(sysconfdir)/pam.d -@USE_PAM_TRUE@pamd_DATA = $(pamd_files) $(am__append_1) -EXTRA_DIST = $(pamd_files) $(pamd_acct_tools_files) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu etc/pam.d/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu etc/pam.d/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-pamdDATA: $(pamd_DATA) - @$(NORMAL_INSTALL) - @list='$(pamd_DATA)'; test -n "$(pamddir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(pamddir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(pamddir)" || exit 1; \ - fi; \ - for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; \ - done | $(am__base_list) | \ - while read files; do \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pamddir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(pamddir)" || exit $$?; \ - done - -uninstall-pamdDATA: - @$(NORMAL_UNINSTALL) - @list='$(pamd_DATA)'; test -n "$(pamddir)" || list=; \ - files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ - dir='$(DESTDIR)$(pamddir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(DATA) -installdirs: - for dir in "$(DESTDIR)$(pamddir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-pamdDATA - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-pamdDATA - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pamdDATA install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am tags-am uninstall uninstall-am uninstall-pamdDATA - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/install-sh b/install-sh deleted file mode 100755 index 377bb868..00000000 --- a/install-sh +++ /dev/null @@ -1,527 +0,0 @@ -#!/bin/sh -# install - install a program, script, or datafile - -scriptversion=2011-11-20.07; # UTC - -# This originates from X11R5 (mit/util/scripts/install.sh), which was -# later released in X11R6 (xc/config/util/install.sh) with the -# following copyright and license. -# -# Copyright (C) 1994 X Consortium -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to -# deal in the Software without restriction, including without limitation the -# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -# sell copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- -# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -# -# Except as contained in this notice, the name of the X Consortium shall not -# be used in advertising or otherwise to promote the sale, use or other deal- -# ings in this Software without prior written authorization from the X Consor- -# tium. -# -# -# FSF changes to this file are in the public domain. -# -# Calling this script install-sh is preferred over install.sh, to prevent -# 'make' implicit rules from creating a file called install from it -# when there is no Makefile. -# -# This script is compatible with the BSD install script, but was written -# from scratch. - -nl=' -' -IFS=" "" $nl" - -# set DOITPROG to echo to test this script - -# Don't use :- since 4.3BSD and earlier shells don't like it. -doit=${DOITPROG-} -if test -z "$doit"; then - doit_exec=exec -else - doit_exec=$doit -fi - -# Put in absolute file names if you don't have them in your path; -# or use environment vars. - -chgrpprog=${CHGRPPROG-chgrp} -chmodprog=${CHMODPROG-chmod} -chownprog=${CHOWNPROG-chown} -cmpprog=${CMPPROG-cmp} -cpprog=${CPPROG-cp} -mkdirprog=${MKDIRPROG-mkdir} -mvprog=${MVPROG-mv} -rmprog=${RMPROG-rm} -stripprog=${STRIPPROG-strip} - -posix_glob='?' -initialize_posix_glob=' - test "$posix_glob" != "?" || { - if (set -f) 2>/dev/null; then - posix_glob= - else - posix_glob=: - fi - } -' - -posix_mkdir= - -# Desired mode of installed file. -mode=0755 - -chgrpcmd= -chmodcmd=$chmodprog -chowncmd= -mvcmd=$mvprog -rmcmd="$rmprog -f" -stripcmd= - -src= -dst= -dir_arg= -dst_arg= - -copy_on_change=false -no_target_directory= - -usage="\ -Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE - or: $0 [OPTION]... SRCFILES... DIRECTORY - or: $0 [OPTION]... -t DIRECTORY SRCFILES... - or: $0 [OPTION]... -d DIRECTORIES... - -In the 1st form, copy SRCFILE to DSTFILE. -In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. -In the 4th, create DIRECTORIES. - -Options: - --help display this help and exit. - --version display version info and exit. - - -c (ignored) - -C install only if different (preserve the last data modification time) - -d create directories instead of installing files. - -g GROUP $chgrpprog installed files to GROUP. - -m MODE $chmodprog installed files to MODE. - -o USER $chownprog installed files to USER. - -s $stripprog installed files. - -t DIRECTORY install into DIRECTORY. - -T report an error if DSTFILE is a directory. - -Environment variables override the default commands: - CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG - RMPROG STRIPPROG -" - -while test $# -ne 0; do - case $1 in - -c) ;; - - -C) copy_on_change=true;; - - -d) dir_arg=true;; - - -g) chgrpcmd="$chgrpprog $2" - shift;; - - --help) echo "$usage"; exit $?;; - - -m) mode=$2 - case $mode in - *' '* | *' '* | *' -'* | *'*'* | *'?'* | *'['*) - echo "$0: invalid mode: $mode" >&2 - exit 1;; - esac - shift;; - - -o) chowncmd="$chownprog $2" - shift;; - - -s) stripcmd=$stripprog;; - - -t) dst_arg=$2 - # Protect names problematic for 'test' and other utilities. - case $dst_arg in - -* | [=\(\)!]) dst_arg=./$dst_arg;; - esac - shift;; - - -T) no_target_directory=true;; - - --version) echo "$0 $scriptversion"; exit $?;; - - --) shift - break;; - - -*) echo "$0: invalid option: $1" >&2 - exit 1;; - - *) break;; - esac - shift -done - -if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then - # When -d is used, all remaining arguments are directories to create. - # When -t is used, the destination is already specified. - # Otherwise, the last argument is the destination. Remove it from $@. - for arg - do - if test -n "$dst_arg"; then - # $@ is not empty: it contains at least $arg. - set fnord "$@" "$dst_arg" - shift # fnord - fi - shift # arg - dst_arg=$arg - # Protect names problematic for 'test' and other utilities. - case $dst_arg in - -* | [=\(\)!]) dst_arg=./$dst_arg;; - esac - done -fi - -if test $# -eq 0; then - if test -z "$dir_arg"; then - echo "$0: no input file specified." >&2 - exit 1 - fi - # It's OK to call 'install-sh -d' without argument. - # This can happen when creating conditional directories. - exit 0 -fi - -if test -z "$dir_arg"; then - do_exit='(exit $ret); exit $ret' - trap "ret=129; $do_exit" 1 - trap "ret=130; $do_exit" 2 - trap "ret=141; $do_exit" 13 - trap "ret=143; $do_exit" 15 - - # Set umask so as not to create temps with too-generous modes. - # However, 'strip' requires both read and write access to temps. - case $mode in - # Optimize common cases. - *644) cp_umask=133;; - *755) cp_umask=22;; - - *[0-7]) - if test -z "$stripcmd"; then - u_plus_rw= - else - u_plus_rw='% 200' - fi - cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;; - *) - if test -z "$stripcmd"; then - u_plus_rw= - else - u_plus_rw=,u+rw - fi - cp_umask=$mode$u_plus_rw;; - esac -fi - -for src -do - # Protect names problematic for 'test' and other utilities. - case $src in - -* | [=\(\)!]) src=./$src;; - esac - - if test -n "$dir_arg"; then - dst=$src - dstdir=$dst - test -d "$dstdir" - dstdir_status=$? - else - - # Waiting for this to be detected by the "$cpprog $src $dsttmp" command - # might cause directories to be created, which would be especially bad - # if $src (and thus $dsttmp) contains '*'. - if test ! -f "$src" && test ! -d "$src"; then - echo "$0: $src does not exist." >&2 - exit 1 - fi - - if test -z "$dst_arg"; then - echo "$0: no destination specified." >&2 - exit 1 - fi - dst=$dst_arg - - # If destination is a directory, append the input filename; won't work - # if double slashes aren't ignored. - if test -d "$dst"; then - if test -n "$no_target_directory"; then - echo "$0: $dst_arg: Is a directory" >&2 - exit 1 - fi - dstdir=$dst - dst=$dstdir/`basename "$src"` - dstdir_status=0 - else - # Prefer dirname, but fall back on a substitute if dirname fails. - dstdir=` - (dirname "$dst") 2>/dev/null || - expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$dst" : 'X\(//\)[^/]' \| \ - X"$dst" : 'X\(//\)$' \| \ - X"$dst" : 'X\(/\)' \| . 2>/dev/null || - echo X"$dst" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q' - ` - - test -d "$dstdir" - dstdir_status=$? - fi - fi - - obsolete_mkdir_used=false - - if test $dstdir_status != 0; then - case $posix_mkdir in - '') - # Create intermediate dirs using mode 755 as modified by the umask. - # This is like FreeBSD 'install' as of 1997-10-28. - umask=`umask` - case $stripcmd.$umask in - # Optimize common cases. - *[2367][2367]) mkdir_umask=$umask;; - .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;; - - *[0-7]) - mkdir_umask=`expr $umask + 22 \ - - $umask % 100 % 40 + $umask % 20 \ - - $umask % 10 % 4 + $umask % 2 - `;; - *) mkdir_umask=$umask,go-w;; - esac - - # With -d, create the new directory with the user-specified mode. - # Otherwise, rely on $mkdir_umask. - if test -n "$dir_arg"; then - mkdir_mode=-m$mode - else - mkdir_mode= - fi - - posix_mkdir=false - case $umask in - *[123567][0-7][0-7]) - # POSIX mkdir -p sets u+wx bits regardless of umask, which - # is incompatible with FreeBSD 'install' when (umask & 300) != 0. - ;; - *) - tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$ - trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0 - - if (umask $mkdir_umask && - exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1 - then - if test -z "$dir_arg" || { - # Check for POSIX incompatibilities with -m. - # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or - # other-writable bit of parent directory when it shouldn't. - # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. - ls_ld_tmpdir=`ls -ld "$tmpdir"` - case $ls_ld_tmpdir in - d????-?r-*) different_mode=700;; - d????-?--*) different_mode=755;; - *) false;; - esac && - $mkdirprog -m$different_mode -p -- "$tmpdir" && { - ls_ld_tmpdir_1=`ls -ld "$tmpdir"` - test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1" - } - } - then posix_mkdir=: - fi - rmdir "$tmpdir/d" "$tmpdir" - else - # Remove any dirs left behind by ancient mkdir implementations. - rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null - fi - trap '' 0;; - esac;; - esac - - if - $posix_mkdir && ( - umask $mkdir_umask && - $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir" - ) - then : - else - - # The umask is ridiculous, or mkdir does not conform to POSIX, - # or it failed possibly due to a race condition. Create the - # directory the slow way, step by step, checking for races as we go. - - case $dstdir in - /*) prefix='/';; - [-=\(\)!]*) prefix='./';; - *) prefix='';; - esac - - eval "$initialize_posix_glob" - - oIFS=$IFS - IFS=/ - $posix_glob set -f - set fnord $dstdir - shift - $posix_glob set +f - IFS=$oIFS - - prefixes= - - for d - do - test X"$d" = X && continue - - prefix=$prefix$d - if test -d "$prefix"; then - prefixes= - else - if $posix_mkdir; then - (umask=$mkdir_umask && - $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break - # Don't fail if two instances are running concurrently. - test -d "$prefix" || exit 1 - else - case $prefix in - *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;; - *) qprefix=$prefix;; - esac - prefixes="$prefixes '$qprefix'" - fi - fi - prefix=$prefix/ - done - - if test -n "$prefixes"; then - # Don't fail if two instances are running concurrently. - (umask $mkdir_umask && - eval "\$doit_exec \$mkdirprog $prefixes") || - test -d "$dstdir" || exit 1 - obsolete_mkdir_used=true - fi - fi - fi - - if test -n "$dir_arg"; then - { test -z "$chowncmd" || $doit $chowncmd "$dst"; } && - { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } && - { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false || - test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1 - else - - # Make a couple of temp file names in the proper directory. - dsttmp=$dstdir/_inst.$$_ - rmtmp=$dstdir/_rm.$$_ - - # Trap to clean up those temp files at exit. - trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 - - # Copy the file name to the temp name. - (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && - - # and set any options; do chmod last to preserve setuid bits. - # - # If any of these fail, we abort the whole thing. If we want to - # ignore errors from any of these, just make sure not to ignore - # errors from the above "$doit $cpprog $src $dsttmp" command. - # - { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && - { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && - { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && - { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && - - # If -C, don't bother to copy if it wouldn't change the file. - if $copy_on_change && - old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && - new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && - - eval "$initialize_posix_glob" && - $posix_glob set -f && - set X $old && old=:$2:$4:$5:$6 && - set X $new && new=:$2:$4:$5:$6 && - $posix_glob set +f && - - test "$old" = "$new" && - $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 - then - rm -f "$dsttmp" - else - # Rename the file to the real destination. - $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || - - # The rename failed, perhaps because mv can't rename something else - # to itself, or perhaps because mv is so ancient that it does not - # support -f. - { - # Now remove or move aside any old file at destination location. - # We try this two ways since rm can't unlink itself on some - # systems and the destination file might be busy for other - # reasons. In this case, the final cleanup might fail but the new - # file should still install successfully. - { - test ! -f "$dst" || - $doit $rmcmd -f "$dst" 2>/dev/null || - { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && - { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } - } || - { echo "$0: cannot unlink or rename $dst" >&2 - (exit 1); exit 1 - } - } && - - # Now rename the file to the real destination. - $doit $mvcmd "$dsttmp" "$dst" - } - fi || exit 1 - - trap '' 0 - fi -done - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-time-zone: "UTC" -# time-stamp-end: "; # UTC" -# End: diff --git a/lib/Makefile.in b/lib/Makefile.in deleted file mode 100644 index 53e7ff1a..00000000 --- a/lib/Makefile.in +++ /dev/null @@ -1,673 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@WITH_TCB_TRUE@am__append_1 = tcbfuncs.c tcbfuncs.h -subdir = lib -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/depcomp -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -LTLIBRARIES = $(noinst_LTLIBRARIES) -libshadow_la_LIBADD = -am__libshadow_la_SOURCES_DIST = commonio.c commonio.h defines.h \ - encrypt.c exitcodes.h faillog.h fields.c fputsx.c getdef.c \ - getdef.h get_gid.c getlong.c get_pid.c get_uid.c getulong.c \ - groupio.c groupmem.c groupio.h gshadow.c lockpw.c nscd.c \ - nscd.h pam_defs.h port.c port.h prototypes.h pwauth.c pwauth.h \ - pwio.c pwio.h pwmem.c subordinateio.h subordinateio.c \ - selinux.c semanage.c sgetgrent.c sgetpwent.c sgetspent.c \ - sgroupio.c sgroupio.h shadow.c shadowio.c shadowio.h \ - shadowmem.c spawn.c utent.c tcbfuncs.c tcbfuncs.h -@WITH_TCB_TRUE@am__objects_1 = tcbfuncs.lo -am_libshadow_la_OBJECTS = commonio.lo encrypt.lo fields.lo fputsx.lo \ - getdef.lo get_gid.lo getlong.lo get_pid.lo get_uid.lo \ - getulong.lo groupio.lo groupmem.lo gshadow.lo lockpw.lo \ - nscd.lo port.lo pwauth.lo pwio.lo pwmem.lo subordinateio.lo \ - selinux.lo semanage.lo sgetgrent.lo sgetpwent.lo sgetspent.lo \ - sgroupio.lo shadow.lo shadowio.lo shadowmem.lo spawn.lo \ - utent.lo $(am__objects_1) -libshadow_la_OBJECTS = $(am_libshadow_la_OBJECTS) -AM_V_lt = $(am__v_lt_@AM_V@) -am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) -am__v_lt_0 = --silent -am__v_lt_1 = -libshadow_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libshadow_la_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -am__mv = mv -f -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) -AM_V_CC = $(am__v_CC_@AM_V@) -am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -am__v_CC_0 = @echo " CC " $@; -am__v_CC_1 = -CCLD = $(CC) -LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_CCLD = $(am__v_CCLD_@AM_V@) -am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -am__v_CCLD_0 = @echo " CCLD " $@; -am__v_CCLD_1 = -SOURCES = $(libshadow_la_SOURCES) -DIST_SOURCES = $(am__libshadow_la_SOURCES_DIST) -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -AUTOMAKE_OPTIONS = 1.0 foreign -noinst_LTLIBRARIES = libshadow.la -libshadow_la_LDFLAGS = -version-info 0:0:0 -libshadow_la_SOURCES = commonio.c commonio.h defines.h encrypt.c \ - exitcodes.h faillog.h fields.c fputsx.c getdef.c getdef.h \ - get_gid.c getlong.c get_pid.c get_uid.c getulong.c groupio.c \ - groupmem.c groupio.h gshadow.c lockpw.c nscd.c nscd.h \ - pam_defs.h port.c port.h prototypes.h pwauth.c pwauth.h pwio.c \ - pwio.h pwmem.c subordinateio.h subordinateio.c selinux.c \ - semanage.c sgetgrent.c sgetpwent.c sgetspent.c sgroupio.c \ - sgroupio.h shadow.c shadowio.c shadowio.h shadowmem.c spawn.c \ - utent.c $(am__append_1) - -# These files are unneeded for some reason, listed in -# order of appearance: -# -# sources for dbm support (not yet used) -EXTRA_DIST = \ - .indent.pro \ - gshadow_.h - -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign lib/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -clean-noinstLTLIBRARIES: - -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) - @list='$(noinst_LTLIBRARIES)'; \ - locs=`for p in $$list; do echo $$p; done | \ - sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ - sort -u`; \ - test -z "$$locs" || { \ - echo rm -f $${locs}; \ - rm -f $${locs}; \ - } - -libshadow.la: $(libshadow_la_OBJECTS) $(libshadow_la_DEPENDENCIES) $(EXTRA_libshadow_la_DEPENDENCIES) - $(AM_V_CCLD)$(libshadow_la_LINK) $(libshadow_la_OBJECTS) $(libshadow_la_LIBADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/commonio.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/encrypt.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fields.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fputsx.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get_gid.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get_pid.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get_uid.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getdef.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getlong.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getulong.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupio.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupmem.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gshadow.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lockpw.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nscd.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/port.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwauth.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwio.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwmem.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/selinux.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/semanage.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sgetgrent.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sgetpwent.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sgetspent.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sgroupio.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shadow.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shadowio.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shadowmem.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/spawn.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/subordinateio.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tcbfuncs.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utent.Plo@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-am -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-am - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscopelist: cscopelist-am - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(LTLIBRARIES) -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-noinstLTLIBRARIES cscopelist-am ctags \ - ctags-am distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-am uninstall uninstall-am - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/lib/commonio.c b/lib/commonio.c index cc536bf1..2e2f7785 100644 --- a/lib/commonio.c +++ b/lib/commonio.c @@ -968,11 +968,10 @@ int commonio_close (struct commonio_db *db) } else { /* * Default permissions for new [g]shadow files. - * (passwd and group always exist...) */ - sb.st_mode = 0400; - sb.st_uid = 0; - sb.st_gid = 0; + sb.st_mode = db->st_mode; + sb.st_uid = db->st_uid; + sb.st_gid = db->st_gid; } snprintf (buf, sizeof buf, "%s+", db->filename); @@ -1081,6 +1080,7 @@ int commonio_update (struct commonio_db *db, const void *eptr) if (NULL != p) { if (next_entry_by_name (db, p->next, db->ops->getname (eptr)) != NULL) { fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename); + db->ops->free (nentry); return 0; } db->ops->free (p->eptr); diff --git a/lib/commonio.h b/lib/commonio.h index 0a316f9c..cb4e9616 100644 --- a/lib/commonio.h +++ b/lib/commonio.h @@ -123,6 +123,12 @@ struct commonio_db { #ifdef WITH_SELINUX /*@null@*/security_context_t scontext; #endif + /* + * Default permissions and owner for newly created data file. + */ + mode_t st_mode; + uid_t st_uid; + gid_t st_gid; /* * Head, tail, current position in linked list. */ diff --git a/lib/getdef.c b/lib/getdef.c index b5f780ca..bea28129 100644 --- a/lib/getdef.c +++ b/lib/getdef.c @@ -49,6 +49,32 @@ struct itemdef { /*@null@*/char *value; /* value given, or NULL if no value */ }; +#define PAMDEFS \ + {"CHFN_AUTH", NULL}, \ + {"CHSH_AUTH", NULL}, \ + {"CRACKLIB_DICTPATH", NULL}, \ + {"ENV_HZ", NULL}, \ + {"ENVIRON_FILE", NULL}, \ + {"ENV_TZ", NULL}, \ + {"FAILLOG_ENAB", NULL}, \ + {"FTMP_FILE", NULL}, \ + {"ISSUE_FILE", NULL}, \ + {"LASTLOG_ENAB", NULL}, \ + {"LOGIN_STRING", NULL}, \ + {"MAIL_CHECK_ENAB", NULL}, \ + {"MOTD_FILE", NULL}, \ + {"NOLOGINS_FILE", NULL}, \ + {"OBSCURE_CHECKS_ENAB", NULL}, \ + {"PASS_ALWAYS_WARN", NULL}, \ + {"PASS_CHANGE_TRIES", NULL}, \ + {"PASS_MAX_LEN", NULL}, \ + {"PASS_MIN_LEN", NULL}, \ + {"PORTTIME_CHECKS_ENAB", NULL}, \ + {"QUOTAS_ENAB", NULL}, \ + {"SU_WHEEL_ONLY", NULL}, \ + {"ULIMIT", NULL}, + + #define NUMDEFS (sizeof(def_table)/sizeof(def_table[0])) static struct itemdef def_table[] = { {"CHFN_RESTRICT", NULL}, @@ -102,29 +128,7 @@ static struct itemdef def_table[] = { {"USERDEL_CMD", NULL}, {"USERGROUPS_ENAB", NULL}, #ifndef USE_PAM - {"CHFN_AUTH", NULL}, - {"CHSH_AUTH", NULL}, - {"CRACKLIB_DICTPATH", NULL}, - {"ENV_HZ", NULL}, - {"ENVIRON_FILE", NULL}, - {"ENV_TZ", NULL}, - {"FAILLOG_ENAB", NULL}, - {"FTMP_FILE", NULL}, - {"ISSUE_FILE", NULL}, - {"LASTLOG_ENAB", NULL}, - {"LOGIN_STRING", NULL}, - {"MAIL_CHECK_ENAB", NULL}, - {"MOTD_FILE", NULL}, - {"NOLOGINS_FILE", NULL}, - {"OBSCURE_CHECKS_ENAB", NULL}, - {"PASS_ALWAYS_WARN", NULL}, - {"PASS_CHANGE_TRIES", NULL}, - {"PASS_MAX_LEN", NULL}, - {"PASS_MIN_LEN", NULL}, - {"PORTTIME_CHECKS_ENAB", NULL}, - {"QUOTAS_ENAB", NULL}, - {"SU_WHEEL_ONLY", NULL}, - {"ULIMIT", NULL}, + PAMDEFS #endif #ifdef USE_SYSLOG {"SYSLOG_SG_ENAB", NULL}, @@ -135,9 +139,17 @@ static struct itemdef def_table[] = { {"TCB_SYMLINKS", NULL}, {"USE_TCB", NULL}, #endif + {"FORCE_SHADOW", NULL}, {NULL, NULL} }; +#define NUMKNOWNDEFS (sizeof(knowndef_table)/sizeof(knowndef_table[0])) +static struct itemdef knowndef_table[] = { +#ifdef USE_PAM + PAMDEFS +#endif +}; + #ifndef LOGINDEFS #define LOGINDEFS "/etc/login.defs" #endif @@ -397,10 +409,17 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name) * Item was never found. */ + for (ptr = knowndef_table; NULL != ptr->name; ptr++) { + if (strcmp (ptr->name, name) == 0) { + goto out; + } + } fprintf (stderr, _("configuration error - unknown item '%s' (notify administrator)\n"), name); SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name)); + +out: return (struct itemdef *) NULL; } @@ -416,23 +435,26 @@ static void def_load (void) FILE *fp; char buf[1024], *name, *value, *s; + /* + * Set the initialized flag. + * (do it early to prevent recursion in putdef_str()) + */ + def_loaded = true; + /* * Open the configuration definitions file. */ fp = fopen (def_fname, "r"); if (NULL == fp) { + if (errno == ENOENT) + return; + int err = errno; SYSLOG ((LOG_CRIT, "cannot open login definitions %s [%s]", def_fname, strerror (err))); exit (EXIT_FAILURE); } - /* - * Set the initialized flag. - * (do it early to prevent recursion in putdef_str()) - */ - def_loaded = true; - /* * Go through all of the lines in the file. */ diff --git a/lib/getulong.c b/lib/getulong.c index 61579cae..08d2c1a8 100644 --- a/lib/getulong.c +++ b/lib/getulong.c @@ -44,22 +44,19 @@ */ int getulong (const char *numstr, /*@out@*/unsigned long int *result) { - long long int val; + unsigned long int val; char *endptr; errno = 0; - val = strtoll (numstr, &endptr, 0); + val = strtoul (numstr, &endptr, 0); if ( ('\0' == *numstr) || ('\0' != *endptr) || (ERANGE == errno) - /*@+ignoresigns@*/ - || (val != (unsigned long int)val) - /*@=ignoresigns@*/ ) { return 0; } - *result = (unsigned long int)val; + *result = val; return 1; } diff --git a/lib/groupio.c b/lib/groupio.c index 2a37bfd9..3ad4736b 100644 --- a/lib/groupio.c +++ b/lib/groupio.c @@ -130,6 +130,9 @@ static /*@owned@*/struct commonio_db group_db = { #ifdef WITH_SELINUX NULL, /* scontext */ #endif + 0644, /* st_mode */ + 0, /* st_uid */ + 0, /* st_gid */ NULL, /* head */ NULL, /* tail */ NULL, /* cursor */ diff --git a/lib/groupmem.c b/lib/groupmem.c index e69c3107..1fd1c135 100644 --- a/lib/groupmem.c +++ b/lib/groupmem.c @@ -55,15 +55,14 @@ gr->gr_name = strdup (grent->gr_name); /*@=mustfreeonly@*/ if (NULL == gr->gr_name) { - free(gr); + gr_free(gr); return NULL; } /*@-mustfreeonly@*/ gr->gr_passwd = strdup (grent->gr_passwd); /*@=mustfreeonly@*/ if (NULL == gr->gr_passwd) { - free(gr->gr_name); - free(gr); + gr_free(gr); return NULL; } @@ -73,21 +72,13 @@ gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); /*@=mustfreeonly@*/ if (NULL == gr->gr_mem) { - free(gr->gr_passwd); - free(gr->gr_name); - free(gr); + gr_free(gr); return NULL; } for (i = 0; grent->gr_mem[i]; i++) { gr->gr_mem[i] = strdup (grent->gr_mem[i]); if (NULL == gr->gr_mem[i]) { - int j; - for (j=0; jgr_mem[j]); - free(gr->gr_mem); - free(gr->gr_passwd); - free(gr->gr_name); - free(gr); + gr_free(gr); return NULL; } } diff --git a/lib/pwio.c b/lib/pwio.c index 793c2e5a..7ee85377 100644 --- a/lib/pwio.c +++ b/lib/pwio.c @@ -105,6 +105,9 @@ static struct commonio_db passwd_db = { #ifdef WITH_SELINUX NULL, /* scontext */ #endif + 0644, /* st_mode */ + 0, /* st_uid */ + 0, /* st_gid */ NULL, /* head */ NULL, /* tail */ NULL, /* cursor */ diff --git a/lib/pwmem.c b/lib/pwmem.c index 7013e8a3..17d2eb21 100644 --- a/lib/pwmem.c +++ b/lib/pwmem.c @@ -56,45 +56,35 @@ pw->pw_name = strdup (pwent->pw_name); /*@=mustfreeonly@*/ if (NULL == pw->pw_name) { - free(pw); + pw_free(pw); return NULL; } /*@-mustfreeonly@*/ pw->pw_passwd = strdup (pwent->pw_passwd); /*@=mustfreeonly@*/ if (NULL == pw->pw_passwd) { - free(pw->pw_name); - free(pw); + pw_free(pw); return NULL; } /*@-mustfreeonly@*/ pw->pw_gecos = strdup (pwent->pw_gecos); /*@=mustfreeonly@*/ if (NULL == pw->pw_gecos) { - free(pw->pw_passwd); - free(pw->pw_name); - free(pw); + pw_free(pw); return NULL; } /*@-mustfreeonly@*/ pw->pw_dir = strdup (pwent->pw_dir); /*@=mustfreeonly@*/ if (NULL == pw->pw_dir) { - free(pw->pw_gecos); - free(pw->pw_passwd); - free(pw->pw_name); - free(pw); + pw_free(pw); return NULL; } /*@-mustfreeonly@*/ pw->pw_shell = strdup (pwent->pw_shell); /*@=mustfreeonly@*/ if (NULL == pw->pw_shell) { - free(pw->pw_dir); - free(pw->pw_gecos); - free(pw->pw_passwd); - free(pw->pw_name); - free(pw); + pw_free(pw); return NULL; } diff --git a/lib/sgroupio.c b/lib/sgroupio.c index faed0adf..f2685779 100644 --- a/lib/sgroupio.c +++ b/lib/sgroupio.c @@ -228,6 +228,9 @@ static struct commonio_db gshadow_db = { #ifdef WITH_SELINUX NULL, /* scontext */ #endif + 0400, /* st_mode */ + 0, /* st_uid */ + 0, /* st_gid */ NULL, /* head */ NULL, /* tail */ NULL, /* cursor */ @@ -249,6 +252,8 @@ int sgr_setdbname (const char *filename) bool sgr_file_present (void) { + if (getdef_bool ("FORCE_SHADOW")) + return true; return commonio_present (&gshadow_db); } diff --git a/lib/shadowio.c b/lib/shadowio.c index 2930e65d..6e44ab24 100644 --- a/lib/shadowio.c +++ b/lib/shadowio.c @@ -104,6 +104,9 @@ static struct commonio_db shadow_db = { #ifdef WITH_SELINUX NULL, /* scontext */ #endif /* WITH_SELINUX */ + 0400, /* st_mode */ + 0, /* st_uid */ + 0, /* st_gid */ NULL, /* head */ NULL, /* tail */ NULL, /* cursor */ @@ -125,6 +128,8 @@ int spw_setdbname (const char *filename) bool spw_file_present (void) { + if (getdef_bool ("FORCE_SHADOW")) + return true; return commonio_present (&shadow_db); } diff --git a/lib/subordinateio.c b/lib/subordinateio.c index 0ba117b0..0d64a914 100644 --- a/lib/subordinateio.c +++ b/lib/subordinateio.c @@ -11,6 +11,8 @@ #include #include "commonio.h" #include "subordinateio.h" +#include +#include struct subordinate_range { const char *owner; @@ -189,6 +191,15 @@ static const struct subordinate_range *find_range(struct commonio_db *db, const char *owner, unsigned long val) { const struct subordinate_range *range; + + /* + * Search for exact username/group specification + * + * This is the original method - go fast through the db, doing only + * exact username/group string comparison. Therefore we leave it as-is + * for the time being, in order to keep it equally fast as it was + * before. + */ commonio_rewind(db); while ((range = commonio_next(db)) != NULL) { unsigned long first = range->start; @@ -200,6 +211,76 @@ static const struct subordinate_range *find_range(struct commonio_db *db, if ((val >= first) && (val <= last)) return range; } + + + /* + * We only do special handling for these two files + */ + if ((0 != strcmp(db->filename, "/etc/subuid")) && (0 != strcmp(db->filename, "/etc/subgid"))) + return NULL; + + /* + * Search loop above did not produce any result. Let's rerun it, + * but this time try to matcha actual UIDs. The first entry that + * matches is considered a success. + * (It may be specified as literal UID or as another username which + * has the same UID as the username we are looking for.) + */ + struct passwd *pwd; + uid_t owner_uid; + char owner_uid_string[33] = ""; + + + /* Get UID of the username we are looking for */ + pwd = getpwnam(owner); + if (NULL == pwd) { + /* Username not defined in /etc/passwd, or error occured during lookup */ + return NULL; + } + owner_uid = pwd->pw_uid; + sprintf(owner_uid_string, "%lu", (unsigned long int)owner_uid); + + commonio_rewind(db); + while ((range = commonio_next(db)) != NULL) { + unsigned long first = range->start; + unsigned long last = first + range->count - 1; + + /* For performance reasons check range before using getpwnam() */ + if ((val < first) || (val > last)) { + continue; + } + + /* + * Range matches. Check if range owner is specified + * as numeric UID and if it matches. + */ + if (0 == strcmp(range->owner, owner_uid_string)) { + return range; + } + + /* + * Ok, this range owner is not specified as numeric UID + * we are looking for. It may be specified as another + * UID or as a literal username. + * + * If specified as another UID, the call to getpwnam() + * will return NULL. + * + * If specified as literal username, we will get its + * UID and compare that to UID we are looking for. + */ + const struct passwd *range_owner_pwd; + + range_owner_pwd = getpwnam(range->owner); + if (NULL == range_owner_pwd) { + continue; + } + + if (owner_uid == range_owner_pwd->pw_uid) { + return range; + } + } + return NULL; } @@ -460,6 +541,9 @@ static struct commonio_db subordinate_uid_db = { #ifdef WITH_SELINUX NULL, /* scontext */ #endif + 0644, /* st_mode */ + 0, /* st_uid */ + 0, /* st_gid */ NULL, /* head */ NULL, /* tail */ NULL, /* cursor */ @@ -538,6 +622,9 @@ static struct commonio_db subordinate_gid_db = { #ifdef WITH_SELINUX NULL, /* scontext */ #endif + 0644, /* st_mode */ + 0, /* st_uid */ + 0, /* st_gid */ NULL, /* head */ NULL, /* tail */ NULL, /* cursor */ diff --git a/libmisc/Makefile.in b/libmisc/Makefile.in deleted file mode 100644 index 6d9b82ca..00000000 --- a/libmisc/Makefile.in +++ /dev/null @@ -1,767 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = libmisc -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am getdate.c \ - $(top_srcdir)/depcomp $(top_srcdir)/ylwrap -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -LIBRARIES = $(noinst_LIBRARIES) -ARFLAGS = cru -AM_V_AR = $(am__v_AR_@AM_V@) -am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) -am__v_AR_0 = @echo " AR " $@; -am__v_AR_1 = -libmisc_a_AR = $(AR) $(ARFLAGS) -libmisc_a_LIBADD = -am_libmisc_a_OBJECTS = addgrps.$(OBJEXT) age.$(OBJEXT) \ - audit_help.$(OBJEXT) basename.$(OBJEXT) chkname.$(OBJEXT) \ - chowndir.$(OBJEXT) chowntty.$(OBJEXT) cleanup.$(OBJEXT) \ - cleanup_group.$(OBJEXT) cleanup_user.$(OBJEXT) \ - console.$(OBJEXT) copydir.$(OBJEXT) entry.$(OBJEXT) \ - env.$(OBJEXT) failure.$(OBJEXT) find_new_gid.$(OBJEXT) \ - find_new_uid.$(OBJEXT) find_new_sub_gids.$(OBJEXT) \ - find_new_sub_uids.$(OBJEXT) getdate.$(OBJEXT) \ - getgr_nam_gid.$(OBJEXT) getrange.$(OBJEXT) hushed.$(OBJEXT) \ - idmapping.$(OBJEXT) isexpired.$(OBJEXT) limits.$(OBJEXT) \ - list.$(OBJEXT) log.$(OBJEXT) loginprompt.$(OBJEXT) \ - mail.$(OBJEXT) motd.$(OBJEXT) myname.$(OBJEXT) \ - obscure.$(OBJEXT) pam_pass.$(OBJEXT) \ - pam_pass_non_interractive.$(OBJEXT) pwd2spwd.$(OBJEXT) \ - pwdcheck.$(OBJEXT) pwd_init.$(OBJEXT) remove_tree.$(OBJEXT) \ - rlogin.$(OBJEXT) root_flag.$(OBJEXT) salt.$(OBJEXT) \ - setugid.$(OBJEXT) setupenv.$(OBJEXT) shell.$(OBJEXT) \ - strtoday.$(OBJEXT) sub.$(OBJEXT) sulog.$(OBJEXT) \ - ttytype.$(OBJEXT) tz.$(OBJEXT) ulimit.$(OBJEXT) \ - user_busy.$(OBJEXT) utmp.$(OBJEXT) valid.$(OBJEXT) \ - xgetpwnam.$(OBJEXT) xgetpwuid.$(OBJEXT) xgetgrnam.$(OBJEXT) \ - xgetgrgid.$(OBJEXT) xgetspnam.$(OBJEXT) xmalloc.$(OBJEXT) \ - yesno.$(OBJEXT) -libmisc_a_OBJECTS = $(am_libmisc_a_OBJECTS) -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -am__mv = mv -f -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -AM_V_lt = $(am__v_lt_@AM_V@) -am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) -am__v_lt_0 = --silent -am__v_lt_1 = -LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) -AM_V_CC = $(am__v_CC_@AM_V@) -am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -am__v_CC_0 = @echo " CC " $@; -am__v_CC_1 = -CCLD = $(CC) -LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_CCLD = $(am__v_CCLD_@AM_V@) -am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -am__v_CCLD_0 = @echo " CCLD " $@; -am__v_CCLD_1 = -@MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ || -am__yacc_c2h = sed -e s/cc$$/hh/ -e s/cpp$$/hpp/ -e s/cxx$$/hxx/ \ - -e s/c++$$/h++/ -e s/c$$/h/ -YACCCOMPILE = $(YACC) $(AM_YFLAGS) $(YFLAGS) -LTYACCCOMPILE = $(LIBTOOL) $(AM_V_lt) $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=compile $(YACC) $(AM_YFLAGS) $(YFLAGS) -AM_V_YACC = $(am__v_YACC_@AM_V@) -am__v_YACC_ = $(am__v_YACC_@AM_DEFAULT_V@) -am__v_YACC_0 = @echo " YACC " $@; -am__v_YACC_1 = -YLWRAP = $(top_srcdir)/ylwrap -SOURCES = $(libmisc_a_SOURCES) -DIST_SOURCES = $(libmisc_a_SOURCES) -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -EXTRA_DIST = .indent.pro xgetXXbyYY.c -INCLUDES = -I$(top_srcdir)/lib -noinst_LIBRARIES = libmisc.a -libmisc_a_SOURCES = \ - addgrps.c \ - age.c \ - audit_help.c \ - basename.c \ - chkname.c \ - chkname.h \ - chowndir.c \ - chowntty.c \ - cleanup.c \ - cleanup_group.c \ - cleanup_user.c \ - console.c \ - copydir.c \ - entry.c \ - env.c \ - failure.c \ - failure.h \ - find_new_gid.c \ - find_new_uid.c \ - find_new_sub_gids.c \ - find_new_sub_uids.c \ - getdate.h \ - getdate.y \ - getgr_nam_gid.c \ - getrange.c \ - hushed.c \ - idmapping.h \ - idmapping.c \ - isexpired.c \ - limits.c \ - list.c log.c \ - loginprompt.c \ - mail.c \ - motd.c \ - myname.c \ - obscure.c \ - pam_pass.c \ - pam_pass_non_interractive.c \ - pwd2spwd.c \ - pwdcheck.c \ - pwd_init.c \ - remove_tree.c \ - rlogin.c \ - root_flag.c \ - salt.c \ - setugid.c \ - setupenv.c \ - shell.c \ - strtoday.c \ - sub.c \ - sulog.c \ - ttytype.c \ - tz.c \ - ulimit.c \ - user_busy.c \ - utmp.c \ - valid.c \ - xgetpwnam.c \ - xgetpwuid.c \ - xgetgrnam.c \ - xgetgrgid.c \ - xgetspnam.c \ - xmalloc.c \ - yesno.c - -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj .y -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu libmisc/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu libmisc/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -clean-noinstLIBRARIES: - -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) - -libmisc.a: $(libmisc_a_OBJECTS) $(libmisc_a_DEPENDENCIES) $(EXTRA_libmisc_a_DEPENDENCIES) - $(AM_V_at)-rm -f libmisc.a - $(AM_V_AR)$(libmisc_a_AR) libmisc.a $(libmisc_a_OBJECTS) $(libmisc_a_LIBADD) - $(AM_V_at)$(RANLIB) libmisc.a - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/addgrps.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/age.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_help.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/basename.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chkname.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chowndir.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chowntty.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cleanup.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cleanup_group.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cleanup_user.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/console.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/copydir.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/entry.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/env.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/failure.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/find_new_gid.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/find_new_sub_gids.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/find_new_sub_uids.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/find_new_uid.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getdate.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getgr_nam_gid.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getrange.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hushed.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/idmapping.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/isexpired.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/limits.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/loginprompt.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mail.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/motd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/myname.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/obscure.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_pass.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_pass_non_interractive.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwd2spwd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwd_init.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwdcheck.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/remove_tree.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rlogin.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/root_flag.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/salt.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/setugid.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/setupenv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shell.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strtoday.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sub.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sulog.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ttytype.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tz.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ulimit.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/user_busy.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utmp.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/valid.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xgetgrgid.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xgetgrnam.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xgetpwnam.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xgetpwuid.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xgetspnam.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmalloc.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/yesno.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< - -.y.c: - $(AM_V_YACC)$(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h `echo $@ | $(am__yacc_c2h)` y.output $*.output -- $(YACCCOMPILE) - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-am -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-am - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscopelist: cscopelist-am - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(LIBRARIES) -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -rm -f getdate.c -clean: clean-am - -clean-am: clean-generic clean-libtool clean-noinstLIBRARIES \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-noinstLIBRARIES cscopelist-am ctags \ - ctags-am distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-am uninstall uninstall-am - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/libmisc/getdate.c b/libmisc/getdate.c deleted file mode 100644 index 8a064426..00000000 --- a/libmisc/getdate.c +++ /dev/null @@ -1,2664 +0,0 @@ -/* A Bison parser, made by GNU Bison 3.0.2. */ - -/* Bison implementation for Yacc-like parsers in C - - Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc. - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* C LALR(1) parser skeleton written by Richard Stallman, by - simplifying the original so-called "semantic" parser. */ - -/* All symbols defined below should begin with yy or YY, to avoid - infringing on user name space. This should be done even for local - variables, as they might otherwise be expanded by user macros. - There are some unavoidable exceptions within include files to - define necessary library symbols; they are noted "INFRINGES ON - USER NAME SPACE" below. */ - -/* Identify Bison output. */ -#define YYBISON 1 - -/* Bison version. */ -#define YYBISON_VERSION "3.0.2" - -/* Skeleton name. */ -#define YYSKELETON_NAME "yacc.c" - -/* Pure parsers. */ -#define YYPURE 0 - -/* Push parsers. */ -#define YYPUSH 0 - -/* Pull parsers. */ -#define YYPULL 1 - - - - -/* Copy the first part of user declarations. */ -#line 1 "getdate.y" /* yacc.c:339 */ - -/* -** Originally written by Steven M. Bellovin while -** at the University of North Carolina at Chapel Hill. Later tweaked by -** a couple of people on Usenet. Completely overhauled by Rich $alz -** and Jim Berets in August, 1990; -** -** This grammar has 13 shift/reduce conflicts. -** -** This code is in the public domain and has no copyright. -*/ - -#ifdef HAVE_CONFIG_H -# include -# ifdef FORCE_ALLOCA_H -# include -# endif -#endif - -/* Since the code of getdate.y is not included in the Emacs executable - itself, there is no need to #define static in this file. Even if - the code were included in the Emacs executable, it probably - wouldn't do any harm to #undef it here; this will only cause - problems if we try to write to a static variable, which I don't - think this code needs to do. */ -#ifdef emacs -# undef static -#endif - -#include -#include -#include - -#if defined (STDC_HEADERS) || (!defined (isascii) && !defined (HAVE_ISASCII)) -# define IN_CTYPE_DOMAIN(c) 1 -#else -# define IN_CTYPE_DOMAIN(c) isascii(c) -#endif - -#define ISSPACE(c) (IN_CTYPE_DOMAIN (c) && isspace (c)) -#define ISALPHA(c) (IN_CTYPE_DOMAIN (c) && isalpha (c)) -#define ISUPPER(c) (IN_CTYPE_DOMAIN (c) && isupper (c)) -#define ISDIGIT_LOCALE(c) (IN_CTYPE_DOMAIN (c) && isdigit (c)) - -/* ISDIGIT differs from ISDIGIT_LOCALE, as follows: - - Its arg may be any int or unsigned int; it need not be an unsigned char. - - It's guaranteed to evaluate its argument exactly once. - - It's typically faster. - Posix 1003.2-1992 section 2.5.2.1 page 50 lines 1556-1558 says that - only '0' through '9' are digits. Prefer ISDIGIT to ISDIGIT_LOCALE unless - it's important to use the locale's definition of `digit' even when the - host does not conform to Posix. */ -#define ISDIGIT(c) ((unsigned) (c) - '0' <= 9) - -#include "getdate.h" - -#if defined (STDC_HEADERS) -# include -#endif - -/* Some old versions of bison generate parsers that use bcopy. - That loses on systems that don't provide the function, so we have - to redefine it here. */ -#if !defined (HAVE_BCOPY) && defined (HAVE_MEMCPY) && !defined (bcopy) -# define bcopy(from, to, len) memcpy ((to), (from), (len)) -#endif - -/* Remap normal yacc parser interface names (yyparse, yylex, yyerror, etc), - as well as gratuitiously global symbol names, so we can have multiple - yacc generated parsers in the same program. Note that these are only - the variables produced by yacc. If other parser generators (bison, - byacc, etc) produce additional global names that conflict at link time, - then those parser generators need to be fixed instead of adding those - names to this list. */ - -#define yymaxdepth gd_maxdepth -#define yyparse gd_parse -#define yylex gd_lex -#define yyerror gd_error -#define yylval gd_lval -#define yychar gd_char -#define yydebug gd_debug -#define yypact gd_pact -#define yyr1 gd_r1 -#define yyr2 gd_r2 -#define yydef gd_def -#define yychk gd_chk -#define yypgo gd_pgo -#define yyact gd_act -#define yyexca gd_exca -#define yyerrflag gd_errflag -#define yynerrs gd_nerrs -#define yyps gd_ps -#define yypv gd_pv -#define yys gd_s -#define yy_yys gd_yys -#define yystate gd_state -#define yytmp gd_tmp -#define yyv gd_v -#define yy_yyv gd_yyv -#define yyval gd_val -#define yylloc gd_lloc -#define yyreds gd_reds /* With YYDEBUG defined */ -#define yytoks gd_toks /* With YYDEBUG defined */ -#define yylhs gd_yylhs -#define yylen gd_yylen -#define yydefred gd_yydefred -#define yydgoto gd_yydgoto -#define yysindex gd_yysindex -#define yyrindex gd_yyrindex -#define yygindex gd_yygindex -#define yytable gd_yytable -#define yycheck gd_yycheck - -static int yylex (void); -static int yyerror (const char *s); - -#define EPOCH 1970 -#define HOUR(x) ((x) * 60) - -#define MAX_BUFF_LEN 128 /* size of buffer to read the date into */ - -/* -** An entry in the lexical lookup table. -*/ -typedef struct _TABLE { - const char *name; - int type; - int value; -} TABLE; - - -/* -** Meridian: am, pm, or 24-hour style. -*/ -typedef enum _MERIDIAN { - MERam, MERpm, MER24 -} MERIDIAN; - - -/* -** Global variables. We could get rid of most of these by using a good -** union as the yacc stack. (This routine was originally written before -** yacc had the %union construct.) Maybe someday; right now we only use -** the %union very rarely. -*/ -static const char *yyInput; -static int yyDayOrdinal; -static int yyDayNumber; -static int yyHaveDate; -static int yyHaveDay; -static int yyHaveRel; -static int yyHaveTime; -static int yyHaveZone; -static int yyTimezone; -static int yyDay; -static int yyHour; -static int yyMinutes; -static int yyMonth; -static int yySeconds; -static int yyYear; -static MERIDIAN yyMeridian; -static int yyRelDay; -static int yyRelHour; -static int yyRelMinutes; -static int yyRelMonth; -static int yyRelSeconds; -static int yyRelYear; - - -#line 237 "getdate.c" /* yacc.c:339 */ - -# ifndef YY_NULLPTR -# if defined __cplusplus && 201103L <= __cplusplus -# define YY_NULLPTR nullptr -# else -# define YY_NULLPTR 0 -# endif -# endif - -/* Enabling verbose error messages. */ -#ifdef YYERROR_VERBOSE -# undef YYERROR_VERBOSE -# define YYERROR_VERBOSE 1 -#else -# define YYERROR_VERBOSE 0 -#endif - - -/* Debug traces. */ -#ifndef YYDEBUG -# define YYDEBUG 0 -#endif -#if YYDEBUG -extern int yydebug; -#endif - -/* Token type. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - enum yytokentype - { - tAGO = 258, - tDAY = 259, - tDAY_UNIT = 260, - tDAYZONE = 261, - tDST = 262, - tHOUR_UNIT = 263, - tID = 264, - tMERIDIAN = 265, - tMINUTE_UNIT = 266, - tMONTH = 267, - tMONTH_UNIT = 268, - tSEC_UNIT = 269, - tSNUMBER = 270, - tUNUMBER = 271, - tYEAR_UNIT = 272, - tZONE = 273 - }; -#endif -/* Tokens. */ -#define tAGO 258 -#define tDAY 259 -#define tDAY_UNIT 260 -#define tDAYZONE 261 -#define tDST 262 -#define tHOUR_UNIT 263 -#define tID 264 -#define tMERIDIAN 265 -#define tMINUTE_UNIT 266 -#define tMONTH 267 -#define tMONTH_UNIT 268 -#define tSEC_UNIT 269 -#define tSNUMBER 270 -#define tUNUMBER 271 -#define tYEAR_UNIT 272 -#define tZONE 273 - -/* Value type. */ -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE YYSTYPE; -union YYSTYPE -{ -#line 172 "getdate.y" /* yacc.c:355 */ - - int Number; - enum _MERIDIAN Meridian; - -#line 315 "getdate.c" /* yacc.c:355 */ -}; -# define YYSTYPE_IS_TRIVIAL 1 -# define YYSTYPE_IS_DECLARED 1 -#endif - - -extern YYSTYPE yylval; - -int yyparse (void); - - - -/* Copy the second part of user declarations. */ - -#line 330 "getdate.c" /* yacc.c:358 */ - -#ifdef short -# undef short -#endif - -#ifdef YYTYPE_UINT8 -typedef YYTYPE_UINT8 yytype_uint8; -#else -typedef unsigned char yytype_uint8; -#endif - -#ifdef YYTYPE_INT8 -typedef YYTYPE_INT8 yytype_int8; -#else -typedef signed char yytype_int8; -#endif - -#ifdef YYTYPE_UINT16 -typedef YYTYPE_UINT16 yytype_uint16; -#else -typedef unsigned short int yytype_uint16; -#endif - -#ifdef YYTYPE_INT16 -typedef YYTYPE_INT16 yytype_int16; -#else -typedef short int yytype_int16; -#endif - -#ifndef YYSIZE_T -# ifdef __SIZE_TYPE__ -# define YYSIZE_T __SIZE_TYPE__ -# elif defined size_t -# define YYSIZE_T size_t -# elif ! defined YYSIZE_T -# include /* INFRINGES ON USER NAME SPACE */ -# define YYSIZE_T size_t -# else -# define YYSIZE_T unsigned int -# endif -#endif - -#define YYSIZE_MAXIMUM ((YYSIZE_T) -1) - -#ifndef YY_ -# if defined YYENABLE_NLS && YYENABLE_NLS -# if ENABLE_NLS -# include /* INFRINGES ON USER NAME SPACE */ -# define YY_(Msgid) dgettext ("bison-runtime", Msgid) -# endif -# endif -# ifndef YY_ -# define YY_(Msgid) Msgid -# endif -#endif - -#ifndef YY_ATTRIBUTE -# if (defined __GNUC__ \ - && (2 < __GNUC__ || (__GNUC__ == 2 && 96 <= __GNUC_MINOR__))) \ - || defined __SUNPRO_C && 0x5110 <= __SUNPRO_C -# define YY_ATTRIBUTE(Spec) __attribute__(Spec) -# else -# define YY_ATTRIBUTE(Spec) /* empty */ -# endif -#endif - -#ifndef YY_ATTRIBUTE_PURE -# define YY_ATTRIBUTE_PURE YY_ATTRIBUTE ((__pure__)) -#endif - -#ifndef YY_ATTRIBUTE_UNUSED -# define YY_ATTRIBUTE_UNUSED YY_ATTRIBUTE ((__unused__)) -#endif - -#if !defined _Noreturn \ - && (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112) -# if defined _MSC_VER && 1200 <= _MSC_VER -# define _Noreturn __declspec (noreturn) -# else -# define _Noreturn YY_ATTRIBUTE ((__noreturn__)) -# endif -#endif - -/* Suppress unused-variable warnings by "using" E. */ -#if ! defined lint || defined __GNUC__ -# define YYUSE(E) ((void) (E)) -#else -# define YYUSE(E) /* empty */ -#endif - -#if defined __GNUC__ && 407 <= __GNUC__ * 100 + __GNUC_MINOR__ -/* Suppress an incorrect diagnostic about yylval being uninitialized. */ -# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \ - _Pragma ("GCC diagnostic push") \ - _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"")\ - _Pragma ("GCC diagnostic ignored \"-Wmaybe-uninitialized\"") -# define YY_IGNORE_MAYBE_UNINITIALIZED_END \ - _Pragma ("GCC diagnostic pop") -#else -# define YY_INITIAL_VALUE(Value) Value -#endif -#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN -# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN -# define YY_IGNORE_MAYBE_UNINITIALIZED_END -#endif -#ifndef YY_INITIAL_VALUE -# define YY_INITIAL_VALUE(Value) /* Nothing. */ -#endif - - -#if ! defined yyoverflow || YYERROR_VERBOSE - -/* The parser invokes alloca or malloc; define the necessary symbols. */ - -# ifdef YYSTACK_USE_ALLOCA -# if YYSTACK_USE_ALLOCA -# ifdef __GNUC__ -# define YYSTACK_ALLOC __builtin_alloca -# elif defined __BUILTIN_VA_ARG_INCR -# include /* INFRINGES ON USER NAME SPACE */ -# elif defined _AIX -# define YYSTACK_ALLOC __alloca -# elif defined _MSC_VER -# include /* INFRINGES ON USER NAME SPACE */ -# define alloca _alloca -# else -# define YYSTACK_ALLOC alloca -# if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS -# include /* INFRINGES ON USER NAME SPACE */ - /* Use EXIT_SUCCESS as a witness for stdlib.h. */ -# ifndef EXIT_SUCCESS -# define EXIT_SUCCESS 0 -# endif -# endif -# endif -# endif -# endif - -# ifdef YYSTACK_ALLOC - /* Pacify GCC's 'empty if-body' warning. */ -# define YYSTACK_FREE(Ptr) do { /* empty */; } while (0) -# ifndef YYSTACK_ALLOC_MAXIMUM - /* The OS might guarantee only one guard page at the bottom of the stack, - and a page size can be as small as 4096 bytes. So we cannot safely - invoke alloca (N) if N exceeds 4096. Use a slightly smaller number - to allow for a few compiler-allocated temporary stack slots. */ -# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */ -# endif -# else -# define YYSTACK_ALLOC YYMALLOC -# define YYSTACK_FREE YYFREE -# ifndef YYSTACK_ALLOC_MAXIMUM -# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM -# endif -# if (defined __cplusplus && ! defined EXIT_SUCCESS \ - && ! ((defined YYMALLOC || defined malloc) \ - && (defined YYFREE || defined free))) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef EXIT_SUCCESS -# define EXIT_SUCCESS 0 -# endif -# endif -# ifndef YYMALLOC -# define YYMALLOC malloc -# if ! defined malloc && ! defined EXIT_SUCCESS -void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# ifndef YYFREE -# define YYFREE free -# if ! defined free && ! defined EXIT_SUCCESS -void free (void *); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# endif -#endif /* ! defined yyoverflow || YYERROR_VERBOSE */ - - -#if (! defined yyoverflow \ - && (! defined __cplusplus \ - || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) - -/* A type that is properly aligned for any stack member. */ -union yyalloc -{ - yytype_int16 yyss_alloc; - YYSTYPE yyvs_alloc; -}; - -/* The size of the maximum gap between one aligned stack and the next. */ -# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) - -/* The size of an array large to enough to hold all stacks, each with - N elements. */ -# define YYSTACK_BYTES(N) \ - ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ - + YYSTACK_GAP_MAXIMUM) - -# define YYCOPY_NEEDED 1 - -/* Relocate STACK from its old location to the new one. The - local variables YYSIZE and YYSTACKSIZE give the old and new number of - elements in the stack, and YYPTR gives the new location of the - stack. Advance YYPTR to a properly aligned location for the next - stack. */ -# define YYSTACK_RELOCATE(Stack_alloc, Stack) \ - do \ - { \ - YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ - Stack = &yyptr->Stack_alloc; \ - yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ - yyptr += yynewbytes / sizeof (*yyptr); \ - } \ - while (0) - -#endif - -#if defined YYCOPY_NEEDED && YYCOPY_NEEDED -/* Copy COUNT objects from SRC to DST. The source and destination do - not overlap. */ -# ifndef YYCOPY -# if defined __GNUC__ && 1 < __GNUC__ -# define YYCOPY(Dst, Src, Count) \ - __builtin_memcpy (Dst, Src, (Count) * sizeof (*(Src))) -# else -# define YYCOPY(Dst, Src, Count) \ - do \ - { \ - YYSIZE_T yyi; \ - for (yyi = 0; yyi < (Count); yyi++) \ - (Dst)[yyi] = (Src)[yyi]; \ - } \ - while (0) -# endif -# endif -#endif /* !YYCOPY_NEEDED */ - -/* YYFINAL -- State number of the termination state. */ -#define YYFINAL 2 -/* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 50 - -/* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 22 -/* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 11 -/* YYNRULES -- Number of rules. */ -#define YYNRULES 51 -/* YYNSTATES -- Number of states. */ -#define YYNSTATES 61 - -/* YYTRANSLATE[YYX] -- Symbol number corresponding to YYX as returned - by yylex, with out-of-bounds checking. */ -#define YYUNDEFTOK 2 -#define YYMAXUTOK 273 - -#define YYTRANSLATE(YYX) \ - ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) - -/* YYTRANSLATE[TOKEN-NUM] -- Symbol number corresponding to TOKEN-NUM - as returned by yylex, without out-of-bounds checking. */ -static const yytype_uint8 yytranslate[] = -{ - 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 20, 2, 2, 21, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 19, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 1, 2, 3, 4, - 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18 -}; - -#if YYDEBUG - /* YYRLINE[YYN] -- Source line where rule number YYN was defined. */ -static const yytype_uint16 yyrline[] = -{ - 0, 188, 188, 189, 192, 195, 198, 201, 204, 207, - 210, 216, 222, 231, 237, 249, 252, 256, 261, 265, - 269, 275, 279, 297, 303, 309, 313, 318, 322, 329, - 337, 340, 343, 346, 349, 352, 355, 358, 361, 364, - 367, 370, 373, 376, 379, 382, 385, 388, 391, 396, - 430, 433 -}; -#endif - -#if YYDEBUG || YYERROR_VERBOSE || 0 -/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. - First, the terminals, then, starting at YYNTOKENS, nonterminals. */ -static const char *const yytname[] = -{ - "$end", "error", "$undefined", "tAGO", "tDAY", "tDAY_UNIT", "tDAYZONE", - "tDST", "tHOUR_UNIT", "tID", "tMERIDIAN", "tMINUTE_UNIT", "tMONTH", - "tMONTH_UNIT", "tSEC_UNIT", "tSNUMBER", "tUNUMBER", "tYEAR_UNIT", - "tZONE", "':'", "','", "'/'", "$accept", "spec", "item", "time", "zone", - "day", "date", "rel", "relunit", "number", "o_merid", YY_NULLPTR -}; -#endif - -# ifdef YYPRINT -/* YYTOKNUM[NUM] -- (External) token number corresponding to the - (internal) symbol number NUM (which must be that of a token). */ -static const yytype_uint16 yytoknum[] = -{ - 0, 256, 257, 258, 259, 260, 261, 262, 263, 264, - 265, 266, 267, 268, 269, 270, 271, 272, 273, 58, - 44, 47 -}; -# endif - -#define YYPACT_NINF -20 - -#define yypact_value_is_default(Yystate) \ - (!!((Yystate) == (-20))) - -#define YYTABLE_NINF -1 - -#define yytable_value_is_error(Yytable_value) \ - 0 - - /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing - STATE-NUM. */ -static const yytype_int8 yypact[] = -{ - -20, 0, -20, -19, -20, -20, -20, -20, -13, -20, - -20, 30, 15, -20, 14, -20, -20, -20, -20, -20, - -20, 19, -20, -20, 4, -20, -20, -20, -20, -20, - -20, -20, -20, -20, -20, -20, -6, -20, -20, 16, - -20, 17, 23, -20, -20, 24, -20, -20, -20, 27, - 28, -20, -20, -20, 29, -20, 32, -8, -20, -20, - -20 -}; - - /* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM. - Performed when YYTABLE does not specify something else to do. Zero - means the default is an error. */ -static const yytype_uint8 yydefact[] = -{ - 2, 0, 1, 18, 39, 16, 42, 45, 0, 36, - 48, 0, 49, 33, 15, 3, 4, 5, 7, 6, - 8, 30, 9, 19, 25, 38, 41, 44, 35, 47, - 32, 20, 37, 40, 10, 43, 27, 34, 46, 0, - 31, 0, 0, 17, 29, 0, 24, 28, 23, 50, - 21, 26, 51, 12, 0, 11, 0, 50, 22, 14, - 13 -}; - - /* YYPGOTO[NTERM-NUM]. */ -static const yytype_int8 yypgoto[] = -{ - -20, -20, -20, -20, -20, -20, -20, -20, -20, -20, - -7 -}; - - /* YYDEFGOTO[NTERM-NUM]. */ -static const yytype_int8 yydefgoto[] = -{ - -1, 1, 15, 16, 17, 18, 19, 20, 21, 22, - 55 -}; - - /* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If - positive, shift that token. If negative, reduce the rule whose - number is the opposite. If YYTABLE_NINF, syntax error. */ -static const yytype_uint8 yytable[] = -{ - 2, 23, 52, 24, 3, 4, 5, 59, 6, 46, - 47, 7, 8, 9, 10, 11, 12, 13, 14, 31, - 32, 43, 44, 33, 45, 34, 35, 36, 37, 38, - 39, 48, 40, 49, 41, 25, 42, 52, 26, 50, - 51, 27, 53, 28, 29, 57, 54, 30, 58, 56, - 60 -}; - -static const yytype_uint8 yycheck[] = -{ - 0, 20, 10, 16, 4, 5, 6, 15, 8, 15, - 16, 11, 12, 13, 14, 15, 16, 17, 18, 4, - 5, 7, 3, 8, 20, 10, 11, 12, 13, 14, - 15, 15, 17, 16, 19, 5, 21, 10, 8, 16, - 16, 11, 15, 13, 14, 16, 19, 17, 16, 21, - 57 -}; - - /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing - symbol of state STATE-NUM. */ -static const yytype_uint8 yystos[] = -{ - 0, 23, 0, 4, 5, 6, 8, 11, 12, 13, - 14, 15, 16, 17, 18, 24, 25, 26, 27, 28, - 29, 30, 31, 20, 16, 5, 8, 11, 13, 14, - 17, 4, 5, 8, 10, 11, 12, 13, 14, 15, - 17, 19, 21, 7, 3, 20, 15, 16, 15, 16, - 16, 16, 10, 15, 19, 32, 21, 16, 16, 15, - 32 -}; - - /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ -static const yytype_uint8 yyr1[] = -{ - 0, 22, 23, 23, 24, 24, 24, 24, 24, 24, - 25, 25, 25, 25, 25, 26, 26, 26, 27, 27, - 27, 28, 28, 28, 28, 28, 28, 28, 28, 29, - 29, 30, 30, 30, 30, 30, 30, 30, 30, 30, - 30, 30, 30, 30, 30, 30, 30, 30, 30, 31, - 32, 32 -}; - - /* YYR2[YYN] -- Number of symbols on the right hand side of rule YYN. */ -static const yytype_uint8 yyr2[] = -{ - 0, 2, 0, 2, 1, 1, 1, 1, 1, 1, - 2, 4, 4, 6, 6, 1, 1, 2, 1, 2, - 2, 3, 5, 3, 3, 2, 4, 2, 3, 2, - 1, 2, 2, 1, 2, 2, 1, 2, 2, 1, - 2, 2, 1, 2, 2, 1, 2, 2, 1, 1, - 0, 1 -}; - - -#define yyerrok (yyerrstatus = 0) -#define yyclearin (yychar = YYEMPTY) -#define YYEMPTY (-2) -#define YYEOF 0 - -#define YYACCEPT goto yyacceptlab -#define YYABORT goto yyabortlab -#define YYERROR goto yyerrorlab - - -#define YYRECOVERING() (!!yyerrstatus) - -#define YYBACKUP(Token, Value) \ -do \ - if (yychar == YYEMPTY) \ - { \ - yychar = (Token); \ - yylval = (Value); \ - YYPOPSTACK (yylen); \ - yystate = *yyssp; \ - goto yybackup; \ - } \ - else \ - { \ - yyerror (YY_("syntax error: cannot back up")); \ - YYERROR; \ - } \ -while (0) - -/* Error token number */ -#define YYTERROR 1 -#define YYERRCODE 256 - - - -/* Enable debugging if requested. */ -#if YYDEBUG - -# ifndef YYFPRINTF -# include /* INFRINGES ON USER NAME SPACE */ -# define YYFPRINTF fprintf -# endif - -# define YYDPRINTF(Args) \ -do { \ - if (yydebug) \ - YYFPRINTF Args; \ -} while (0) - -/* This macro is provided for backward compatibility. */ -#ifndef YY_LOCATION_PRINT -# define YY_LOCATION_PRINT(File, Loc) ((void) 0) -#endif - - -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ -do { \ - if (yydebug) \ - { \ - YYFPRINTF (stderr, "%s ", Title); \ - yy_symbol_print (stderr, \ - Type, Value); \ - YYFPRINTF (stderr, "\n"); \ - } \ -} while (0) - - -/*----------------------------------------. -| Print this symbol's value on YYOUTPUT. | -`----------------------------------------*/ - -static void -yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -{ - FILE *yyo = yyoutput; - YYUSE (yyo); - if (!yyvaluep) - return; -# ifdef YYPRINT - if (yytype < YYNTOKENS) - YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); -# endif - YYUSE (yytype); -} - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -static void -yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -{ - YYFPRINTF (yyoutput, "%s %s (", - yytype < YYNTOKENS ? "token" : "nterm", yytname[yytype]); - - yy_symbol_value_print (yyoutput, yytype, yyvaluep); - YYFPRINTF (yyoutput, ")"); -} - -/*------------------------------------------------------------------. -| yy_stack_print -- Print the state stack from its BOTTOM up to its | -| TOP (included). | -`------------------------------------------------------------------*/ - -static void -yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop) -{ - YYFPRINTF (stderr, "Stack now"); - for (; yybottom <= yytop; yybottom++) - { - int yybot = *yybottom; - YYFPRINTF (stderr, " %d", yybot); - } - YYFPRINTF (stderr, "\n"); -} - -# define YY_STACK_PRINT(Bottom, Top) \ -do { \ - if (yydebug) \ - yy_stack_print ((Bottom), (Top)); \ -} while (0) - - -/*------------------------------------------------. -| Report that the YYRULE is going to be reduced. | -`------------------------------------------------*/ - -static void -yy_reduce_print (yytype_int16 *yyssp, YYSTYPE *yyvsp, int yyrule) -{ - unsigned long int yylno = yyrline[yyrule]; - int yynrhs = yyr2[yyrule]; - int yyi; - YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", - yyrule - 1, yylno); - /* The symbols being reduced. */ - for (yyi = 0; yyi < yynrhs; yyi++) - { - YYFPRINTF (stderr, " $%d = ", yyi + 1); - yy_symbol_print (stderr, - yystos[yyssp[yyi + 1 - yynrhs]], - &(yyvsp[(yyi + 1) - (yynrhs)]) - ); - YYFPRINTF (stderr, "\n"); - } -} - -# define YY_REDUCE_PRINT(Rule) \ -do { \ - if (yydebug) \ - yy_reduce_print (yyssp, yyvsp, Rule); \ -} while (0) - -/* Nonzero means print parse trace. It is left uninitialized so that - multiple parsers can coexist. */ -int yydebug; -#else /* !YYDEBUG */ -# define YYDPRINTF(Args) -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) -# define YY_STACK_PRINT(Bottom, Top) -# define YY_REDUCE_PRINT(Rule) -#endif /* !YYDEBUG */ - - -/* YYINITDEPTH -- initial size of the parser's stacks. */ -#ifndef YYINITDEPTH -# define YYINITDEPTH 200 -#endif - -/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only - if the built-in stack extension method is used). - - Do not make this value too large; the results are undefined if - YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH) - evaluated with infinite-precision integer arithmetic. */ - -#ifndef YYMAXDEPTH -# define YYMAXDEPTH 10000 -#endif - - -#if YYERROR_VERBOSE - -# ifndef yystrlen -# if defined __GLIBC__ && defined _STRING_H -# define yystrlen strlen -# else -/* Return the length of YYSTR. */ -static YYSIZE_T -yystrlen (const char *yystr) -{ - YYSIZE_T yylen; - for (yylen = 0; yystr[yylen]; yylen++) - continue; - return yylen; -} -# endif -# endif - -# ifndef yystpcpy -# if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE -# define yystpcpy stpcpy -# else -/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in - YYDEST. */ -static char * -yystpcpy (char *yydest, const char *yysrc) -{ - char *yyd = yydest; - const char *yys = yysrc; - - while ((*yyd++ = *yys++) != '\0') - continue; - - return yyd - 1; -} -# endif -# endif - -# ifndef yytnamerr -/* Copy to YYRES the contents of YYSTR after stripping away unnecessary - quotes and backslashes, so that it's suitable for yyerror. The - heuristic is that double-quoting is unnecessary unless the string - contains an apostrophe, a comma, or backslash (other than - backslash-backslash). YYSTR is taken from yytname. If YYRES is - null, do not copy; instead, return the length of what the result - would have been. */ -static YYSIZE_T -yytnamerr (char *yyres, const char *yystr) -{ - if (*yystr == '"') - { - YYSIZE_T yyn = 0; - char const *yyp = yystr; - - for (;;) - switch (*++yyp) - { - case '\'': - case ',': - goto do_not_strip_quotes; - - case '\\': - if (*++yyp != '\\') - goto do_not_strip_quotes; - /* Fall through. */ - default: - if (yyres) - yyres[yyn] = *yyp; - yyn++; - break; - - case '"': - if (yyres) - yyres[yyn] = '\0'; - return yyn; - } - do_not_strip_quotes: ; - } - - if (! yyres) - return yystrlen (yystr); - - return yystpcpy (yyres, yystr) - yyres; -} -# endif - -/* Copy into *YYMSG, which is of size *YYMSG_ALLOC, an error message - about the unexpected token YYTOKEN for the state stack whose top is - YYSSP. - - Return 0 if *YYMSG was successfully written. Return 1 if *YYMSG is - not large enough to hold the message. In that case, also set - *YYMSG_ALLOC to the required number of bytes. Return 2 if the - required number of bytes is too large to store. */ -static int -yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, - yytype_int16 *yyssp, int yytoken) -{ - YYSIZE_T yysize0 = yytnamerr (YY_NULLPTR, yytname[yytoken]); - YYSIZE_T yysize = yysize0; - enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; - /* Internationalized format string. */ - const char *yyformat = YY_NULLPTR; - /* Arguments of yyformat. */ - char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; - /* Number of reported tokens (one for the "unexpected", one per - "expected"). */ - int yycount = 0; - - /* There are many possibilities here to consider: - - If this state is a consistent state with a default action, then - the only way this function was invoked is if the default action - is an error action. In that case, don't check for expected - tokens because there are none. - - The only way there can be no lookahead present (in yychar) is if - this state is a consistent state with a default action. Thus, - detecting the absence of a lookahead is sufficient to determine - that there is no unexpected or expected token to report. In that - case, just report a simple "syntax error". - - Don't assume there isn't a lookahead just because this state is a - consistent state with a default action. There might have been a - previous inconsistent state, consistent state with a non-default - action, or user semantic action that manipulated yychar. - - Of course, the expected token list depends on states to have - correct lookahead information, and it depends on the parser not - to perform extra reductions after fetching a lookahead from the - scanner and before detecting a syntax error. Thus, state merging - (from LALR or IELR) and default reductions corrupt the expected - token list. However, the list is correct for canonical LR with - one exception: it will still contain any token that will not be - accepted due to an error action in a later state. - */ - if (yytoken != YYEMPTY) - { - int yyn = yypact[*yyssp]; - yyarg[yycount++] = yytname[yytoken]; - if (!yypact_value_is_default (yyn)) - { - /* Start YYX at -YYN if negative to avoid negative indexes in - YYCHECK. In other words, skip the first -YYN actions for - this state because they are default actions. */ - int yyxbegin = yyn < 0 ? -yyn : 0; - /* Stay within bounds of both yycheck and yytname. */ - int yychecklim = YYLAST - yyn + 1; - int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; - int yyx; - - for (yyx = yyxbegin; yyx < yyxend; ++yyx) - if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR - && !yytable_value_is_error (yytable[yyx + yyn])) - { - if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) - { - yycount = 1; - yysize = yysize0; - break; - } - yyarg[yycount++] = yytname[yyx]; - { - YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULLPTR, yytname[yyx]); - if (! (yysize <= yysize1 - && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) - return 2; - yysize = yysize1; - } - } - } - } - - switch (yycount) - { -# define YYCASE_(N, S) \ - case N: \ - yyformat = S; \ - break - YYCASE_(0, YY_("syntax error")); - YYCASE_(1, YY_("syntax error, unexpected %s")); - YYCASE_(2, YY_("syntax error, unexpected %s, expecting %s")); - YYCASE_(3, YY_("syntax error, unexpected %s, expecting %s or %s")); - YYCASE_(4, YY_("syntax error, unexpected %s, expecting %s or %s or %s")); - YYCASE_(5, YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s")); -# undef YYCASE_ - } - - { - YYSIZE_T yysize1 = yysize + yystrlen (yyformat); - if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) - return 2; - yysize = yysize1; - } - - if (*yymsg_alloc < yysize) - { - *yymsg_alloc = 2 * yysize; - if (! (yysize <= *yymsg_alloc - && *yymsg_alloc <= YYSTACK_ALLOC_MAXIMUM)) - *yymsg_alloc = YYSTACK_ALLOC_MAXIMUM; - return 1; - } - - /* Avoid sprintf, as that infringes on the user's name space. - Don't have undefined behavior even if the translation - produced a string with the wrong number of "%s"s. */ - { - char *yyp = *yymsg; - int yyi = 0; - while ((*yyp = *yyformat) != '\0') - if (*yyp == '%' && yyformat[1] == 's' && yyi < yycount) - { - yyp += yytnamerr (yyp, yyarg[yyi++]); - yyformat += 2; - } - else - { - yyp++; - yyformat++; - } - } - return 0; -} -#endif /* YYERROR_VERBOSE */ - -/*-----------------------------------------------. -| Release the memory associated to this symbol. | -`-----------------------------------------------*/ - -static void -yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) -{ - YYUSE (yyvaluep); - if (!yymsg) - yymsg = "Deleting"; - YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); - - YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN - YYUSE (yytype); - YY_IGNORE_MAYBE_UNINITIALIZED_END -} - - - - -/* The lookahead symbol. */ -int yychar; - -/* The semantic value of the lookahead symbol. */ -YYSTYPE yylval; -/* Number of syntax errors so far. */ -int yynerrs; - - -/*----------. -| yyparse. | -`----------*/ - -int -yyparse (void) -{ - int yystate; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - - /* The stacks and their tools: - 'yyss': related to states. - 'yyvs': related to semantic values. - - Refer to the stacks through separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ - - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss; - yytype_int16 *yyssp; - - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs; - YYSTYPE *yyvsp; - - YYSIZE_T yystacksize; - - int yyn; - int yyresult; - /* Lookahead token as an internal (translated) token number. */ - int yytoken = 0; - /* The variables used to return semantic value and location from the - action routines. */ - YYSTYPE yyval; - -#if YYERROR_VERBOSE - /* Buffer for error messages, and its allocated size. */ - char yymsgbuf[128]; - char *yymsg = yymsgbuf; - YYSIZE_T yymsg_alloc = sizeof yymsgbuf; -#endif - -#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - - /* The number of symbols on the RHS of the reduced rule. - Keep to zero when no symbol should be popped. */ - int yylen = 0; - - yyssp = yyss = yyssa; - yyvsp = yyvs = yyvsa; - yystacksize = YYINITDEPTH; - - YYDPRINTF ((stderr, "Starting parse\n")); - - yystate = 0; - yyerrstatus = 0; - yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ - goto yysetstate; - -/*------------------------------------------------------------. -| yynewstate -- Push a new state, which is found in yystate. | -`------------------------------------------------------------*/ - yynewstate: - /* In all cases, when you get here, the value and location stacks - have just been pushed. So pushing a state here evens the stacks. */ - yyssp++; - - yysetstate: - *yyssp = yystate; - - if (yyss + yystacksize - 1 <= yyssp) - { - /* Get the current used size of the three stacks, in elements. */ - YYSIZE_T yysize = yyssp - yyss + 1; - -#ifdef yyoverflow - { - /* Give user a chance to reallocate the stack. Use copies of - these so that the &'s don't force the real ones into - memory. */ - YYSTYPE *yyvs1 = yyvs; - yytype_int16 *yyss1 = yyss; - - /* Each stack pointer address is followed by the size of the - data in use in that stack, in bytes. This used to be a - conditional around just the two extra args, but that might - be undefined if yyoverflow is a macro. */ - yyoverflow (YY_("memory exhausted"), - &yyss1, yysize * sizeof (*yyssp), - &yyvs1, yysize * sizeof (*yyvsp), - &yystacksize); - - yyss = yyss1; - yyvs = yyvs1; - } -#else /* no yyoverflow */ -# ifndef YYSTACK_RELOCATE - goto yyexhaustedlab; -# else - /* Extend the stack our own way. */ - if (YYMAXDEPTH <= yystacksize) - goto yyexhaustedlab; - yystacksize *= 2; - if (YYMAXDEPTH < yystacksize) - yystacksize = YYMAXDEPTH; - - { - yytype_int16 *yyss1 = yyss; - union yyalloc *yyptr = - (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); - if (! yyptr) - goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss_alloc, yyss); - YYSTACK_RELOCATE (yyvs_alloc, yyvs); -# undef YYSTACK_RELOCATE - if (yyss1 != yyssa) - YYSTACK_FREE (yyss1); - } -# endif -#endif /* no yyoverflow */ - - yyssp = yyss + yysize - 1; - yyvsp = yyvs + yysize - 1; - - YYDPRINTF ((stderr, "Stack size increased to %lu\n", - (unsigned long int) yystacksize)); - - if (yyss + yystacksize - 1 <= yyssp) - YYABORT; - } - - YYDPRINTF ((stderr, "Entering state %d\n", yystate)); - - if (yystate == YYFINAL) - YYACCEPT; - - goto yybackup; - -/*-----------. -| yybackup. | -`-----------*/ -yybackup: - - /* Do appropriate processing given the current state. Read a - lookahead token if we need one and don't already have one. */ - - /* First try to decide what to do without reference to lookahead token. */ - yyn = yypact[yystate]; - if (yypact_value_is_default (yyn)) - goto yydefault; - - /* Not known => get a lookahead token if don't already have one. */ - - /* YYCHAR is either YYEMPTY or YYEOF or a valid lookahead symbol. */ - if (yychar == YYEMPTY) - { - YYDPRINTF ((stderr, "Reading a token: ")); - yychar = yylex (); - } - - if (yychar <= YYEOF) - { - yychar = yytoken = YYEOF; - YYDPRINTF ((stderr, "Now at end of input.\n")); - } - else - { - yytoken = YYTRANSLATE (yychar); - YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc); - } - - /* If the proper action on seeing token YYTOKEN is to reduce or to - detect an error, take that action. */ - yyn += yytoken; - if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken) - goto yydefault; - yyn = yytable[yyn]; - if (yyn <= 0) - { - if (yytable_value_is_error (yyn)) - goto yyerrlab; - yyn = -yyn; - goto yyreduce; - } - - /* Count tokens shifted since error; after three, turn off error - status. */ - if (yyerrstatus) - yyerrstatus--; - - /* Shift the lookahead token. */ - YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - - /* Discard the shifted token. */ - yychar = YYEMPTY; - - yystate = yyn; - YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN - *++yyvsp = yylval; - YY_IGNORE_MAYBE_UNINITIALIZED_END - - goto yynewstate; - - -/*-----------------------------------------------------------. -| yydefault -- do the default action for the current state. | -`-----------------------------------------------------------*/ -yydefault: - yyn = yydefact[yystate]; - if (yyn == 0) - goto yyerrlab; - goto yyreduce; - - -/*-----------------------------. -| yyreduce -- Do a reduction. | -`-----------------------------*/ -yyreduce: - /* yyn is the number of a rule to reduce with. */ - yylen = yyr2[yyn]; - - /* If YYLEN is nonzero, implement the default value of the action: - '$$ = $1'. - - Otherwise, the following line sets YYVAL to garbage. - This behavior is undocumented and Bison - users should not rely upon it. Assigning to YYVAL - unconditionally makes the parser a bit smaller, and it avoids a - GCC warning that YYVAL may be used uninitialized. */ - yyval = yyvsp[1-yylen]; - - - YY_REDUCE_PRINT (yyn); - switch (yyn) - { - case 4: -#line 192 "getdate.y" /* yacc.c:1646 */ - { - yyHaveTime++; - } -#line 1449 "getdate.c" /* yacc.c:1646 */ - break; - - case 5: -#line 195 "getdate.y" /* yacc.c:1646 */ - { - yyHaveZone++; - } -#line 1457 "getdate.c" /* yacc.c:1646 */ - break; - - case 6: -#line 198 "getdate.y" /* yacc.c:1646 */ - { - yyHaveDate++; - } -#line 1465 "getdate.c" /* yacc.c:1646 */ - break; - - case 7: -#line 201 "getdate.y" /* yacc.c:1646 */ - { - yyHaveDay++; - } -#line 1473 "getdate.c" /* yacc.c:1646 */ - break; - - case 8: -#line 204 "getdate.y" /* yacc.c:1646 */ - { - yyHaveRel++; - } -#line 1481 "getdate.c" /* yacc.c:1646 */ - break; - - case 10: -#line 210 "getdate.y" /* yacc.c:1646 */ - { - yyHour = (yyvsp[-1].Number); - yyMinutes = 0; - yySeconds = 0; - yyMeridian = (yyvsp[0].Meridian); - } -#line 1492 "getdate.c" /* yacc.c:1646 */ - break; - - case 11: -#line 216 "getdate.y" /* yacc.c:1646 */ - { - yyHour = (yyvsp[-3].Number); - yyMinutes = (yyvsp[-1].Number); - yySeconds = 0; - yyMeridian = (yyvsp[0].Meridian); - } -#line 1503 "getdate.c" /* yacc.c:1646 */ - break; - - case 12: -#line 222 "getdate.y" /* yacc.c:1646 */ - { - yyHour = (yyvsp[-3].Number); - yyMinutes = (yyvsp[-1].Number); - yyMeridian = MER24; - yyHaveZone++; - yyTimezone = ((yyvsp[0].Number) < 0 - ? -(yyvsp[0].Number) % 100 + (-(yyvsp[0].Number) / 100) * 60 - : - ((yyvsp[0].Number) % 100 + ((yyvsp[0].Number) / 100) * 60)); - } -#line 1517 "getdate.c" /* yacc.c:1646 */ - break; - - case 13: -#line 231 "getdate.y" /* yacc.c:1646 */ - { - yyHour = (yyvsp[-5].Number); - yyMinutes = (yyvsp[-3].Number); - yySeconds = (yyvsp[-1].Number); - yyMeridian = (yyvsp[0].Meridian); - } -#line 1528 "getdate.c" /* yacc.c:1646 */ - break; - - case 14: -#line 237 "getdate.y" /* yacc.c:1646 */ - { - yyHour = (yyvsp[-5].Number); - yyMinutes = (yyvsp[-3].Number); - yySeconds = (yyvsp[-1].Number); - yyMeridian = MER24; - yyHaveZone++; - yyTimezone = ((yyvsp[0].Number) < 0 - ? -(yyvsp[0].Number) % 100 + (-(yyvsp[0].Number) / 100) * 60 - : - ((yyvsp[0].Number) % 100 + ((yyvsp[0].Number) / 100) * 60)); - } -#line 1543 "getdate.c" /* yacc.c:1646 */ - break; - - case 15: -#line 249 "getdate.y" /* yacc.c:1646 */ - { - yyTimezone = (yyvsp[0].Number); - } -#line 1551 "getdate.c" /* yacc.c:1646 */ - break; - - case 16: -#line 252 "getdate.y" /* yacc.c:1646 */ - { - yyTimezone = (yyvsp[0].Number) - 60; - } -#line 1559 "getdate.c" /* yacc.c:1646 */ - break; - - case 17: -#line 256 "getdate.y" /* yacc.c:1646 */ - { - yyTimezone = (yyvsp[-1].Number) - 60; - } -#line 1567 "getdate.c" /* yacc.c:1646 */ - break; - - case 18: -#line 261 "getdate.y" /* yacc.c:1646 */ - { - yyDayOrdinal = 1; - yyDayNumber = (yyvsp[0].Number); - } -#line 1576 "getdate.c" /* yacc.c:1646 */ - break; - - case 19: -#line 265 "getdate.y" /* yacc.c:1646 */ - { - yyDayOrdinal = 1; - yyDayNumber = (yyvsp[-1].Number); - } -#line 1585 "getdate.c" /* yacc.c:1646 */ - break; - - case 20: -#line 269 "getdate.y" /* yacc.c:1646 */ - { - yyDayOrdinal = (yyvsp[-1].Number); - yyDayNumber = (yyvsp[0].Number); - } -#line 1594 "getdate.c" /* yacc.c:1646 */ - break; - - case 21: -#line 275 "getdate.y" /* yacc.c:1646 */ - { - yyMonth = (yyvsp[-2].Number); - yyDay = (yyvsp[0].Number); - } -#line 1603 "getdate.c" /* yacc.c:1646 */ - break; - - case 22: -#line 279 "getdate.y" /* yacc.c:1646 */ - { - /* Interpret as YYYY/MM/DD if $1 >= 1000, otherwise as MM/DD/YY. - The goal in recognizing YYYY/MM/DD is solely to support legacy - machine-generated dates like those in an RCS log listing. If - you want portability, use the ISO 8601 format. */ - if ((yyvsp[-4].Number) >= 1000) - { - yyYear = (yyvsp[-4].Number); - yyMonth = (yyvsp[-2].Number); - yyDay = (yyvsp[0].Number); - } - else - { - yyMonth = (yyvsp[-4].Number); - yyDay = (yyvsp[-2].Number); - yyYear = (yyvsp[0].Number); - } - } -#line 1626 "getdate.c" /* yacc.c:1646 */ - break; - - case 23: -#line 297 "getdate.y" /* yacc.c:1646 */ - { - /* ISO 8601 format. yyyy-mm-dd. */ - yyYear = (yyvsp[-2].Number); - yyMonth = -(yyvsp[-1].Number); - yyDay = -(yyvsp[0].Number); - } -#line 1637 "getdate.c" /* yacc.c:1646 */ - break; - - case 24: -#line 303 "getdate.y" /* yacc.c:1646 */ - { - /* e.g. 17-JUN-1992. */ - yyDay = (yyvsp[-2].Number); - yyMonth = (yyvsp[-1].Number); - yyYear = -(yyvsp[0].Number); - } -#line 1648 "getdate.c" /* yacc.c:1646 */ - break; - - case 25: -#line 309 "getdate.y" /* yacc.c:1646 */ - { - yyMonth = (yyvsp[-1].Number); - yyDay = (yyvsp[0].Number); - } -#line 1657 "getdate.c" /* yacc.c:1646 */ - break; - - case 26: -#line 313 "getdate.y" /* yacc.c:1646 */ - { - yyMonth = (yyvsp[-3].Number); - yyDay = (yyvsp[-2].Number); - yyYear = (yyvsp[0].Number); - } -#line 1667 "getdate.c" /* yacc.c:1646 */ - break; - - case 27: -#line 318 "getdate.y" /* yacc.c:1646 */ - { - yyMonth = (yyvsp[0].Number); - yyDay = (yyvsp[-1].Number); - } -#line 1676 "getdate.c" /* yacc.c:1646 */ - break; - - case 28: -#line 322 "getdate.y" /* yacc.c:1646 */ - { - yyMonth = (yyvsp[-1].Number); - yyDay = (yyvsp[-2].Number); - yyYear = (yyvsp[0].Number); - } -#line 1686 "getdate.c" /* yacc.c:1646 */ - break; - - case 29: -#line 329 "getdate.y" /* yacc.c:1646 */ - { - yyRelSeconds = -yyRelSeconds; - yyRelMinutes = -yyRelMinutes; - yyRelHour = -yyRelHour; - yyRelDay = -yyRelDay; - yyRelMonth = -yyRelMonth; - yyRelYear = -yyRelYear; - } -#line 1699 "getdate.c" /* yacc.c:1646 */ - break; - - case 31: -#line 340 "getdate.y" /* yacc.c:1646 */ - { - yyRelYear += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1707 "getdate.c" /* yacc.c:1646 */ - break; - - case 32: -#line 343 "getdate.y" /* yacc.c:1646 */ - { - yyRelYear += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1715 "getdate.c" /* yacc.c:1646 */ - break; - - case 33: -#line 346 "getdate.y" /* yacc.c:1646 */ - { - yyRelYear++; - } -#line 1723 "getdate.c" /* yacc.c:1646 */ - break; - - case 34: -#line 349 "getdate.y" /* yacc.c:1646 */ - { - yyRelMonth += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1731 "getdate.c" /* yacc.c:1646 */ - break; - - case 35: -#line 352 "getdate.y" /* yacc.c:1646 */ - { - yyRelMonth += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1739 "getdate.c" /* yacc.c:1646 */ - break; - - case 36: -#line 355 "getdate.y" /* yacc.c:1646 */ - { - yyRelMonth++; - } -#line 1747 "getdate.c" /* yacc.c:1646 */ - break; - - case 37: -#line 358 "getdate.y" /* yacc.c:1646 */ - { - yyRelDay += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1755 "getdate.c" /* yacc.c:1646 */ - break; - - case 38: -#line 361 "getdate.y" /* yacc.c:1646 */ - { - yyRelDay += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1763 "getdate.c" /* yacc.c:1646 */ - break; - - case 39: -#line 364 "getdate.y" /* yacc.c:1646 */ - { - yyRelDay++; - } -#line 1771 "getdate.c" /* yacc.c:1646 */ - break; - - case 40: -#line 367 "getdate.y" /* yacc.c:1646 */ - { - yyRelHour += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1779 "getdate.c" /* yacc.c:1646 */ - break; - - case 41: -#line 370 "getdate.y" /* yacc.c:1646 */ - { - yyRelHour += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1787 "getdate.c" /* yacc.c:1646 */ - break; - - case 42: -#line 373 "getdate.y" /* yacc.c:1646 */ - { - yyRelHour++; - } -#line 1795 "getdate.c" /* yacc.c:1646 */ - break; - - case 43: -#line 376 "getdate.y" /* yacc.c:1646 */ - { - yyRelMinutes += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1803 "getdate.c" /* yacc.c:1646 */ - break; - - case 44: -#line 379 "getdate.y" /* yacc.c:1646 */ - { - yyRelMinutes += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1811 "getdate.c" /* yacc.c:1646 */ - break; - - case 45: -#line 382 "getdate.y" /* yacc.c:1646 */ - { - yyRelMinutes++; - } -#line 1819 "getdate.c" /* yacc.c:1646 */ - break; - - case 46: -#line 385 "getdate.y" /* yacc.c:1646 */ - { - yyRelSeconds += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1827 "getdate.c" /* yacc.c:1646 */ - break; - - case 47: -#line 388 "getdate.y" /* yacc.c:1646 */ - { - yyRelSeconds += (yyvsp[-1].Number) * (yyvsp[0].Number); - } -#line 1835 "getdate.c" /* yacc.c:1646 */ - break; - - case 48: -#line 391 "getdate.y" /* yacc.c:1646 */ - { - yyRelSeconds++; - } -#line 1843 "getdate.c" /* yacc.c:1646 */ - break; - - case 49: -#line 397 "getdate.y" /* yacc.c:1646 */ - { - if ((yyHaveTime != 0) && (yyHaveDate != 0) && (yyHaveRel == 0)) - yyYear = (yyvsp[0].Number); - else - { - if ((yyvsp[0].Number)>10000) - { - yyHaveDate++; - yyDay= ((yyvsp[0].Number))%100; - yyMonth= ((yyvsp[0].Number)/100)%100; - yyYear = (yyvsp[0].Number)/10000; - } - else - { - yyHaveTime++; - if ((yyvsp[0].Number) < 100) - { - yyHour = (yyvsp[0].Number); - yyMinutes = 0; - } - else - { - yyHour = (yyvsp[0].Number) / 100; - yyMinutes = (yyvsp[0].Number) % 100; - } - yySeconds = 0; - yyMeridian = MER24; - } - } - } -#line 1878 "getdate.c" /* yacc.c:1646 */ - break; - - case 50: -#line 430 "getdate.y" /* yacc.c:1646 */ - { - (yyval.Meridian) = MER24; - } -#line 1886 "getdate.c" /* yacc.c:1646 */ - break; - - case 51: -#line 434 "getdate.y" /* yacc.c:1646 */ - { - (yyval.Meridian) = (yyvsp[0].Meridian); - } -#line 1894 "getdate.c" /* yacc.c:1646 */ - break; - - -#line 1898 "getdate.c" /* yacc.c:1646 */ - default: break; - } - /* User semantic actions sometimes alter yychar, and that requires - that yytoken be updated with the new translation. We take the - approach of translating immediately before every use of yytoken. - One alternative is translating here after every semantic action, - but that translation would be missed if the semantic action invokes - YYABORT, YYACCEPT, or YYERROR immediately after altering yychar or - if it invokes YYBACKUP. In the case of YYABORT or YYACCEPT, an - incorrect destructor might then be invoked immediately. In the - case of YYERROR or YYBACKUP, subsequent parser actions might lead - to an incorrect destructor call or verbose syntax error message - before the lookahead is translated. */ - YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); - - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - - *++yyvsp = yyval; - - /* Now 'shift' the result of the reduction. Determine what state - that goes to, based on the state we popped back to and the rule - number reduced by. */ - - yyn = yyr1[yyn]; - - yystate = yypgoto[yyn - YYNTOKENS] + *yyssp; - if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp) - yystate = yytable[yystate]; - else - yystate = yydefgoto[yyn - YYNTOKENS]; - - goto yynewstate; - - -/*--------------------------------------. -| yyerrlab -- here on detecting error. | -`--------------------------------------*/ -yyerrlab: - /* Make sure we have latest lookahead translation. See comments at - user semantic actions for why this is necessary. */ - yytoken = yychar == YYEMPTY ? YYEMPTY : YYTRANSLATE (yychar); - - /* If not already recovering from an error, report this error. */ - if (!yyerrstatus) - { - ++yynerrs; -#if ! YYERROR_VERBOSE - yyerror (YY_("syntax error")); -#else -# define YYSYNTAX_ERROR yysyntax_error (&yymsg_alloc, &yymsg, \ - yyssp, yytoken) - { - char const *yymsgp = YY_("syntax error"); - int yysyntax_error_status; - yysyntax_error_status = YYSYNTAX_ERROR; - if (yysyntax_error_status == 0) - yymsgp = yymsg; - else if (yysyntax_error_status == 1) - { - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); - yymsg = (char *) YYSTACK_ALLOC (yymsg_alloc); - if (!yymsg) - { - yymsg = yymsgbuf; - yymsg_alloc = sizeof yymsgbuf; - yysyntax_error_status = 2; - } - else - { - yysyntax_error_status = YYSYNTAX_ERROR; - yymsgp = yymsg; - } - } - yyerror (yymsgp); - if (yysyntax_error_status == 2) - goto yyexhaustedlab; - } -# undef YYSYNTAX_ERROR -#endif - } - - - - if (yyerrstatus == 3) - { - /* If just tried and failed to reuse lookahead token after an - error, discard it. */ - - if (yychar <= YYEOF) - { - /* Return failure if at end of input. */ - if (yychar == YYEOF) - YYABORT; - } - else - { - yydestruct ("Error: discarding", - yytoken, &yylval); - yychar = YYEMPTY; - } - } - - /* Else will try to reuse lookahead token after shifting the error - token. */ - goto yyerrlab1; - - -/*---------------------------------------------------. -| yyerrorlab -- error raised explicitly by YYERROR. | -`---------------------------------------------------*/ -yyerrorlab: - - /* Pacify compilers like GCC when the user code never invokes - YYERROR and the label yyerrorlab therefore never appears in user - code. */ - if (/*CONSTCOND*/ 0) - goto yyerrorlab; - - /* Do not reclaim the symbols of the rule whose action triggered - this YYERROR. */ - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - yystate = *yyssp; - goto yyerrlab1; - - -/*-------------------------------------------------------------. -| yyerrlab1 -- common code for both syntax error and YYERROR. | -`-------------------------------------------------------------*/ -yyerrlab1: - yyerrstatus = 3; /* Each real token shifted decrements this. */ - - for (;;) - { - yyn = yypact[yystate]; - if (!yypact_value_is_default (yyn)) - { - yyn += YYTERROR; - if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) - { - yyn = yytable[yyn]; - if (0 < yyn) - break; - } - } - - /* Pop the current state because it cannot handle the error token. */ - if (yyssp == yyss) - YYABORT; - - - yydestruct ("Error: popping", - yystos[yystate], yyvsp); - YYPOPSTACK (1); - yystate = *yyssp; - YY_STACK_PRINT (yyss, yyssp); - } - - YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN - *++yyvsp = yylval; - YY_IGNORE_MAYBE_UNINITIALIZED_END - - - /* Shift the error token. */ - YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp); - - yystate = yyn; - goto yynewstate; - - -/*-------------------------------------. -| yyacceptlab -- YYACCEPT comes here. | -`-------------------------------------*/ -yyacceptlab: - yyresult = 0; - goto yyreturn; - -/*-----------------------------------. -| yyabortlab -- YYABORT comes here. | -`-----------------------------------*/ -yyabortlab: - yyresult = 1; - goto yyreturn; - -#if !defined yyoverflow || YYERROR_VERBOSE -/*-------------------------------------------------. -| yyexhaustedlab -- memory exhaustion comes here. | -`-------------------------------------------------*/ -yyexhaustedlab: - yyerror (YY_("memory exhausted")); - yyresult = 2; - /* Fall through. */ -#endif - -yyreturn: - if (yychar != YYEMPTY) - { - /* Make sure we have latest lookahead translation. See comments at - user semantic actions for why this is necessary. */ - yytoken = YYTRANSLATE (yychar); - yydestruct ("Cleanup: discarding lookahead", - yytoken, &yylval); - } - /* Do not reclaim the symbols of the rule whose action triggered - this YYABORT or YYACCEPT. */ - YYPOPSTACK (yylen); - YY_STACK_PRINT (yyss, yyssp); - while (yyssp != yyss) - { - yydestruct ("Cleanup: popping", - yystos[*yyssp], yyvsp); - YYPOPSTACK (1); - } -#ifndef yyoverflow - if (yyss != yyssa) - YYSTACK_FREE (yyss); -#endif -#if YYERROR_VERBOSE - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); -#endif - return yyresult; -} -#line 439 "getdate.y" /* yacc.c:1906 */ - - -/* Month and day table. */ -static TABLE const MonthDayTable[] = { - { "january", tMONTH, 1 }, - { "february", tMONTH, 2 }, - { "march", tMONTH, 3 }, - { "april", tMONTH, 4 }, - { "may", tMONTH, 5 }, - { "june", tMONTH, 6 }, - { "july", tMONTH, 7 }, - { "august", tMONTH, 8 }, - { "september", tMONTH, 9 }, - { "sept", tMONTH, 9 }, - { "october", tMONTH, 10 }, - { "november", tMONTH, 11 }, - { "december", tMONTH, 12 }, - { "sunday", tDAY, 0 }, - { "monday", tDAY, 1 }, - { "tuesday", tDAY, 2 }, - { "tues", tDAY, 2 }, - { "wednesday", tDAY, 3 }, - { "wednes", tDAY, 3 }, - { "thursday", tDAY, 4 }, - { "thur", tDAY, 4 }, - { "thurs", tDAY, 4 }, - { "friday", tDAY, 5 }, - { "saturday", tDAY, 6 }, - { NULL, 0, 0 } -}; - -/* Time units table. */ -static TABLE const UnitsTable[] = { - { "year", tYEAR_UNIT, 1 }, - { "month", tMONTH_UNIT, 1 }, - { "fortnight", tDAY_UNIT, 14 }, - { "week", tDAY_UNIT, 7 }, - { "day", tDAY_UNIT, 1 }, - { "hour", tHOUR_UNIT, 1 }, - { "minute", tMINUTE_UNIT, 1 }, - { "min", tMINUTE_UNIT, 1 }, - { "second", tSEC_UNIT, 1 }, - { "sec", tSEC_UNIT, 1 }, - { NULL, 0, 0 } -}; - -/* Assorted relative-time words. */ -static TABLE const OtherTable[] = { - { "tomorrow", tMINUTE_UNIT, 1 * 24 * 60 }, - { "yesterday", tMINUTE_UNIT, -1 * 24 * 60 }, - { "today", tMINUTE_UNIT, 0 }, - { "now", tMINUTE_UNIT, 0 }, - { "last", tUNUMBER, -1 }, - { "this", tMINUTE_UNIT, 0 }, - { "next", tUNUMBER, 2 }, - { "first", tUNUMBER, 1 }, -/* { "second", tUNUMBER, 2 }, */ - { "third", tUNUMBER, 3 }, - { "fourth", tUNUMBER, 4 }, - { "fifth", tUNUMBER, 5 }, - { "sixth", tUNUMBER, 6 }, - { "seventh", tUNUMBER, 7 }, - { "eighth", tUNUMBER, 8 }, - { "ninth", tUNUMBER, 9 }, - { "tenth", tUNUMBER, 10 }, - { "eleventh", tUNUMBER, 11 }, - { "twelfth", tUNUMBER, 12 }, - { "ago", tAGO, 1 }, - { NULL, 0, 0 } -}; - -/* The timezone table. */ -static TABLE const TimezoneTable[] = { - { "gmt", tZONE, HOUR ( 0) }, /* Greenwich Mean */ - { "ut", tZONE, HOUR ( 0) }, /* Universal (Coordinated) */ - { "utc", tZONE, HOUR ( 0) }, - { "wet", tZONE, HOUR ( 0) }, /* Western European */ - { "bst", tDAYZONE, HOUR ( 0) }, /* British Summer */ - { "wat", tZONE, HOUR ( 1) }, /* West Africa */ - { "at", tZONE, HOUR ( 2) }, /* Azores */ - { "ast", tZONE, HOUR ( 4) }, /* Atlantic Standard */ - { "adt", tDAYZONE, HOUR ( 4) }, /* Atlantic Daylight */ - { "est", tZONE, HOUR ( 5) }, /* Eastern Standard */ - { "edt", tDAYZONE, HOUR ( 5) }, /* Eastern Daylight */ - { "cst", tZONE, HOUR ( 6) }, /* Central Standard */ - { "cdt", tDAYZONE, HOUR ( 6) }, /* Central Daylight */ - { "mst", tZONE, HOUR ( 7) }, /* Mountain Standard */ - { "mdt", tDAYZONE, HOUR ( 7) }, /* Mountain Daylight */ - { "pst", tZONE, HOUR ( 8) }, /* Pacific Standard */ - { "pdt", tDAYZONE, HOUR ( 8) }, /* Pacific Daylight */ - { "yst", tZONE, HOUR ( 9) }, /* Yukon Standard */ - { "ydt", tDAYZONE, HOUR ( 9) }, /* Yukon Daylight */ - { "hst", tZONE, HOUR (10) }, /* Hawaii Standard */ - { "hdt", tDAYZONE, HOUR (10) }, /* Hawaii Daylight */ - { "cat", tZONE, HOUR (10) }, /* Central Alaska */ - { "ahst", tZONE, HOUR (10) }, /* Alaska-Hawaii Standard */ - { "nt", tZONE, HOUR (11) }, /* Nome */ - { "idlw", tZONE, HOUR (12) }, /* International Date Line West */ - { "cet", tZONE, -HOUR (1) }, /* Central European */ - { "met", tZONE, -HOUR (1) }, /* Middle European */ - { "mewt", tZONE, -HOUR (1) }, /* Middle European Winter */ - { "mest", tDAYZONE, -HOUR (1) }, /* Middle European Summer */ - { "mesz", tDAYZONE, -HOUR (1) }, /* Middle European Summer */ - { "swt", tZONE, -HOUR (1) }, /* Swedish Winter */ - { "sst", tDAYZONE, -HOUR (1) }, /* Swedish Summer */ - { "fwt", tZONE, -HOUR (1) }, /* French Winter */ - { "fst", tDAYZONE, -HOUR (1) }, /* French Summer */ - { "eet", tZONE, -HOUR (2) }, /* Eastern Europe, USSR Zone 1 */ - { "bt", tZONE, -HOUR (3) }, /* Baghdad, USSR Zone 2 */ - { "zp4", tZONE, -HOUR (4) }, /* USSR Zone 3 */ - { "zp5", tZONE, -HOUR (5) }, /* USSR Zone 4 */ - { "zp6", tZONE, -HOUR (6) }, /* USSR Zone 5 */ - { "wast", tZONE, -HOUR (7) }, /* West Australian Standard */ - { "wadt", tDAYZONE, -HOUR (7) }, /* West Australian Daylight */ - { "cct", tZONE, -HOUR (8) }, /* China Coast, USSR Zone 7 */ - { "jst", tZONE, -HOUR (9) }, /* Japan Standard, USSR Zone 8 */ - { "east", tZONE, -HOUR (10) }, /* Eastern Australian Standard */ - { "eadt", tDAYZONE, -HOUR (10) }, /* Eastern Australian Daylight */ - { "gst", tZONE, -HOUR (10) }, /* Guam Standard, USSR Zone 9 */ - { "nzt", tZONE, -HOUR (12) }, /* New Zealand */ - { "nzst", tZONE, -HOUR (12) }, /* New Zealand Standard */ - { "nzdt", tDAYZONE, -HOUR (12) }, /* New Zealand Daylight */ - { "idle", tZONE, -HOUR (12) }, /* International Date Line East */ - { NULL, 0, 0 } -}; - -/* Military timezone table. */ -static TABLE const MilitaryTable[] = { - { "a", tZONE, HOUR ( 1) }, - { "b", tZONE, HOUR ( 2) }, - { "c", tZONE, HOUR ( 3) }, - { "d", tZONE, HOUR ( 4) }, - { "e", tZONE, HOUR ( 5) }, - { "f", tZONE, HOUR ( 6) }, - { "g", tZONE, HOUR ( 7) }, - { "h", tZONE, HOUR ( 8) }, - { "i", tZONE, HOUR ( 9) }, - { "k", tZONE, HOUR ( 10) }, - { "l", tZONE, HOUR ( 11) }, - { "m", tZONE, HOUR ( 12) }, - { "n", tZONE, HOUR (- 1) }, - { "o", tZONE, HOUR (- 2) }, - { "p", tZONE, HOUR (- 3) }, - { "q", tZONE, HOUR (- 4) }, - { "r", tZONE, HOUR (- 5) }, - { "s", tZONE, HOUR (- 6) }, - { "t", tZONE, HOUR (- 7) }, - { "u", tZONE, HOUR (- 8) }, - { "v", tZONE, HOUR (- 9) }, - { "w", tZONE, HOUR (-10) }, - { "x", tZONE, HOUR (-11) }, - { "y", tZONE, HOUR (-12) }, - { "z", tZONE, HOUR ( 0) }, - { NULL, 0, 0 } -}; - - - - -static int yyerror (unused const char *s) -{ - return 0; -} - -static int ToHour (int Hours, MERIDIAN Meridian) -{ - switch (Meridian) - { - case MER24: - if (Hours < 0 || Hours > 23) - return -1; - return Hours; - case MERam: - if (Hours < 1 || Hours > 12) - return -1; - if (Hours == 12) - Hours = 0; - return Hours; - case MERpm: - if (Hours < 1 || Hours > 12) - return -1; - if (Hours == 12) - Hours = 0; - return Hours + 12; - default: - abort (); - } - /* NOTREACHED */ -} - -static int ToYear (int Year) -{ - if (Year < 0) - Year = -Year; - - /* XPG4 suggests that years 00-68 map to 2000-2068, and - years 69-99 map to 1969-1999. */ - if (Year < 69) - Year += 2000; - else if (Year < 100) - Year += 1900; - - return Year; -} - -static int LookupWord (char *buff) -{ - register char *p; - register char *q; - register const TABLE *tp; - int i; - bool abbrev; - - /* Make it lowercase. */ - for (p = buff; '\0' != *p; p++) - if (ISUPPER (*p)) - *p = tolower (*p); - - if (strcmp (buff, "am") == 0 || strcmp (buff, "a.m.") == 0) - { - yylval.Meridian = MERam; - return tMERIDIAN; - } - if (strcmp (buff, "pm") == 0 || strcmp (buff, "p.m.") == 0) - { - yylval.Meridian = MERpm; - return tMERIDIAN; - } - - /* See if we have an abbreviation for a month. */ - if (strlen (buff) == 3) - abbrev = true; - else if (strlen (buff) == 4 && buff[3] == '.') - { - abbrev = true; - buff[3] = '\0'; - } - else - abbrev = false; - - for (tp = MonthDayTable; tp->name; tp++) - { - if (abbrev) - { - if (strncmp (buff, tp->name, 3) == 0) - { - yylval.Number = tp->value; - return tp->type; - } - } - else if (strcmp (buff, tp->name) == 0) - { - yylval.Number = tp->value; - return tp->type; - } - } - - for (tp = TimezoneTable; tp->name; tp++) - if (strcmp (buff, tp->name) == 0) - { - yylval.Number = tp->value; - return tp->type; - } - - if (strcmp (buff, "dst") == 0) - return tDST; - - for (tp = UnitsTable; tp->name; tp++) - if (strcmp (buff, tp->name) == 0) - { - yylval.Number = tp->value; - return tp->type; - } - - /* Strip off any plural and try the units table again. */ - i = strlen (buff) - 1; - if (buff[i] == 's') - { - buff[i] = '\0'; - for (tp = UnitsTable; tp->name; tp++) - if (strcmp (buff, tp->name) == 0) - { - yylval.Number = tp->value; - return tp->type; - } - buff[i] = 's'; /* Put back for "this" in OtherTable. */ - } - - for (tp = OtherTable; tp->name; tp++) - if (strcmp (buff, tp->name) == 0) - { - yylval.Number = tp->value; - return tp->type; - } - - /* Military timezones. */ - if (buff[1] == '\0' && ISALPHA (*buff)) - { - for (tp = MilitaryTable; tp->name; tp++) - if (strcmp (buff, tp->name) == 0) - { - yylval.Number = tp->value; - return tp->type; - } - } - - /* Drop out any periods and try the timezone table again. */ - for (i = 0, p = q = buff; '\0' != *q; q++) - if (*q != '.') - *p++ = *q; - else - i++; - *p = '\0'; - if (0 != i) - for (tp = TimezoneTable; NULL != tp->name; tp++) - if (strcmp (buff, tp->name) == 0) - { - yylval.Number = tp->value; - return tp->type; - } - - return tID; -} - -static int -yylex (void) -{ - register char c; - register char *p; - char buff[20]; - int Count; - int sign; - - for (;;) - { - while (ISSPACE (*yyInput)) - yyInput++; - - if (ISDIGIT (c = *yyInput) || c == '-' || c == '+') - { - if (c == '-' || c == '+') - { - sign = c == '-' ? -1 : 1; - if (!ISDIGIT (*++yyInput)) - /* skip the '-' sign */ - continue; - } - else - sign = 0; - for (yylval.Number = 0; ISDIGIT (c = *yyInput++);) - yylval.Number = 10 * yylval.Number + c - '0'; - yyInput--; - if (sign < 0) - yylval.Number = -yylval.Number; - return (0 != sign) ? tSNUMBER : tUNUMBER; - } - if (ISALPHA (c)) - { - for (p = buff; (c = *yyInput++, ISALPHA (c)) || c == '.';) - if (p < &buff[sizeof buff - 1]) - *p++ = c; - *p = '\0'; - yyInput--; - return LookupWord (buff); - } - if (c != '(') - return *yyInput++; - Count = 0; - do - { - c = *yyInput++; - if (c == '\0') - return c; - if (c == '(') - Count++; - else if (c == ')') - Count--; - } - while (Count > 0); - } -} - -#define TM_YEAR_ORIGIN 1900 - -/* Yield A - B, measured in seconds. */ -static long difftm (struct tm *a, struct tm *b) -{ - int ay = a->tm_year + (TM_YEAR_ORIGIN - 1); - int by = b->tm_year + (TM_YEAR_ORIGIN - 1); - long days = ( - /* difference in day of year */ - a->tm_yday - b->tm_yday - /* + intervening leap days */ - + ((ay >> 2) - (by >> 2)) - - (ay / 100 - by / 100) - + ((ay / 100 >> 2) - (by / 100 >> 2)) - /* + difference in years * 365 */ - + (long) (ay - by) * 365 - ); - return (60 * (60 * (24 * days + (a->tm_hour - b->tm_hour)) - + (a->tm_min - b->tm_min)) - + (a->tm_sec - b->tm_sec)); -} - -time_t get_date (const char *p, const time_t *now) -{ - struct tm tm, tm0, *tmp; - time_t Start; - - yyInput = p; - Start = now ? *now : time ((time_t *) NULL); - tmp = localtime (&Start); - yyYear = tmp->tm_year + TM_YEAR_ORIGIN; - yyMonth = tmp->tm_mon + 1; - yyDay = tmp->tm_mday; - yyHour = tmp->tm_hour; - yyMinutes = tmp->tm_min; - yySeconds = tmp->tm_sec; - yyMeridian = MER24; - yyRelSeconds = 0; - yyRelMinutes = 0; - yyRelHour = 0; - yyRelDay = 0; - yyRelMonth = 0; - yyRelYear = 0; - yyHaveDate = 0; - yyHaveDay = 0; - yyHaveRel = 0; - yyHaveTime = 0; - yyHaveZone = 0; - - if (yyparse () - || yyHaveTime > 1 || yyHaveZone > 1 || yyHaveDate > 1 || yyHaveDay > 1) - return -1; - - tm.tm_year = ToYear (yyYear) - TM_YEAR_ORIGIN + yyRelYear; - tm.tm_mon = yyMonth - 1 + yyRelMonth; - tm.tm_mday = yyDay + yyRelDay; - if ((yyHaveTime != 0) || - ( (yyHaveRel != 0) && (yyHaveDate == 0) && (yyHaveDay == 0) )) - { - tm.tm_hour = ToHour (yyHour, yyMeridian); - if (tm.tm_hour < 0) - return -1; - tm.tm_min = yyMinutes; - tm.tm_sec = yySeconds; - } - else - { - tm.tm_hour = tm.tm_min = tm.tm_sec = 0; - } - tm.tm_hour += yyRelHour; - tm.tm_min += yyRelMinutes; - tm.tm_sec += yyRelSeconds; - tm.tm_isdst = -1; - tm0 = tm; - - Start = mktime (&tm); - - if (Start == (time_t) -1) - { - - /* Guard against falsely reporting errors near the time_t boundaries - when parsing times in other time zones. For example, if the min - time_t value is 1970-01-01 00:00:00 UTC and we are 8 hours ahead - of UTC, then the min localtime value is 1970-01-01 08:00:00; if - we apply mktime to 1970-01-01 00:00:00 we will get an error, so - we apply mktime to 1970-01-02 08:00:00 instead and adjust the time - zone by 24 hours to compensate. This algorithm assumes that - there is no DST transition within a day of the time_t boundaries. */ - if (yyHaveZone) - { - tm = tm0; - if (tm.tm_year <= EPOCH - TM_YEAR_ORIGIN) - { - tm.tm_mday++; - yyTimezone -= 24 * 60; - } - else - { - tm.tm_mday--; - yyTimezone += 24 * 60; - } - Start = mktime (&tm); - } - - if (Start == (time_t) -1) - return Start; - } - - if (yyHaveDay && !yyHaveDate) - { - tm.tm_mday += ((yyDayNumber - tm.tm_wday + 7) % 7 - + 7 * (yyDayOrdinal - (0 < yyDayOrdinal))); - Start = mktime (&tm); - if (Start == (time_t) -1) - return Start; - } - - if (yyHaveZone) - { - long delta = yyTimezone * 60L + difftm (&tm, gmtime (&Start)); - if ((Start + delta < Start) != (delta < 0)) - return -1; /* time_t overflow */ - Start += delta; - } - - return Start; -} - -#if defined (TEST) - -/* ARGSUSED */ -int -main (ac, av) - int ac; - char *av[]; -{ - char buff[MAX_BUFF_LEN + 1]; - time_t d; - - (void) printf ("Enter date, or blank line to exit.\n\t> "); - (void) fflush (stdout); - - buff[MAX_BUFF_LEN] = 0; - while (fgets (buff, MAX_BUFF_LEN, stdin) && buff[0]) - { - d = get_date (buff, (time_t *) NULL); - if (d == -1) - (void) printf ("Bad format - couldn't convert.\n"); - else - (void) printf ("%s", ctime (&d)); - (void) printf ("\t> "); - (void) fflush (stdout); - } - exit (0); - /* NOTREACHED */ -} -#endif /* defined (TEST) */ diff --git a/libmisc/idmapping.c b/libmisc/idmapping.c index 714c29eb..db254fcb 100644 --- a/libmisc/idmapping.c +++ b/libmisc/idmapping.c @@ -70,13 +70,40 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv) /* Gather up the ranges from the command line */ mapping = mappings; - for (idx = 0; idx < ranges; idx++, argidx += 3, mapping++) { - if (!getulong(argv[argidx + 0], &mapping->upper)) + for (idx = 0, argidx = 0; idx < ranges; idx++, argidx += 3, mapping++) { + if (!getulong(argv[argidx + 0], &mapping->upper)) { + free(mappings); return NULL; - if (!getulong(argv[argidx + 1], &mapping->lower)) + } + if (!getulong(argv[argidx + 1], &mapping->lower)) { + free(mappings); return NULL; - if (!getulong(argv[argidx + 2], &mapping->count)) + } + if (!getulong(argv[argidx + 2], &mapping->count)) { + free(mappings); return NULL; + } + if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) { + fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog); + exit(EXIT_FAILURE); + } + if (mapping->upper > UINT_MAX || + mapping->lower > UINT_MAX || + mapping->count > UINT_MAX) { + fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog); + exit(EXIT_FAILURE); + } + if (mapping->lower + mapping->count > UINT_MAX || + mapping->upper + mapping->count > UINT_MAX) { + fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog); + exit(EXIT_FAILURE); + } + if (mapping->lower + mapping->count < mapping->lower || + mapping->upper + mapping->count < mapping->upper) { + /* this one really shouldn't be possible given previous checks */ + fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog); + exit(EXIT_FAILURE); + } } return mappings; } diff --git a/libmisc/user_busy.c b/libmisc/user_busy.c index db7174af..0db32c39 100644 --- a/libmisc/user_busy.c +++ b/libmisc/user_busy.c @@ -175,6 +175,9 @@ static int user_busy_processes (const char *name, uid_t uid) if (stat ("/", &sbroot) != 0) { perror ("stat (\"/\")"); (void) closedir (proc); +#ifdef ENABLE_SUBIDS + sub_uid_close(); +#endif return 0; } @@ -212,6 +215,9 @@ static int user_busy_processes (const char *name, uid_t uid) if (check_status (name, tmp_d_name, uid) != 0) { (void) closedir (proc); +#ifdef ENABLE_SUBIDS + sub_uid_close(); +#endif fprintf (stderr, _("%s: user %s is currently used by process %d\n"), Prog, name, pid); @@ -232,6 +238,9 @@ static int user_busy_processes (const char *name, uid_t uid) } if (check_status (name, task_path+6, uid) != 0) { (void) closedir (proc); +#ifdef ENABLE_SUBIDS + sub_uid_close(); +#endif fprintf (stderr, _("%s: user %s is currently used by process %d\n"), Prog, name, pid); diff --git a/ltmain.sh b/ltmain.sh deleted file mode 100644 index 68c6d96c..00000000 --- a/ltmain.sh +++ /dev/null @@ -1,9661 +0,0 @@ - -# libtool (GNU libtool) 2.4.2 -# Written by Gordon Matzigkeit , 1996 - -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, -# 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. -# This is free software; see the source for copying conditions. There is NO -# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - -# GNU Libtool is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# As a special exception to the GNU General Public License, -# if you distribute this file as part of a program or library that -# is built using GNU Libtool, you may include this file under the -# same distribution terms that you use for the rest of that program. -# -# GNU Libtool is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with GNU Libtool; see the file COPYING. If not, a copy -# can be downloaded from http://www.gnu.org/licenses/gpl.html, -# or obtained by writing to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -# Usage: $progname [OPTION]... [MODE-ARG]... -# -# Provide generalized library-building support services. -# -# --config show all configuration variables -# --debug enable verbose shell tracing -# -n, --dry-run display commands without modifying any files -# --features display basic configuration information and exit -# --mode=MODE use operation mode MODE -# --preserve-dup-deps don't remove duplicate dependency libraries -# --quiet, --silent don't print informational messages -# --no-quiet, --no-silent -# print informational messages (default) -# --no-warn don't display warning messages -# --tag=TAG use configuration variables from tag TAG -# -v, --verbose print more informational messages than default -# --no-verbose don't print the extra informational messages -# --version print version information -# -h, --help, --help-all print short, long, or detailed help message -# -# MODE must be one of the following: -# -# clean remove files from the build directory -# compile compile a source file into a libtool object -# execute automatically set library path, then run a program -# finish complete the installation of libtool libraries -# install install libraries or executables -# link create a library or an executable -# uninstall remove libraries from an installed directory -# -# MODE-ARGS vary depending on the MODE. When passed as first option, -# `--mode=MODE' may be abbreviated as `MODE' or a unique abbreviation of that. -# Try `$progname --help --mode=MODE' for a more detailed description of MODE. -# -# When reporting a bug, please describe a test case to reproduce it and -# include the following information: -# -# host-triplet: $host -# shell: $SHELL -# compiler: $LTCC -# compiler flags: $LTCFLAGS -# linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.4.2 Debian-2.4.2-1.3 -# automake: $automake_version -# autoconf: $autoconf_version -# -# Report bugs to . -# GNU libtool home page: . -# General help using GNU software: . - -PROGRAM=libtool -PACKAGE=libtool -VERSION="2.4.2 Debian-2.4.2-1.3" -TIMESTAMP="" -package_revision=1.3337 - -# Be Bourne compatible -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac -fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh - -# A function that is used when there is no print builtin or printf. -func_fallback_echo () -{ - eval 'cat <<_LTECHO_EOF -$1 -_LTECHO_EOF' -} - -# NLS nuisances: We save the old values to restore during execute mode. -lt_user_locale= -lt_safe_locale= -for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES -do - eval "if test \"\${$lt_var+set}\" = set; then - save_$lt_var=\$$lt_var - $lt_var=C - export $lt_var - lt_user_locale=\"$lt_var=\\\$save_\$lt_var; \$lt_user_locale\" - lt_safe_locale=\"$lt_var=C; \$lt_safe_locale\" - fi" -done -LC_ALL=C -LANGUAGE=C -export LANGUAGE LC_ALL - -$lt_unset CDPATH - - -# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh -# is ksh but when the shell is invoked as "sh" and the current value of -# the _XPG environment variable is not equal to 1 (one), the special -# positional parameter $0, within a function call, is the name of the -# function. -progpath="$0" - - - -: ${CP="cp -f"} -test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'} -: ${MAKE="make"} -: ${MKDIR="mkdir"} -: ${MV="mv -f"} -: ${RM="rm -f"} -: ${SHELL="${CONFIG_SHELL-/bin/sh}"} -: ${Xsed="$SED -e 1s/^X//"} - -# Global variables: -EXIT_SUCCESS=0 -EXIT_FAILURE=1 -EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing. -EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake. - -exit_status=$EXIT_SUCCESS - -# Make sure IFS has a sensible default -lt_nl=' -' -IFS=" $lt_nl" - -dirname="s,/[^/]*$,," -basename="s,^.*/,," - -# func_dirname file append nondir_replacement -# Compute the dirname of FILE. If nonempty, add APPEND to the result, -# otherwise set result to NONDIR_REPLACEMENT. -func_dirname () -{ - func_dirname_result=`$ECHO "${1}" | $SED "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi -} # func_dirname may be replaced by extended shell implementation - - -# func_basename file -func_basename () -{ - func_basename_result=`$ECHO "${1}" | $SED "$basename"` -} # func_basename may be replaced by extended shell implementation - - -# func_dirname_and_basename file append nondir_replacement -# perform func_basename and func_dirname in a single function -# call: -# dirname: Compute the dirname of FILE. If nonempty, -# add APPEND to the result, otherwise set result -# to NONDIR_REPLACEMENT. -# value returned in "$func_dirname_result" -# basename: Compute filename of FILE. -# value retuned in "$func_basename_result" -# Implementation must be kept synchronized with func_dirname -# and func_basename. For efficiency, we do not delegate to -# those functions but instead duplicate the functionality here. -func_dirname_and_basename () -{ - # Extract subdirectory from the argument. - func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi - func_basename_result=`$ECHO "${1}" | $SED -e "$basename"` -} # func_dirname_and_basename may be replaced by extended shell implementation - - -# func_stripname prefix suffix name -# strip PREFIX and SUFFIX off of NAME. -# PREFIX and SUFFIX must not contain globbing or regex special -# characters, hashes, percent signs, but SUFFIX may contain a leading -# dot (in which case that matches only a dot). -# func_strip_suffix prefix name -func_stripname () -{ - case ${2} in - .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; - *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; - esac -} # func_stripname may be replaced by extended shell implementation - - -# These SED scripts presuppose an absolute path with a trailing slash. -pathcar='s,^/\([^/]*\).*$,\1,' -pathcdr='s,^/[^/]*,,' -removedotparts=':dotsl - s@/\./@/@g - t dotsl - s,/\.$,/,' -collapseslashes='s@/\{1,\}@/@g' -finalslash='s,/*$,/,' - -# func_normal_abspath PATH -# Remove doubled-up and trailing slashes, "." path components, -# and cancel out any ".." path components in PATH after making -# it an absolute path. -# value returned in "$func_normal_abspath_result" -func_normal_abspath () -{ - # Start from root dir and reassemble the path. - func_normal_abspath_result= - func_normal_abspath_tpath=$1 - func_normal_abspath_altnamespace= - case $func_normal_abspath_tpath in - "") - # Empty path, that just means $cwd. - func_stripname '' '/' "`pwd`" - func_normal_abspath_result=$func_stripname_result - return - ;; - # The next three entries are used to spot a run of precisely - # two leading slashes without using negated character classes; - # we take advantage of case's first-match behaviour. - ///*) - # Unusual form of absolute path, do nothing. - ;; - //*) - # Not necessarily an ordinary path; POSIX reserves leading '//' - # and for example Cygwin uses it to access remote file shares - # over CIFS/SMB, so we conserve a leading double slash if found. - func_normal_abspath_altnamespace=/ - ;; - /*) - # Absolute path, do nothing. - ;; - *) - # Relative path, prepend $cwd. - func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath - ;; - esac - # Cancel out all the simple stuff to save iterations. We also want - # the path to end with a slash for ease of parsing, so make sure - # there is one (and only one) here. - func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$removedotparts" -e "$collapseslashes" -e "$finalslash"` - while :; do - # Processed it all yet? - if test "$func_normal_abspath_tpath" = / ; then - # If we ascended to the root using ".." the result may be empty now. - if test -z "$func_normal_abspath_result" ; then - func_normal_abspath_result=/ - fi - break - fi - func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$pathcar"` - func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ - -e "$pathcdr"` - # Figure out what to do with it - case $func_normal_abspath_tcomponent in - "") - # Trailing empty path component, ignore it. - ;; - ..) - # Parent dir; strip last assembled component from result. - func_dirname "$func_normal_abspath_result" - func_normal_abspath_result=$func_dirname_result - ;; - *) - # Actual path component, append it. - func_normal_abspath_result=$func_normal_abspath_result/$func_normal_abspath_tcomponent - ;; - esac - done - # Restore leading double-slash if one was found on entry. - func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result -} - -# func_relative_path SRCDIR DSTDIR -# generates a relative path from SRCDIR to DSTDIR, with a trailing -# slash if non-empty, suitable for immediately appending a filename -# without needing to append a separator. -# value returned in "$func_relative_path_result" -func_relative_path () -{ - func_relative_path_result= - func_normal_abspath "$1" - func_relative_path_tlibdir=$func_normal_abspath_result - func_normal_abspath "$2" - func_relative_path_tbindir=$func_normal_abspath_result - - # Ascend the tree starting from libdir - while :; do - # check if we have found a prefix of bindir - case $func_relative_path_tbindir in - $func_relative_path_tlibdir) - # found an exact match - func_relative_path_tcancelled= - break - ;; - $func_relative_path_tlibdir*) - # found a matching prefix - func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir" - func_relative_path_tcancelled=$func_stripname_result - if test -z "$func_relative_path_result"; then - func_relative_path_result=. - fi - break - ;; - *) - func_dirname $func_relative_path_tlibdir - func_relative_path_tlibdir=${func_dirname_result} - if test "x$func_relative_path_tlibdir" = x ; then - # Have to descend all the way to the root! - func_relative_path_result=../$func_relative_path_result - func_relative_path_tcancelled=$func_relative_path_tbindir - break - fi - func_relative_path_result=../$func_relative_path_result - ;; - esac - done - - # Now calculate path; take care to avoid doubling-up slashes. - func_stripname '' '/' "$func_relative_path_result" - func_relative_path_result=$func_stripname_result - func_stripname '/' '/' "$func_relative_path_tcancelled" - if test "x$func_stripname_result" != x ; then - func_relative_path_result=${func_relative_path_result}/${func_stripname_result} - fi - - # Normalisation. If bindir is libdir, return empty string, - # else relative path ending with a slash; either way, target - # file name can be directly appended. - if test ! -z "$func_relative_path_result"; then - func_stripname './' '' "$func_relative_path_result/" - func_relative_path_result=$func_stripname_result - fi -} - -# The name of this program: -func_dirname_and_basename "$progpath" -progname=$func_basename_result - -# Make sure we have an absolute path for reexecution: -case $progpath in - [\\/]*|[A-Za-z]:\\*) ;; - *[\\/]*) - progdir=$func_dirname_result - progdir=`cd "$progdir" && pwd` - progpath="$progdir/$progname" - ;; - *) - save_IFS="$IFS" - IFS=${PATH_SEPARATOR-:} - for progdir in $PATH; do - IFS="$save_IFS" - test -x "$progdir/$progname" && break - done - IFS="$save_IFS" - test -n "$progdir" || progdir=`pwd` - progpath="$progdir/$progname" - ;; -esac - -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed="${SED}"' -e 1s/^X//' -sed_quote_subst='s/\([`"$\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\(["`\\]\)/\\\1/g' - -# Sed substitution that turns a string into a regex matching for the -# string literally. -sed_make_literal_regex='s,[].[^$\\*\/],\\&,g' - -# Sed substitution that converts a w32 file name or path -# which contains forward slashes, into one that contains -# (escaped) backslashes. A very naive implementation. -lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' - -# Re-`\' parameter expansions in output of double_quote_subst that were -# `\'-ed in input to the same. If an odd number of `\' preceded a '$' -# in input to double_quote_subst, that '$' was protected from expansion. -# Since each input `\' is now two `\'s, look for any number of runs of -# four `\'s followed by two `\'s and then a '$'. `\' that '$'. -bs='\\' -bs2='\\\\' -bs4='\\\\\\\\' -dollar='\$' -sed_double_backslash="\ - s/$bs4/&\\ -/g - s/^$bs2$dollar/$bs&/ - s/\\([^$bs]\\)$bs2$dollar/\\1$bs2$bs$dollar/g - s/\n//g" - -# Standard options: -opt_dry_run=false -opt_help=false -opt_quiet=false -opt_verbose=false -opt_warning=: - -# func_echo arg... -# Echo program name prefixed message, along with the current mode -# name if it has been set yet. -func_echo () -{ - $ECHO "$progname: ${opt_mode+$opt_mode: }$*" -} - -# func_verbose arg... -# Echo program name prefixed message in verbose mode only. -func_verbose () -{ - $opt_verbose && func_echo ${1+"$@"} - - # A bug in bash halts the script if the last line of a function - # fails when set -e is in force, so we need another command to - # work around that: - : -} - -# func_echo_all arg... -# Invoke $ECHO with all args, space-separated. -func_echo_all () -{ - $ECHO "$*" -} - -# func_error arg... -# Echo program name prefixed message to standard error. -func_error () -{ - $ECHO "$progname: ${opt_mode+$opt_mode: }"${1+"$@"} 1>&2 -} - -# func_warning arg... -# Echo program name prefixed warning message to standard error. -func_warning () -{ - $opt_warning && $ECHO "$progname: ${opt_mode+$opt_mode: }warning: "${1+"$@"} 1>&2 - - # bash bug again: - : -} - -# func_fatal_error arg... -# Echo program name prefixed message to standard error, and exit. -func_fatal_error () -{ - func_error ${1+"$@"} - exit $EXIT_FAILURE -} - -# func_fatal_help arg... -# Echo program name prefixed message to standard error, followed by -# a help hint, and exit. -func_fatal_help () -{ - func_error ${1+"$@"} - func_fatal_error "$help" -} -help="Try \`$progname --help' for more information." ## default - - -# func_grep expression filename -# Check whether EXPRESSION matches any line of FILENAME, without output. -func_grep () -{ - $GREP "$1" "$2" >/dev/null 2>&1 -} - - -# func_mkdir_p directory-path -# Make sure the entire path to DIRECTORY-PATH is available. -func_mkdir_p () -{ - my_directory_path="$1" - my_dir_list= - - if test -n "$my_directory_path" && test "$opt_dry_run" != ":"; then - - # Protect directory names starting with `-' - case $my_directory_path in - -*) my_directory_path="./$my_directory_path" ;; - esac - - # While some portion of DIR does not yet exist... - while test ! -d "$my_directory_path"; do - # ...make a list in topmost first order. Use a colon delimited - # list incase some portion of path contains whitespace. - my_dir_list="$my_directory_path:$my_dir_list" - - # If the last portion added has no slash in it, the list is done - case $my_directory_path in */*) ;; *) break ;; esac - - # ...otherwise throw away the child directory and loop - my_directory_path=`$ECHO "$my_directory_path" | $SED -e "$dirname"` - done - my_dir_list=`$ECHO "$my_dir_list" | $SED 's,:*$,,'` - - save_mkdir_p_IFS="$IFS"; IFS=':' - for my_dir in $my_dir_list; do - IFS="$save_mkdir_p_IFS" - # mkdir can fail with a `File exist' error if two processes - # try to create one of the directories concurrently. Don't - # stop in that case! - $MKDIR "$my_dir" 2>/dev/null || : - done - IFS="$save_mkdir_p_IFS" - - # Bail out if we (or some other process) failed to create a directory. - test -d "$my_directory_path" || \ - func_fatal_error "Failed to create \`$1'" - fi -} - - -# func_mktempdir [string] -# Make a temporary directory that won't clash with other running -# libtool processes, and avoids race conditions if possible. If -# given, STRING is the basename for that directory. -func_mktempdir () -{ - my_template="${TMPDIR-/tmp}/${1-$progname}" - - if test "$opt_dry_run" = ":"; then - # Return a directory name, but don't create it in dry-run mode - my_tmpdir="${my_template}-$$" - else - - # If mktemp works, use that first and foremost - my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null` - - if test ! -d "$my_tmpdir"; then - # Failing that, at least try and use $RANDOM to avoid a race - my_tmpdir="${my_template}-${RANDOM-0}$$" - - save_mktempdir_umask=`umask` - umask 0077 - $MKDIR "$my_tmpdir" - umask $save_mktempdir_umask - fi - - # If we're not in dry-run mode, bomb out on failure - test -d "$my_tmpdir" || \ - func_fatal_error "cannot create temporary directory \`$my_tmpdir'" - fi - - $ECHO "$my_tmpdir" -} - - -# func_quote_for_eval arg -# Aesthetically quote ARG to be evaled later. -# This function returns two values: FUNC_QUOTE_FOR_EVAL_RESULT -# is double-quoted, suitable for a subsequent eval, whereas -# FUNC_QUOTE_FOR_EVAL_UNQUOTED_RESULT has merely all characters -# which are still active within double quotes backslashified. -func_quote_for_eval () -{ - case $1 in - *[\\\`\"\$]*) - func_quote_for_eval_unquoted_result=`$ECHO "$1" | $SED "$sed_quote_subst"` ;; - *) - func_quote_for_eval_unquoted_result="$1" ;; - esac - - case $func_quote_for_eval_unquoted_result in - # Double-quote args containing shell metacharacters to delay - # word splitting, command substitution and and variable - # expansion for a subsequent eval. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, so we specify it separately. - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - func_quote_for_eval_result="\"$func_quote_for_eval_unquoted_result\"" - ;; - *) - func_quote_for_eval_result="$func_quote_for_eval_unquoted_result" - esac -} - - -# func_quote_for_expand arg -# Aesthetically quote ARG to be evaled later; same as above, -# but do not quote variable references. -func_quote_for_expand () -{ - case $1 in - *[\\\`\"]*) - my_arg=`$ECHO "$1" | $SED \ - -e "$double_quote_subst" -e "$sed_double_backslash"` ;; - *) - my_arg="$1" ;; - esac - - case $my_arg in - # Double-quote args containing shell metacharacters to delay - # word splitting and command substitution for a subsequent eval. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, so we specify it separately. - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - my_arg="\"$my_arg\"" - ;; - esac - - func_quote_for_expand_result="$my_arg" -} - - -# func_show_eval cmd [fail_exp] -# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is -# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP -# is given, then evaluate it. -func_show_eval () -{ - my_cmd="$1" - my_fail_exp="${2-:}" - - ${opt_silent-false} || { - func_quote_for_expand "$my_cmd" - eval "func_echo $func_quote_for_expand_result" - } - - if ${opt_dry_run-false}; then :; else - eval "$my_cmd" - my_status=$? - if test "$my_status" -eq 0; then :; else - eval "(exit $my_status); $my_fail_exp" - fi - fi -} - - -# func_show_eval_locale cmd [fail_exp] -# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is -# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP -# is given, then evaluate it. Use the saved locale for evaluation. -func_show_eval_locale () -{ - my_cmd="$1" - my_fail_exp="${2-:}" - - ${opt_silent-false} || { - func_quote_for_expand "$my_cmd" - eval "func_echo $func_quote_for_expand_result" - } - - if ${opt_dry_run-false}; then :; else - eval "$lt_user_locale - $my_cmd" - my_status=$? - eval "$lt_safe_locale" - if test "$my_status" -eq 0; then :; else - eval "(exit $my_status); $my_fail_exp" - fi - fi -} - -# func_tr_sh -# Turn $1 into a string suitable for a shell variable name. -# Result is stored in $func_tr_sh_result. All characters -# not in the set a-zA-Z0-9_ are replaced with '_'. Further, -# if $1 begins with a digit, a '_' is prepended as well. -func_tr_sh () -{ - case $1 in - [0-9]* | *[!a-zA-Z0-9_]*) - func_tr_sh_result=`$ECHO "$1" | $SED 's/^\([0-9]\)/_\1/; s/[^a-zA-Z0-9_]/_/g'` - ;; - * ) - func_tr_sh_result=$1 - ;; - esac -} - - -# func_version -# Echo version message to standard output and exit. -func_version () -{ - $opt_debug - - $SED -n '/(C)/!b go - :more - /\./!{ - N - s/\n# / / - b more - } - :go - /^# '$PROGRAM' (GNU /,/# warranty; / { - s/^# // - s/^# *$// - s/\((C)\)[ 0-9,-]*\( [1-9][0-9]*\)/\1\2/ - p - }' < "$progpath" - exit $? -} - -# func_usage -# Echo short help message to standard output and exit. -func_usage () -{ - $opt_debug - - $SED -n '/^# Usage:/,/^# *.*--help/ { - s/^# // - s/^# *$// - s/\$progname/'$progname'/ - p - }' < "$progpath" - echo - $ECHO "run \`$progname --help | more' for full usage" - exit $? -} - -# func_help [NOEXIT] -# Echo long help message to standard output and exit, -# unless 'noexit' is passed as argument. -func_help () -{ - $opt_debug - - $SED -n '/^# Usage:/,/# Report bugs to/ { - :print - s/^# // - s/^# *$// - s*\$progname*'$progname'* - s*\$host*'"$host"'* - s*\$SHELL*'"$SHELL"'* - s*\$LTCC*'"$LTCC"'* - s*\$LTCFLAGS*'"$LTCFLAGS"'* - s*\$LD*'"$LD"'* - s/\$with_gnu_ld/'"$with_gnu_ld"'/ - s/\$automake_version/'"`(${AUTOMAKE-automake} --version) 2>/dev/null |$SED 1q`"'/ - s/\$autoconf_version/'"`(${AUTOCONF-autoconf} --version) 2>/dev/null |$SED 1q`"'/ - p - d - } - /^# .* home page:/b print - /^# General help using/b print - ' < "$progpath" - ret=$? - if test -z "$1"; then - exit $ret - fi -} - -# func_missing_arg argname -# Echo program name prefixed message to standard error and set global -# exit_cmd. -func_missing_arg () -{ - $opt_debug - - func_error "missing argument for $1." - exit_cmd=exit -} - - -# func_split_short_opt shortopt -# Set func_split_short_opt_name and func_split_short_opt_arg shell -# variables after splitting SHORTOPT after the 2nd character. -func_split_short_opt () -{ - my_sed_short_opt='1s/^\(..\).*$/\1/;q' - my_sed_short_rest='1s/^..\(.*\)$/\1/;q' - - func_split_short_opt_name=`$ECHO "$1" | $SED "$my_sed_short_opt"` - func_split_short_opt_arg=`$ECHO "$1" | $SED "$my_sed_short_rest"` -} # func_split_short_opt may be replaced by extended shell implementation - - -# func_split_long_opt longopt -# Set func_split_long_opt_name and func_split_long_opt_arg shell -# variables after splitting LONGOPT at the `=' sign. -func_split_long_opt () -{ - my_sed_long_opt='1s/^\(--[^=]*\)=.*/\1/;q' - my_sed_long_arg='1s/^--[^=]*=//' - - func_split_long_opt_name=`$ECHO "$1" | $SED "$my_sed_long_opt"` - func_split_long_opt_arg=`$ECHO "$1" | $SED "$my_sed_long_arg"` -} # func_split_long_opt may be replaced by extended shell implementation - -exit_cmd=: - - - - - -magic="%%%MAGIC variable%%%" -magic_exe="%%%MAGIC EXE variable%%%" - -# Global variables. -nonopt= -preserve_args= -lo2o="s/\\.lo\$/.${objext}/" -o2lo="s/\\.${objext}\$/.lo/" -extracted_archives= -extracted_serial=0 - -# If this variable is set in any of the actions, the command in it -# will be execed at the end. This prevents here-documents from being -# left over by shells. -exec_cmd= - -# func_append var value -# Append VALUE to the end of shell variable VAR. -func_append () -{ - eval "${1}=\$${1}\${2}" -} # func_append may be replaced by extended shell implementation - -# func_append_quoted var value -# Quote VALUE and append to the end of shell variable VAR, separated -# by a space. -func_append_quoted () -{ - func_quote_for_eval "${2}" - eval "${1}=\$${1}\\ \$func_quote_for_eval_result" -} # func_append_quoted may be replaced by extended shell implementation - - -# func_arith arithmetic-term... -func_arith () -{ - func_arith_result=`expr "${@}"` -} # func_arith may be replaced by extended shell implementation - - -# func_len string -# STRING may not start with a hyphen. -func_len () -{ - func_len_result=`expr "${1}" : ".*" 2>/dev/null || echo $max_cmd_len` -} # func_len may be replaced by extended shell implementation - - -# func_lo2o object -func_lo2o () -{ - func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"` -} # func_lo2o may be replaced by extended shell implementation - - -# func_xform libobj-or-source -func_xform () -{ - func_xform_result=`$ECHO "${1}" | $SED 's/\.[^.]*$/.lo/'` -} # func_xform may be replaced by extended shell implementation - - -# func_fatal_configuration arg... -# Echo program name prefixed message to standard error, followed by -# a configuration failure hint, and exit. -func_fatal_configuration () -{ - func_error ${1+"$@"} - func_error "See the $PACKAGE documentation for more information." - func_fatal_error "Fatal configuration error." -} - - -# func_config -# Display the configuration for all the tags in this script. -func_config () -{ - re_begincf='^# ### BEGIN LIBTOOL' - re_endcf='^# ### END LIBTOOL' - - # Default configuration. - $SED "1,/$re_begincf CONFIG/d;/$re_endcf CONFIG/,\$d" < "$progpath" - - # Now print the configurations for the tags. - for tagname in $taglist; do - $SED -n "/$re_begincf TAG CONFIG: $tagname\$/,/$re_endcf TAG CONFIG: $tagname\$/p" < "$progpath" - done - - exit $? -} - -# func_features -# Display the features supported by this script. -func_features () -{ - echo "host: $host" - if test "$build_libtool_libs" = yes; then - echo "enable shared libraries" - else - echo "disable shared libraries" - fi - if test "$build_old_libs" = yes; then - echo "enable static libraries" - else - echo "disable static libraries" - fi - - exit $? -} - -# func_enable_tag tagname -# Verify that TAGNAME is valid, and either flag an error and exit, or -# enable the TAGNAME tag. We also add TAGNAME to the global $taglist -# variable here. -func_enable_tag () -{ - # Global variable: - tagname="$1" - - re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$" - re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$" - sed_extractcf="/$re_begincf/,/$re_endcf/p" - - # Validate tagname. - case $tagname in - *[!-_A-Za-z0-9,/]*) - func_fatal_error "invalid tag name: $tagname" - ;; - esac - - # Don't test for the "default" C tag, as we know it's - # there but not specially marked. - case $tagname in - CC) ;; - *) - if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then - taglist="$taglist $tagname" - - # Evaluate the configuration. Be careful to quote the path - # and the sed script, to avoid splitting on whitespace, but - # also don't use non-portable quotes within backquotes within - # quotes we have to do it in 2 steps: - extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"` - eval "$extractedcf" - else - func_error "ignoring unknown tag $tagname" - fi - ;; - esac -} - -# func_check_version_match -# Ensure that we are using m4 macros, and libtool script from the same -# release of libtool. -func_check_version_match () -{ - if test "$package_revision" != "$macro_revision"; then - if test "$VERSION" != "$macro_version"; then - if test -z "$macro_version"; then - cat >&2 <<_LT_EOF -$progname: Version mismatch error. This is $PACKAGE $VERSION, but the -$progname: definition of this LT_INIT comes from an older release. -$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION -$progname: and run autoconf again. -_LT_EOF - else - cat >&2 <<_LT_EOF -$progname: Version mismatch error. This is $PACKAGE $VERSION, but the -$progname: definition of this LT_INIT comes from $PACKAGE $macro_version. -$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION -$progname: and run autoconf again. -_LT_EOF - fi - else - cat >&2 <<_LT_EOF -$progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision, -$progname: but the definition of this LT_INIT comes from revision $macro_revision. -$progname: You should recreate aclocal.m4 with macros from revision $package_revision -$progname: of $PACKAGE $VERSION and run autoconf again. -_LT_EOF - fi - - exit $EXIT_MISMATCH - fi -} - - -# Shorthand for --mode=foo, only valid as the first argument -case $1 in -clean|clea|cle|cl) - shift; set dummy --mode clean ${1+"$@"}; shift - ;; -compile|compil|compi|comp|com|co|c) - shift; set dummy --mode compile ${1+"$@"}; shift - ;; -execute|execut|execu|exec|exe|ex|e) - shift; set dummy --mode execute ${1+"$@"}; shift - ;; -finish|finis|fini|fin|fi|f) - shift; set dummy --mode finish ${1+"$@"}; shift - ;; -install|instal|insta|inst|ins|in|i) - shift; set dummy --mode install ${1+"$@"}; shift - ;; -link|lin|li|l) - shift; set dummy --mode link ${1+"$@"}; shift - ;; -uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) - shift; set dummy --mode uninstall ${1+"$@"}; shift - ;; -esac - - - -# Option defaults: -opt_debug=: -opt_dry_run=false -opt_config=false -opt_preserve_dup_deps=false -opt_features=false -opt_finish=false -opt_help=false -opt_help_all=false -opt_silent=: -opt_warning=: -opt_verbose=: -opt_silent=false -opt_verbose=false - - -# Parse options once, thoroughly. This comes as soon as possible in the -# script to make things like `--version' happen as quickly as we can. -{ - # this just eases exit handling - while test $# -gt 0; do - opt="$1" - shift - case $opt in - --debug|-x) opt_debug='set -x' - func_echo "enabling shell trace mode" - $opt_debug - ;; - --dry-run|--dryrun|-n) - opt_dry_run=: - ;; - --config) - opt_config=: -func_config - ;; - --dlopen|-dlopen) - optarg="$1" - opt_dlopen="${opt_dlopen+$opt_dlopen -}$optarg" - shift - ;; - --preserve-dup-deps) - opt_preserve_dup_deps=: - ;; - --features) - opt_features=: -func_features - ;; - --finish) - opt_finish=: -set dummy --mode finish ${1+"$@"}; shift - ;; - --help) - opt_help=: - ;; - --help-all) - opt_help_all=: -opt_help=': help-all' - ;; - --mode) - test $# = 0 && func_missing_arg $opt && break - optarg="$1" - opt_mode="$optarg" -case $optarg in - # Valid mode arguments: - clean|compile|execute|finish|install|link|relink|uninstall) ;; - - # Catch anything else as an error - *) func_error "invalid argument for $opt" - exit_cmd=exit - break - ;; -esac - shift - ;; - --no-silent|--no-quiet) - opt_silent=false -func_append preserve_args " $opt" - ;; - --no-warning|--no-warn) - opt_warning=false -func_append preserve_args " $opt" - ;; - --no-verbose) - opt_verbose=false -func_append preserve_args " $opt" - ;; - --silent|--quiet) - opt_silent=: -func_append preserve_args " $opt" - opt_verbose=false - ;; - --verbose|-v) - opt_verbose=: -func_append preserve_args " $opt" -opt_silent=false - ;; - --tag) - test $# = 0 && func_missing_arg $opt && break - optarg="$1" - opt_tag="$optarg" -func_append preserve_args " $opt $optarg" -func_enable_tag "$optarg" - shift - ;; - - -\?|-h) func_usage ;; - --help) func_help ;; - --version) func_version ;; - - # Separate optargs to long options: - --*=*) - func_split_long_opt "$opt" - set dummy "$func_split_long_opt_name" "$func_split_long_opt_arg" ${1+"$@"} - shift - ;; - - # Separate non-argument short options: - -\?*|-h*|-n*|-v*) - func_split_short_opt "$opt" - set dummy "$func_split_short_opt_name" "-$func_split_short_opt_arg" ${1+"$@"} - shift - ;; - - --) break ;; - -*) func_fatal_help "unrecognized option \`$opt'" ;; - *) set dummy "$opt" ${1+"$@"}; shift; break ;; - esac - done - - # Validate options: - - # save first non-option argument - if test "$#" -gt 0; then - nonopt="$opt" - shift - fi - - # preserve --debug - test "$opt_debug" = : || func_append preserve_args " --debug" - - case $host in - *cygwin* | *mingw* | *pw32* | *cegcc*) - # don't eliminate duplications in $postdeps and $predeps - opt_duplicate_compiler_generated_deps=: - ;; - *) - opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps - ;; - esac - - $opt_help || { - # Sanity checks first: - func_check_version_match - - if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then - func_fatal_configuration "not configured to build any kind of library" - fi - - # Darwin sucks - eval std_shrext=\"$shrext_cmds\" - - # Only execute mode is allowed to have -dlopen flags. - if test -n "$opt_dlopen" && test "$opt_mode" != execute; then - func_error "unrecognized option \`-dlopen'" - $ECHO "$help" 1>&2 - exit $EXIT_FAILURE - fi - - # Change the help message to a mode-specific one. - generic_help="$help" - help="Try \`$progname --help --mode=$opt_mode' for more information." - } - - - # Bail if the options were screwed - $exit_cmd $EXIT_FAILURE -} - - - - -## ----------- ## -## Main. ## -## ----------- ## - -# func_lalib_p file -# True iff FILE is a libtool `.la' library or `.lo' object file. -# This function is only a basic sanity check; it will hardly flush out -# determined imposters. -func_lalib_p () -{ - test -f "$1" && - $SED -e 4q "$1" 2>/dev/null \ - | $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1 -} - -# func_lalib_unsafe_p file -# True iff FILE is a libtool `.la' library or `.lo' object file. -# This function implements the same check as func_lalib_p without -# resorting to external programs. To this end, it redirects stdin and -# closes it afterwards, without saving the original file descriptor. -# As a safety measure, use it only where a negative result would be -# fatal anyway. Works if `file' does not exist. -func_lalib_unsafe_p () -{ - lalib_p=no - if test -f "$1" && test -r "$1" && exec 5<&0 <"$1"; then - for lalib_p_l in 1 2 3 4 - do - read lalib_p_line - case "$lalib_p_line" in - \#\ Generated\ by\ *$PACKAGE* ) lalib_p=yes; break;; - esac - done - exec 0<&5 5<&- - fi - test "$lalib_p" = yes -} - -# func_ltwrapper_script_p file -# True iff FILE is a libtool wrapper script -# This function is only a basic sanity check; it will hardly flush out -# determined imposters. -func_ltwrapper_script_p () -{ - func_lalib_p "$1" -} - -# func_ltwrapper_executable_p file -# True iff FILE is a libtool wrapper executable -# This function is only a basic sanity check; it will hardly flush out -# determined imposters. -func_ltwrapper_executable_p () -{ - func_ltwrapper_exec_suffix= - case $1 in - *.exe) ;; - *) func_ltwrapper_exec_suffix=.exe ;; - esac - $GREP "$magic_exe" "$1$func_ltwrapper_exec_suffix" >/dev/null 2>&1 -} - -# func_ltwrapper_scriptname file -# Assumes file is an ltwrapper_executable -# uses $file to determine the appropriate filename for a -# temporary ltwrapper_script. -func_ltwrapper_scriptname () -{ - func_dirname_and_basename "$1" "" "." - func_stripname '' '.exe' "$func_basename_result" - func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper" -} - -# func_ltwrapper_p file -# True iff FILE is a libtool wrapper script or wrapper executable -# This function is only a basic sanity check; it will hardly flush out -# determined imposters. -func_ltwrapper_p () -{ - func_ltwrapper_script_p "$1" || func_ltwrapper_executable_p "$1" -} - - -# func_execute_cmds commands fail_cmd -# Execute tilde-delimited COMMANDS. -# If FAIL_CMD is given, eval that upon failure. -# FAIL_CMD may read-access the current command in variable CMD! -func_execute_cmds () -{ - $opt_debug - save_ifs=$IFS; IFS='~' - for cmd in $1; do - IFS=$save_ifs - eval cmd=\"$cmd\" - func_show_eval "$cmd" "${2-:}" - done - IFS=$save_ifs -} - - -# func_source file -# Source FILE, adding directory component if necessary. -# Note that it is not necessary on cygwin/mingw to append a dot to -# FILE even if both FILE and FILE.exe exist: automatic-append-.exe -# behavior happens only for exec(3), not for open(2)! Also, sourcing -# `FILE.' does not work on cygwin managed mounts. -func_source () -{ - $opt_debug - case $1 in - */* | *\\*) . "$1" ;; - *) . "./$1" ;; - esac -} - - -# func_resolve_sysroot PATH -# Replace a leading = in PATH with a sysroot. Store the result into -# func_resolve_sysroot_result -func_resolve_sysroot () -{ - func_resolve_sysroot_result=$1 - case $func_resolve_sysroot_result in - =*) - func_stripname '=' '' "$func_resolve_sysroot_result" - func_resolve_sysroot_result=$lt_sysroot$func_stripname_result - ;; - esac -} - -# func_replace_sysroot PATH -# If PATH begins with the sysroot, replace it with = and -# store the result into func_replace_sysroot_result. -func_replace_sysroot () -{ - case "$lt_sysroot:$1" in - ?*:"$lt_sysroot"*) - func_stripname "$lt_sysroot" '' "$1" - func_replace_sysroot_result="=$func_stripname_result" - ;; - *) - # Including no sysroot. - func_replace_sysroot_result=$1 - ;; - esac -} - -# func_infer_tag arg -# Infer tagged configuration to use if any are available and -# if one wasn't chosen via the "--tag" command line option. -# Only attempt this if the compiler in the base compile -# command doesn't match the default compiler. -# arg is usually of the form 'gcc ...' -func_infer_tag () -{ - $opt_debug - if test -n "$available_tags" && test -z "$tagname"; then - CC_quoted= - for arg in $CC; do - func_append_quoted CC_quoted "$arg" - done - CC_expanded=`func_echo_all $CC` - CC_quoted_expanded=`func_echo_all $CC_quoted` - case $@ in - # Blanks in the command may have been stripped by the calling shell, - # but not from the CC environment variable when configure was run. - " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \ - " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) ;; - # Blanks at the start of $base_compile will cause this to fail - # if we don't check for them as well. - *) - for z in $available_tags; do - if $GREP "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then - # Evaluate the configuration. - eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" - CC_quoted= - for arg in $CC; do - # Double-quote args containing other shell metacharacters. - func_append_quoted CC_quoted "$arg" - done - CC_expanded=`func_echo_all $CC` - CC_quoted_expanded=`func_echo_all $CC_quoted` - case "$@ " in - " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \ - " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) - # The compiler in the base compile command matches - # the one in the tagged configuration. - # Assume this is the tagged configuration we want. - tagname=$z - break - ;; - esac - fi - done - # If $tagname still isn't set, then no tagged configuration - # was found and let the user know that the "--tag" command - # line option must be used. - if test -z "$tagname"; then - func_echo "unable to infer tagged configuration" - func_fatal_error "specify a tag with \`--tag'" -# else -# func_verbose "using $tagname tagged configuration" - fi - ;; - esac - fi -} - - - -# func_write_libtool_object output_name pic_name nonpic_name -# Create a libtool object file (analogous to a ".la" file), -# but don't create it if we're doing a dry run. -func_write_libtool_object () -{ - write_libobj=${1} - if test "$build_libtool_libs" = yes; then - write_lobj=\'${2}\' - else - write_lobj=none - fi - - if test "$build_old_libs" = yes; then - write_oldobj=\'${3}\' - else - write_oldobj=none - fi - - $opt_dry_run || { - cat >${write_libobj}T </dev/null` - if test "$?" -eq 0 && test -n "${func_convert_core_file_wine_to_w32_tmp}"; then - func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" | - $SED -e "$lt_sed_naive_backslashify"` - else - func_convert_core_file_wine_to_w32_result= - fi - fi -} -# end: func_convert_core_file_wine_to_w32 - - -# func_convert_core_path_wine_to_w32 ARG -# Helper function used by path conversion functions when $build is *nix, and -# $host is mingw, cygwin, or some other w32 environment. Relies on a correctly -# configured wine environment available, with the winepath program in $build's -# $PATH. Assumes ARG has no leading or trailing path separator characters. -# -# ARG is path to be converted from $build format to win32. -# Result is available in $func_convert_core_path_wine_to_w32_result. -# Unconvertible file (directory) names in ARG are skipped; if no directory names -# are convertible, then the result may be empty. -func_convert_core_path_wine_to_w32 () -{ - $opt_debug - # unfortunately, winepath doesn't convert paths, only file names - func_convert_core_path_wine_to_w32_result="" - if test -n "$1"; then - oldIFS=$IFS - IFS=: - for func_convert_core_path_wine_to_w32_f in $1; do - IFS=$oldIFS - func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f" - if test -n "$func_convert_core_file_wine_to_w32_result" ; then - if test -z "$func_convert_core_path_wine_to_w32_result"; then - func_convert_core_path_wine_to_w32_result="$func_convert_core_file_wine_to_w32_result" - else - func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result" - fi - fi - done - IFS=$oldIFS - fi -} -# end: func_convert_core_path_wine_to_w32 - - -# func_cygpath ARGS... -# Wrapper around calling the cygpath program via LT_CYGPATH. This is used when -# when (1) $build is *nix and Cygwin is hosted via a wine environment; or (2) -# $build is MSYS and $host is Cygwin, or (3) $build is Cygwin. In case (1) or -# (2), returns the Cygwin file name or path in func_cygpath_result (input -# file name or path is assumed to be in w32 format, as previously converted -# from $build's *nix or MSYS format). In case (3), returns the w32 file name -# or path in func_cygpath_result (input file name or path is assumed to be in -# Cygwin format). Returns an empty string on error. -# -# ARGS are passed to cygpath, with the last one being the file name or path to -# be converted. -# -# Specify the absolute *nix (or w32) name to cygpath in the LT_CYGPATH -# environment variable; do not put it in $PATH. -func_cygpath () -{ - $opt_debug - if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then - func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null` - if test "$?" -ne 0; then - # on failure, ensure result is empty - func_cygpath_result= - fi - else - func_cygpath_result= - func_error "LT_CYGPATH is empty or specifies non-existent file: \`$LT_CYGPATH'" - fi -} -#end: func_cygpath - - -# func_convert_core_msys_to_w32 ARG -# Convert file name or path ARG from MSYS format to w32 format. Return -# result in func_convert_core_msys_to_w32_result. -func_convert_core_msys_to_w32 () -{ - $opt_debug - # awkward: cmd appends spaces to result - func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null | - $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"` -} -#end: func_convert_core_msys_to_w32 - - -# func_convert_file_check ARG1 ARG2 -# Verify that ARG1 (a file name in $build format) was converted to $host -# format in ARG2. Otherwise, emit an error message, but continue (resetting -# func_to_host_file_result to ARG1). -func_convert_file_check () -{ - $opt_debug - if test -z "$2" && test -n "$1" ; then - func_error "Could not determine host file name corresponding to" - func_error " \`$1'" - func_error "Continuing, but uninstalled executables may not work." - # Fallback: - func_to_host_file_result="$1" - fi -} -# end func_convert_file_check - - -# func_convert_path_check FROM_PATHSEP TO_PATHSEP FROM_PATH TO_PATH -# Verify that FROM_PATH (a path in $build format) was converted to $host -# format in TO_PATH. Otherwise, emit an error message, but continue, resetting -# func_to_host_file_result to a simplistic fallback value (see below). -func_convert_path_check () -{ - $opt_debug - if test -z "$4" && test -n "$3"; then - func_error "Could not determine the host path corresponding to" - func_error " \`$3'" - func_error "Continuing, but uninstalled executables may not work." - # Fallback. This is a deliberately simplistic "conversion" and - # should not be "improved". See libtool.info. - if test "x$1" != "x$2"; then - lt_replace_pathsep_chars="s|$1|$2|g" - func_to_host_path_result=`echo "$3" | - $SED -e "$lt_replace_pathsep_chars"` - else - func_to_host_path_result="$3" - fi - fi -} -# end func_convert_path_check - - -# func_convert_path_front_back_pathsep FRONTPAT BACKPAT REPL ORIG -# Modifies func_to_host_path_result by prepending REPL if ORIG matches FRONTPAT -# and appending REPL if ORIG matches BACKPAT. -func_convert_path_front_back_pathsep () -{ - $opt_debug - case $4 in - $1 ) func_to_host_path_result="$3$func_to_host_path_result" - ;; - esac - case $4 in - $2 ) func_append func_to_host_path_result "$3" - ;; - esac -} -# end func_convert_path_front_back_pathsep - - -################################################## -# $build to $host FILE NAME CONVERSION FUNCTIONS # -################################################## -# invoked via `$to_host_file_cmd ARG' -# -# In each case, ARG is the path to be converted from $build to $host format. -# Result will be available in $func_to_host_file_result. - - -# func_to_host_file ARG -# Converts the file name ARG from $build format to $host format. Return result -# in func_to_host_file_result. -func_to_host_file () -{ - $opt_debug - $to_host_file_cmd "$1" -} -# end func_to_host_file - - -# func_to_tool_file ARG LAZY -# converts the file name ARG from $build format to toolchain format. Return -# result in func_to_tool_file_result. If the conversion in use is listed -# in (the comma separated) LAZY, no conversion takes place. -func_to_tool_file () -{ - $opt_debug - case ,$2, in - *,"$to_tool_file_cmd",*) - func_to_tool_file_result=$1 - ;; - *) - $to_tool_file_cmd "$1" - func_to_tool_file_result=$func_to_host_file_result - ;; - esac -} -# end func_to_tool_file - - -# func_convert_file_noop ARG -# Copy ARG to func_to_host_file_result. -func_convert_file_noop () -{ - func_to_host_file_result="$1" -} -# end func_convert_file_noop - - -# func_convert_file_msys_to_w32 ARG -# Convert file name ARG from (mingw) MSYS to (mingw) w32 format; automatic -# conversion to w32 is not available inside the cwrapper. Returns result in -# func_to_host_file_result. -func_convert_file_msys_to_w32 () -{ - $opt_debug - func_to_host_file_result="$1" - if test -n "$1"; then - func_convert_core_msys_to_w32 "$1" - func_to_host_file_result="$func_convert_core_msys_to_w32_result" - fi - func_convert_file_check "$1" "$func_to_host_file_result" -} -# end func_convert_file_msys_to_w32 - - -# func_convert_file_cygwin_to_w32 ARG -# Convert file name ARG from Cygwin to w32 format. Returns result in -# func_to_host_file_result. -func_convert_file_cygwin_to_w32 () -{ - $opt_debug - func_to_host_file_result="$1" - if test -n "$1"; then - # because $build is cygwin, we call "the" cygpath in $PATH; no need to use - # LT_CYGPATH in this case. - func_to_host_file_result=`cygpath -m "$1"` - fi - func_convert_file_check "$1" "$func_to_host_file_result" -} -# end func_convert_file_cygwin_to_w32 - - -# func_convert_file_nix_to_w32 ARG -# Convert file name ARG from *nix to w32 format. Requires a wine environment -# and a working winepath. Returns result in func_to_host_file_result. -func_convert_file_nix_to_w32 () -{ - $opt_debug - func_to_host_file_result="$1" - if test -n "$1"; then - func_convert_core_file_wine_to_w32 "$1" - func_to_host_file_result="$func_convert_core_file_wine_to_w32_result" - fi - func_convert_file_check "$1" "$func_to_host_file_result" -} -# end func_convert_file_nix_to_w32 - - -# func_convert_file_msys_to_cygwin ARG -# Convert file name ARG from MSYS to Cygwin format. Requires LT_CYGPATH set. -# Returns result in func_to_host_file_result. -func_convert_file_msys_to_cygwin () -{ - $opt_debug - func_to_host_file_result="$1" - if test -n "$1"; then - func_convert_core_msys_to_w32 "$1" - func_cygpath -u "$func_convert_core_msys_to_w32_result" - func_to_host_file_result="$func_cygpath_result" - fi - func_convert_file_check "$1" "$func_to_host_file_result" -} -# end func_convert_file_msys_to_cygwin - - -# func_convert_file_nix_to_cygwin ARG -# Convert file name ARG from *nix to Cygwin format. Requires Cygwin installed -# in a wine environment, working winepath, and LT_CYGPATH set. Returns result -# in func_to_host_file_result. -func_convert_file_nix_to_cygwin () -{ - $opt_debug - func_to_host_file_result="$1" - if test -n "$1"; then - # convert from *nix to w32, then use cygpath to convert from w32 to cygwin. - func_convert_core_file_wine_to_w32 "$1" - func_cygpath -u "$func_convert_core_file_wine_to_w32_result" - func_to_host_file_result="$func_cygpath_result" - fi - func_convert_file_check "$1" "$func_to_host_file_result" -} -# end func_convert_file_nix_to_cygwin - - -############################################# -# $build to $host PATH CONVERSION FUNCTIONS # -############################################# -# invoked via `$to_host_path_cmd ARG' -# -# In each case, ARG is the path to be converted from $build to $host format. -# The result will be available in $func_to_host_path_result. -# -# Path separators are also converted from $build format to $host format. If -# ARG begins or ends with a path separator character, it is preserved (but -# converted to $host format) on output. -# -# All path conversion functions are named using the following convention: -# file name conversion function : func_convert_file_X_to_Y () -# path conversion function : func_convert_path_X_to_Y () -# where, for any given $build/$host combination the 'X_to_Y' value is the -# same. If conversion functions are added for new $build/$host combinations, -# the two new functions must follow this pattern, or func_init_to_host_path_cmd -# will break. - - -# func_init_to_host_path_cmd -# Ensures that function "pointer" variable $to_host_path_cmd is set to the -# appropriate value, based on the value of $to_host_file_cmd. -to_host_path_cmd= -func_init_to_host_path_cmd () -{ - $opt_debug - if test -z "$to_host_path_cmd"; then - func_stripname 'func_convert_file_' '' "$to_host_file_cmd" - to_host_path_cmd="func_convert_path_${func_stripname_result}" - fi -} - - -# func_to_host_path ARG -# Converts the path ARG from $build format to $host format. Return result -# in func_to_host_path_result. -func_to_host_path () -{ - $opt_debug - func_init_to_host_path_cmd - $to_host_path_cmd "$1" -} -# end func_to_host_path - - -# func_convert_path_noop ARG -# Copy ARG to func_to_host_path_result. -func_convert_path_noop () -{ - func_to_host_path_result="$1" -} -# end func_convert_path_noop - - -# func_convert_path_msys_to_w32 ARG -# Convert path ARG from (mingw) MSYS to (mingw) w32 format; automatic -# conversion to w32 is not available inside the cwrapper. Returns result in -# func_to_host_path_result. -func_convert_path_msys_to_w32 () -{ - $opt_debug - func_to_host_path_result="$1" - if test -n "$1"; then - # Remove leading and trailing path separator characters from ARG. MSYS - # behavior is inconsistent here; cygpath turns them into '.;' and ';.'; - # and winepath ignores them completely. - func_stripname : : "$1" - func_to_host_path_tmp1=$func_stripname_result - func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" - func_to_host_path_result="$func_convert_core_msys_to_w32_result" - func_convert_path_check : ";" \ - "$func_to_host_path_tmp1" "$func_to_host_path_result" - func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" - fi -} -# end func_convert_path_msys_to_w32 - - -# func_convert_path_cygwin_to_w32 ARG -# Convert path ARG from Cygwin to w32 format. Returns result in -# func_to_host_file_result. -func_convert_path_cygwin_to_w32 () -{ - $opt_debug - func_to_host_path_result="$1" - if test -n "$1"; then - # See func_convert_path_msys_to_w32: - func_stripname : : "$1" - func_to_host_path_tmp1=$func_stripname_result - func_to_host_path_result=`cygpath -m -p "$func_to_host_path_tmp1"` - func_convert_path_check : ";" \ - "$func_to_host_path_tmp1" "$func_to_host_path_result" - func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" - fi -} -# end func_convert_path_cygwin_to_w32 - - -# func_convert_path_nix_to_w32 ARG -# Convert path ARG from *nix to w32 format. Requires a wine environment and -# a working winepath. Returns result in func_to_host_file_result. -func_convert_path_nix_to_w32 () -{ - $opt_debug - func_to_host_path_result="$1" - if test -n "$1"; then - # See func_convert_path_msys_to_w32: - func_stripname : : "$1" - func_to_host_path_tmp1=$func_stripname_result - func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" - func_to_host_path_result="$func_convert_core_path_wine_to_w32_result" - func_convert_path_check : ";" \ - "$func_to_host_path_tmp1" "$func_to_host_path_result" - func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" - fi -} -# end func_convert_path_nix_to_w32 - - -# func_convert_path_msys_to_cygwin ARG -# Convert path ARG from MSYS to Cygwin format. Requires LT_CYGPATH set. -# Returns result in func_to_host_file_result. -func_convert_path_msys_to_cygwin () -{ - $opt_debug - func_to_host_path_result="$1" - if test -n "$1"; then - # See func_convert_path_msys_to_w32: - func_stripname : : "$1" - func_to_host_path_tmp1=$func_stripname_result - func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" - func_cygpath -u -p "$func_convert_core_msys_to_w32_result" - func_to_host_path_result="$func_cygpath_result" - func_convert_path_check : : \ - "$func_to_host_path_tmp1" "$func_to_host_path_result" - func_convert_path_front_back_pathsep ":*" "*:" : "$1" - fi -} -# end func_convert_path_msys_to_cygwin - - -# func_convert_path_nix_to_cygwin ARG -# Convert path ARG from *nix to Cygwin format. Requires Cygwin installed in a -# a wine environment, working winepath, and LT_CYGPATH set. Returns result in -# func_to_host_file_result. -func_convert_path_nix_to_cygwin () -{ - $opt_debug - func_to_host_path_result="$1" - if test -n "$1"; then - # Remove leading and trailing path separator characters from - # ARG. msys behavior is inconsistent here, cygpath turns them - # into '.;' and ';.', and winepath ignores them completely. - func_stripname : : "$1" - func_to_host_path_tmp1=$func_stripname_result - func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" - func_cygpath -u -p "$func_convert_core_path_wine_to_w32_result" - func_to_host_path_result="$func_cygpath_result" - func_convert_path_check : : \ - "$func_to_host_path_tmp1" "$func_to_host_path_result" - func_convert_path_front_back_pathsep ":*" "*:" : "$1" - fi -} -# end func_convert_path_nix_to_cygwin - - -# func_mode_compile arg... -func_mode_compile () -{ - $opt_debug - # Get the compilation command and the source file. - base_compile= - srcfile="$nonopt" # always keep a non-empty value in "srcfile" - suppress_opt=yes - suppress_output= - arg_mode=normal - libobj= - later= - pie_flag= - - for arg - do - case $arg_mode in - arg ) - # do not "continue". Instead, add this to base_compile - lastarg="$arg" - arg_mode=normal - ;; - - target ) - libobj="$arg" - arg_mode=normal - continue - ;; - - normal ) - # Accept any command-line options. - case $arg in - -o) - test -n "$libobj" && \ - func_fatal_error "you cannot specify \`-o' more than once" - arg_mode=target - continue - ;; - - -pie | -fpie | -fPIE) - func_append pie_flag " $arg" - continue - ;; - - -shared | -static | -prefer-pic | -prefer-non-pic) - func_append later " $arg" - continue - ;; - - -no-suppress) - suppress_opt=no - continue - ;; - - -Xcompiler) - arg_mode=arg # the next one goes into the "base_compile" arg list - continue # The current "srcfile" will either be retained or - ;; # replaced later. I would guess that would be a bug. - - -Wc,*) - func_stripname '-Wc,' '' "$arg" - args=$func_stripname_result - lastarg= - save_ifs="$IFS"; IFS=',' - for arg in $args; do - IFS="$save_ifs" - func_append_quoted lastarg "$arg" - done - IFS="$save_ifs" - func_stripname ' ' '' "$lastarg" - lastarg=$func_stripname_result - - # Add the arguments to base_compile. - func_append base_compile " $lastarg" - continue - ;; - - *) - # Accept the current argument as the source file. - # The previous "srcfile" becomes the current argument. - # - lastarg="$srcfile" - srcfile="$arg" - ;; - esac # case $arg - ;; - esac # case $arg_mode - - # Aesthetically quote the previous argument. - func_append_quoted base_compile "$lastarg" - done # for arg - - case $arg_mode in - arg) - func_fatal_error "you must specify an argument for -Xcompile" - ;; - target) - func_fatal_error "you must specify a target with \`-o'" - ;; - *) - # Get the name of the library object. - test -z "$libobj" && { - func_basename "$srcfile" - libobj="$func_basename_result" - } - ;; - esac - - # Recognize several different file suffixes. - # If the user specifies -o file.o, it is replaced with file.lo - case $libobj in - *.[cCFSifmso] | \ - *.ada | *.adb | *.ads | *.asm | \ - *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \ - *.[fF][09]? | *.for | *.java | *.go | *.obj | *.sx | *.cu | *.cup) - func_xform "$libobj" - libobj=$func_xform_result - ;; - esac - - case $libobj in - *.lo) func_lo2o "$libobj"; obj=$func_lo2o_result ;; - *) - func_fatal_error "cannot determine name of library object from \`$libobj'" - ;; - esac - - func_infer_tag $base_compile - - for arg in $later; do - case $arg in - -shared) - test "$build_libtool_libs" != yes && \ - func_fatal_configuration "can not build a shared library" - build_old_libs=no - continue - ;; - - -static) - build_libtool_libs=no - build_old_libs=yes - continue - ;; - - -prefer-pic) - pic_mode=yes - continue - ;; - - -prefer-non-pic) - pic_mode=no - continue - ;; - esac - done - - func_quote_for_eval "$libobj" - test "X$libobj" != "X$func_quote_for_eval_result" \ - && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"' &()|`$[]' \ - && func_warning "libobj name \`$libobj' may not contain shell special characters." - func_dirname_and_basename "$obj" "/" "" - objname="$func_basename_result" - xdir="$func_dirname_result" - lobj=${xdir}$objdir/$objname - - test -z "$base_compile" && \ - func_fatal_help "you must specify a compilation command" - - # Delete any leftover library objects. - if test "$build_old_libs" = yes; then - removelist="$obj $lobj $libobj ${libobj}T" - else - removelist="$lobj $libobj ${libobj}T" - fi - - # On Cygwin there's no "real" PIC flag so we must build both object types - case $host_os in - cygwin* | mingw* | pw32* | os2* | cegcc*) - pic_mode=default - ;; - esac - if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then - # non-PIC code in shared libraries is not supported - pic_mode=default - fi - - # Calculate the filename of the output object if compiler does - # not support -o with -c - if test "$compiler_c_o" = no; then - output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.${objext} - lockfile="$output_obj.lock" - else - output_obj= - need_locks=no - lockfile= - fi - - # Lock this critical section if it is needed - # We use this script file to make the link, it avoids creating a new file - if test "$need_locks" = yes; then - until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do - func_echo "Waiting for $lockfile to be removed" - sleep 2 - done - elif test "$need_locks" = warn; then - if test -f "$lockfile"; then - $ECHO "\ -*** ERROR, $lockfile exists and contains: -`cat $lockfile 2>/dev/null` - -This indicates that another process is trying to use the same -temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you -repeat this compilation, it may succeed, by chance, but you had better -avoid parallel builds (make -j) in this platform, or get a better -compiler." - - $opt_dry_run || $RM $removelist - exit $EXIT_FAILURE - fi - func_append removelist " $output_obj" - $ECHO "$srcfile" > "$lockfile" - fi - - $opt_dry_run || $RM $removelist - func_append removelist " $lockfile" - trap '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' 1 2 15 - - func_to_tool_file "$srcfile" func_convert_file_msys_to_w32 - srcfile=$func_to_tool_file_result - func_quote_for_eval "$srcfile" - qsrcfile=$func_quote_for_eval_result - - # Only build a PIC object if we are building libtool libraries. - if test "$build_libtool_libs" = yes; then - # Without this assignment, base_compile gets emptied. - fbsd_hideous_sh_bug=$base_compile - - if test "$pic_mode" != no; then - command="$base_compile $qsrcfile $pic_flag" - else - # Don't build PIC code - command="$base_compile $qsrcfile" - fi - - func_mkdir_p "$xdir$objdir" - - if test -z "$output_obj"; then - # Place PIC objects in $objdir - func_append command " -o $lobj" - fi - - func_show_eval_locale "$command" \ - 'test -n "$output_obj" && $RM $removelist; exit $EXIT_FAILURE' - - if test "$need_locks" = warn && - test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then - $ECHO "\ -*** ERROR, $lockfile contains: -`cat $lockfile 2>/dev/null` - -but it should contain: -$srcfile - -This indicates that another process is trying to use the same -temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you -repeat this compilation, it may succeed, by chance, but you had better -avoid parallel builds (make -j) in this platform, or get a better -compiler." - - $opt_dry_run || $RM $removelist - exit $EXIT_FAILURE - fi - - # Just move the object if needed, then go on to compile the next one - if test -n "$output_obj" && test "X$output_obj" != "X$lobj"; then - func_show_eval '$MV "$output_obj" "$lobj"' \ - 'error=$?; $opt_dry_run || $RM $removelist; exit $error' - fi - - # Allow error messages only from the first compilation. - if test "$suppress_opt" = yes; then - suppress_output=' >/dev/null 2>&1' - fi - fi - - # Only build a position-dependent object if we build old libraries. - if test "$build_old_libs" = yes; then - if test "$pic_mode" != yes; then - # Don't build PIC code - command="$base_compile $qsrcfile$pie_flag" - else - command="$base_compile $qsrcfile $pic_flag" - fi - if test "$compiler_c_o" = yes; then - func_append command " -o $obj" - fi - - # Suppress compiler output if we already did a PIC compilation. - func_append command "$suppress_output" - func_show_eval_locale "$command" \ - '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' - - if test "$need_locks" = warn && - test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then - $ECHO "\ -*** ERROR, $lockfile contains: -`cat $lockfile 2>/dev/null` - -but it should contain: -$srcfile - -This indicates that another process is trying to use the same -temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you -repeat this compilation, it may succeed, by chance, but you had better -avoid parallel builds (make -j) in this platform, or get a better -compiler." - - $opt_dry_run || $RM $removelist - exit $EXIT_FAILURE - fi - - # Just move the object if needed - if test -n "$output_obj" && test "X$output_obj" != "X$obj"; then - func_show_eval '$MV "$output_obj" "$obj"' \ - 'error=$?; $opt_dry_run || $RM $removelist; exit $error' - fi - fi - - $opt_dry_run || { - func_write_libtool_object "$libobj" "$objdir/$objname" "$objname" - - # Unlock the critical section if it was locked - if test "$need_locks" != no; then - removelist=$lockfile - $RM "$lockfile" - fi - } - - exit $EXIT_SUCCESS -} - -$opt_help || { - test "$opt_mode" = compile && func_mode_compile ${1+"$@"} -} - -func_mode_help () -{ - # We need to display help for each of the modes. - case $opt_mode in - "") - # Generic help is extracted from the usage comments - # at the start of this file. - func_help - ;; - - clean) - $ECHO \ -"Usage: $progname [OPTION]... --mode=clean RM [RM-OPTION]... FILE... - -Remove files from the build directory. - -RM is the name of the program to use to delete files associated with each FILE -(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed -to RM. - -If FILE is a libtool library, object or program, all the files associated -with it are deleted. Otherwise, only FILE itself is deleted using RM." - ;; - - compile) - $ECHO \ -"Usage: $progname [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE - -Compile a source file into a libtool library object. - -This mode accepts the following additional options: - - -o OUTPUT-FILE set the output file name to OUTPUT-FILE - -no-suppress do not suppress compiler output for multiple passes - -prefer-pic try to build PIC objects only - -prefer-non-pic try to build non-PIC objects only - -shared do not build a \`.o' file suitable for static linking - -static only build a \`.o' file suitable for static linking - -Wc,FLAG pass FLAG directly to the compiler - -COMPILE-COMMAND is a command to be used in creating a \`standard' object file -from the given SOURCEFILE. - -The output file name is determined by removing the directory component from -SOURCEFILE, then substituting the C source code suffix \`.c' with the -library object suffix, \`.lo'." - ;; - - execute) - $ECHO \ -"Usage: $progname [OPTION]... --mode=execute COMMAND [ARGS]... - -Automatically set library path, then run a program. - -This mode accepts the following additional options: - - -dlopen FILE add the directory containing FILE to the library path - -This mode sets the library path environment variable according to \`-dlopen' -flags. - -If any of the ARGS are libtool executable wrappers, then they are translated -into their corresponding uninstalled binary, and any of their required library -directories are added to the library path. - -Then, COMMAND is executed, with ARGS as arguments." - ;; - - finish) - $ECHO \ -"Usage: $progname [OPTION]... --mode=finish [LIBDIR]... - -Complete the installation of libtool libraries. - -Each LIBDIR is a directory that contains libtool libraries. - -The commands that this mode executes may require superuser privileges. Use -the \`--dry-run' option if you just want to see what would be executed." - ;; - - install) - $ECHO \ -"Usage: $progname [OPTION]... --mode=install INSTALL-COMMAND... - -Install executables or libraries. - -INSTALL-COMMAND is the installation command. The first component should be -either the \`install' or \`cp' program. - -The following components of INSTALL-COMMAND are treated specially: - - -inst-prefix-dir PREFIX-DIR Use PREFIX-DIR as a staging area for installation - -The rest of the components are interpreted as arguments to that command (only -BSD-compatible install options are recognized)." - ;; - - link) - $ECHO \ -"Usage: $progname [OPTION]... --mode=link LINK-COMMAND... - -Link object files or libraries together to form another library, or to -create an executable program. - -LINK-COMMAND is a command using the C compiler that you would use to create -a program from several object files. - -The following components of LINK-COMMAND are treated specially: - - -all-static do not do any dynamic linking at all - -avoid-version do not add a version suffix if possible - -bindir BINDIR specify path to binaries directory (for systems where - libraries must be found in the PATH setting at runtime) - -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime - -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols - -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) - -export-symbols SYMFILE - try to export only the symbols listed in SYMFILE - -export-symbols-regex REGEX - try to export only the symbols matching REGEX - -LLIBDIR search LIBDIR for required installed libraries - -lNAME OUTPUT-FILE requires the installed library libNAME - -module build a library that can dlopened - -no-fast-install disable the fast-install mode - -no-install link a not-installable executable - -no-undefined declare that a library does not refer to external symbols - -o OUTPUT-FILE create OUTPUT-FILE from the specified objects - -objectlist FILE Use a list of object files found in FILE to specify objects - -precious-files-regex REGEX - don't remove output files matching REGEX - -release RELEASE specify package release information - -rpath LIBDIR the created library will eventually be installed in LIBDIR - -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries - -shared only do dynamic linking of libtool libraries - -shrext SUFFIX override the standard shared library file extension - -static do not do any dynamic linking of uninstalled libtool libraries - -static-libtool-libs - do not do any dynamic linking of libtool libraries - -version-info CURRENT[:REVISION[:AGE]] - specify library version info [each variable defaults to 0] - -weak LIBNAME declare that the target provides the LIBNAME interface - -Wc,FLAG - -Xcompiler FLAG pass linker-specific FLAG directly to the compiler - -Wl,FLAG - -Xlinker FLAG pass linker-specific FLAG directly to the linker - -XCClinker FLAG pass link-specific FLAG to the compiler driver (CC) - -All other options (arguments beginning with \`-') are ignored. - -Every other argument is treated as a filename. Files ending in \`.la' are -treated as uninstalled libtool libraries, other files are standard or library -object files. - -If the OUTPUT-FILE ends in \`.la', then a libtool library is created, -only library objects (\`.lo' files) may be specified, and \`-rpath' is -required, except when creating a convenience library. - -If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created -using \`ar' and \`ranlib', or on Windows using \`lib'. - -If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file -is created, otherwise an executable program is created." - ;; - - uninstall) - $ECHO \ -"Usage: $progname [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE... - -Remove libraries from an installation directory. - -RM is the name of the program to use to delete files associated with each FILE -(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed -to RM. - -If FILE is a libtool library, all the files associated with it are deleted. -Otherwise, only FILE itself is deleted using RM." - ;; - - *) - func_fatal_help "invalid operation mode \`$opt_mode'" - ;; - esac - - echo - $ECHO "Try \`$progname --help' for more information about other modes." -} - -# Now that we've collected a possible --mode arg, show help if necessary -if $opt_help; then - if test "$opt_help" = :; then - func_mode_help - else - { - func_help noexit - for opt_mode in compile link execute install finish uninstall clean; do - func_mode_help - done - } | sed -n '1p; 2,$s/^Usage:/ or: /p' - { - func_help noexit - for opt_mode in compile link execute install finish uninstall clean; do - echo - func_mode_help - done - } | - sed '1d - /^When reporting/,/^Report/{ - H - d - } - $x - /information about other modes/d - /more detailed .*MODE/d - s/^Usage:.*--mode=\([^ ]*\) .*/Description of \1 mode:/' - fi - exit $? -fi - - -# func_mode_execute arg... -func_mode_execute () -{ - $opt_debug - # The first argument is the command name. - cmd="$nonopt" - test -z "$cmd" && \ - func_fatal_help "you must specify a COMMAND" - - # Handle -dlopen flags immediately. - for file in $opt_dlopen; do - test -f "$file" \ - || func_fatal_help "\`$file' is not a file" - - dir= - case $file in - *.la) - func_resolve_sysroot "$file" - file=$func_resolve_sysroot_result - - # Check to see that this really is a libtool archive. - func_lalib_unsafe_p "$file" \ - || func_fatal_help "\`$lib' is not a valid libtool archive" - - # Read the libtool library. - dlname= - library_names= - func_source "$file" - - # Skip this library if it cannot be dlopened. - if test -z "$dlname"; then - # Warn if it was a shared library. - test -n "$library_names" && \ - func_warning "\`$file' was not linked with \`-export-dynamic'" - continue - fi - - func_dirname "$file" "" "." - dir="$func_dirname_result" - - if test -f "$dir/$objdir/$dlname"; then - func_append dir "/$objdir" - else - if test ! -f "$dir/$dlname"; then - func_fatal_error "cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" - fi - fi - ;; - - *.lo) - # Just add the directory containing the .lo file. - func_dirname "$file" "" "." - dir="$func_dirname_result" - ;; - - *) - func_warning "\`-dlopen' is ignored for non-libtool libraries and objects" - continue - ;; - esac - - # Get the absolute pathname. - absdir=`cd "$dir" && pwd` - test -n "$absdir" && dir="$absdir" - - # Now add the directory to shlibpath_var. - if eval "test -z \"\$$shlibpath_var\""; then - eval "$shlibpath_var=\"\$dir\"" - else - eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\"" - fi - done - - # This variable tells wrapper scripts just to set shlibpath_var - # rather than running their programs. - libtool_execute_magic="$magic" - - # Check if any of the arguments is a wrapper script. - args= - for file - do - case $file in - -* | *.la | *.lo ) ;; - *) - # Do a test to see if this is really a libtool program. - if func_ltwrapper_script_p "$file"; then - func_source "$file" - # Transform arg to wrapped name. - file="$progdir/$program" - elif func_ltwrapper_executable_p "$file"; then - func_ltwrapper_scriptname "$file" - func_source "$func_ltwrapper_scriptname_result" - # Transform arg to wrapped name. - file="$progdir/$program" - fi - ;; - esac - # Quote arguments (to preserve shell metacharacters). - func_append_quoted args "$file" - done - - if test "X$opt_dry_run" = Xfalse; then - if test -n "$shlibpath_var"; then - # Export the shlibpath_var. - eval "export $shlibpath_var" - fi - - # Restore saved environment variables - for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES - do - eval "if test \"\${save_$lt_var+set}\" = set; then - $lt_var=\$save_$lt_var; export $lt_var - else - $lt_unset $lt_var - fi" - done - - # Now prepare to actually exec the command. - exec_cmd="\$cmd$args" - else - # Display what would be done. - if test -n "$shlibpath_var"; then - eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\"" - echo "export $shlibpath_var" - fi - $ECHO "$cmd$args" - exit $EXIT_SUCCESS - fi -} - -test "$opt_mode" = execute && func_mode_execute ${1+"$@"} - - -# func_mode_finish arg... -func_mode_finish () -{ - $opt_debug - libs= - libdirs= - admincmds= - - for opt in "$nonopt" ${1+"$@"} - do - if test -d "$opt"; then - func_append libdirs " $opt" - - elif test -f "$opt"; then - if func_lalib_unsafe_p "$opt"; then - func_append libs " $opt" - else - func_warning "\`$opt' is not a valid libtool archive" - fi - - else - func_fatal_error "invalid argument \`$opt'" - fi - done - - if test -n "$libs"; then - if test -n "$lt_sysroot"; then - sysroot_regex=`$ECHO "$lt_sysroot" | $SED "$sed_make_literal_regex"` - sysroot_cmd="s/\([ ']\)$sysroot_regex/\1/g;" - else - sysroot_cmd= - fi - - # Remove sysroot references - if $opt_dry_run; then - for lib in $libs; do - echo "removing references to $lt_sysroot and \`=' prefixes from $lib" - done - else - tmpdir=`func_mktempdir` - for lib in $libs; do - sed -e "${sysroot_cmd} s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \ - > $tmpdir/tmp-la - mv -f $tmpdir/tmp-la $lib - done - ${RM}r "$tmpdir" - fi - fi - - if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then - for libdir in $libdirs; do - if test -n "$finish_cmds"; then - # Do each command in the finish commands. - func_execute_cmds "$finish_cmds" 'admincmds="$admincmds -'"$cmd"'"' - fi - if test -n "$finish_eval"; then - # Do the single finish_eval. - eval cmds=\"$finish_eval\" - $opt_dry_run || eval "$cmds" || func_append admincmds " - $cmds" - fi - done - fi - - # Exit here if they wanted silent mode. - $opt_silent && exit $EXIT_SUCCESS - - if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then - echo "----------------------------------------------------------------------" - echo "Libraries have been installed in:" - for libdir in $libdirs; do - $ECHO " $libdir" - done - echo - echo "If you ever happen to want to link against installed libraries" - echo "in a given directory, LIBDIR, you must either use libtool, and" - echo "specify the full pathname of the library, or use the \`-LLIBDIR'" - echo "flag during linking and do at least one of the following:" - if test -n "$shlibpath_var"; then - echo " - add LIBDIR to the \`$shlibpath_var' environment variable" - echo " during execution" - fi - if test -n "$runpath_var"; then - echo " - add LIBDIR to the \`$runpath_var' environment variable" - echo " during linking" - fi - if test -n "$hardcode_libdir_flag_spec"; then - libdir=LIBDIR - eval flag=\"$hardcode_libdir_flag_spec\" - - $ECHO " - use the \`$flag' linker flag" - fi - if test -n "$admincmds"; then - $ECHO " - have your system administrator run these commands:$admincmds" - fi - if test -f /etc/ld.so.conf; then - echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'" - fi - echo - - echo "See any operating system documentation about shared libraries for" - case $host in - solaris2.[6789]|solaris2.1[0-9]) - echo "more information, such as the ld(1), crle(1) and ld.so(8) manual" - echo "pages." - ;; - *) - echo "more information, such as the ld(1) and ld.so(8) manual pages." - ;; - esac - echo "----------------------------------------------------------------------" - fi - exit $EXIT_SUCCESS -} - -test "$opt_mode" = finish && func_mode_finish ${1+"$@"} - - -# func_mode_install arg... -func_mode_install () -{ - $opt_debug - # There may be an optional sh(1) argument at the beginning of - # install_prog (especially on Windows NT). - if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh || - # Allow the use of GNU shtool's install command. - case $nonopt in *shtool*) :;; *) false;; esac; then - # Aesthetically quote it. - func_quote_for_eval "$nonopt" - install_prog="$func_quote_for_eval_result " - arg=$1 - shift - else - install_prog= - arg=$nonopt - fi - - # The real first argument should be the name of the installation program. - # Aesthetically quote it. - func_quote_for_eval "$arg" - func_append install_prog "$func_quote_for_eval_result" - install_shared_prog=$install_prog - case " $install_prog " in - *[\\\ /]cp\ *) install_cp=: ;; - *) install_cp=false ;; - esac - - # We need to accept at least all the BSD install flags. - dest= - files= - opts= - prev= - install_type= - isdir=no - stripme= - no_mode=: - for arg - do - arg2= - if test -n "$dest"; then - func_append files " $dest" - dest=$arg - continue - fi - - case $arg in - -d) isdir=yes ;; - -f) - if $install_cp; then :; else - prev=$arg - fi - ;; - -g | -m | -o) - prev=$arg - ;; - -s) - stripme=" -s" - continue - ;; - -*) - ;; - *) - # If the previous option needed an argument, then skip it. - if test -n "$prev"; then - if test "x$prev" = x-m && test -n "$install_override_mode"; then - arg2=$install_override_mode - no_mode=false - fi - prev= - else - dest=$arg - continue - fi - ;; - esac - - # Aesthetically quote the argument. - func_quote_for_eval "$arg" - func_append install_prog " $func_quote_for_eval_result" - if test -n "$arg2"; then - func_quote_for_eval "$arg2" - fi - func_append install_shared_prog " $func_quote_for_eval_result" - done - - test -z "$install_prog" && \ - func_fatal_help "you must specify an install program" - - test -n "$prev" && \ - func_fatal_help "the \`$prev' option requires an argument" - - if test -n "$install_override_mode" && $no_mode; then - if $install_cp; then :; else - func_quote_for_eval "$install_override_mode" - func_append install_shared_prog " -m $func_quote_for_eval_result" - fi - fi - - if test -z "$files"; then - if test -z "$dest"; then - func_fatal_help "no file or destination specified" - else - func_fatal_help "you must specify a destination" - fi - fi - - # Strip any trailing slash from the destination. - func_stripname '' '/' "$dest" - dest=$func_stripname_result - - # Check to see that the destination is a directory. - test -d "$dest" && isdir=yes - if test "$isdir" = yes; then - destdir="$dest" - destname= - else - func_dirname_and_basename "$dest" "" "." - destdir="$func_dirname_result" - destname="$func_basename_result" - - # Not a directory, so check to see that there is only one file specified. - set dummy $files; shift - test "$#" -gt 1 && \ - func_fatal_help "\`$dest' is not a directory" - fi - case $destdir in - [\\/]* | [A-Za-z]:[\\/]*) ;; - *) - for file in $files; do - case $file in - *.lo) ;; - *) - func_fatal_help "\`$destdir' must be an absolute directory name" - ;; - esac - done - ;; - esac - - # This variable tells wrapper scripts just to set variables rather - # than running their programs. - libtool_install_magic="$magic" - - staticlibs= - future_libdirs= - current_libdirs= - for file in $files; do - - # Do each installation. - case $file in - *.$libext) - # Do the static libraries later. - func_append staticlibs " $file" - ;; - - *.la) - func_resolve_sysroot "$file" - file=$func_resolve_sysroot_result - - # Check to see that this really is a libtool archive. - func_lalib_unsafe_p "$file" \ - || func_fatal_help "\`$file' is not a valid libtool archive" - - library_names= - old_library= - relink_command= - func_source "$file" - - # Add the libdir to current_libdirs if it is the destination. - if test "X$destdir" = "X$libdir"; then - case "$current_libdirs " in - *" $libdir "*) ;; - *) func_append current_libdirs " $libdir" ;; - esac - else - # Note the libdir as a future libdir. - case "$future_libdirs " in - *" $libdir "*) ;; - *) func_append future_libdirs " $libdir" ;; - esac - fi - - func_dirname "$file" "/" "" - dir="$func_dirname_result" - func_append dir "$objdir" - - if test -n "$relink_command"; then - # Determine the prefix the user has applied to our future dir. - inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"` - - # Don't allow the user to place us outside of our expected - # location b/c this prevents finding dependent libraries that - # are installed to the same prefix. - # At present, this check doesn't affect windows .dll's that - # are installed into $libdir/../bin (currently, that works fine) - # but it's something to keep an eye on. - test "$inst_prefix_dir" = "$destdir" && \ - func_fatal_error "error: cannot install \`$file' to a directory not ending in $libdir" - - if test -n "$inst_prefix_dir"; then - # Stick the inst_prefix_dir data into the link command. - relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"` - else - relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"` - fi - - func_warning "relinking \`$file'" - func_show_eval "$relink_command" \ - 'func_fatal_error "error: relink \`$file'\'' with the above command before installing it"' - fi - - # See the names of the shared library. - set dummy $library_names; shift - if test -n "$1"; then - realname="$1" - shift - - srcname="$realname" - test -n "$relink_command" && srcname="$realname"T - - # Install the shared library and build the symlinks. - func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \ - 'exit $?' - tstripme="$stripme" - case $host_os in - cygwin* | mingw* | pw32* | cegcc*) - case $realname in - *.dll.a) - tstripme="" - ;; - esac - ;; - esac - if test -n "$tstripme" && test -n "$striplib"; then - func_show_eval "$striplib $destdir/$realname" 'exit $?' - fi - - if test "$#" -gt 0; then - # Delete the old symlinks, and create new ones. - # Try `ln -sf' first, because the `ln' binary might depend on - # the symlink we replace! Solaris /bin/ln does not understand -f, - # so we also need to try rm && ln -s. - for linkname - do - test "$linkname" != "$realname" \ - && func_show_eval "(cd $destdir && { $LN_S -f $realname $linkname || { $RM $linkname && $LN_S $realname $linkname; }; })" - done - fi - - # Do each command in the postinstall commands. - lib="$destdir/$realname" - func_execute_cmds "$postinstall_cmds" 'exit $?' - fi - - # Install the pseudo-library for information purposes. - func_basename "$file" - name="$func_basename_result" - instname="$dir/$name"i - func_show_eval "$install_prog $instname $destdir/$name" 'exit $?' - - # Maybe install the static library, too. - test -n "$old_library" && func_append staticlibs " $dir/$old_library" - ;; - - *.lo) - # Install (i.e. copy) a libtool object. - - # Figure out destination file name, if it wasn't already specified. - if test -n "$destname"; then - destfile="$destdir/$destname" - else - func_basename "$file" - destfile="$func_basename_result" - destfile="$destdir/$destfile" - fi - - # Deduce the name of the destination old-style object file. - case $destfile in - *.lo) - func_lo2o "$destfile" - staticdest=$func_lo2o_result - ;; - *.$objext) - staticdest="$destfile" - destfile= - ;; - *) - func_fatal_help "cannot copy a libtool object to \`$destfile'" - ;; - esac - - # Install the libtool object if requested. - test -n "$destfile" && \ - func_show_eval "$install_prog $file $destfile" 'exit $?' - - # Install the old object if enabled. - if test "$build_old_libs" = yes; then - # Deduce the name of the old-style object file. - func_lo2o "$file" - staticobj=$func_lo2o_result - func_show_eval "$install_prog \$staticobj \$staticdest" 'exit $?' - fi - exit $EXIT_SUCCESS - ;; - - *) - # Figure out destination file name, if it wasn't already specified. - if test -n "$destname"; then - destfile="$destdir/$destname" - else - func_basename "$file" - destfile="$func_basename_result" - destfile="$destdir/$destfile" - fi - - # If the file is missing, and there is a .exe on the end, strip it - # because it is most likely a libtool script we actually want to - # install - stripped_ext="" - case $file in - *.exe) - if test ! -f "$file"; then - func_stripname '' '.exe' "$file" - file=$func_stripname_result - stripped_ext=".exe" - fi - ;; - esac - - # Do a test to see if this is really a libtool program. - case $host in - *cygwin* | *mingw*) - if func_ltwrapper_executable_p "$file"; then - func_ltwrapper_scriptname "$file" - wrapper=$func_ltwrapper_scriptname_result - else - func_stripname '' '.exe' "$file" - wrapper=$func_stripname_result - fi - ;; - *) - wrapper=$file - ;; - esac - if func_ltwrapper_script_p "$wrapper"; then - notinst_deplibs= - relink_command= - - func_source "$wrapper" - - # Check the variables that should have been set. - test -z "$generated_by_libtool_version" && \ - func_fatal_error "invalid libtool wrapper script \`$wrapper'" - - finalize=yes - for lib in $notinst_deplibs; do - # Check to see that each library is installed. - libdir= - if test -f "$lib"; then - func_source "$lib" - fi - libfile="$libdir/"`$ECHO "$lib" | $SED 's%^.*/%%g'` ### testsuite: skip nested quoting test - if test -n "$libdir" && test ! -f "$libfile"; then - func_warning "\`$lib' has not been installed in \`$libdir'" - finalize=no - fi - done - - relink_command= - func_source "$wrapper" - - outputname= - if test "$fast_install" = no && test -n "$relink_command"; then - $opt_dry_run || { - if test "$finalize" = yes; then - tmpdir=`func_mktempdir` - func_basename "$file$stripped_ext" - file="$func_basename_result" - outputname="$tmpdir/$file" - # Replace the output file specification. - relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'` - - $opt_silent || { - func_quote_for_expand "$relink_command" - eval "func_echo $func_quote_for_expand_result" - } - if eval "$relink_command"; then : - else - func_error "error: relink \`$file' with the above command before installing it" - $opt_dry_run || ${RM}r "$tmpdir" - continue - fi - file="$outputname" - else - func_warning "cannot relink \`$file'" - fi - } - else - # Install the binary that we compiled earlier. - file=`$ECHO "$file$stripped_ext" | $SED "s%\([^/]*\)$%$objdir/\1%"` - fi - fi - - # remove .exe since cygwin /usr/bin/install will append another - # one anyway - case $install_prog,$host in - */usr/bin/install*,*cygwin*) - case $file:$destfile in - *.exe:*.exe) - # this is ok - ;; - *.exe:*) - destfile=$destfile.exe - ;; - *:*.exe) - func_stripname '' '.exe' "$destfile" - destfile=$func_stripname_result - ;; - esac - ;; - esac - func_show_eval "$install_prog\$stripme \$file \$destfile" 'exit $?' - $opt_dry_run || if test -n "$outputname"; then - ${RM}r "$tmpdir" - fi - ;; - esac - done - - for file in $staticlibs; do - func_basename "$file" - name="$func_basename_result" - - # Set up the ranlib parameters. - oldlib="$destdir/$name" - func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 - tool_oldlib=$func_to_tool_file_result - - func_show_eval "$install_prog \$file \$oldlib" 'exit $?' - - if test -n "$stripme" && test -n "$old_striplib"; then - func_show_eval "$old_striplib $tool_oldlib" 'exit $?' - fi - - # Do each command in the postinstall commands. - func_execute_cmds "$old_postinstall_cmds" 'exit $?' - done - - test -n "$future_libdirs" && \ - func_warning "remember to run \`$progname --finish$future_libdirs'" - - if test -n "$current_libdirs"; then - # Maybe just do a dry run. - $opt_dry_run && current_libdirs=" -n$current_libdirs" - exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs' - else - exit $EXIT_SUCCESS - fi -} - -test "$opt_mode" = install && func_mode_install ${1+"$@"} - - -# func_generate_dlsyms outputname originator pic_p -# Extract symbols from dlprefiles and create ${outputname}S.o with -# a dlpreopen symbol table. -func_generate_dlsyms () -{ - $opt_debug - my_outputname="$1" - my_originator="$2" - my_pic_p="${3-no}" - my_prefix=`$ECHO "$my_originator" | sed 's%[^a-zA-Z0-9]%_%g'` - my_dlsyms= - - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - if test -n "$NM" && test -n "$global_symbol_pipe"; then - my_dlsyms="${my_outputname}S.c" - else - func_error "not configured to extract global symbols from dlpreopened files" - fi - fi - - if test -n "$my_dlsyms"; then - case $my_dlsyms in - "") ;; - *.c) - # Discover the nlist of each of the dlfiles. - nlist="$output_objdir/${my_outputname}.nm" - - func_show_eval "$RM $nlist ${nlist}S ${nlist}T" - - # Parse the name list into a source file. - func_verbose "creating $output_objdir/$my_dlsyms" - - $opt_dry_run || $ECHO > "$output_objdir/$my_dlsyms" "\ -/* $my_dlsyms - symbol resolution table for \`$my_outputname' dlsym emulation. */ -/* Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION */ - -#ifdef __cplusplus -extern \"C\" { -#endif - -#if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4)) -#pragma GCC diagnostic ignored \"-Wstrict-prototypes\" -#endif - -/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ -#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) -/* DATA imports from DLLs on WIN32 con't be const, because runtime - relocations are performed -- see ld's documentation on pseudo-relocs. */ -# define LT_DLSYM_CONST -#elif defined(__osf__) -/* This system does not cope well with relocations in const data. */ -# define LT_DLSYM_CONST -#else -# define LT_DLSYM_CONST const -#endif - -/* External symbol declarations for the compiler. */\ -" - - if test "$dlself" = yes; then - func_verbose "generating symbol list for \`$output'" - - $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist" - - # Add our own program objects to the symbol list. - progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP` - for progfile in $progfiles; do - func_to_tool_file "$progfile" func_convert_file_msys_to_w32 - func_verbose "extracting global C symbols from \`$func_to_tool_file_result'" - $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'" - done - - if test -n "$exclude_expsyms"; then - $opt_dry_run || { - eval '$EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T' - eval '$MV "$nlist"T "$nlist"' - } - fi - - if test -n "$export_symbols_regex"; then - $opt_dry_run || { - eval '$EGREP -e "$export_symbols_regex" "$nlist" > "$nlist"T' - eval '$MV "$nlist"T "$nlist"' - } - fi - - # Prepare the list of exported symbols - if test -z "$export_symbols"; then - export_symbols="$output_objdir/$outputname.exp" - $opt_dry_run || { - $RM $export_symbols - eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' - case $host in - *cygwin* | *mingw* | *cegcc* ) - eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' - eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"' - ;; - esac - } - else - $opt_dry_run || { - eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' - eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T' - eval '$MV "$nlist"T "$nlist"' - case $host in - *cygwin* | *mingw* | *cegcc* ) - eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' - eval 'cat "$nlist" >> "$output_objdir/$outputname.def"' - ;; - esac - } - fi - fi - - for dlprefile in $dlprefiles; do - func_verbose "extracting global C symbols from \`$dlprefile'" - func_basename "$dlprefile" - name="$func_basename_result" - case $host in - *cygwin* | *mingw* | *cegcc* ) - # if an import library, we need to obtain dlname - if func_win32_import_lib_p "$dlprefile"; then - func_tr_sh "$dlprefile" - eval "curr_lafile=\$libfile_$func_tr_sh_result" - dlprefile_dlbasename="" - if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then - # Use subshell, to avoid clobbering current variable values - dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"` - if test -n "$dlprefile_dlname" ; then - func_basename "$dlprefile_dlname" - dlprefile_dlbasename="$func_basename_result" - else - # no lafile. user explicitly requested -dlpreopen . - $sharedlib_from_linklib_cmd "$dlprefile" - dlprefile_dlbasename=$sharedlib_from_linklib_result - fi - fi - $opt_dry_run || { - if test -n "$dlprefile_dlbasename" ; then - eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"' - else - func_warning "Could not compute DLL name from $name" - eval '$ECHO ": $name " >> "$nlist"' - fi - func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 - eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe | - $SED -e '/I __imp/d' -e 's/I __nm_/D /;s/_nm__//' >> '$nlist'" - } - else # not an import lib - $opt_dry_run || { - eval '$ECHO ": $name " >> "$nlist"' - func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 - eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'" - } - fi - ;; - *) - $opt_dry_run || { - eval '$ECHO ": $name " >> "$nlist"' - func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 - eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'" - } - ;; - esac - done - - $opt_dry_run || { - # Make sure we have at least an empty file. - test -f "$nlist" || : > "$nlist" - - if test -n "$exclude_expsyms"; then - $EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T - $MV "$nlist"T "$nlist" - fi - - # Try sorting and uniquifying the output. - if $GREP -v "^: " < "$nlist" | - if sort -k 3 /dev/null 2>&1; then - sort -k 3 - else - sort +2 - fi | - uniq > "$nlist"S; then - : - else - $GREP -v "^: " < "$nlist" > "$nlist"S - fi - - if test -f "$nlist"S; then - eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$my_dlsyms"' - else - echo '/* NONE */' >> "$output_objdir/$my_dlsyms" - fi - - echo >> "$output_objdir/$my_dlsyms" "\ - -/* The mapping between symbol names and symbols. */ -typedef struct { - const char *name; - void *address; -} lt_dlsymlist; -extern LT_DLSYM_CONST lt_dlsymlist -lt_${my_prefix}_LTX_preloaded_symbols[]; -LT_DLSYM_CONST lt_dlsymlist -lt_${my_prefix}_LTX_preloaded_symbols[] = -{\ - { \"$my_originator\", (void *) 0 }," - - case $need_lib_prefix in - no) - eval "$global_symbol_to_c_name_address" < "$nlist" >> "$output_objdir/$my_dlsyms" - ;; - *) - eval "$global_symbol_to_c_name_address_lib_prefix" < "$nlist" >> "$output_objdir/$my_dlsyms" - ;; - esac - echo >> "$output_objdir/$my_dlsyms" "\ - {0, (void *) 0} -}; - -/* This works around a problem in FreeBSD linker */ -#ifdef FREEBSD_WORKAROUND -static const void *lt_preloaded_setup() { - return lt_${my_prefix}_LTX_preloaded_symbols; -} -#endif - -#ifdef __cplusplus -} -#endif\ -" - } # !$opt_dry_run - - pic_flag_for_symtable= - case "$compile_command " in - *" -static "*) ;; - *) - case $host in - # compiling the symbol table file with pic_flag works around - # a FreeBSD bug that causes programs to crash when -lm is - # linked before any other PIC object. But we must not use - # pic_flag when linking with -static. The problem exists in - # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1. - *-*-freebsd2.*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) - pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;; - *-*-hpux*) - pic_flag_for_symtable=" $pic_flag" ;; - *) - if test "X$my_pic_p" != Xno; then - pic_flag_for_symtable=" $pic_flag" - fi - ;; - esac - ;; - esac - symtab_cflags= - for arg in $LTCFLAGS; do - case $arg in - -pie | -fpie | -fPIE) ;; - *) func_append symtab_cflags " $arg" ;; - esac - done - - # Now compile the dynamic symbol file. - func_show_eval '(cd $output_objdir && $LTCC$symtab_cflags -c$no_builtin_flag$pic_flag_for_symtable "$my_dlsyms")' 'exit $?' - - # Clean up the generated files. - func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T"' - - # Transform the symbol file into the correct name. - symfileobj="$output_objdir/${my_outputname}S.$objext" - case $host in - *cygwin* | *mingw* | *cegcc* ) - if test -f "$output_objdir/$my_outputname.def"; then - compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"` - finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"` - else - compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"` - finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"` - fi - ;; - *) - compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"` - finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"` - ;; - esac - ;; - *) - func_fatal_error "unknown suffix for \`$my_dlsyms'" - ;; - esac - else - # We keep going just in case the user didn't refer to - # lt_preloaded_symbols. The linker will fail if global_symbol_pipe - # really was required. - - # Nullify the symbol file. - compile_command=`$ECHO "$compile_command" | $SED "s% @SYMFILE@%%"` - finalize_command=`$ECHO "$finalize_command" | $SED "s% @SYMFILE@%%"` - fi -} - -# func_win32_libid arg -# return the library type of file 'arg' -# -# Need a lot of goo to handle *both* DLLs and import libs -# Has to be a shell function in order to 'eat' the argument -# that is supplied when $file_magic_command is called. -# Despite the name, also deal with 64 bit binaries. -func_win32_libid () -{ - $opt_debug - win32_libid_type="unknown" - win32_fileres=`file -L $1 2>/dev/null` - case $win32_fileres in - *ar\ archive\ import\ library*) # definitely import - win32_libid_type="x86 archive import" - ;; - *ar\ archive*) # could be an import, or static - # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD. - if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | - $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then - func_to_tool_file "$1" func_convert_file_msys_to_w32 - win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" | - $SED -n -e ' - 1,100{ - / I /{ - s,.*,import, - p - q - } - }'` - case $win32_nmres in - import*) win32_libid_type="x86 archive import";; - *) win32_libid_type="x86 archive static";; - esac - fi - ;; - *DLL*) - win32_libid_type="x86 DLL" - ;; - *executable*) # but shell scripts are "executable" too... - case $win32_fileres in - *MS\ Windows\ PE\ Intel*) - win32_libid_type="x86 DLL" - ;; - esac - ;; - esac - $ECHO "$win32_libid_type" -} - -# func_cygming_dll_for_implib ARG -# -# Platform-specific function to extract the -# name of the DLL associated with the specified -# import library ARG. -# Invoked by eval'ing the libtool variable -# $sharedlib_from_linklib_cmd -# Result is available in the variable -# $sharedlib_from_linklib_result -func_cygming_dll_for_implib () -{ - $opt_debug - sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"` -} - -# func_cygming_dll_for_implib_fallback_core SECTION_NAME LIBNAMEs -# -# The is the core of a fallback implementation of a -# platform-specific function to extract the name of the -# DLL associated with the specified import library LIBNAME. -# -# SECTION_NAME is either .idata$6 or .idata$7, depending -# on the platform and compiler that created the implib. -# -# Echos the name of the DLL associated with the -# specified import library. -func_cygming_dll_for_implib_fallback_core () -{ - $opt_debug - match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"` - $OBJDUMP -s --section "$1" "$2" 2>/dev/null | - $SED '/^Contents of section '"$match_literal"':/{ - # Place marker at beginning of archive member dllname section - s/.*/====MARK====/ - p - d - } - # These lines can sometimes be longer than 43 characters, but - # are always uninteresting - /:[ ]*file format pe[i]\{,1\}-/d - /^In archive [^:]*:/d - # Ensure marker is printed - /^====MARK====/p - # Remove all lines with less than 43 characters - /^.\{43\}/!d - # From remaining lines, remove first 43 characters - s/^.\{43\}//' | - $SED -n ' - # Join marker and all lines until next marker into a single line - /^====MARK====/ b para - H - $ b para - b - :para - x - s/\n//g - # Remove the marker - s/^====MARK====// - # Remove trailing dots and whitespace - s/[\. \t]*$// - # Print - /./p' | - # we now have a list, one entry per line, of the stringified - # contents of the appropriate section of all members of the - # archive which possess that section. Heuristic: eliminate - # all those which have a first or second character that is - # a '.' (that is, objdump's representation of an unprintable - # character.) This should work for all archives with less than - # 0x302f exports -- but will fail for DLLs whose name actually - # begins with a literal '.' or a single character followed by - # a '.'. - # - # Of those that remain, print the first one. - $SED -e '/^\./d;/^.\./d;q' -} - -# func_cygming_gnu_implib_p ARG -# This predicate returns with zero status (TRUE) if -# ARG is a GNU/binutils-style import library. Returns -# with nonzero status (FALSE) otherwise. -func_cygming_gnu_implib_p () -{ - $opt_debug - func_to_tool_file "$1" func_convert_file_msys_to_w32 - func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'` - test -n "$func_cygming_gnu_implib_tmp" -} - -# func_cygming_ms_implib_p ARG -# This predicate returns with zero status (TRUE) if -# ARG is an MS-style import library. Returns -# with nonzero status (FALSE) otherwise. -func_cygming_ms_implib_p () -{ - $opt_debug - func_to_tool_file "$1" func_convert_file_msys_to_w32 - func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'` - test -n "$func_cygming_ms_implib_tmp" -} - -# func_cygming_dll_for_implib_fallback ARG -# Platform-specific function to extract the -# name of the DLL associated with the specified -# import library ARG. -# -# This fallback implementation is for use when $DLLTOOL -# does not support the --identify-strict option. -# Invoked by eval'ing the libtool variable -# $sharedlib_from_linklib_cmd -# Result is available in the variable -# $sharedlib_from_linklib_result -func_cygming_dll_for_implib_fallback () -{ - $opt_debug - if func_cygming_gnu_implib_p "$1" ; then - # binutils import library - sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"` - elif func_cygming_ms_implib_p "$1" ; then - # ms-generated import library - sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"` - else - # unknown - sharedlib_from_linklib_result="" - fi -} - - -# func_extract_an_archive dir oldlib -func_extract_an_archive () -{ - $opt_debug - f_ex_an_ar_dir="$1"; shift - f_ex_an_ar_oldlib="$1" - if test "$lock_old_archive_extraction" = yes; then - lockfile=$f_ex_an_ar_oldlib.lock - until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do - func_echo "Waiting for $lockfile to be removed" - sleep 2 - done - fi - func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \ - 'stat=$?; rm -f "$lockfile"; exit $stat' - if test "$lock_old_archive_extraction" = yes; then - $opt_dry_run || rm -f "$lockfile" - fi - if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then - : - else - func_fatal_error "object name conflicts in archive: $f_ex_an_ar_dir/$f_ex_an_ar_oldlib" - fi -} - - -# func_extract_archives gentop oldlib ... -func_extract_archives () -{ - $opt_debug - my_gentop="$1"; shift - my_oldlibs=${1+"$@"} - my_oldobjs="" - my_xlib="" - my_xabs="" - my_xdir="" - - for my_xlib in $my_oldlibs; do - # Extract the objects. - case $my_xlib in - [\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;; - *) my_xabs=`pwd`"/$my_xlib" ;; - esac - func_basename "$my_xlib" - my_xlib="$func_basename_result" - my_xlib_u=$my_xlib - while :; do - case " $extracted_archives " in - *" $my_xlib_u "*) - func_arith $extracted_serial + 1 - extracted_serial=$func_arith_result - my_xlib_u=lt$extracted_serial-$my_xlib ;; - *) break ;; - esac - done - extracted_archives="$extracted_archives $my_xlib_u" - my_xdir="$my_gentop/$my_xlib_u" - - func_mkdir_p "$my_xdir" - - case $host in - *-darwin*) - func_verbose "Extracting $my_xabs" - # Do not bother doing anything if just a dry run - $opt_dry_run || { - darwin_orig_dir=`pwd` - cd $my_xdir || exit $? - darwin_archive=$my_xabs - darwin_curdir=`pwd` - darwin_base_archive=`basename "$darwin_archive"` - darwin_arches=`$LIPO -info "$darwin_archive" 2>/dev/null | $GREP Architectures 2>/dev/null || true` - if test -n "$darwin_arches"; then - darwin_arches=`$ECHO "$darwin_arches" | $SED -e 's/.*are://'` - darwin_arch= - func_verbose "$darwin_base_archive has multiple architectures $darwin_arches" - for darwin_arch in $darwin_arches ; do - func_mkdir_p "unfat-$$/${darwin_base_archive}-${darwin_arch}" - $LIPO -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}" - cd "unfat-$$/${darwin_base_archive}-${darwin_arch}" - func_extract_an_archive "`pwd`" "${darwin_base_archive}" - cd "$darwin_curdir" - $RM "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" - done # $darwin_arches - ## Okay now we've a bunch of thin objects, gotta fatten them up :) - darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$basename" | sort -u` - darwin_file= - darwin_files= - for darwin_file in $darwin_filelist; do - darwin_files=`find unfat-$$ -name $darwin_file -print | sort | $NL2SP` - $LIPO -create -output "$darwin_file" $darwin_files - done # $darwin_filelist - $RM -rf unfat-$$ - cd "$darwin_orig_dir" - else - cd $darwin_orig_dir - func_extract_an_archive "$my_xdir" "$my_xabs" - fi # $darwin_arches - } # !$opt_dry_run - ;; - *) - func_extract_an_archive "$my_xdir" "$my_xabs" - ;; - esac - my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP` - done - - func_extract_archives_result="$my_oldobjs" -} - - -# func_emit_wrapper [arg=no] -# -# Emit a libtool wrapper script on stdout. -# Don't directly open a file because we may want to -# incorporate the script contents within a cygwin/mingw -# wrapper executable. Must ONLY be called from within -# func_mode_link because it depends on a number of variables -# set therein. -# -# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR -# variable will take. If 'yes', then the emitted script -# will assume that the directory in which it is stored is -# the $objdir directory. This is a cygwin/mingw-specific -# behavior. -func_emit_wrapper () -{ - func_emit_wrapper_arg1=${1-no} - - $ECHO "\ -#! $SHELL - -# $output - temporary wrapper script for $objdir/$outputname -# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION -# -# The $output program cannot be directly executed until all the libtool -# libraries that it depends on are installed. -# -# This wrapper script should never be moved out of the build directory. -# If it is, it will not operate correctly. - -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -sed_quote_subst='$sed_quote_subst' - -# Be Bourne compatible -if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on \${1+\"\$@\"}, which - # is contrary to our usage. Disable this feature. - alias -g '\${1+\"\$@\"}'='\"\$@\"' - setopt NO_GLOB_SUBST -else - case \`(set -o) 2>/dev/null\` in *posix*) set -o posix;; esac -fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -relink_command=\"$relink_command\" - -# This environment variable determines our operation mode. -if test \"\$libtool_install_magic\" = \"$magic\"; then - # install mode needs the following variables: - generated_by_libtool_version='$macro_version' - notinst_deplibs='$notinst_deplibs' -else - # When we are sourced in execute mode, \$file and \$ECHO are already set. - if test \"\$libtool_execute_magic\" != \"$magic\"; then - file=\"\$0\"" - - qECHO=`$ECHO "$ECHO" | $SED "$sed_quote_subst"` - $ECHO "\ - -# A function that is used when there is no print builtin or printf. -func_fallback_echo () -{ - eval 'cat <<_LTECHO_EOF -\$1 -_LTECHO_EOF' -} - ECHO=\"$qECHO\" - fi - -# Very basic option parsing. These options are (a) specific to -# the libtool wrapper, (b) are identical between the wrapper -# /script/ and the wrapper /executable/ which is used only on -# windows platforms, and (c) all begin with the string "--lt-" -# (application programs are unlikely to have options which match -# this pattern). -# -# There are only two supported options: --lt-debug and -# --lt-dump-script. There is, deliberately, no --lt-help. -# -# The first argument to this parsing function should be the -# script's $0 value, followed by "$@". -lt_option_debug= -func_parse_lt_options () -{ - lt_script_arg0=\$0 - shift - for lt_opt - do - case \"\$lt_opt\" in - --lt-debug) lt_option_debug=1 ;; - --lt-dump-script) - lt_dump_D=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%/[^/]*$%%'\` - test \"X\$lt_dump_D\" = \"X\$lt_script_arg0\" && lt_dump_D=. - lt_dump_F=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%^.*/%%'\` - cat \"\$lt_dump_D/\$lt_dump_F\" - exit 0 - ;; - --lt-*) - \$ECHO \"Unrecognized --lt- option: '\$lt_opt'\" 1>&2 - exit 1 - ;; - esac - done - - # Print the debug banner immediately: - if test -n \"\$lt_option_debug\"; then - echo \"${outputname}:${output}:\${LINENO}: libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\" 1>&2 - fi -} - -# Used when --lt-debug. Prints its arguments to stdout -# (redirection is the responsibility of the caller) -func_lt_dump_args () -{ - lt_dump_args_N=1; - for lt_arg - do - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[\$lt_dump_args_N]: \$lt_arg\" - lt_dump_args_N=\`expr \$lt_dump_args_N + 1\` - done -} - -# Core function for launching the target application -func_exec_program_core () -{ -" - case $host in - # Backslashes separate directories on plain windows - *-*-mingw | *-*-os2* | *-cegcc*) - $ECHO "\ - if test -n \"\$lt_option_debug\"; then - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir\\\\\$program\" 1>&2 - func_lt_dump_args \${1+\"\$@\"} 1>&2 - fi - exec \"\$progdir\\\\\$program\" \${1+\"\$@\"} -" - ;; - - *) - $ECHO "\ - if test -n \"\$lt_option_debug\"; then - \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir/\$program\" 1>&2 - func_lt_dump_args \${1+\"\$@\"} 1>&2 - fi - exec \"\$progdir/\$program\" \${1+\"\$@\"} -" - ;; - esac - $ECHO "\ - \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2 - exit 1 -} - -# A function to encapsulate launching the target application -# Strips options in the --lt-* namespace from \$@ and -# launches target application with the remaining arguments. -func_exec_program () -{ - case \" \$* \" in - *\\ --lt-*) - for lt_wr_arg - do - case \$lt_wr_arg in - --lt-*) ;; - *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; - esac - shift - done ;; - esac - func_exec_program_core \${1+\"\$@\"} -} - - # Parse options - func_parse_lt_options \"\$0\" \${1+\"\$@\"} - - # Find the directory that this script lives in. - thisdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*$%%'\` - test \"x\$thisdir\" = \"x\$file\" && thisdir=. - - # Follow symbolic links until we get to the real thisdir. - file=\`ls -ld \"\$file\" | $SED -n 's/.*-> //p'\` - while test -n \"\$file\"; do - destdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*\$%%'\` - - # If there was a directory component, then change thisdir. - if test \"x\$destdir\" != \"x\$file\"; then - case \"\$destdir\" in - [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;; - *) thisdir=\"\$thisdir/\$destdir\" ;; - esac - fi - - file=\`\$ECHO \"\$file\" | $SED 's%^.*/%%'\` - file=\`ls -ld \"\$thisdir/\$file\" | $SED -n 's/.*-> //p'\` - done - - # Usually 'no', except on cygwin/mingw when embedded into - # the cwrapper. - WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_arg1 - if test \"\$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR\" = \"yes\"; then - # special case for '.' - if test \"\$thisdir\" = \".\"; then - thisdir=\`pwd\` - fi - # remove .libs from thisdir - case \"\$thisdir\" in - *[\\\\/]$objdir ) thisdir=\`\$ECHO \"\$thisdir\" | $SED 's%[\\\\/][^\\\\/]*$%%'\` ;; - $objdir ) thisdir=. ;; - esac - fi - - # Try to get the absolute directory name. - absdir=\`cd \"\$thisdir\" && pwd\` - test -n \"\$absdir\" && thisdir=\"\$absdir\" -" - - if test "$fast_install" = yes; then - $ECHO "\ - program=lt-'$outputname'$exeext - progdir=\"\$thisdir/$objdir\" - - if test ! -f \"\$progdir/\$program\" || - { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | ${SED} 1q\`; \\ - test \"X\$file\" != \"X\$progdir/\$program\"; }; then - - file=\"\$\$-\$program\" - - if test ! -d \"\$progdir\"; then - $MKDIR \"\$progdir\" - else - $RM \"\$progdir/\$file\" - fi" - - $ECHO "\ - - # relink executable if necessary - if test -n \"\$relink_command\"; then - if relink_command_output=\`eval \$relink_command 2>&1\`; then : - else - $ECHO \"\$relink_command_output\" >&2 - $RM \"\$progdir/\$file\" - exit 1 - fi - fi - - $MV \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null || - { $RM \"\$progdir/\$program\"; - $MV \"\$progdir/\$file\" \"\$progdir/\$program\"; } - $RM \"\$progdir/\$file\" - fi" - else - $ECHO "\ - program='$outputname' - progdir=\"\$thisdir/$objdir\" -" - fi - - $ECHO "\ - - if test -f \"\$progdir/\$program\"; then" - - # fixup the dll searchpath if we need to. - # - # Fix the DLL searchpath if we need to. Do this before prepending - # to shlibpath, because on Windows, both are PATH and uninstalled - # libraries must come first. - if test -n "$dllsearchpath"; then - $ECHO "\ - # Add the dll search path components to the executable PATH - PATH=$dllsearchpath:\$PATH -" - fi - - # Export our shlibpath_var if we have one. - if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then - $ECHO "\ - # Add our own library path to $shlibpath_var - $shlibpath_var=\"$temp_rpath\$$shlibpath_var\" - - # Some systems cannot cope with colon-terminated $shlibpath_var - # The second colon is a workaround for a bug in BeOS R4 sed - $shlibpath_var=\`\$ECHO \"\$$shlibpath_var\" | $SED 's/::*\$//'\` - - export $shlibpath_var -" - fi - - $ECHO "\ - if test \"\$libtool_execute_magic\" != \"$magic\"; then - # Run the actual program with our arguments. - func_exec_program \${1+\"\$@\"} - fi - else - # The program doesn't exist. - \$ECHO \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2 - \$ECHO \"This script is just a wrapper for \$program.\" 1>&2 - \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2 - exit 1 - fi -fi\ -" -} - - -# func_emit_cwrapperexe_src -# emit the source code for a wrapper executable on stdout -# Must ONLY be called from within func_mode_link because -# it depends on a number of variable set therein. -func_emit_cwrapperexe_src () -{ - cat < -#include -#ifdef _MSC_VER -# include -# include -# include -#else -# include -# include -# ifdef __CYGWIN__ -# include -# endif -#endif -#include -#include -#include -#include -#include -#include -#include -#include - -/* declarations of non-ANSI functions */ -#if defined(__MINGW32__) -# ifdef __STRICT_ANSI__ -int _putenv (const char *); -# endif -#elif defined(__CYGWIN__) -# ifdef __STRICT_ANSI__ -char *realpath (const char *, char *); -int putenv (char *); -int setenv (const char *, const char *, int); -# endif -/* #elif defined (other platforms) ... */ -#endif - -/* portability defines, excluding path handling macros */ -#if defined(_MSC_VER) -# define setmode _setmode -# define stat _stat -# define chmod _chmod -# define getcwd _getcwd -# define putenv _putenv -# define S_IXUSR _S_IEXEC -# ifndef _INTPTR_T_DEFINED -# define _INTPTR_T_DEFINED -# define intptr_t int -# endif -#elif defined(__MINGW32__) -# define setmode _setmode -# define stat _stat -# define chmod _chmod -# define getcwd _getcwd -# define putenv _putenv -#elif defined(__CYGWIN__) -# define HAVE_SETENV -# define FOPEN_WB "wb" -/* #elif defined (other platforms) ... */ -#endif - -#if defined(PATH_MAX) -# define LT_PATHMAX PATH_MAX -#elif defined(MAXPATHLEN) -# define LT_PATHMAX MAXPATHLEN -#else -# define LT_PATHMAX 1024 -#endif - -#ifndef S_IXOTH -# define S_IXOTH 0 -#endif -#ifndef S_IXGRP -# define S_IXGRP 0 -#endif - -/* path handling portability macros */ -#ifndef DIR_SEPARATOR -# define DIR_SEPARATOR '/' -# define PATH_SEPARATOR ':' -#endif - -#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \ - defined (__OS2__) -# define HAVE_DOS_BASED_FILE_SYSTEM -# define FOPEN_WB "wb" -# ifndef DIR_SEPARATOR_2 -# define DIR_SEPARATOR_2 '\\' -# endif -# ifndef PATH_SEPARATOR_2 -# define PATH_SEPARATOR_2 ';' -# endif -#endif - -#ifndef DIR_SEPARATOR_2 -# define IS_DIR_SEPARATOR(ch) ((ch) == DIR_SEPARATOR) -#else /* DIR_SEPARATOR_2 */ -# define IS_DIR_SEPARATOR(ch) \ - (((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2)) -#endif /* DIR_SEPARATOR_2 */ - -#ifndef PATH_SEPARATOR_2 -# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR) -#else /* PATH_SEPARATOR_2 */ -# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2) -#endif /* PATH_SEPARATOR_2 */ - -#ifndef FOPEN_WB -# define FOPEN_WB "w" -#endif -#ifndef _O_BINARY -# define _O_BINARY 0 -#endif - -#define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type))) -#define XFREE(stale) do { \ - if (stale) { free ((void *) stale); stale = 0; } \ -} while (0) - -#if defined(LT_DEBUGWRAPPER) -static int lt_debug = 1; -#else -static int lt_debug = 0; -#endif - -const char *program_name = "libtool-wrapper"; /* in case xstrdup fails */ - -void *xmalloc (size_t num); -char *xstrdup (const char *string); -const char *base_name (const char *name); -char *find_executable (const char *wrapper); -char *chase_symlinks (const char *pathspec); -int make_executable (const char *path); -int check_executable (const char *path); -char *strendzap (char *str, const char *pat); -void lt_debugprintf (const char *file, int line, const char *fmt, ...); -void lt_fatal (const char *file, int line, const char *message, ...); -static const char *nonnull (const char *s); -static const char *nonempty (const char *s); -void lt_setenv (const char *name, const char *value); -char *lt_extend_str (const char *orig_value, const char *add, int to_end); -void lt_update_exe_path (const char *name, const char *value); -void lt_update_lib_path (const char *name, const char *value); -char **prepare_spawn (char **argv); -void lt_dump_script (FILE *f); -EOF - - cat <= 0) - && (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))) - return 1; - else - return 0; -} - -int -make_executable (const char *path) -{ - int rval = 0; - struct stat st; - - lt_debugprintf (__FILE__, __LINE__, "(make_executable): %s\n", - nonempty (path)); - if ((!path) || (!*path)) - return 0; - - if (stat (path, &st) >= 0) - { - rval = chmod (path, st.st_mode | S_IXOTH | S_IXGRP | S_IXUSR); - } - return rval; -} - -/* Searches for the full path of the wrapper. Returns - newly allocated full path name if found, NULL otherwise - Does not chase symlinks, even on platforms that support them. -*/ -char * -find_executable (const char *wrapper) -{ - int has_slash = 0; - const char *p; - const char *p_next; - /* static buffer for getcwd */ - char tmp[LT_PATHMAX + 1]; - int tmp_len; - char *concat_name; - - lt_debugprintf (__FILE__, __LINE__, "(find_executable): %s\n", - nonempty (wrapper)); - - if ((wrapper == NULL) || (*wrapper == '\0')) - return NULL; - - /* Absolute path? */ -#if defined (HAVE_DOS_BASED_FILE_SYSTEM) - if (isalpha ((unsigned char) wrapper[0]) && wrapper[1] == ':') - { - concat_name = xstrdup (wrapper); - if (check_executable (concat_name)) - return concat_name; - XFREE (concat_name); - } - else - { -#endif - if (IS_DIR_SEPARATOR (wrapper[0])) - { - concat_name = xstrdup (wrapper); - if (check_executable (concat_name)) - return concat_name; - XFREE (concat_name); - } -#if defined (HAVE_DOS_BASED_FILE_SYSTEM) - } -#endif - - for (p = wrapper; *p; p++) - if (*p == '/') - { - has_slash = 1; - break; - } - if (!has_slash) - { - /* no slashes; search PATH */ - const char *path = getenv ("PATH"); - if (path != NULL) - { - for (p = path; *p; p = p_next) - { - const char *q; - size_t p_len; - for (q = p; *q; q++) - if (IS_PATH_SEPARATOR (*q)) - break; - p_len = q - p; - p_next = (*q == '\0' ? q : q + 1); - if (p_len == 0) - { - /* empty path: current directory */ - if (getcwd (tmp, LT_PATHMAX) == NULL) - lt_fatal (__FILE__, __LINE__, "getcwd failed: %s", - nonnull (strerror (errno))); - tmp_len = strlen (tmp); - concat_name = - XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1); - memcpy (concat_name, tmp, tmp_len); - concat_name[tmp_len] = '/'; - strcpy (concat_name + tmp_len + 1, wrapper); - } - else - { - concat_name = - XMALLOC (char, p_len + 1 + strlen (wrapper) + 1); - memcpy (concat_name, p, p_len); - concat_name[p_len] = '/'; - strcpy (concat_name + p_len + 1, wrapper); - } - if (check_executable (concat_name)) - return concat_name; - XFREE (concat_name); - } - } - /* not found in PATH; assume curdir */ - } - /* Relative path | not found in path: prepend cwd */ - if (getcwd (tmp, LT_PATHMAX) == NULL) - lt_fatal (__FILE__, __LINE__, "getcwd failed: %s", - nonnull (strerror (errno))); - tmp_len = strlen (tmp); - concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1); - memcpy (concat_name, tmp, tmp_len); - concat_name[tmp_len] = '/'; - strcpy (concat_name + tmp_len + 1, wrapper); - - if (check_executable (concat_name)) - return concat_name; - XFREE (concat_name); - return NULL; -} - -char * -chase_symlinks (const char *pathspec) -{ -#ifndef S_ISLNK - return xstrdup (pathspec); -#else - char buf[LT_PATHMAX]; - struct stat s; - char *tmp_pathspec = xstrdup (pathspec); - char *p; - int has_symlinks = 0; - while (strlen (tmp_pathspec) && !has_symlinks) - { - lt_debugprintf (__FILE__, __LINE__, - "checking path component for symlinks: %s\n", - tmp_pathspec); - if (lstat (tmp_pathspec, &s) == 0) - { - if (S_ISLNK (s.st_mode) != 0) - { - has_symlinks = 1; - break; - } - - /* search backwards for last DIR_SEPARATOR */ - p = tmp_pathspec + strlen (tmp_pathspec) - 1; - while ((p > tmp_pathspec) && (!IS_DIR_SEPARATOR (*p))) - p--; - if ((p == tmp_pathspec) && (!IS_DIR_SEPARATOR (*p))) - { - /* no more DIR_SEPARATORS left */ - break; - } - *p = '\0'; - } - else - { - lt_fatal (__FILE__, __LINE__, - "error accessing file \"%s\": %s", - tmp_pathspec, nonnull (strerror (errno))); - } - } - XFREE (tmp_pathspec); - - if (!has_symlinks) - { - return xstrdup (pathspec); - } - - tmp_pathspec = realpath (pathspec, buf); - if (tmp_pathspec == 0) - { - lt_fatal (__FILE__, __LINE__, - "could not follow symlinks for %s", pathspec); - } - return xstrdup (tmp_pathspec); -#endif -} - -char * -strendzap (char *str, const char *pat) -{ - size_t len, patlen; - - assert (str != NULL); - assert (pat != NULL); - - len = strlen (str); - patlen = strlen (pat); - - if (patlen <= len) - { - str += len - patlen; - if (strcmp (str, pat) == 0) - *str = '\0'; - } - return str; -} - -void -lt_debugprintf (const char *file, int line, const char *fmt, ...) -{ - va_list args; - if (lt_debug) - { - (void) fprintf (stderr, "%s:%s:%d: ", program_name, file, line); - va_start (args, fmt); - (void) vfprintf (stderr, fmt, args); - va_end (args); - } -} - -static void -lt_error_core (int exit_status, const char *file, - int line, const char *mode, - const char *message, va_list ap) -{ - fprintf (stderr, "%s:%s:%d: %s: ", program_name, file, line, mode); - vfprintf (stderr, message, ap); - fprintf (stderr, ".\n"); - - if (exit_status >= 0) - exit (exit_status); -} - -void -lt_fatal (const char *file, int line, const char *message, ...) -{ - va_list ap; - va_start (ap, message); - lt_error_core (EXIT_FAILURE, file, line, "FATAL", message, ap); - va_end (ap); -} - -static const char * -nonnull (const char *s) -{ - return s ? s : "(null)"; -} - -static const char * -nonempty (const char *s) -{ - return (s && !*s) ? "(empty)" : nonnull (s); -} - -void -lt_setenv (const char *name, const char *value) -{ - lt_debugprintf (__FILE__, __LINE__, - "(lt_setenv) setting '%s' to '%s'\n", - nonnull (name), nonnull (value)); - { -#ifdef HAVE_SETENV - /* always make a copy, for consistency with !HAVE_SETENV */ - char *str = xstrdup (value); - setenv (name, str, 1); -#else - int len = strlen (name) + 1 + strlen (value) + 1; - char *str = XMALLOC (char, len); - sprintf (str, "%s=%s", name, value); - if (putenv (str) != EXIT_SUCCESS) - { - XFREE (str); - } -#endif - } -} - -char * -lt_extend_str (const char *orig_value, const char *add, int to_end) -{ - char *new_value; - if (orig_value && *orig_value) - { - int orig_value_len = strlen (orig_value); - int add_len = strlen (add); - new_value = XMALLOC (char, add_len + orig_value_len + 1); - if (to_end) - { - strcpy (new_value, orig_value); - strcpy (new_value + orig_value_len, add); - } - else - { - strcpy (new_value, add); - strcpy (new_value + add_len, orig_value); - } - } - else - { - new_value = xstrdup (add); - } - return new_value; -} - -void -lt_update_exe_path (const char *name, const char *value) -{ - lt_debugprintf (__FILE__, __LINE__, - "(lt_update_exe_path) modifying '%s' by prepending '%s'\n", - nonnull (name), nonnull (value)); - - if (name && *name && value && *value) - { - char *new_value = lt_extend_str (getenv (name), value, 0); - /* some systems can't cope with a ':'-terminated path #' */ - int len = strlen (new_value); - while (((len = strlen (new_value)) > 0) && IS_PATH_SEPARATOR (new_value[len-1])) - { - new_value[len-1] = '\0'; - } - lt_setenv (name, new_value); - XFREE (new_value); - } -} - -void -lt_update_lib_path (const char *name, const char *value) -{ - lt_debugprintf (__FILE__, __LINE__, - "(lt_update_lib_path) modifying '%s' by prepending '%s'\n", - nonnull (name), nonnull (value)); - - if (name && *name && value && *value) - { - char *new_value = lt_extend_str (getenv (name), value, 0); - lt_setenv (name, new_value); - XFREE (new_value); - } -} - -EOF - case $host_os in - mingw*) - cat <<"EOF" - -/* Prepares an argument vector before calling spawn(). - Note that spawn() does not by itself call the command interpreter - (getenv ("COMSPEC") != NULL ? getenv ("COMSPEC") : - ({ OSVERSIONINFO v; v.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); - GetVersionEx(&v); - v.dwPlatformId == VER_PLATFORM_WIN32_NT; - }) ? "cmd.exe" : "command.com"). - Instead it simply concatenates the arguments, separated by ' ', and calls - CreateProcess(). We must quote the arguments since Win32 CreateProcess() - interprets characters like ' ', '\t', '\\', '"' (but not '<' and '>') in a - special way: - - Space and tab are interpreted as delimiters. They are not treated as - delimiters if they are surrounded by double quotes: "...". - - Unescaped double quotes are removed from the input. Their only effect is - that within double quotes, space and tab are treated like normal - characters. - - Backslashes not followed by double quotes are not special. - - But 2*n+1 backslashes followed by a double quote become - n backslashes followed by a double quote (n >= 0): - \" -> " - \\\" -> \" - \\\\\" -> \\" - */ -#define SHELL_SPECIAL_CHARS "\"\\ \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037" -#define SHELL_SPACE_CHARS " \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037" -char ** -prepare_spawn (char **argv) -{ - size_t argc; - char **new_argv; - size_t i; - - /* Count number of arguments. */ - for (argc = 0; argv[argc] != NULL; argc++) - ; - - /* Allocate new argument vector. */ - new_argv = XMALLOC (char *, argc + 1); - - /* Put quoted arguments into the new argument vector. */ - for (i = 0; i < argc; i++) - { - const char *string = argv[i]; - - if (string[0] == '\0') - new_argv[i] = xstrdup ("\"\""); - else if (strpbrk (string, SHELL_SPECIAL_CHARS) != NULL) - { - int quote_around = (strpbrk (string, SHELL_SPACE_CHARS) != NULL); - size_t length; - unsigned int backslashes; - const char *s; - char *quoted_string; - char *p; - - length = 0; - backslashes = 0; - if (quote_around) - length++; - for (s = string; *s != '\0'; s++) - { - char c = *s; - if (c == '"') - length += backslashes + 1; - length++; - if (c == '\\') - backslashes++; - else - backslashes = 0; - } - if (quote_around) - length += backslashes + 1; - - quoted_string = XMALLOC (char, length + 1); - - p = quoted_string; - backslashes = 0; - if (quote_around) - *p++ = '"'; - for (s = string; *s != '\0'; s++) - { - char c = *s; - if (c == '"') - { - unsigned int j; - for (j = backslashes + 1; j > 0; j--) - *p++ = '\\'; - } - *p++ = c; - if (c == '\\') - backslashes++; - else - backslashes = 0; - } - if (quote_around) - { - unsigned int j; - for (j = backslashes; j > 0; j--) - *p++ = '\\'; - *p++ = '"'; - } - *p = '\0'; - - new_argv[i] = quoted_string; - } - else - new_argv[i] = (char *) string; - } - new_argv[argc] = NULL; - - return new_argv; -} -EOF - ;; - esac - - cat <<"EOF" -void lt_dump_script (FILE* f) -{ -EOF - func_emit_wrapper yes | - $SED -n -e ' -s/^\(.\{79\}\)\(..*\)/\1\ -\2/ -h -s/\([\\"]\)/\\\1/g -s/$/\\n/ -s/\([^\n]*\).*/ fputs ("\1", f);/p -g -D' - cat <<"EOF" -} -EOF -} -# end: func_emit_cwrapperexe_src - -# func_win32_import_lib_p ARG -# True if ARG is an import lib, as indicated by $file_magic_cmd -func_win32_import_lib_p () -{ - $opt_debug - case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in - *import*) : ;; - *) false ;; - esac -} - -# func_mode_link arg... -func_mode_link () -{ - $opt_debug - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) - # It is impossible to link a dll without this setting, and - # we shouldn't force the makefile maintainer to figure out - # which system we are compiling for in order to pass an extra - # flag for every libtool invocation. - # allow_undefined=no - - # FIXME: Unfortunately, there are problems with the above when trying - # to make a dll which has undefined symbols, in which case not - # even a static library is built. For now, we need to specify - # -no-undefined on the libtool link line when we can be certain - # that all symbols are satisfied, otherwise we get a static library. - allow_undefined=yes - ;; - *) - allow_undefined=yes - ;; - esac - libtool_args=$nonopt - base_compile="$nonopt $@" - compile_command=$nonopt - finalize_command=$nonopt - - compile_rpath= - finalize_rpath= - compile_shlibpath= - finalize_shlibpath= - convenience= - old_convenience= - deplibs= - old_deplibs= - compiler_flags= - linker_flags= - dllsearchpath= - lib_search_path=`pwd` - inst_prefix_dir= - new_inherited_linker_flags= - - avoid_version=no - bindir= - dlfiles= - dlprefiles= - dlself=no - export_dynamic=no - export_symbols= - export_symbols_regex= - generated= - libobjs= - ltlibs= - module=no - no_install=no - objs= - non_pic_objects= - precious_files_regex= - prefer_static_libs=no - preload=no - prev= - prevarg= - release= - rpath= - xrpath= - perm_rpath= - temp_rpath= - thread_safe=no - vinfo= - vinfo_number=no - weak_libs= - single_module="${wl}-single_module" - func_infer_tag $base_compile - - # We need to know -static, to get the right output filenames. - for arg - do - case $arg in - -shared) - test "$build_libtool_libs" != yes && \ - func_fatal_configuration "can not build a shared library" - build_old_libs=no - break - ;; - -all-static | -static | -static-libtool-libs) - case $arg in - -all-static) - if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then - func_warning "complete static linking is impossible in this configuration" - fi - if test -n "$link_static_flag"; then - dlopen_self=$dlopen_self_static - fi - prefer_static_libs=yes - ;; - -static) - if test -z "$pic_flag" && test -n "$link_static_flag"; then - dlopen_self=$dlopen_self_static - fi - prefer_static_libs=built - ;; - -static-libtool-libs) - if test -z "$pic_flag" && test -n "$link_static_flag"; then - dlopen_self=$dlopen_self_static - fi - prefer_static_libs=yes - ;; - esac - build_libtool_libs=no - build_old_libs=yes - break - ;; - esac - done - - # See if our shared archives depend on static archives. - test -n "$old_archive_from_new_cmds" && build_old_libs=yes - - # Go through the arguments, transforming them on the way. - while test "$#" -gt 0; do - arg="$1" - shift - func_quote_for_eval "$arg" - qarg=$func_quote_for_eval_unquoted_result - func_append libtool_args " $func_quote_for_eval_result" - - # If the previous option needs an argument, assign it. - if test -n "$prev"; then - case $prev in - output) - func_append compile_command " @OUTPUT@" - func_append finalize_command " @OUTPUT@" - ;; - esac - - case $prev in - bindir) - bindir="$arg" - prev= - continue - ;; - dlfiles|dlprefiles) - if test "$preload" = no; then - # Add the symbol object into the linking commands. - func_append compile_command " @SYMFILE@" - func_append finalize_command " @SYMFILE@" - preload=yes - fi - case $arg in - *.la | *.lo) ;; # We handle these cases below. - force) - if test "$dlself" = no; then - dlself=needless - export_dynamic=yes - fi - prev= - continue - ;; - self) - if test "$prev" = dlprefiles; then - dlself=yes - elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then - dlself=yes - else - dlself=needless - export_dynamic=yes - fi - prev= - continue - ;; - *) - if test "$prev" = dlfiles; then - func_append dlfiles " $arg" - else - func_append dlprefiles " $arg" - fi - prev= - continue - ;; - esac - ;; - expsyms) - export_symbols="$arg" - test -f "$arg" \ - || func_fatal_error "symbol file \`$arg' does not exist" - prev= - continue - ;; - expsyms_regex) - export_symbols_regex="$arg" - prev= - continue - ;; - framework) - case $host in - *-*-darwin*) - case "$deplibs " in - *" $qarg.ltframework "*) ;; - *) func_append deplibs " $qarg.ltframework" # this is fixed later - ;; - esac - ;; - esac - prev= - continue - ;; - inst_prefix) - inst_prefix_dir="$arg" - prev= - continue - ;; - objectlist) - if test -f "$arg"; then - save_arg=$arg - moreargs= - for fil in `cat "$save_arg"` - do -# func_append moreargs " $fil" - arg=$fil - # A libtool-controlled object. - - # Check to see that this really is a libtool object. - if func_lalib_unsafe_p "$arg"; then - pic_object= - non_pic_object= - - # Read the .lo file - func_source "$arg" - - if test -z "$pic_object" || - test -z "$non_pic_object" || - test "$pic_object" = none && - test "$non_pic_object" = none; then - func_fatal_error "cannot find name of object for \`$arg'" - fi - - # Extract subdirectory from the argument. - func_dirname "$arg" "/" "" - xdir="$func_dirname_result" - - if test "$pic_object" != none; then - # Prepend the subdirectory the object is found in. - pic_object="$xdir$pic_object" - - if test "$prev" = dlfiles; then - if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then - func_append dlfiles " $pic_object" - prev= - continue - else - # If libtool objects are unsupported, then we need to preload. - prev=dlprefiles - fi - fi - - # CHECK ME: I think I busted this. -Ossama - if test "$prev" = dlprefiles; then - # Preload the old-style object. - func_append dlprefiles " $pic_object" - prev= - fi - - # A PIC object. - func_append libobjs " $pic_object" - arg="$pic_object" - fi - - # Non-PIC object. - if test "$non_pic_object" != none; then - # Prepend the subdirectory the object is found in. - non_pic_object="$xdir$non_pic_object" - - # A standard non-PIC object - func_append non_pic_objects " $non_pic_object" - if test -z "$pic_object" || test "$pic_object" = none ; then - arg="$non_pic_object" - fi - else - # If the PIC object exists, use it instead. - # $xdir was prepended to $pic_object above. - non_pic_object="$pic_object" - func_append non_pic_objects " $non_pic_object" - fi - else - # Only an error if not doing a dry-run. - if $opt_dry_run; then - # Extract subdirectory from the argument. - func_dirname "$arg" "/" "" - xdir="$func_dirname_result" - - func_lo2o "$arg" - pic_object=$xdir$objdir/$func_lo2o_result - non_pic_object=$xdir$func_lo2o_result - func_append libobjs " $pic_object" - func_append non_pic_objects " $non_pic_object" - else - func_fatal_error "\`$arg' is not a valid libtool object" - fi - fi - done - else - func_fatal_error "link input file \`$arg' does not exist" - fi - arg=$save_arg - prev= - continue - ;; - precious_regex) - precious_files_regex="$arg" - prev= - continue - ;; - release) - release="-$arg" - prev= - continue - ;; - rpath | xrpath) - # We need an absolute path. - case $arg in - [\\/]* | [A-Za-z]:[\\/]*) ;; - *) - func_fatal_error "only absolute run-paths are allowed" - ;; - esac - if test "$prev" = rpath; then - case "$rpath " in - *" $arg "*) ;; - *) func_append rpath " $arg" ;; - esac - else - case "$xrpath " in - *" $arg "*) ;; - *) func_append xrpath " $arg" ;; - esac - fi - prev= - continue - ;; - shrext) - shrext_cmds="$arg" - prev= - continue - ;; - weak) - func_append weak_libs " $arg" - prev= - continue - ;; - xcclinker) - func_append linker_flags " $qarg" - func_append compiler_flags " $qarg" - prev= - func_append compile_command " $qarg" - func_append finalize_command " $qarg" - continue - ;; - xcompiler) - func_append compiler_flags " $qarg" - prev= - func_append compile_command " $qarg" - func_append finalize_command " $qarg" - continue - ;; - xlinker) - func_append linker_flags " $qarg" - func_append compiler_flags " $wl$qarg" - prev= - func_append compile_command " $wl$qarg" - func_append finalize_command " $wl$qarg" - continue - ;; - *) - eval "$prev=\"\$arg\"" - prev= - continue - ;; - esac - fi # test -n "$prev" - - prevarg="$arg" - - case $arg in - -all-static) - if test -n "$link_static_flag"; then - # See comment for -static flag below, for more details. - func_append compile_command " $link_static_flag" - func_append finalize_command " $link_static_flag" - fi - continue - ;; - - -allow-undefined) - # FIXME: remove this flag sometime in the future. - func_fatal_error "\`-allow-undefined' must not be used because it is the default" - ;; - - -avoid-version) - avoid_version=yes - continue - ;; - - -bindir) - prev=bindir - continue - ;; - - -dlopen) - prev=dlfiles - continue - ;; - - -dlpreopen) - prev=dlprefiles - continue - ;; - - -export-dynamic) - export_dynamic=yes - continue - ;; - - -export-symbols | -export-symbols-regex) - if test -n "$export_symbols" || test -n "$export_symbols_regex"; then - func_fatal_error "more than one -exported-symbols argument is not allowed" - fi - if test "X$arg" = "X-export-symbols"; then - prev=expsyms - else - prev=expsyms_regex - fi - continue - ;; - - -framework) - prev=framework - continue - ;; - - -inst-prefix-dir) - prev=inst_prefix - continue - ;; - - # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:* - # so, if we see these flags be careful not to treat them like -L - -L[A-Z][A-Z]*:*) - case $with_gcc/$host in - no/*-*-irix* | /*-*-irix*) - func_append compile_command " $arg" - func_append finalize_command " $arg" - ;; - esac - continue - ;; - - -L*) - func_stripname "-L" '' "$arg" - if test -z "$func_stripname_result"; then - if test "$#" -gt 0; then - func_fatal_error "require no space between \`-L' and \`$1'" - else - func_fatal_error "need path for \`-L' option" - fi - fi - func_resolve_sysroot "$func_stripname_result" - dir=$func_resolve_sysroot_result - # We need an absolute path. - case $dir in - [\\/]* | [A-Za-z]:[\\/]*) ;; - *) - absdir=`cd "$dir" && pwd` - test -z "$absdir" && \ - func_fatal_error "cannot determine absolute directory name of \`$dir'" - dir="$absdir" - ;; - esac - case "$deplibs " in - *" -L$dir "* | *" $arg "*) - # Will only happen for absolute or sysroot arguments - ;; - *) - # Preserve sysroot, but never include relative directories - case $dir in - [\\/]* | [A-Za-z]:[\\/]* | =*) func_append deplibs " $arg" ;; - *) func_append deplibs " -L$dir" ;; - esac - func_append lib_search_path " $dir" - ;; - esac - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) - testbindir=`$ECHO "$dir" | $SED 's*/lib$*/bin*'` - case :$dllsearchpath: in - *":$dir:"*) ;; - ::) dllsearchpath=$dir;; - *) func_append dllsearchpath ":$dir";; - esac - case :$dllsearchpath: in - *":$testbindir:"*) ;; - ::) dllsearchpath=$testbindir;; - *) func_append dllsearchpath ":$testbindir";; - esac - ;; - esac - continue - ;; - - -l*) - if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*) - # These systems don't actually have a C or math library (as such) - continue - ;; - *-*-os2*) - # These systems don't actually have a C library (as such) - test "X$arg" = "X-lc" && continue - ;; - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) - # Do not include libc due to us having libc/libc_r. - test "X$arg" = "X-lc" && continue - ;; - *-*-rhapsody* | *-*-darwin1.[012]) - # Rhapsody C and math libraries are in the System framework - func_append deplibs " System.ltframework" - continue - ;; - *-*-sco3.2v5* | *-*-sco5v6*) - # Causes problems with __ctype - test "X$arg" = "X-lc" && continue - ;; - *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) - # Compiler inserts libc in the correct place for threads to work - test "X$arg" = "X-lc" && continue - ;; - esac - elif test "X$arg" = "X-lc_r"; then - case $host in - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) - # Do not include libc_r directly, use -pthread flag. - continue - ;; - esac - fi - func_append deplibs " $arg" - continue - ;; - - -module) - module=yes - continue - ;; - - # Tru64 UNIX uses -model [arg] to determine the layout of C++ - # classes, name mangling, and exception handling. - # Darwin uses the -arch flag to determine output architecture. - -model|-arch|-isysroot|--sysroot) - func_append compiler_flags " $arg" - func_append compile_command " $arg" - func_append finalize_command " $arg" - prev=xcompiler - continue - ;; - - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ - |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) - func_append compiler_flags " $arg" - func_append compile_command " $arg" - func_append finalize_command " $arg" - case "$new_inherited_linker_flags " in - *" $arg "*) ;; - * ) func_append new_inherited_linker_flags " $arg" ;; - esac - continue - ;; - - -multi_module) - single_module="${wl}-multi_module" - continue - ;; - - -no-fast-install) - fast_install=no - continue - ;; - - -no-install) - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*) - # The PATH hackery in wrapper scripts is required on Windows - # and Darwin in order for the loader to find any dlls it needs. - func_warning "\`-no-install' is ignored for $host" - func_warning "assuming \`-no-fast-install' instead" - fast_install=no - ;; - *) no_install=yes ;; - esac - continue - ;; - - -no-undefined) - allow_undefined=no - continue - ;; - - -objectlist) - prev=objectlist - continue - ;; - - -o) prev=output ;; - - -precious-files-regex) - prev=precious_regex - continue - ;; - - -release) - prev=release - continue - ;; - - -rpath) - prev=rpath - continue - ;; - - -R) - prev=xrpath - continue - ;; - - -R*) - func_stripname '-R' '' "$arg" - dir=$func_stripname_result - # We need an absolute path. - case $dir in - [\\/]* | [A-Za-z]:[\\/]*) ;; - =*) - func_stripname '=' '' "$dir" - dir=$lt_sysroot$func_stripname_result - ;; - *) - func_fatal_error "only absolute run-paths are allowed" - ;; - esac - case "$xrpath " in - *" $dir "*) ;; - *) func_append xrpath " $dir" ;; - esac - continue - ;; - - -shared) - # The effects of -shared are defined in a previous loop. - continue - ;; - - -shrext) - prev=shrext - continue - ;; - - -static | -static-libtool-libs) - # The effects of -static are defined in a previous loop. - # We used to do the same as -all-static on platforms that - # didn't have a PIC flag, but the assumption that the effects - # would be equivalent was wrong. It would break on at least - # Digital Unix and AIX. - continue - ;; - - -thread-safe) - thread_safe=yes - continue - ;; - - -version-info) - prev=vinfo - continue - ;; - - -version-number) - prev=vinfo - vinfo_number=yes - continue - ;; - - -weak) - prev=weak - continue - ;; - - -Wc,*) - func_stripname '-Wc,' '' "$arg" - args=$func_stripname_result - arg= - save_ifs="$IFS"; IFS=',' - for flag in $args; do - IFS="$save_ifs" - func_quote_for_eval "$flag" - func_append arg " $func_quote_for_eval_result" - func_append compiler_flags " $func_quote_for_eval_result" - done - IFS="$save_ifs" - func_stripname ' ' '' "$arg" - arg=$func_stripname_result - ;; - - -Wl,*) - func_stripname '-Wl,' '' "$arg" - args=$func_stripname_result - arg= - save_ifs="$IFS"; IFS=',' - for flag in $args; do - IFS="$save_ifs" - func_quote_for_eval "$flag" - func_append arg " $wl$func_quote_for_eval_result" - func_append compiler_flags " $wl$func_quote_for_eval_result" - func_append linker_flags " $func_quote_for_eval_result" - done - IFS="$save_ifs" - func_stripname ' ' '' "$arg" - arg=$func_stripname_result - ;; - - -Xcompiler) - prev=xcompiler - continue - ;; - - -Xlinker) - prev=xlinker - continue - ;; - - -XCClinker) - prev=xcclinker - continue - ;; - - # -msg_* for osf cc - -msg_*) - func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" - ;; - - # Flags to be passed through unchanged, with rationale: - # -64, -mips[0-9] enable 64-bit mode for the SGI compiler - # -r[0-9][0-9]* specify processor for the SGI compiler - # -xarch=*, -xtarget=* enable 64-bit mode for the Sun compiler - # +DA*, +DD* enable 64-bit mode for the HP compiler - # -q* compiler args for the IBM compiler - # -m*, -t[45]*, -txscale* architecture-specific flags for GCC - # -F/path path to uninstalled frameworks, gcc on darwin - # -p, -pg, --coverage, -fprofile-* profiling flags for GCC - # @file GCC response files - # -tp=* Portland pgcc target processor selection - # --sysroot=* for sysroot support - # -O*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization - -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ - -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ - -O*|-flto*|-fwhopr*|-fuse-linker-plugin) - func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" - func_append compile_command " $arg" - func_append finalize_command " $arg" - func_append compiler_flags " $arg" - continue - ;; - - # Some other compiler flag. - -* | +*) - func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" - ;; - - *.$objext) - # A standard object. - func_append objs " $arg" - ;; - - *.lo) - # A libtool-controlled object. - - # Check to see that this really is a libtool object. - if func_lalib_unsafe_p "$arg"; then - pic_object= - non_pic_object= - - # Read the .lo file - func_source "$arg" - - if test -z "$pic_object" || - test -z "$non_pic_object" || - test "$pic_object" = none && - test "$non_pic_object" = none; then - func_fatal_error "cannot find name of object for \`$arg'" - fi - - # Extract subdirectory from the argument. - func_dirname "$arg" "/" "" - xdir="$func_dirname_result" - - if test "$pic_object" != none; then - # Prepend the subdirectory the object is found in. - pic_object="$xdir$pic_object" - - if test "$prev" = dlfiles; then - if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then - func_append dlfiles " $pic_object" - prev= - continue - else - # If libtool objects are unsupported, then we need to preload. - prev=dlprefiles - fi - fi - - # CHECK ME: I think I busted this. -Ossama - if test "$prev" = dlprefiles; then - # Preload the old-style object. - func_append dlprefiles " $pic_object" - prev= - fi - - # A PIC object. - func_append libobjs " $pic_object" - arg="$pic_object" - fi - - # Non-PIC object. - if test "$non_pic_object" != none; then - # Prepend the subdirectory the object is found in. - non_pic_object="$xdir$non_pic_object" - - # A standard non-PIC object - func_append non_pic_objects " $non_pic_object" - if test -z "$pic_object" || test "$pic_object" = none ; then - arg="$non_pic_object" - fi - else - # If the PIC object exists, use it instead. - # $xdir was prepended to $pic_object above. - non_pic_object="$pic_object" - func_append non_pic_objects " $non_pic_object" - fi - else - # Only an error if not doing a dry-run. - if $opt_dry_run; then - # Extract subdirectory from the argument. - func_dirname "$arg" "/" "" - xdir="$func_dirname_result" - - func_lo2o "$arg" - pic_object=$xdir$objdir/$func_lo2o_result - non_pic_object=$xdir$func_lo2o_result - func_append libobjs " $pic_object" - func_append non_pic_objects " $non_pic_object" - else - func_fatal_error "\`$arg' is not a valid libtool object" - fi - fi - ;; - - *.$libext) - # An archive. - func_append deplibs " $arg" - func_append old_deplibs " $arg" - continue - ;; - - *.la) - # A libtool-controlled library. - - func_resolve_sysroot "$arg" - if test "$prev" = dlfiles; then - # This library was specified with -dlopen. - func_append dlfiles " $func_resolve_sysroot_result" - prev= - elif test "$prev" = dlprefiles; then - # The library was specified with -dlpreopen. - func_append dlprefiles " $func_resolve_sysroot_result" - prev= - else - func_append deplibs " $func_resolve_sysroot_result" - fi - continue - ;; - - # Some other compiler argument. - *) - # Unknown arguments in both finalize_command and compile_command need - # to be aesthetically quoted because they are evaled later. - func_quote_for_eval "$arg" - arg="$func_quote_for_eval_result" - ;; - esac # arg - - # Now actually substitute the argument into the commands. - if test -n "$arg"; then - func_append compile_command " $arg" - func_append finalize_command " $arg" - fi - done # argument parsing loop - - test -n "$prev" && \ - func_fatal_help "the \`$prevarg' option requires an argument" - - if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then - eval arg=\"$export_dynamic_flag_spec\" - func_append compile_command " $arg" - func_append finalize_command " $arg" - fi - - oldlibs= - # calculate the name of the file, without its directory - func_basename "$output" - outputname="$func_basename_result" - libobjs_save="$libobjs" - - if test -n "$shlibpath_var"; then - # get the directories listed in $shlibpath_var - eval shlib_search_path=\`\$ECHO \"\${$shlibpath_var}\" \| \$SED \'s/:/ /g\'\` - else - shlib_search_path= - fi - eval sys_lib_search_path=\"$sys_lib_search_path_spec\" - eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\" - - func_dirname "$output" "/" "" - output_objdir="$func_dirname_result$objdir" - func_to_tool_file "$output_objdir/" - tool_output_objdir=$func_to_tool_file_result - # Create the object directory. - func_mkdir_p "$output_objdir" - - # Determine the type of output - case $output in - "") - func_fatal_help "you must specify an output file" - ;; - *.$libext) linkmode=oldlib ;; - *.lo | *.$objext) linkmode=obj ;; - *.la) linkmode=lib ;; - *) linkmode=prog ;; # Anything else should be a program. - esac - - specialdeplibs= - - libs= - # Find all interdependent deplibs by searching for libraries - # that are linked more than once (e.g. -la -lb -la) - for deplib in $deplibs; do - if $opt_preserve_dup_deps ; then - case "$libs " in - *" $deplib "*) func_append specialdeplibs " $deplib" ;; - esac - fi - func_append libs " $deplib" - done - - if test "$linkmode" = lib; then - libs="$predeps $libs $compiler_lib_search_path $postdeps" - - # Compute libraries that are listed more than once in $predeps - # $postdeps and mark them as special (i.e., whose duplicates are - # not to be eliminated). - pre_post_deps= - if $opt_duplicate_compiler_generated_deps; then - for pre_post_dep in $predeps $postdeps; do - case "$pre_post_deps " in - *" $pre_post_dep "*) func_append specialdeplibs " $pre_post_deps" ;; - esac - func_append pre_post_deps " $pre_post_dep" - done - fi - pre_post_deps= - fi - - deplibs= - newdependency_libs= - newlib_search_path= - need_relink=no # whether we're linking any uninstalled libtool libraries - notinst_deplibs= # not-installed libtool libraries - notinst_path= # paths that contain not-installed libtool libraries - - case $linkmode in - lib) - passes="conv dlpreopen link" - for file in $dlfiles $dlprefiles; do - case $file in - *.la) ;; - *) - func_fatal_help "libraries can \`-dlopen' only libtool libraries: $file" - ;; - esac - done - ;; - prog) - compile_deplibs= - finalize_deplibs= - alldeplibs=no - newdlfiles= - newdlprefiles= - passes="conv scan dlopen dlpreopen link" - ;; - *) passes="conv" - ;; - esac - - for pass in $passes; do - # The preopen pass in lib mode reverses $deplibs; put it back here - # so that -L comes before libs that need it for instance... - if test "$linkmode,$pass" = "lib,link"; then - ## FIXME: Find the place where the list is rebuilt in the wrong - ## order, and fix it there properly - tmp_deplibs= - for deplib in $deplibs; do - tmp_deplibs="$deplib $tmp_deplibs" - done - deplibs="$tmp_deplibs" - fi - - if test "$linkmode,$pass" = "lib,link" || - test "$linkmode,$pass" = "prog,scan"; then - libs="$deplibs" - deplibs= - fi - if test "$linkmode" = prog; then - case $pass in - dlopen) libs="$dlfiles" ;; - dlpreopen) libs="$dlprefiles" ;; - link) - libs="$deplibs %DEPLIBS%" - test "X$link_all_deplibs" != Xno && libs="$libs $dependency_libs" - ;; - esac - fi - if test "$linkmode,$pass" = "lib,dlpreopen"; then - # Collect and forward deplibs of preopened libtool libs - for lib in $dlprefiles; do - # Ignore non-libtool-libs - dependency_libs= - func_resolve_sysroot "$lib" - case $lib in - *.la) func_source "$func_resolve_sysroot_result" ;; - esac - - # Collect preopened libtool deplibs, except any this library - # has declared as weak libs - for deplib in $dependency_libs; do - func_basename "$deplib" - deplib_base=$func_basename_result - case " $weak_libs " in - *" $deplib_base "*) ;; - *) func_append deplibs " $deplib" ;; - esac - done - done - libs="$dlprefiles" - fi - if test "$pass" = dlopen; then - # Collect dlpreopened libraries - save_deplibs="$deplibs" - deplibs= - fi - - for deplib in $libs; do - lib= - found=no - case $deplib in - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ - |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - func_append compiler_flags " $deplib" - if test "$linkmode" = lib ; then - case "$new_inherited_linker_flags " in - *" $deplib "*) ;; - * ) func_append new_inherited_linker_flags " $deplib" ;; - esac - fi - fi - continue - ;; - -l*) - if test "$linkmode" != lib && test "$linkmode" != prog; then - func_warning "\`-l' is ignored for archives/objects" - continue - fi - func_stripname '-l' '' "$deplib" - name=$func_stripname_result - if test "$linkmode" = lib; then - searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path" - else - searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path" - fi - for searchdir in $searchdirs; do - for search_ext in .la $std_shrext .so .a; do - # Search the libtool library - lib="$searchdir/lib${name}${search_ext}" - if test -f "$lib"; then - if test "$search_ext" = ".la"; then - found=yes - else - found=no - fi - break 2 - fi - done - done - if test "$found" != yes; then - # deplib doesn't seem to be a libtool library - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - deplibs="$deplib $deplibs" - test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" - fi - continue - else # deplib is a libtool library - # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib, - # We need to do some special things here, and not later. - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then - case " $predeps $postdeps " in - *" $deplib "*) - if func_lalib_p "$lib"; then - library_names= - old_library= - func_source "$lib" - for l in $old_library $library_names; do - ll="$l" - done - if test "X$ll" = "X$old_library" ; then # only static version available - found=no - func_dirname "$lib" "" "." - ladir="$func_dirname_result" - lib=$ladir/$old_library - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - deplibs="$deplib $deplibs" - test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" - fi - continue - fi - fi - ;; - *) ;; - esac - fi - fi - ;; # -l - *.ltframework) - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - deplibs="$deplib $deplibs" - if test "$linkmode" = lib ; then - case "$new_inherited_linker_flags " in - *" $deplib "*) ;; - * ) func_append new_inherited_linker_flags " $deplib" ;; - esac - fi - fi - continue - ;; - -L*) - case $linkmode in - lib) - deplibs="$deplib $deplibs" - test "$pass" = conv && continue - newdependency_libs="$deplib $newdependency_libs" - func_stripname '-L' '' "$deplib" - func_resolve_sysroot "$func_stripname_result" - func_append newlib_search_path " $func_resolve_sysroot_result" - ;; - prog) - if test "$pass" = conv; then - deplibs="$deplib $deplibs" - continue - fi - if test "$pass" = scan; then - deplibs="$deplib $deplibs" - else - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - fi - func_stripname '-L' '' "$deplib" - func_resolve_sysroot "$func_stripname_result" - func_append newlib_search_path " $func_resolve_sysroot_result" - ;; - *) - func_warning "\`-L' is ignored for archives/objects" - ;; - esac # linkmode - continue - ;; # -L - -R*) - if test "$pass" = link; then - func_stripname '-R' '' "$deplib" - func_resolve_sysroot "$func_stripname_result" - dir=$func_resolve_sysroot_result - # Make sure the xrpath contains only unique directories. - case "$xrpath " in - *" $dir "*) ;; - *) func_append xrpath " $dir" ;; - esac - fi - deplibs="$deplib $deplibs" - continue - ;; - *.la) - func_resolve_sysroot "$deplib" - lib=$func_resolve_sysroot_result - ;; - *.$libext) - if test "$pass" = conv; then - deplibs="$deplib $deplibs" - continue - fi - case $linkmode in - lib) - # Linking convenience modules into shared libraries is allowed, - # but linking other static libraries is non-portable. - case " $dlpreconveniencelibs " in - *" $deplib "*) ;; - *) - valid_a_lib=no - case $deplibs_check_method in - match_pattern*) - set dummy $deplibs_check_method; shift - match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"` - if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \ - | $EGREP "$match_pattern_regex" > /dev/null; then - valid_a_lib=yes - fi - ;; - pass_all) - valid_a_lib=yes - ;; - esac - if test "$valid_a_lib" != yes; then - echo - $ECHO "*** Warning: Trying to link with static lib archive $deplib." - echo "*** I have the capability to make that library automatically link in when" - echo "*** you link to this library. But I can only do this if you have a" - echo "*** shared version of the library, which you do not appear to have" - echo "*** because the file extensions .$libext of this argument makes me believe" - echo "*** that it is just a static archive that I should not use here." - else - echo - $ECHO "*** Warning: Linking the shared library $output against the" - $ECHO "*** static library $deplib is not portable!" - deplibs="$deplib $deplibs" - fi - ;; - esac - continue - ;; - prog) - if test "$pass" != link; then - deplibs="$deplib $deplibs" - else - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - fi - continue - ;; - esac # linkmode - ;; # *.$libext - *.lo | *.$objext) - if test "$pass" = conv; then - deplibs="$deplib $deplibs" - elif test "$linkmode" = prog; then - if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then - # If there is no dlopen support or we're linking statically, - # we need to preload. - func_append newdlprefiles " $deplib" - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - func_append newdlfiles " $deplib" - fi - fi - continue - ;; - %DEPLIBS%) - alldeplibs=yes - continue - ;; - esac # case $deplib - - if test "$found" = yes || test -f "$lib"; then : - else - func_fatal_error "cannot find the library \`$lib' or unhandled argument \`$deplib'" - fi - - # Check to see that this really is a libtool archive. - func_lalib_unsafe_p "$lib" \ - || func_fatal_error "\`$lib' is not a valid libtool archive" - - func_dirname "$lib" "" "." - ladir="$func_dirname_result" - - dlname= - dlopen= - dlpreopen= - libdir= - library_names= - old_library= - inherited_linker_flags= - # If the library was installed with an old release of libtool, - # it will not redefine variables installed, or shouldnotlink - installed=yes - shouldnotlink=no - avoidtemprpath= - - - # Read the .la file - func_source "$lib" - - # Convert "-framework foo" to "foo.ltframework" - if test -n "$inherited_linker_flags"; then - tmp_inherited_linker_flags=`$ECHO "$inherited_linker_flags" | $SED 's/-framework \([^ $]*\)/\1.ltframework/g'` - for tmp_inherited_linker_flag in $tmp_inherited_linker_flags; do - case " $new_inherited_linker_flags " in - *" $tmp_inherited_linker_flag "*) ;; - *) func_append new_inherited_linker_flags " $tmp_inherited_linker_flag";; - esac - done - fi - dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - if test "$linkmode,$pass" = "lib,link" || - test "$linkmode,$pass" = "prog,scan" || - { test "$linkmode" != prog && test "$linkmode" != lib; }; then - test -n "$dlopen" && func_append dlfiles " $dlopen" - test -n "$dlpreopen" && func_append dlprefiles " $dlpreopen" - fi - - if test "$pass" = conv; then - # Only check for convenience libraries - deplibs="$lib $deplibs" - if test -z "$libdir"; then - if test -z "$old_library"; then - func_fatal_error "cannot find name of link library for \`$lib'" - fi - # It is a libtool convenience library, so add in its objects. - func_append convenience " $ladir/$objdir/$old_library" - func_append old_convenience " $ladir/$objdir/$old_library" - tmp_libs= - for deplib in $dependency_libs; do - deplibs="$deplib $deplibs" - if $opt_preserve_dup_deps ; then - case "$tmp_libs " in - *" $deplib "*) func_append specialdeplibs " $deplib" ;; - esac - fi - func_append tmp_libs " $deplib" - done - elif test "$linkmode" != prog && test "$linkmode" != lib; then - func_fatal_error "\`$lib' is not a convenience library" - fi - continue - fi # $pass = conv - - - # Get the name of the library we link against. - linklib= - if test -n "$old_library" && - { test "$prefer_static_libs" = yes || - test "$prefer_static_libs,$installed" = "built,no"; }; then - linklib=$old_library - else - for l in $old_library $library_names; do - linklib="$l" - done - fi - if test -z "$linklib"; then - func_fatal_error "cannot find name of link library for \`$lib'" - fi - - # This library was specified with -dlopen. - if test "$pass" = dlopen; then - if test -z "$libdir"; then - func_fatal_error "cannot -dlopen a convenience library: \`$lib'" - fi - if test -z "$dlname" || - test "$dlopen_support" != yes || - test "$build_libtool_libs" = no; then - # If there is no dlname, no dlopen support or we're linking - # statically, we need to preload. We also need to preload any - # dependent libraries so libltdl's deplib preloader doesn't - # bomb out in the load deplibs phase. - func_append dlprefiles " $lib $dependency_libs" - else - func_append newdlfiles " $lib" - fi - continue - fi # $pass = dlopen - - # We need an absolute path. - case $ladir in - [\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;; - *) - abs_ladir=`cd "$ladir" && pwd` - if test -z "$abs_ladir"; then - func_warning "cannot determine absolute directory name of \`$ladir'" - func_warning "passing it literally to the linker, although it might fail" - abs_ladir="$ladir" - fi - ;; - esac - func_basename "$lib" - laname="$func_basename_result" - - # Find the relevant object directory and library name. - if test "X$installed" = Xyes; then - if test ! -f "$lt_sysroot$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then - func_warning "library \`$lib' was moved." - dir="$ladir" - absdir="$abs_ladir" - libdir="$abs_ladir" - else - dir="$lt_sysroot$libdir" - absdir="$lt_sysroot$libdir" - fi - test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes - else - if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then - dir="$ladir" - absdir="$abs_ladir" - # Remove this search path later - func_append notinst_path " $abs_ladir" - else - dir="$ladir/$objdir" - absdir="$abs_ladir/$objdir" - # Remove this search path later - func_append notinst_path " $abs_ladir" - fi - fi # $installed = yes - func_stripname 'lib' '.la' "$laname" - name=$func_stripname_result - - # This library was specified with -dlpreopen. - if test "$pass" = dlpreopen; then - if test -z "$libdir" && test "$linkmode" = prog; then - func_fatal_error "only libraries may -dlpreopen a convenience library: \`$lib'" - fi - case "$host" in - # special handling for platforms with PE-DLLs. - *cygwin* | *mingw* | *cegcc* ) - # Linker will automatically link against shared library if both - # static and shared are present. Therefore, ensure we extract - # symbols from the import library if a shared library is present - # (otherwise, the dlopen module name will be incorrect). We do - # this by putting the import library name into $newdlprefiles. - # We recover the dlopen module name by 'saving' the la file - # name in a special purpose variable, and (later) extracting the - # dlname from the la file. - if test -n "$dlname"; then - func_tr_sh "$dir/$linklib" - eval "libfile_$func_tr_sh_result=\$abs_ladir/\$laname" - func_append newdlprefiles " $dir/$linklib" - else - func_append newdlprefiles " $dir/$old_library" - # Keep a list of preopened convenience libraries to check - # that they are being used correctly in the link pass. - test -z "$libdir" && \ - func_append dlpreconveniencelibs " $dir/$old_library" - fi - ;; - * ) - # Prefer using a static library (so that no silly _DYNAMIC symbols - # are required to link). - if test -n "$old_library"; then - func_append newdlprefiles " $dir/$old_library" - # Keep a list of preopened convenience libraries to check - # that they are being used correctly in the link pass. - test -z "$libdir" && \ - func_append dlpreconveniencelibs " $dir/$old_library" - # Otherwise, use the dlname, so that lt_dlopen finds it. - elif test -n "$dlname"; then - func_append newdlprefiles " $dir/$dlname" - else - func_append newdlprefiles " $dir/$linklib" - fi - ;; - esac - fi # $pass = dlpreopen - - if test -z "$libdir"; then - # Link the convenience library - if test "$linkmode" = lib; then - deplibs="$dir/$old_library $deplibs" - elif test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$dir/$old_library $compile_deplibs" - finalize_deplibs="$dir/$old_library $finalize_deplibs" - else - deplibs="$lib $deplibs" # used for prog,scan pass - fi - continue - fi - - - if test "$linkmode" = prog && test "$pass" != link; then - func_append newlib_search_path " $ladir" - deplibs="$lib $deplibs" - - linkalldeplibs=no - if test "$link_all_deplibs" != no || test -z "$library_names" || - test "$build_libtool_libs" = no; then - linkalldeplibs=yes - fi - - tmp_libs= - for deplib in $dependency_libs; do - case $deplib in - -L*) func_stripname '-L' '' "$deplib" - func_resolve_sysroot "$func_stripname_result" - func_append newlib_search_path " $func_resolve_sysroot_result" - ;; - esac - # Need to link against all dependency_libs? - if test "$linkalldeplibs" = yes; then - deplibs="$deplib $deplibs" - else - # Need to hardcode shared library paths - # or/and link against static libraries - newdependency_libs="$deplib $newdependency_libs" - fi - if $opt_preserve_dup_deps ; then - case "$tmp_libs " in - *" $deplib "*) func_append specialdeplibs " $deplib" ;; - esac - fi - func_append tmp_libs " $deplib" - done # for deplib - continue - fi # $linkmode = prog... - - if test "$linkmode,$pass" = "prog,link"; then - if test -n "$library_names" && - { { test "$prefer_static_libs" = no || - test "$prefer_static_libs,$installed" = "built,yes"; } || - test -z "$old_library"; }; then - # We need to hardcode the library path - if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then - # Make sure the rpath contains only unique directories. - case "$temp_rpath:" in - *"$absdir:"*) ;; - *) func_append temp_rpath "$absdir:" ;; - esac - fi - - # Hardcode the library path. - # Skip directories that are in the system default run-time - # search path. - case " $sys_lib_dlsearch_path " in - *" $absdir "*) ;; - *) - case "$compile_rpath " in - *" $absdir "*) ;; - *) func_append compile_rpath " $absdir" ;; - esac - ;; - esac - case " $sys_lib_dlsearch_path " in - *" $libdir "*) ;; - *) - case "$finalize_rpath " in - *" $libdir "*) ;; - *) func_append finalize_rpath " $libdir" ;; - esac - ;; - esac - fi # $linkmode,$pass = prog,link... - - if test "$alldeplibs" = yes && - { test "$deplibs_check_method" = pass_all || - { test "$build_libtool_libs" = yes && - test -n "$library_names"; }; }; then - # We only need to search for static libraries - continue - fi - fi - - link_static=no # Whether the deplib will be linked statically - use_static_libs=$prefer_static_libs - if test "$use_static_libs" = built && test "$installed" = yes; then - use_static_libs=no - fi - if test -n "$library_names" && - { test "$use_static_libs" = no || test -z "$old_library"; }; then - case $host in - *cygwin* | *mingw* | *cegcc*) - # No point in relinking DLLs because paths are not encoded - func_append notinst_deplibs " $lib" - need_relink=no - ;; - *) - if test "$installed" = no; then - func_append notinst_deplibs " $lib" - need_relink=yes - fi - ;; - esac - # This is a shared library - - # Warn about portability, can't link against -module's on some - # systems (darwin). Don't bleat about dlopened modules though! - dlopenmodule="" - for dlpremoduletest in $dlprefiles; do - if test "X$dlpremoduletest" = "X$lib"; then - dlopenmodule="$dlpremoduletest" - break - fi - done - if test -z "$dlopenmodule" && test "$shouldnotlink" = yes && test "$pass" = link; then - echo - if test "$linkmode" = prog; then - $ECHO "*** Warning: Linking the executable $output against the loadable module" - else - $ECHO "*** Warning: Linking the shared library $output against the loadable module" - fi - $ECHO "*** $linklib is not portable!" - fi - if test "$linkmode" = lib && - test "$hardcode_into_libs" = yes; then - # Hardcode the library path. - # Skip directories that are in the system default run-time - # search path. - case " $sys_lib_dlsearch_path " in - *" $absdir "*) ;; - *) - case "$compile_rpath " in - *" $absdir "*) ;; - *) func_append compile_rpath " $absdir" ;; - esac - ;; - esac - case " $sys_lib_dlsearch_path " in - *" $libdir "*) ;; - *) - case "$finalize_rpath " in - *" $libdir "*) ;; - *) func_append finalize_rpath " $libdir" ;; - esac - ;; - esac - fi - - if test -n "$old_archive_from_expsyms_cmds"; then - # figure out the soname - set dummy $library_names - shift - realname="$1" - shift - libname=`eval "\\$ECHO \"$libname_spec\""` - # use dlname if we got it. it's perfectly good, no? - if test -n "$dlname"; then - soname="$dlname" - elif test -n "$soname_spec"; then - # bleh windows - case $host in - *cygwin* | mingw* | *cegcc*) - func_arith $current - $age - major=$func_arith_result - versuffix="-$major" - ;; - esac - eval soname=\"$soname_spec\" - else - soname="$realname" - fi - - # Make a new name for the extract_expsyms_cmds to use - soroot="$soname" - func_basename "$soroot" - soname="$func_basename_result" - func_stripname 'lib' '.dll' "$soname" - newlib=libimp-$func_stripname_result.a - - # If the library has no export list, then create one now - if test -f "$output_objdir/$soname-def"; then : - else - func_verbose "extracting exported symbol list from \`$soname'" - func_execute_cmds "$extract_expsyms_cmds" 'exit $?' - fi - - # Create $newlib - if test -f "$output_objdir/$newlib"; then :; else - func_verbose "generating import library for \`$soname'" - func_execute_cmds "$old_archive_from_expsyms_cmds" 'exit $?' - fi - # make sure the library variables are pointing to the new library - dir=$output_objdir - linklib=$newlib - fi # test -n "$old_archive_from_expsyms_cmds" - - if test "$linkmode" = prog || test "$opt_mode" != relink; then - add_shlibpath= - add_dir= - add= - lib_linked=yes - case $hardcode_action in - immediate | unsupported) - if test "$hardcode_direct" = no; then - add="$dir/$linklib" - case $host in - *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;; - *-*-sysv4*uw2*) add_dir="-L$dir" ;; - *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \ - *-*-unixware7*) add_dir="-L$dir" ;; - *-*-darwin* ) - # if the lib is a (non-dlopened) module then we can not - # link against it, someone is ignoring the earlier warnings - if /usr/bin/file -L $add 2> /dev/null | - $GREP ": [^:]* bundle" >/dev/null ; then - if test "X$dlopenmodule" != "X$lib"; then - $ECHO "*** Warning: lib $linklib is a module, not a shared library" - if test -z "$old_library" ; then - echo - echo "*** And there doesn't seem to be a static archive available" - echo "*** The link will probably fail, sorry" - else - add="$dir/$old_library" - fi - elif test -n "$old_library"; then - add="$dir/$old_library" - fi - fi - esac - elif test "$hardcode_minus_L" = no; then - case $host in - *-*-sunos*) add_shlibpath="$dir" ;; - esac - add_dir="-L$dir" - add="-l$name" - elif test "$hardcode_shlibpath_var" = no; then - add_shlibpath="$dir" - add="-l$name" - else - lib_linked=no - fi - ;; - relink) - if test "$hardcode_direct" = yes && - test "$hardcode_direct_absolute" = no; then - add="$dir/$linklib" - elif test "$hardcode_minus_L" = yes; then - add_dir="-L$absdir" - # Try looking first in the location we're being installed to. - if test -n "$inst_prefix_dir"; then - case $libdir in - [\\/]*) - func_append add_dir " -L$inst_prefix_dir$libdir" - ;; - esac - fi - add="-l$name" - elif test "$hardcode_shlibpath_var" = yes; then - add_shlibpath="$dir" - add="-l$name" - else - lib_linked=no - fi - ;; - *) lib_linked=no ;; - esac - - if test "$lib_linked" != yes; then - func_fatal_configuration "unsupported hardcode properties" - fi - - if test -n "$add_shlibpath"; then - case :$compile_shlibpath: in - *":$add_shlibpath:"*) ;; - *) func_append compile_shlibpath "$add_shlibpath:" ;; - esac - fi - if test "$linkmode" = prog; then - test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs" - test -n "$add" && compile_deplibs="$add $compile_deplibs" - else - test -n "$add_dir" && deplibs="$add_dir $deplibs" - test -n "$add" && deplibs="$add $deplibs" - if test "$hardcode_direct" != yes && - test "$hardcode_minus_L" != yes && - test "$hardcode_shlibpath_var" = yes; then - case :$finalize_shlibpath: in - *":$libdir:"*) ;; - *) func_append finalize_shlibpath "$libdir:" ;; - esac - fi - fi - fi - - if test "$linkmode" = prog || test "$opt_mode" = relink; then - add_shlibpath= - add_dir= - add= - # Finalize command for both is simple: just hardcode it. - if test "$hardcode_direct" = yes && - test "$hardcode_direct_absolute" = no; then - add="$libdir/$linklib" - elif test "$hardcode_minus_L" = yes; then - add_dir="-L$libdir" - add="-l$name" - elif test "$hardcode_shlibpath_var" = yes; then - case :$finalize_shlibpath: in - *":$libdir:"*) ;; - *) func_append finalize_shlibpath "$libdir:" ;; - esac - add="-l$name" - elif test "$hardcode_automatic" = yes; then - if test -n "$inst_prefix_dir" && - test -f "$inst_prefix_dir$libdir/$linklib" ; then - add="$inst_prefix_dir$libdir/$linklib" - else - add="$libdir/$linklib" - fi - else - # We cannot seem to hardcode it, guess we'll fake it. - add_dir="-L$libdir" - # Try looking first in the location we're being installed to. - if test -n "$inst_prefix_dir"; then - case $libdir in - [\\/]*) - func_append add_dir " -L$inst_prefix_dir$libdir" - ;; - esac - fi - add="-l$name" - fi - - if test "$linkmode" = prog; then - test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs" - test -n "$add" && finalize_deplibs="$add $finalize_deplibs" - else - test -n "$add_dir" && deplibs="$add_dir $deplibs" - test -n "$add" && deplibs="$add $deplibs" - fi - fi - elif test "$linkmode" = prog; then - # Here we assume that one of hardcode_direct or hardcode_minus_L - # is not unsupported. This is valid on all known static and - # shared platforms. - if test "$hardcode_direct" != unsupported; then - test -n "$old_library" && linklib="$old_library" - compile_deplibs="$dir/$linklib $compile_deplibs" - finalize_deplibs="$dir/$linklib $finalize_deplibs" - else - compile_deplibs="-l$name -L$dir $compile_deplibs" - finalize_deplibs="-l$name -L$dir $finalize_deplibs" - fi - elif test "$build_libtool_libs" = yes; then - # Not a shared library - if test "$deplibs_check_method" != pass_all; then - # We're trying link a shared library against a static one - # but the system doesn't support it. - - # Just print a warning and add the library to dependency_libs so - # that the program can be linked against the static library. - echo - $ECHO "*** Warning: This system can not link to static lib archive $lib." - echo "*** I have the capability to make that library automatically link in when" - echo "*** you link to this library. But I can only do this if you have a" - echo "*** shared version of the library, which you do not appear to have." - if test "$module" = yes; then - echo "*** But as you try to build a module library, libtool will still create " - echo "*** a static module, that should work as long as the dlopening application" - echo "*** is linked with the -dlopen flag to resolve symbols at runtime." - if test -z "$global_symbol_pipe"; then - echo - echo "*** However, this would only work if libtool was able to extract symbol" - echo "*** lists from a program, using \`nm' or equivalent, but libtool could" - echo "*** not find such a program. So, this module is probably useless." - echo "*** \`nm' from GNU binutils and a full rebuild may help." - fi - if test "$build_old_libs" = no; then - build_libtool_libs=module - build_old_libs=yes - else - build_libtool_libs=no - fi - fi - else - deplibs="$dir/$old_library $deplibs" - link_static=yes - fi - fi # link shared/static library? - - if test "$linkmode" = lib; then - if test -n "$dependency_libs" && - { test "$hardcode_into_libs" != yes || - test "$build_old_libs" = yes || - test "$link_static" = yes; }; then - # Extract -R from dependency_libs - temp_deplibs= - for libdir in $dependency_libs; do - case $libdir in - -R*) func_stripname '-R' '' "$libdir" - temp_xrpath=$func_stripname_result - case " $xrpath " in - *" $temp_xrpath "*) ;; - *) func_append xrpath " $temp_xrpath";; - esac;; - *) func_append temp_deplibs " $libdir";; - esac - done - dependency_libs="$temp_deplibs" - fi - - func_append newlib_search_path " $absdir" - # Link against this library - test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs" - # ... and its dependency_libs - tmp_libs= - for deplib in $dependency_libs; do - newdependency_libs="$deplib $newdependency_libs" - case $deplib in - -L*) func_stripname '-L' '' "$deplib" - func_resolve_sysroot "$func_stripname_result";; - *) func_resolve_sysroot "$deplib" ;; - esac - if $opt_preserve_dup_deps ; then - case "$tmp_libs " in - *" $func_resolve_sysroot_result "*) - func_append specialdeplibs " $func_resolve_sysroot_result" ;; - esac - fi - func_append tmp_libs " $func_resolve_sysroot_result" - done - - if test "$link_all_deplibs" != no; then - # Add the search paths of all dependency libraries - for deplib in $dependency_libs; do - path= - case $deplib in - -L*) path="$deplib" ;; - *.la) - func_resolve_sysroot "$deplib" - deplib=$func_resolve_sysroot_result - func_dirname "$deplib" "" "." - dir=$func_dirname_result - # We need an absolute path. - case $dir in - [\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;; - *) - absdir=`cd "$dir" && pwd` - if test -z "$absdir"; then - func_warning "cannot determine absolute directory name of \`$dir'" - absdir="$dir" - fi - ;; - esac - if $GREP "^installed=no" $deplib > /dev/null; then - case $host in - *-*-darwin*) - depdepl= - eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` - if test -n "$deplibrary_names" ; then - for tmp in $deplibrary_names ; do - depdepl=$tmp - done - if test -f "$absdir/$objdir/$depdepl" ; then - depdepl="$absdir/$objdir/$depdepl" - darwin_install_name=`${OTOOL} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` - if test -z "$darwin_install_name"; then - darwin_install_name=`${OTOOL64} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` - fi - func_append compiler_flags " ${wl}-dylib_file ${wl}${darwin_install_name}:${depdepl}" - func_append linker_flags " -dylib_file ${darwin_install_name}:${depdepl}" - path= - fi - fi - ;; - *) - path="-L$absdir/$objdir" - ;; - esac - else - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` - test -z "$libdir" && \ - func_fatal_error "\`$deplib' is not a valid libtool archive" - test "$absdir" != "$libdir" && \ - func_warning "\`$deplib' seems to be moved" - - path="-L$absdir" - fi - ;; - esac - case " $deplibs " in - *" $path "*) ;; - *) deplibs="$path $deplibs" ;; - esac - done - fi # link_all_deplibs != no - fi # linkmode = lib - done # for deplib in $libs - if test "$pass" = link; then - if test "$linkmode" = "prog"; then - compile_deplibs="$new_inherited_linker_flags $compile_deplibs" - finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs" - else - compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - fi - fi - dependency_libs="$newdependency_libs" - if test "$pass" = dlpreopen; then - # Link the dlpreopened libraries before other libraries - for deplib in $save_deplibs; do - deplibs="$deplib $deplibs" - done - fi - if test "$pass" != dlopen; then - if test "$pass" != conv; then - # Make sure lib_search_path contains only unique directories. - lib_search_path= - for dir in $newlib_search_path; do - case "$lib_search_path " in - *" $dir "*) ;; - *) func_append lib_search_path " $dir" ;; - esac - done - newlib_search_path= - fi - - if test "$linkmode,$pass" != "prog,link"; then - vars="deplibs" - else - vars="compile_deplibs finalize_deplibs" - fi - for var in $vars dependency_libs; do - # Add libraries to $var in reverse order - eval tmp_libs=\"\$$var\" - new_libs= - for deplib in $tmp_libs; do - # FIXME: Pedantically, this is the right thing to do, so - # that some nasty dependency loop isn't accidentally - # broken: - #new_libs="$deplib $new_libs" - # Pragmatically, this seems to cause very few problems in - # practice: - case $deplib in - -L*) new_libs="$deplib $new_libs" ;; - -R*) ;; - *) - # And here is the reason: when a library appears more - # than once as an explicit dependence of a library, or - # is implicitly linked in more than once by the - # compiler, it is considered special, and multiple - # occurrences thereof are not removed. Compare this - # with having the same library being listed as a - # dependency of multiple other libraries: in this case, - # we know (pedantically, we assume) the library does not - # need to be listed more than once, so we keep only the - # last copy. This is not always right, but it is rare - # enough that we require users that really mean to play - # such unportable linking tricks to link the library - # using -Wl,-lname, so that libtool does not consider it - # for duplicate removal. - case " $specialdeplibs " in - *" $deplib "*) new_libs="$deplib $new_libs" ;; - *) - case " $new_libs " in - *" $deplib "*) ;; - *) new_libs="$deplib $new_libs" ;; - esac - ;; - esac - ;; - esac - done - tmp_libs= - for deplib in $new_libs; do - case $deplib in - -L*) - case " $tmp_libs " in - *" $deplib "*) ;; - *) func_append tmp_libs " $deplib" ;; - esac - ;; - *) func_append tmp_libs " $deplib" ;; - esac - done - eval $var=\"$tmp_libs\" - done # for var - fi - # Last step: remove runtime libs from dependency_libs - # (they stay in deplibs) - tmp_libs= - for i in $dependency_libs ; do - case " $predeps $postdeps $compiler_lib_search_path " in - *" $i "*) - i="" - ;; - esac - if test -n "$i" ; then - func_append tmp_libs " $i" - fi - done - dependency_libs=$tmp_libs - done # for pass - if test "$linkmode" = prog; then - dlfiles="$newdlfiles" - fi - if test "$linkmode" = prog || test "$linkmode" = lib; then - dlprefiles="$newdlprefiles" - fi - - case $linkmode in - oldlib) - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - func_warning "\`-dlopen' is ignored for archives" - fi - - case " $deplibs" in - *\ -l* | *\ -L*) - func_warning "\`-l' and \`-L' are ignored for archives" ;; - esac - - test -n "$rpath" && \ - func_warning "\`-rpath' is ignored for archives" - - test -n "$xrpath" && \ - func_warning "\`-R' is ignored for archives" - - test -n "$vinfo" && \ - func_warning "\`-version-info/-version-number' is ignored for archives" - - test -n "$release" && \ - func_warning "\`-release' is ignored for archives" - - test -n "$export_symbols$export_symbols_regex" && \ - func_warning "\`-export-symbols' is ignored for archives" - - # Now set the variables for building old libraries. - build_libtool_libs=no - oldlibs="$output" - func_append objs "$old_deplibs" - ;; - - lib) - # Make sure we only generate libraries of the form `libNAME.la'. - case $outputname in - lib*) - func_stripname 'lib' '.la' "$outputname" - name=$func_stripname_result - eval shared_ext=\"$shrext_cmds\" - eval libname=\"$libname_spec\" - ;; - *) - test "$module" = no && \ - func_fatal_help "libtool library \`$output' must begin with \`lib'" - - if test "$need_lib_prefix" != no; then - # Add the "lib" prefix for modules if required - func_stripname '' '.la' "$outputname" - name=$func_stripname_result - eval shared_ext=\"$shrext_cmds\" - eval libname=\"$libname_spec\" - else - func_stripname '' '.la' "$outputname" - libname=$func_stripname_result - fi - ;; - esac - - if test -n "$objs"; then - if test "$deplibs_check_method" != pass_all; then - func_fatal_error "cannot build libtool library \`$output' from non-libtool objects on this host:$objs" - else - echo - $ECHO "*** Warning: Linking the shared library $output against the non-libtool" - $ECHO "*** objects $objs is not portable!" - func_append libobjs " $objs" - fi - fi - - test "$dlself" != no && \ - func_warning "\`-dlopen self' is ignored for libtool libraries" - - set dummy $rpath - shift - test "$#" -gt 1 && \ - func_warning "ignoring multiple \`-rpath's for a libtool library" - - install_libdir="$1" - - oldlibs= - if test -z "$rpath"; then - if test "$build_libtool_libs" = yes; then - # Building a libtool convenience library. - # Some compilers have problems with a `.al' extension so - # convenience libraries should have the same extension an - # archive normally would. - oldlibs="$output_objdir/$libname.$libext $oldlibs" - build_libtool_libs=convenience - build_old_libs=yes - fi - - test -n "$vinfo" && \ - func_warning "\`-version-info/-version-number' is ignored for convenience libraries" - - test -n "$release" && \ - func_warning "\`-release' is ignored for convenience libraries" - else - - # Parse the version information argument. - save_ifs="$IFS"; IFS=':' - set dummy $vinfo 0 0 0 - shift - IFS="$save_ifs" - - test -n "$7" && \ - func_fatal_help "too many parameters to \`-version-info'" - - # convert absolute version numbers to libtool ages - # this retains compatibility with .la files and attempts - # to make the code below a bit more comprehensible - - case $vinfo_number in - yes) - number_major="$1" - number_minor="$2" - number_revision="$3" - # - # There are really only two kinds -- those that - # use the current revision as the major version - # and those that subtract age and use age as - # a minor version. But, then there is irix - # which has an extra 1 added just for fun - # - case $version_type in - # correct linux to gnu/linux during the next big refactor - darwin|linux|osf|windows|none) - func_arith $number_major + $number_minor - current=$func_arith_result - age="$number_minor" - revision="$number_revision" - ;; - freebsd-aout|freebsd-elf|qnx|sunos) - current="$number_major" - revision="$number_minor" - age="0" - ;; - irix|nonstopux) - func_arith $number_major + $number_minor - current=$func_arith_result - age="$number_minor" - revision="$number_minor" - lt_irix_increment=no - ;; - *) - func_fatal_configuration "$modename: unknown library version type \`$version_type'" - ;; - esac - ;; - no) - current="$1" - revision="$2" - age="$3" - ;; - esac - - # Check that each of the things are valid numbers. - case $current in - 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; - *) - func_error "CURRENT \`$current' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" - ;; - esac - - case $revision in - 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; - *) - func_error "REVISION \`$revision' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" - ;; - esac - - case $age in - 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; - *) - func_error "AGE \`$age' must be a nonnegative integer" - func_fatal_error "\`$vinfo' is not valid version information" - ;; - esac - - if test "$age" -gt "$current"; then - func_error "AGE \`$age' is greater than the current interface number \`$current'" - func_fatal_error "\`$vinfo' is not valid version information" - fi - - # Calculate the version variables. - major= - versuffix= - verstring= - case $version_type in - none) ;; - - darwin) - # Like Linux, but with the current version available in - # verstring for coding it into the library header - func_arith $current - $age - major=.$func_arith_result - versuffix="$major.$age.$revision" - # Darwin ld doesn't like 0 for these options... - func_arith $current + 1 - minor_current=$func_arith_result - xlcverstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision" - verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" - ;; - - freebsd-aout) - major=".$current" - versuffix=".$current.$revision"; - ;; - - freebsd-elf) - major=".$current" - versuffix=".$current" - ;; - - irix | nonstopux) - if test "X$lt_irix_increment" = "Xno"; then - func_arith $current - $age - else - func_arith $current - $age + 1 - fi - major=$func_arith_result - - case $version_type in - nonstopux) verstring_prefix=nonstopux ;; - *) verstring_prefix=sgi ;; - esac - verstring="$verstring_prefix$major.$revision" - - # Add in all the interfaces that we are compatible with. - loop=$revision - while test "$loop" -ne 0; do - func_arith $revision - $loop - iface=$func_arith_result - func_arith $loop - 1 - loop=$func_arith_result - verstring="$verstring_prefix$major.$iface:$verstring" - done - - # Before this point, $major must not contain `.'. - major=.$major - versuffix="$major.$revision" - ;; - - linux) # correct to gnu/linux during the next big refactor - func_arith $current - $age - major=.$func_arith_result - versuffix="$major.$age.$revision" - ;; - - osf) - func_arith $current - $age - major=.$func_arith_result - versuffix=".$current.$age.$revision" - verstring="$current.$age.$revision" - - # Add in all the interfaces that we are compatible with. - loop=$age - while test "$loop" -ne 0; do - func_arith $current - $loop - iface=$func_arith_result - func_arith $loop - 1 - loop=$func_arith_result - verstring="$verstring:${iface}.0" - done - - # Make executables depend on our current version. - func_append verstring ":${current}.0" - ;; - - qnx) - major=".$current" - versuffix=".$current" - ;; - - sunos) - major=".$current" - versuffix=".$current.$revision" - ;; - - windows) - # Use '-' rather than '.', since we only want one - # extension on DOS 8.3 filesystems. - func_arith $current - $age - major=$func_arith_result - versuffix="-$major" - ;; - - *) - func_fatal_configuration "unknown library version type \`$version_type'" - ;; - esac - - # Clear the version info if we defaulted, and they specified a release. - if test -z "$vinfo" && test -n "$release"; then - major= - case $version_type in - darwin) - # we can't check for "0.0" in archive_cmds due to quoting - # problems, so we reset it completely - verstring= - ;; - *) - verstring="0.0" - ;; - esac - if test "$need_version" = no; then - versuffix= - else - versuffix=".0.0" - fi - fi - - # Remove version info from name if versioning should be avoided - if test "$avoid_version" = yes && test "$need_version" = no; then - major= - versuffix= - verstring="" - fi - - # Check to see if the archive will have undefined symbols. - if test "$allow_undefined" = yes; then - if test "$allow_undefined_flag" = unsupported; then - func_warning "undefined symbols not allowed in $host shared libraries" - build_libtool_libs=no - build_old_libs=yes - fi - else - # Don't allow undefined symbols. - allow_undefined_flag="$no_undefined_flag" - fi - - fi - - func_generate_dlsyms "$libname" "$libname" "yes" - func_append libobjs " $symfileobj" - test "X$libobjs" = "X " && libobjs= - - if test "$opt_mode" != relink; then - # Remove our outputs, but don't remove object files since they - # may have been created when compiling PIC objects. - removelist= - tempremovelist=`$ECHO "$output_objdir/*"` - for p in $tempremovelist; do - case $p in - *.$objext | *.gcno) - ;; - $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*) - if test "X$precious_files_regex" != "X"; then - if $ECHO "$p" | $EGREP -e "$precious_files_regex" >/dev/null 2>&1 - then - continue - fi - fi - func_append removelist " $p" - ;; - *) ;; - esac - done - test -n "$removelist" && \ - func_show_eval "${RM}r \$removelist" - fi - - # Now set the variables for building old libraries. - if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then - func_append oldlibs " $output_objdir/$libname.$libext" - - # Transform .lo files to .o files. - oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; $lo2o" | $NL2SP` - fi - - # Eliminate all temporary directories. - #for path in $notinst_path; do - # lib_search_path=`$ECHO "$lib_search_path " | $SED "s% $path % %g"` - # deplibs=`$ECHO "$deplibs " | $SED "s% -L$path % %g"` - # dependency_libs=`$ECHO "$dependency_libs " | $SED "s% -L$path % %g"` - #done - - if test -n "$xrpath"; then - # If the user specified any rpath flags, then add them. - temp_xrpath= - for libdir in $xrpath; do - func_replace_sysroot "$libdir" - func_append temp_xrpath " -R$func_replace_sysroot_result" - case "$finalize_rpath " in - *" $libdir "*) ;; - *) func_append finalize_rpath " $libdir" ;; - esac - done - if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then - dependency_libs="$temp_xrpath $dependency_libs" - fi - fi - - # Make sure dlfiles contains only unique files that won't be dlpreopened - old_dlfiles="$dlfiles" - dlfiles= - for lib in $old_dlfiles; do - case " $dlprefiles $dlfiles " in - *" $lib "*) ;; - *) func_append dlfiles " $lib" ;; - esac - done - - # Make sure dlprefiles contains only unique files - old_dlprefiles="$dlprefiles" - dlprefiles= - for lib in $old_dlprefiles; do - case "$dlprefiles " in - *" $lib "*) ;; - *) func_append dlprefiles " $lib" ;; - esac - done - - if test "$build_libtool_libs" = yes; then - if test -n "$rpath"; then - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*) - # these systems don't actually have a c library (as such)! - ;; - *-*-rhapsody* | *-*-darwin1.[012]) - # Rhapsody C library is in the System framework - func_append deplibs " System.ltframework" - ;; - *-*-netbsd*) - # Don't link with libc until the a.out ld.so is fixed. - ;; - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) - # Do not include libc due to us having libc/libc_r. - ;; - *-*-sco3.2v5* | *-*-sco5v6*) - # Causes problems with __ctype - ;; - *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) - # Compiler inserts libc in the correct place for threads to work - ;; - *) - # Add libc to deplibs on all other systems if necessary. - if test "$build_libtool_need_lc" = "yes"; then - func_append deplibs " -lc" - fi - ;; - esac - fi - - # Transform deplibs into only deplibs that can be linked in shared. - name_save=$name - libname_save=$libname - release_save=$release - versuffix_save=$versuffix - major_save=$major - # I'm not sure if I'm treating the release correctly. I think - # release should show up in the -l (ie -lgmp5) so we don't want to - # add it in twice. Is that correct? - release="" - versuffix="" - major="" - newdeplibs= - droppeddeps=no - case $deplibs_check_method in - pass_all) - # Don't check for shared/static. Everything works. - # This might be a little naive. We might want to check - # whether the library exists or not. But this is on - # osf3 & osf4 and I'm not really sure... Just - # implementing what was already the behavior. - newdeplibs=$deplibs - ;; - test_compile) - # This code stresses the "libraries are programs" paradigm to its - # limits. Maybe even breaks it. We compile a program, linking it - # against the deplibs as a proxy for the library. Then we can check - # whether they linked in statically or dynamically with ldd. - $opt_dry_run || $RM conftest.c - cat > conftest.c </dev/null` - $nocaseglob - else - potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null` - fi - for potent_lib in $potential_libs; do - # Follow soft links. - if ls -lLd "$potent_lib" 2>/dev/null | - $GREP " -> " >/dev/null; then - continue - fi - # The statement above tries to avoid entering an - # endless loop below, in case of cyclic links. - # We might still enter an endless loop, since a link - # loop can be closed while we follow links, - # but so what? - potlib="$potent_lib" - while test -h "$potlib" 2>/dev/null; do - potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'` - case $potliblink in - [\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";; - *) potlib=`$ECHO "$potlib" | $SED 's,[^/]*$,,'`"$potliblink";; - esac - done - if eval $file_magic_cmd \"\$potlib\" 2>/dev/null | - $SED -e 10q | - $EGREP "$file_magic_regex" > /dev/null; then - func_append newdeplibs " $a_deplib" - a_deplib="" - break 2 - fi - done - done - fi - if test -n "$a_deplib" ; then - droppeddeps=yes - echo - $ECHO "*** Warning: linker path does not have real file for library $a_deplib." - echo "*** I have the capability to make that library automatically link in when" - echo "*** you link to this library. But I can only do this if you have a" - echo "*** shared version of the library, which you do not appear to have" - echo "*** because I did check the linker path looking for a file starting" - if test -z "$potlib" ; then - $ECHO "*** with $libname but no candidates were found. (...for file magic test)" - else - $ECHO "*** with $libname and none of the candidates passed a file format test" - $ECHO "*** using a file magic. Last file checked: $potlib" - fi - fi - ;; - *) - # Add a -L argument. - func_append newdeplibs " $a_deplib" - ;; - esac - done # Gone through all deplibs. - ;; - match_pattern*) - set dummy $deplibs_check_method; shift - match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"` - for a_deplib in $deplibs; do - case $a_deplib in - -l*) - func_stripname -l '' "$a_deplib" - name=$func_stripname_result - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then - case " $predeps $postdeps " in - *" $a_deplib "*) - func_append newdeplibs " $a_deplib" - a_deplib="" - ;; - esac - fi - if test -n "$a_deplib" ; then - libname=`eval "\\$ECHO \"$libname_spec\""` - for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do - potential_libs=`ls $i/$libname[.-]* 2>/dev/null` - for potent_lib in $potential_libs; do - potlib="$potent_lib" # see symlink-check above in file_magic test - if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \ - $EGREP "$match_pattern_regex" > /dev/null; then - func_append newdeplibs " $a_deplib" - a_deplib="" - break 2 - fi - done - done - fi - if test -n "$a_deplib" ; then - droppeddeps=yes - echo - $ECHO "*** Warning: linker path does not have real file for library $a_deplib." - echo "*** I have the capability to make that library automatically link in when" - echo "*** you link to this library. But I can only do this if you have a" - echo "*** shared version of the library, which you do not appear to have" - echo "*** because I did check the linker path looking for a file starting" - if test -z "$potlib" ; then - $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)" - else - $ECHO "*** with $libname and none of the candidates passed a file format test" - $ECHO "*** using a regex pattern. Last file checked: $potlib" - fi - fi - ;; - *) - # Add a -L argument. - func_append newdeplibs " $a_deplib" - ;; - esac - done # Gone through all deplibs. - ;; - none | unknown | *) - newdeplibs="" - tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'` - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then - for i in $predeps $postdeps ; do - # can't use Xsed below, because $i might contain '/' - tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s,$i,,"` - done - fi - case $tmp_deplibs in - *[!\ \ ]*) - echo - if test "X$deplibs_check_method" = "Xnone"; then - echo "*** Warning: inter-library dependencies are not supported in this platform." - else - echo "*** Warning: inter-library dependencies are not known to be supported." - fi - echo "*** All declared inter-library dependencies are being dropped." - droppeddeps=yes - ;; - esac - ;; - esac - versuffix=$versuffix_save - major=$major_save - release=$release_save - libname=$libname_save - name=$name_save - - case $host in - *-*-rhapsody* | *-*-darwin1.[012]) - # On Rhapsody replace the C library with the System framework - newdeplibs=`$ECHO " $newdeplibs" | $SED 's/ -lc / System.ltframework /'` - ;; - esac - - if test "$droppeddeps" = yes; then - if test "$module" = yes; then - echo - echo "*** Warning: libtool could not satisfy all declared inter-library" - $ECHO "*** dependencies of module $libname. Therefore, libtool will create" - echo "*** a static module, that should work as long as the dlopening" - echo "*** application is linked with the -dlopen flag." - if test -z "$global_symbol_pipe"; then - echo - echo "*** However, this would only work if libtool was able to extract symbol" - echo "*** lists from a program, using \`nm' or equivalent, but libtool could" - echo "*** not find such a program. So, this module is probably useless." - echo "*** \`nm' from GNU binutils and a full rebuild may help." - fi - if test "$build_old_libs" = no; then - oldlibs="$output_objdir/$libname.$libext" - build_libtool_libs=module - build_old_libs=yes - else - build_libtool_libs=no - fi - else - echo "*** The inter-library dependencies that have been dropped here will be" - echo "*** automatically added whenever a program is linked with this library" - echo "*** or is declared to -dlopen it." - - if test "$allow_undefined" = no; then - echo - echo "*** Since this library must not contain undefined symbols," - echo "*** because either the platform does not support them or" - echo "*** it was explicitly requested with -no-undefined," - echo "*** libtool will only create a static version of it." - if test "$build_old_libs" = no; then - oldlibs="$output_objdir/$libname.$libext" - build_libtool_libs=module - build_old_libs=yes - else - build_libtool_libs=no - fi - fi - fi - fi - # Done checking deplibs! - deplibs=$newdeplibs - fi - # Time to change all our "foo.ltframework" stuff back to "-framework foo" - case $host in - *-*-darwin*) - newdeplibs=`$ECHO " $newdeplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - new_inherited_linker_flags=`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - deplibs=`$ECHO " $deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - ;; - esac - - # move library search paths that coincide with paths to not yet - # installed libraries to the beginning of the library search list - new_libs= - for path in $notinst_path; do - case " $new_libs " in - *" -L$path/$objdir "*) ;; - *) - case " $deplibs " in - *" -L$path/$objdir "*) - func_append new_libs " -L$path/$objdir" ;; - esac - ;; - esac - done - for deplib in $deplibs; do - case $deplib in - -L*) - case " $new_libs " in - *" $deplib "*) ;; - *) func_append new_libs " $deplib" ;; - esac - ;; - *) func_append new_libs " $deplib" ;; - esac - done - deplibs="$new_libs" - - # All the library-specific variables (install_libdir is set above). - library_names= - old_library= - dlname= - - # Test again, we may have decided not to build it any more - if test "$build_libtool_libs" = yes; then - # Remove ${wl} instances when linking with ld. - # FIXME: should test the right _cmds variable. - case $archive_cmds in - *\$LD\ *) wl= ;; - esac - if test "$hardcode_into_libs" = yes; then - # Hardcode the library paths - hardcode_libdirs= - dep_rpath= - rpath="$finalize_rpath" - test "$opt_mode" != relink && rpath="$compile_rpath$rpath" - for libdir in $rpath; do - if test -n "$hardcode_libdir_flag_spec"; then - if test -n "$hardcode_libdir_separator"; then - func_replace_sysroot "$libdir" - libdir=$func_replace_sysroot_result - if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" - else - # Just accumulate the unique libdirs. - case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in - *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) - ;; - *) - func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" - ;; - esac - fi - else - eval flag=\"$hardcode_libdir_flag_spec\" - func_append dep_rpath " $flag" - fi - elif test -n "$runpath_var"; then - case "$perm_rpath " in - *" $libdir "*) ;; - *) func_append perm_rpath " $libdir" ;; - esac - fi - done - # Substitute the hardcoded libdirs into the rpath. - if test -n "$hardcode_libdir_separator" && - test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" - eval "dep_rpath=\"$hardcode_libdir_flag_spec\"" - fi - if test -n "$runpath_var" && test -n "$perm_rpath"; then - # We should set the runpath_var. - rpath= - for dir in $perm_rpath; do - func_append rpath "$dir:" - done - eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var" - fi - test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs" - fi - - shlibpath="$finalize_shlibpath" - test "$opt_mode" != relink && shlibpath="$compile_shlibpath$shlibpath" - if test -n "$shlibpath"; then - eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var" - fi - - # Get the real and link names of the library. - eval shared_ext=\"$shrext_cmds\" - eval library_names=\"$library_names_spec\" - set dummy $library_names - shift - realname="$1" - shift - - if test -n "$soname_spec"; then - eval soname=\"$soname_spec\" - else - soname="$realname" - fi - if test -z "$dlname"; then - dlname=$soname - fi - - lib="$output_objdir/$realname" - linknames= - for link - do - func_append linknames " $link" - done - - # Use standard objects if they are pic - test -z "$pic_flag" && libobjs=`$ECHO "$libobjs" | $SP2NL | $SED "$lo2o" | $NL2SP` - test "X$libobjs" = "X " && libobjs= - - delfiles= - if test -n "$export_symbols" && test -n "$include_expsyms"; then - $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp" - export_symbols="$output_objdir/$libname.uexp" - func_append delfiles " $export_symbols" - fi - - orig_export_symbols= - case $host_os in - cygwin* | mingw* | cegcc*) - if test -n "$export_symbols" && test -z "$export_symbols_regex"; then - # exporting using user supplied symfile - if test "x`$SED 1q $export_symbols`" != xEXPORTS; then - # and it's NOT already a .def file. Must figure out - # which of the given symbols are data symbols and tag - # them as such. So, trigger use of export_symbols_cmds. - # export_symbols gets reassigned inside the "prepare - # the list of exported symbols" if statement, so the - # include_expsyms logic still works. - orig_export_symbols="$export_symbols" - export_symbols= - always_export_symbols=yes - fi - fi - ;; - esac - - # Prepare the list of exported symbols - if test -z "$export_symbols"; then - if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then - func_verbose "generating symbol list for \`$libname.la'" - export_symbols="$output_objdir/$libname.exp" - $opt_dry_run || $RM $export_symbols - cmds=$export_symbols_cmds - save_ifs="$IFS"; IFS='~' - for cmd1 in $cmds; do - IFS="$save_ifs" - # Take the normal branch if the nm_file_list_spec branch - # doesn't work or if tool conversion is not needed. - case $nm_file_list_spec~$to_tool_file_cmd in - *~func_convert_file_noop | *~func_convert_file_msys_to_w32 | ~*) - try_normal_branch=yes - eval cmd=\"$cmd1\" - func_len " $cmd" - len=$func_len_result - ;; - *) - try_normal_branch=no - ;; - esac - if test "$try_normal_branch" = yes \ - && { test "$len" -lt "$max_cmd_len" \ - || test "$max_cmd_len" -le -1; } - then - func_show_eval "$cmd" 'exit $?' - skipped_export=false - elif test -n "$nm_file_list_spec"; then - func_basename "$output" - output_la=$func_basename_result - save_libobjs=$libobjs - save_output=$output - output=${output_objdir}/${output_la}.nm - func_to_tool_file "$output" - libobjs=$nm_file_list_spec$func_to_tool_file_result - func_append delfiles " $output" - func_verbose "creating $NM input file list: $output" - for obj in $save_libobjs; do - func_to_tool_file "$obj" - $ECHO "$func_to_tool_file_result" - done > "$output" - eval cmd=\"$cmd1\" - func_show_eval "$cmd" 'exit $?' - output=$save_output - libobjs=$save_libobjs - skipped_export=false - else - # The command line is too long to execute in one step. - func_verbose "using reloadable object file for export list..." - skipped_export=: - # Break out early, otherwise skipped_export may be - # set to false by a later but shorter cmd. - break - fi - done - IFS="$save_ifs" - if test -n "$export_symbols_regex" && test "X$skipped_export" != "X:"; then - func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' - func_show_eval '$MV "${export_symbols}T" "$export_symbols"' - fi - fi - fi - - if test -n "$export_symbols" && test -n "$include_expsyms"; then - tmp_export_symbols="$export_symbols" - test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols" - $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' - fi - - if test "X$skipped_export" != "X:" && test -n "$orig_export_symbols"; then - # The given exports_symbols file has to be filtered, so filter it. - func_verbose "filter symbol list for \`$libname.la' to tag DATA exports" - # FIXME: $output_objdir/$libname.filter potentially contains lots of - # 's' commands which not all seds can handle. GNU sed should be fine - # though. Also, the filter scales superlinearly with the number of - # global variables. join(1) would be nice here, but unfortunately - # isn't a blessed tool. - $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter - func_append delfiles " $export_symbols $output_objdir/$libname.filter" - export_symbols=$output_objdir/$libname.def - $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols - fi - - tmp_deplibs= - for test_deplib in $deplibs; do - case " $convenience " in - *" $test_deplib "*) ;; - *) - func_append tmp_deplibs " $test_deplib" - ;; - esac - done - deplibs="$tmp_deplibs" - - if test -n "$convenience"; then - if test -n "$whole_archive_flag_spec" && - test "$compiler_needs_object" = yes && - test -z "$libobjs"; then - # extract the archives, so we have objects to list. - # TODO: could optimize this to just extract one archive. - whole_archive_flag_spec= - fi - if test -n "$whole_archive_flag_spec"; then - save_libobjs=$libobjs - eval libobjs=\"\$libobjs $whole_archive_flag_spec\" - test "X$libobjs" = "X " && libobjs= - else - gentop="$output_objdir/${outputname}x" - func_append generated " $gentop" - - func_extract_archives $gentop $convenience - func_append libobjs " $func_extract_archives_result" - test "X$libobjs" = "X " && libobjs= - fi - fi - - if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then - eval flag=\"$thread_safe_flag_spec\" - func_append linker_flags " $flag" - fi - - # Make a backup of the uninstalled library when relinking - if test "$opt_mode" = relink; then - $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $? - fi - - # Do each of the archive commands. - if test "$module" = yes && test -n "$module_cmds" ; then - if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then - eval test_cmds=\"$module_expsym_cmds\" - cmds=$module_expsym_cmds - else - eval test_cmds=\"$module_cmds\" - cmds=$module_cmds - fi - else - if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then - eval test_cmds=\"$archive_expsym_cmds\" - cmds=$archive_expsym_cmds - else - eval test_cmds=\"$archive_cmds\" - cmds=$archive_cmds - fi - fi - - if test "X$skipped_export" != "X:" && - func_len " $test_cmds" && - len=$func_len_result && - test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then - : - else - # The command line is too long to link in one step, link piecewise - # or, if using GNU ld and skipped_export is not :, use a linker - # script. - - # Save the value of $output and $libobjs because we want to - # use them later. If we have whole_archive_flag_spec, we - # want to use save_libobjs as it was before - # whole_archive_flag_spec was expanded, because we can't - # assume the linker understands whole_archive_flag_spec. - # This may have to be revisited, in case too many - # convenience libraries get linked in and end up exceeding - # the spec. - if test -z "$convenience" || test -z "$whole_archive_flag_spec"; then - save_libobjs=$libobjs - fi - save_output=$output - func_basename "$output" - output_la=$func_basename_result - - # Clear the reloadable object creation command queue and - # initialize k to one. - test_cmds= - concat_cmds= - objlist= - last_robj= - k=1 - - if test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "$with_gnu_ld" = yes; then - output=${output_objdir}/${output_la}.lnkscript - func_verbose "creating GNU ld script: $output" - echo 'INPUT (' > $output - for obj in $save_libobjs - do - func_to_tool_file "$obj" - $ECHO "$func_to_tool_file_result" >> $output - done - echo ')' >> $output - func_append delfiles " $output" - func_to_tool_file "$output" - output=$func_to_tool_file_result - elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then - output=${output_objdir}/${output_la}.lnk - func_verbose "creating linker input file list: $output" - : > $output - set x $save_libobjs - shift - firstobj= - if test "$compiler_needs_object" = yes; then - firstobj="$1 " - shift - fi - for obj - do - func_to_tool_file "$obj" - $ECHO "$func_to_tool_file_result" >> $output - done - func_append delfiles " $output" - func_to_tool_file "$output" - output=$firstobj\"$file_list_spec$func_to_tool_file_result\" - else - if test -n "$save_libobjs"; then - func_verbose "creating reloadable object files..." - output=$output_objdir/$output_la-${k}.$objext - eval test_cmds=\"$reload_cmds\" - func_len " $test_cmds" - len0=$func_len_result - len=$len0 - - # Loop over the list of objects to be linked. - for obj in $save_libobjs - do - func_len " $obj" - func_arith $len + $func_len_result - len=$func_arith_result - if test "X$objlist" = X || - test "$len" -lt "$max_cmd_len"; then - func_append objlist " $obj" - else - # The command $test_cmds is almost too long, add a - # command to the queue. - if test "$k" -eq 1 ; then - # The first file doesn't have a previous command to add. - reload_objs=$objlist - eval concat_cmds=\"$reload_cmds\" - else - # All subsequent reloadable object files will link in - # the last one created. - reload_objs="$objlist $last_robj" - eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\" - fi - last_robj=$output_objdir/$output_la-${k}.$objext - func_arith $k + 1 - k=$func_arith_result - output=$output_objdir/$output_la-${k}.$objext - objlist=" $obj" - func_len " $last_robj" - func_arith $len0 + $func_len_result - len=$func_arith_result - fi - done - # Handle the remaining objects by creating one last - # reloadable object file. All subsequent reloadable object - # files will link in the last one created. - test -z "$concat_cmds" || concat_cmds=$concat_cmds~ - reload_objs="$objlist $last_robj" - eval concat_cmds=\"\${concat_cmds}$reload_cmds\" - if test -n "$last_robj"; then - eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\" - fi - func_append delfiles " $output" - - else - output= - fi - - if ${skipped_export-false}; then - func_verbose "generating symbol list for \`$libname.la'" - export_symbols="$output_objdir/$libname.exp" - $opt_dry_run || $RM $export_symbols - libobjs=$output - # Append the command to create the export file. - test -z "$concat_cmds" || concat_cmds=$concat_cmds~ - eval concat_cmds=\"\$concat_cmds$export_symbols_cmds\" - if test -n "$last_robj"; then - eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\" - fi - fi - - test -n "$save_libobjs" && - func_verbose "creating a temporary reloadable object file: $output" - - # Loop through the commands generated above and execute them. - save_ifs="$IFS"; IFS='~' - for cmd in $concat_cmds; do - IFS="$save_ifs" - $opt_silent || { - func_quote_for_expand "$cmd" - eval "func_echo $func_quote_for_expand_result" - } - $opt_dry_run || eval "$cmd" || { - lt_exit=$? - - # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then - ( cd "$output_objdir" && \ - $RM "${realname}T" && \ - $MV "${realname}U" "$realname" ) - fi - - exit $lt_exit - } - done - IFS="$save_ifs" - - if test -n "$export_symbols_regex" && ${skipped_export-false}; then - func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' - func_show_eval '$MV "${export_symbols}T" "$export_symbols"' - fi - fi - - if ${skipped_export-false}; then - if test -n "$export_symbols" && test -n "$include_expsyms"; then - tmp_export_symbols="$export_symbols" - test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols" - $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' - fi - - if test -n "$orig_export_symbols"; then - # The given exports_symbols file has to be filtered, so filter it. - func_verbose "filter symbol list for \`$libname.la' to tag DATA exports" - # FIXME: $output_objdir/$libname.filter potentially contains lots of - # 's' commands which not all seds can handle. GNU sed should be fine - # though. Also, the filter scales superlinearly with the number of - # global variables. join(1) would be nice here, but unfortunately - # isn't a blessed tool. - $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter - func_append delfiles " $export_symbols $output_objdir/$libname.filter" - export_symbols=$output_objdir/$libname.def - $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols - fi - fi - - libobjs=$output - # Restore the value of output. - output=$save_output - - if test -n "$convenience" && test -n "$whole_archive_flag_spec"; then - eval libobjs=\"\$libobjs $whole_archive_flag_spec\" - test "X$libobjs" = "X " && libobjs= - fi - # Expand the library linking commands again to reset the - # value of $libobjs for piecewise linking. - - # Do each of the archive commands. - if test "$module" = yes && test -n "$module_cmds" ; then - if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then - cmds=$module_expsym_cmds - else - cmds=$module_cmds - fi - else - if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then - cmds=$archive_expsym_cmds - else - cmds=$archive_cmds - fi - fi - fi - - if test -n "$delfiles"; then - # Append the command to remove temporary files to $cmds. - eval cmds=\"\$cmds~\$RM $delfiles\" - fi - - # Add any objects from preloaded convenience libraries - if test -n "$dlprefiles"; then - gentop="$output_objdir/${outputname}x" - func_append generated " $gentop" - - func_extract_archives $gentop $dlprefiles - func_append libobjs " $func_extract_archives_result" - test "X$libobjs" = "X " && libobjs= - fi - - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $opt_silent || { - func_quote_for_expand "$cmd" - eval "func_echo $func_quote_for_expand_result" - } - $opt_dry_run || eval "$cmd" || { - lt_exit=$? - - # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then - ( cd "$output_objdir" && \ - $RM "${realname}T" && \ - $MV "${realname}U" "$realname" ) - fi - - exit $lt_exit - } - done - IFS="$save_ifs" - - # Restore the uninstalled library and exit - if test "$opt_mode" = relink; then - $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $? - - if test -n "$convenience"; then - if test -z "$whole_archive_flag_spec"; then - func_show_eval '${RM}r "$gentop"' - fi - fi - - exit $EXIT_SUCCESS - fi - - # Create links to the real library. - for linkname in $linknames; do - if test "$realname" != "$linkname"; then - func_show_eval '(cd "$output_objdir" && $RM "$linkname" && $LN_S "$realname" "$linkname")' 'exit $?' - fi - done - - # If -module or -export-dynamic was specified, set the dlname. - if test "$module" = yes || test "$export_dynamic" = yes; then - # On all known operating systems, these are identical. - dlname="$soname" - fi - fi - ;; - - obj) - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - func_warning "\`-dlopen' is ignored for objects" - fi - - case " $deplibs" in - *\ -l* | *\ -L*) - func_warning "\`-l' and \`-L' are ignored for objects" ;; - esac - - test -n "$rpath" && \ - func_warning "\`-rpath' is ignored for objects" - - test -n "$xrpath" && \ - func_warning "\`-R' is ignored for objects" - - test -n "$vinfo" && \ - func_warning "\`-version-info' is ignored for objects" - - test -n "$release" && \ - func_warning "\`-release' is ignored for objects" - - case $output in - *.lo) - test -n "$objs$old_deplibs" && \ - func_fatal_error "cannot build library object \`$output' from non-libtool objects" - - libobj=$output - func_lo2o "$libobj" - obj=$func_lo2o_result - ;; - *) - libobj= - obj="$output" - ;; - esac - - # Delete the old objects. - $opt_dry_run || $RM $obj $libobj - - # Objects from convenience libraries. This assumes - # single-version convenience libraries. Whenever we create - # different ones for PIC/non-PIC, this we'll have to duplicate - # the extraction. - reload_conv_objs= - gentop= - # reload_cmds runs $LD directly, so let us get rid of - # -Wl from whole_archive_flag_spec and hope we can get by with - # turning comma into space.. - wl= - - if test -n "$convenience"; then - if test -n "$whole_archive_flag_spec"; then - eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\" - reload_conv_objs=$reload_objs\ `$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'` - else - gentop="$output_objdir/${obj}x" - func_append generated " $gentop" - - func_extract_archives $gentop $convenience - reload_conv_objs="$reload_objs $func_extract_archives_result" - fi - fi - - # If we're not building shared, we need to use non_pic_objs - test "$build_libtool_libs" != yes && libobjs="$non_pic_objects" - - # Create the old-style object. - reload_objs="$objs$old_deplibs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; /\.lib$/d; $lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test - - output="$obj" - func_execute_cmds "$reload_cmds" 'exit $?' - - # Exit if we aren't doing a library object file. - if test -z "$libobj"; then - if test -n "$gentop"; then - func_show_eval '${RM}r "$gentop"' - fi - - exit $EXIT_SUCCESS - fi - - if test "$build_libtool_libs" != yes; then - if test -n "$gentop"; then - func_show_eval '${RM}r "$gentop"' - fi - - # Create an invalid libtool object if no PIC, so that we don't - # accidentally link it into a program. - # $show "echo timestamp > $libobj" - # $opt_dry_run || eval "echo timestamp > $libobj" || exit $? - exit $EXIT_SUCCESS - fi - - if test -n "$pic_flag" || test "$pic_mode" != default; then - # Only do commands if we really have different PIC objects. - reload_objs="$libobjs $reload_conv_objs" - output="$libobj" - func_execute_cmds "$reload_cmds" 'exit $?' - fi - - if test -n "$gentop"; then - func_show_eval '${RM}r "$gentop"' - fi - - exit $EXIT_SUCCESS - ;; - - prog) - case $host in - *cygwin*) func_stripname '' '.exe' "$output" - output=$func_stripname_result.exe;; - esac - test -n "$vinfo" && \ - func_warning "\`-version-info' is ignored for programs" - - test -n "$release" && \ - func_warning "\`-release' is ignored for programs" - - test "$preload" = yes \ - && test "$dlopen_support" = unknown \ - && test "$dlopen_self" = unknown \ - && test "$dlopen_self_static" = unknown && \ - func_warning "\`LT_INIT([dlopen])' not used. Assuming no dlopen support." - - case $host in - *-*-rhapsody* | *-*-darwin1.[012]) - # On Rhapsody replace the C library is the System framework - compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's/ -lc / System.ltframework /'` - finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's/ -lc / System.ltframework /'` - ;; - esac - - case $host in - *-*-darwin*) - # Don't allow lazy linking, it breaks C++ global constructors - # But is supposedly fixed on 10.4 or later (yay!). - if test "$tagname" = CXX ; then - case ${MACOSX_DEPLOYMENT_TARGET-10.0} in - 10.[0123]) - func_append compile_command " ${wl}-bind_at_load" - func_append finalize_command " ${wl}-bind_at_load" - ;; - esac - fi - # Time to change all our "foo.ltframework" stuff back to "-framework foo" - compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` - ;; - esac - - - # move library search paths that coincide with paths to not yet - # installed libraries to the beginning of the library search list - new_libs= - for path in $notinst_path; do - case " $new_libs " in - *" -L$path/$objdir "*) ;; - *) - case " $compile_deplibs " in - *" -L$path/$objdir "*) - func_append new_libs " -L$path/$objdir" ;; - esac - ;; - esac - done - for deplib in $compile_deplibs; do - case $deplib in - -L*) - case " $new_libs " in - *" $deplib "*) ;; - *) func_append new_libs " $deplib" ;; - esac - ;; - *) func_append new_libs " $deplib" ;; - esac - done - compile_deplibs="$new_libs" - - - func_append compile_command " $compile_deplibs" - func_append finalize_command " $finalize_deplibs" - - if test -n "$rpath$xrpath"; then - # If the user specified any rpath flags, then add them. - for libdir in $rpath $xrpath; do - # This is the magic to use -rpath. - case "$finalize_rpath " in - *" $libdir "*) ;; - *) func_append finalize_rpath " $libdir" ;; - esac - done - fi - - # Now hardcode the library paths - rpath= - hardcode_libdirs= - for libdir in $compile_rpath $finalize_rpath; do - if test -n "$hardcode_libdir_flag_spec"; then - if test -n "$hardcode_libdir_separator"; then - if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" - else - # Just accumulate the unique libdirs. - case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in - *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) - ;; - *) - func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" - ;; - esac - fi - else - eval flag=\"$hardcode_libdir_flag_spec\" - func_append rpath " $flag" - fi - elif test -n "$runpath_var"; then - case "$perm_rpath " in - *" $libdir "*) ;; - *) func_append perm_rpath " $libdir" ;; - esac - fi - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) - testbindir=`${ECHO} "$libdir" | ${SED} -e 's*/lib$*/bin*'` - case :$dllsearchpath: in - *":$libdir:"*) ;; - ::) dllsearchpath=$libdir;; - *) func_append dllsearchpath ":$libdir";; - esac - case :$dllsearchpath: in - *":$testbindir:"*) ;; - ::) dllsearchpath=$testbindir;; - *) func_append dllsearchpath ":$testbindir";; - esac - ;; - esac - done - # Substitute the hardcoded libdirs into the rpath. - if test -n "$hardcode_libdir_separator" && - test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" - eval rpath=\" $hardcode_libdir_flag_spec\" - fi - compile_rpath="$rpath" - - rpath= - hardcode_libdirs= - for libdir in $finalize_rpath; do - if test -n "$hardcode_libdir_flag_spec"; then - if test -n "$hardcode_libdir_separator"; then - if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" - else - # Just accumulate the unique libdirs. - case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in - *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) - ;; - *) - func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" - ;; - esac - fi - else - eval flag=\"$hardcode_libdir_flag_spec\" - func_append rpath " $flag" - fi - elif test -n "$runpath_var"; then - case "$finalize_perm_rpath " in - *" $libdir "*) ;; - *) func_append finalize_perm_rpath " $libdir" ;; - esac - fi - done - # Substitute the hardcoded libdirs into the rpath. - if test -n "$hardcode_libdir_separator" && - test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" - eval rpath=\" $hardcode_libdir_flag_spec\" - fi - finalize_rpath="$rpath" - - if test -n "$libobjs" && test "$build_old_libs" = yes; then - # Transform all the library objects into standard objects. - compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP` - finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP` - fi - - func_generate_dlsyms "$outputname" "@PROGRAM@" "no" - - # template prelinking step - if test -n "$prelink_cmds"; then - func_execute_cmds "$prelink_cmds" 'exit $?' - fi - - wrappers_required=yes - case $host in - *cegcc* | *mingw32ce*) - # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway. - wrappers_required=no - ;; - *cygwin* | *mingw* ) - if test "$build_libtool_libs" != yes; then - wrappers_required=no - fi - ;; - *) - if test "$need_relink" = no || test "$build_libtool_libs" != yes; then - wrappers_required=no - fi - ;; - esac - if test "$wrappers_required" = no; then - # Replace the output file specification. - compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'` - link_command="$compile_command$compile_rpath" - - # We have no uninstalled library dependencies, so finalize right now. - exit_status=0 - func_show_eval "$link_command" 'exit_status=$?' - - if test -n "$postlink_cmds"; then - func_to_tool_file "$output" - postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` - func_execute_cmds "$postlink_cmds" 'exit $?' - fi - - # Delete the generated files. - if test -f "$output_objdir/${outputname}S.${objext}"; then - func_show_eval '$RM "$output_objdir/${outputname}S.${objext}"' - fi - - exit $exit_status - fi - - if test -n "$compile_shlibpath$finalize_shlibpath"; then - compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command" - fi - if test -n "$finalize_shlibpath"; then - finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command" - fi - - compile_var= - finalize_var= - if test -n "$runpath_var"; then - if test -n "$perm_rpath"; then - # We should set the runpath_var. - rpath= - for dir in $perm_rpath; do - func_append rpath "$dir:" - done - compile_var="$runpath_var=\"$rpath\$$runpath_var\" " - fi - if test -n "$finalize_perm_rpath"; then - # We should set the runpath_var. - rpath= - for dir in $finalize_perm_rpath; do - func_append rpath "$dir:" - done - finalize_var="$runpath_var=\"$rpath\$$runpath_var\" " - fi - fi - - if test "$no_install" = yes; then - # We don't need to create a wrapper script. - link_command="$compile_var$compile_command$compile_rpath" - # Replace the output file specification. - link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'` - # Delete the old output file. - $opt_dry_run || $RM $output - # Link the executable and exit - func_show_eval "$link_command" 'exit $?' - - if test -n "$postlink_cmds"; then - func_to_tool_file "$output" - postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` - func_execute_cmds "$postlink_cmds" 'exit $?' - fi - - exit $EXIT_SUCCESS - fi - - if test "$hardcode_action" = relink; then - # Fast installation is not supported - link_command="$compile_var$compile_command$compile_rpath" - relink_command="$finalize_var$finalize_command$finalize_rpath" - - func_warning "this platform does not like uninstalled shared libraries" - func_warning "\`$output' will be relinked during installation" - else - if test "$fast_install" != no; then - link_command="$finalize_var$compile_command$finalize_rpath" - if test "$fast_install" = yes; then - relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'` - else - # fast_install is set to needless - relink_command= - fi - else - link_command="$compile_var$compile_command$compile_rpath" - relink_command="$finalize_var$finalize_command$finalize_rpath" - fi - fi - - # Replace the output file specification. - link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'` - - # Delete the old output files. - $opt_dry_run || $RM $output $output_objdir/$outputname $output_objdir/lt-$outputname - - func_show_eval "$link_command" 'exit $?' - - if test -n "$postlink_cmds"; then - func_to_tool_file "$output_objdir/$outputname" - postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` - func_execute_cmds "$postlink_cmds" 'exit $?' - fi - - # Now create the wrapper script. - func_verbose "creating $output" - - # Quote the relink command for shipping. - if test -n "$relink_command"; then - # Preserve any variables that may affect compiler behavior - for var in $variables_saved_for_relink; do - if eval test -z \"\${$var+set}\"; then - relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command" - elif eval var_value=\$$var; test -z "$var_value"; then - relink_command="$var=; export $var; $relink_command" - else - func_quote_for_eval "$var_value" - relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command" - fi - done - relink_command="(cd `pwd`; $relink_command)" - relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` - fi - - # Only actually do things if not in dry run mode. - $opt_dry_run || { - # win32 will think the script is a binary if it has - # a .exe suffix, so we strip it off here. - case $output in - *.exe) func_stripname '' '.exe' "$output" - output=$func_stripname_result ;; - esac - # test for cygwin because mv fails w/o .exe extensions - case $host in - *cygwin*) - exeext=.exe - func_stripname '' '.exe' "$outputname" - outputname=$func_stripname_result ;; - *) exeext= ;; - esac - case $host in - *cygwin* | *mingw* ) - func_dirname_and_basename "$output" "" "." - output_name=$func_basename_result - output_path=$func_dirname_result - cwrappersource="$output_path/$objdir/lt-$output_name.c" - cwrapper="$output_path/$output_name.exe" - $RM $cwrappersource $cwrapper - trap "$RM $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 - - func_emit_cwrapperexe_src > $cwrappersource - - # The wrapper executable is built using the $host compiler, - # because it contains $host paths and files. If cross- - # compiling, it, like the target executable, must be - # executed on the $host or under an emulation environment. - $opt_dry_run || { - $LTCC $LTCFLAGS -o $cwrapper $cwrappersource - $STRIP $cwrapper - } - - # Now, create the wrapper script for func_source use: - func_ltwrapper_scriptname $cwrapper - $RM $func_ltwrapper_scriptname_result - trap "$RM $func_ltwrapper_scriptname_result; exit $EXIT_FAILURE" 1 2 15 - $opt_dry_run || { - # note: this script will not be executed, so do not chmod. - if test "x$build" = "x$host" ; then - $cwrapper --lt-dump-script > $func_ltwrapper_scriptname_result - else - func_emit_wrapper no > $func_ltwrapper_scriptname_result - fi - } - ;; - * ) - $RM $output - trap "$RM $output; exit $EXIT_FAILURE" 1 2 15 - - func_emit_wrapper no > $output - chmod +x $output - ;; - esac - } - exit $EXIT_SUCCESS - ;; - esac - - # See if we need to build an old-fashioned archive. - for oldlib in $oldlibs; do - - if test "$build_libtool_libs" = convenience; then - oldobjs="$libobjs_save $symfileobj" - addlibs="$convenience" - build_libtool_libs=no - else - if test "$build_libtool_libs" = module; then - oldobjs="$libobjs_save" - build_libtool_libs=no - else - oldobjs="$old_deplibs $non_pic_objects" - if test "$preload" = yes && test -f "$symfileobj"; then - func_append oldobjs " $symfileobj" - fi - fi - addlibs="$old_convenience" - fi - - if test -n "$addlibs"; then - gentop="$output_objdir/${outputname}x" - func_append generated " $gentop" - - func_extract_archives $gentop $addlibs - func_append oldobjs " $func_extract_archives_result" - fi - - # Do each command in the archive commands. - if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then - cmds=$old_archive_from_new_cmds - else - - # Add any objects from preloaded convenience libraries - if test -n "$dlprefiles"; then - gentop="$output_objdir/${outputname}x" - func_append generated " $gentop" - - func_extract_archives $gentop $dlprefiles - func_append oldobjs " $func_extract_archives_result" - fi - - # POSIX demands no paths to be encoded in archives. We have - # to avoid creating archives with duplicate basenames if we - # might have to extract them afterwards, e.g., when creating a - # static archive out of a convenience library, or when linking - # the entirety of a libtool archive into another (currently - # not supported by libtool). - if (for obj in $oldobjs - do - func_basename "$obj" - $ECHO "$func_basename_result" - done | sort | sort -uc >/dev/null 2>&1); then - : - else - echo "copying selected object files to avoid basename conflicts..." - gentop="$output_objdir/${outputname}x" - func_append generated " $gentop" - func_mkdir_p "$gentop" - save_oldobjs=$oldobjs - oldobjs= - counter=1 - for obj in $save_oldobjs - do - func_basename "$obj" - objbase="$func_basename_result" - case " $oldobjs " in - " ") oldobjs=$obj ;; - *[\ /]"$objbase "*) - while :; do - # Make sure we don't pick an alternate name that also - # overlaps. - newobj=lt$counter-$objbase - func_arith $counter + 1 - counter=$func_arith_result - case " $oldobjs " in - *[\ /]"$newobj "*) ;; - *) if test ! -f "$gentop/$newobj"; then break; fi ;; - esac - done - func_show_eval "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj" - func_append oldobjs " $gentop/$newobj" - ;; - *) func_append oldobjs " $obj" ;; - esac - done - fi - func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 - tool_oldlib=$func_to_tool_file_result - eval cmds=\"$old_archive_cmds\" - - func_len " $cmds" - len=$func_len_result - if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then - cmds=$old_archive_cmds - elif test -n "$archiver_list_spec"; then - func_verbose "using command file archive linking..." - for obj in $oldobjs - do - func_to_tool_file "$obj" - $ECHO "$func_to_tool_file_result" - done > $output_objdir/$libname.libcmd - func_to_tool_file "$output_objdir/$libname.libcmd" - oldobjs=" $archiver_list_spec$func_to_tool_file_result" - cmds=$old_archive_cmds - else - # the command line is too long to link in one step, link in parts - func_verbose "using piecewise archive linking..." - save_RANLIB=$RANLIB - RANLIB=: - objlist= - concat_cmds= - save_oldobjs=$oldobjs - oldobjs= - # Is there a better way of finding the last object in the list? - for obj in $save_oldobjs - do - last_oldobj=$obj - done - eval test_cmds=\"$old_archive_cmds\" - func_len " $test_cmds" - len0=$func_len_result - len=$len0 - for obj in $save_oldobjs - do - func_len " $obj" - func_arith $len + $func_len_result - len=$func_arith_result - func_append objlist " $obj" - if test "$len" -lt "$max_cmd_len"; then - : - else - # the above command should be used before it gets too long - oldobjs=$objlist - if test "$obj" = "$last_oldobj" ; then - RANLIB=$save_RANLIB - fi - test -z "$concat_cmds" || concat_cmds=$concat_cmds~ - eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\" - objlist= - len=$len0 - fi - done - RANLIB=$save_RANLIB - oldobjs=$objlist - if test "X$oldobjs" = "X" ; then - eval cmds=\"\$concat_cmds\" - else - eval cmds=\"\$concat_cmds~\$old_archive_cmds\" - fi - fi - fi - func_execute_cmds "$cmds" 'exit $?' - done - - test -n "$generated" && \ - func_show_eval "${RM}r$generated" - - # Now create the libtool archive. - case $output in - *.la) - old_library= - test "$build_old_libs" = yes && old_library="$libname.$libext" - func_verbose "creating $output" - - # Preserve any variables that may affect compiler behavior - for var in $variables_saved_for_relink; do - if eval test -z \"\${$var+set}\"; then - relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command" - elif eval var_value=\$$var; test -z "$var_value"; then - relink_command="$var=; export $var; $relink_command" - else - func_quote_for_eval "$var_value" - relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command" - fi - done - # Quote the link command for shipping. - relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" - relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` - if test "$hardcode_automatic" = yes ; then - relink_command= - fi - - # Only create the output if not a dry run. - $opt_dry_run || { - for installed in no yes; do - if test "$installed" = yes; then - if test -z "$install_libdir"; then - break - fi - output="$output_objdir/$outputname"i - # Replace all uninstalled libtool libraries with the installed ones - newdependency_libs= - for deplib in $dependency_libs; do - case $deplib in - *.la) - func_basename "$deplib" - name="$func_basename_result" - func_resolve_sysroot "$deplib" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` - test -z "$libdir" && \ - func_fatal_error "\`$deplib' is not a valid libtool archive" - func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name" - ;; - -L*) - func_stripname -L '' "$deplib" - func_replace_sysroot "$func_stripname_result" - func_append newdependency_libs " -L$func_replace_sysroot_result" - ;; - -R*) - func_stripname -R '' "$deplib" - func_replace_sysroot "$func_stripname_result" - func_append newdependency_libs " -R$func_replace_sysroot_result" - ;; - *) func_append newdependency_libs " $deplib" ;; - esac - done - dependency_libs="$newdependency_libs" - newdlfiles= - - for lib in $dlfiles; do - case $lib in - *.la) - func_basename "$lib" - name="$func_basename_result" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` - test -z "$libdir" && \ - func_fatal_error "\`$lib' is not a valid libtool archive" - func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name" - ;; - *) func_append newdlfiles " $lib" ;; - esac - done - dlfiles="$newdlfiles" - newdlprefiles= - for lib in $dlprefiles; do - case $lib in - *.la) - # Only pass preopened files to the pseudo-archive (for - # eventual linking with the app. that links it) if we - # didn't already link the preopened objects directly into - # the library: - func_basename "$lib" - name="$func_basename_result" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` - test -z "$libdir" && \ - func_fatal_error "\`$lib' is not a valid libtool archive" - func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name" - ;; - esac - done - dlprefiles="$newdlprefiles" - else - newdlfiles= - for lib in $dlfiles; do - case $lib in - [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; - *) abs=`pwd`"/$lib" ;; - esac - func_append newdlfiles " $abs" - done - dlfiles="$newdlfiles" - newdlprefiles= - for lib in $dlprefiles; do - case $lib in - [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; - *) abs=`pwd`"/$lib" ;; - esac - func_append newdlprefiles " $abs" - done - dlprefiles="$newdlprefiles" - fi - $RM $output - # place dlname in correct position for cygwin - # In fact, it would be nice if we could use this code for all target - # systems that can't hard-code library paths into their executables - # and that have no shared library path variable independent of PATH, - # but it turns out we can't easily determine that from inspecting - # libtool variables, so we have to hard-code the OSs to which it - # applies here; at the moment, that means platforms that use the PE - # object format with DLL files. See the long comment at the top of - # tests/bindir.at for full details. - tdlname=$dlname - case $host,$output,$installed,$module,$dlname in - *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll) - # If a -bindir argument was supplied, place the dll there. - if test "x$bindir" != x ; - then - func_relative_path "$install_libdir" "$bindir" - tdlname=$func_relative_path_result$dlname - else - # Otherwise fall back on heuristic. - tdlname=../bin/$dlname - fi - ;; - esac - $ECHO > $output "\ -# $outputname - a libtool library file -# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# The name that we can dlopen(3). -dlname='$tdlname' - -# Names of this library. -library_names='$library_names' - -# The name of the static archive. -old_library='$old_library' - -# Linker flags that can not go in dependency_libs. -inherited_linker_flags='$new_inherited_linker_flags' - -# Libraries that this one depends upon. -dependency_libs='$dependency_libs' - -# Names of additional weak libraries provided by this library -weak_library_names='$weak_libs' - -# Version information for $libname. -current=$current -age=$age -revision=$revision - -# Is this an already installed library? -installed=$installed - -# Should we warn about portability when linking against -modules? -shouldnotlink=$module - -# Files to dlopen/dlpreopen -dlopen='$dlfiles' -dlpreopen='$dlprefiles' - -# Directory that this library needs to be installed in: -libdir='$install_libdir'" - if test "$installed" = no && test "$need_relink" = yes; then - $ECHO >> $output "\ -relink_command=\"$relink_command\"" - fi - done - } - - # Do a symbolic link so that the libtool archive can be found in - # LD_LIBRARY_PATH before the program is installed. - func_show_eval '( cd "$output_objdir" && $RM "$outputname" && $LN_S "../$outputname" "$outputname" )' 'exit $?' - ;; - esac - exit $EXIT_SUCCESS -} - -{ test "$opt_mode" = link || test "$opt_mode" = relink; } && - func_mode_link ${1+"$@"} - - -# func_mode_uninstall arg... -func_mode_uninstall () -{ - $opt_debug - RM="$nonopt" - files= - rmforce= - exit_status=0 - - # This variable tells wrapper scripts just to set variables rather - # than running their programs. - libtool_install_magic="$magic" - - for arg - do - case $arg in - -f) func_append RM " $arg"; rmforce=yes ;; - -*) func_append RM " $arg" ;; - *) func_append files " $arg" ;; - esac - done - - test -z "$RM" && \ - func_fatal_help "you must specify an RM program" - - rmdirs= - - for file in $files; do - func_dirname "$file" "" "." - dir="$func_dirname_result" - if test "X$dir" = X.; then - odir="$objdir" - else - odir="$dir/$objdir" - fi - func_basename "$file" - name="$func_basename_result" - test "$opt_mode" = uninstall && odir="$dir" - - # Remember odir for removal later, being careful to avoid duplicates - if test "$opt_mode" = clean; then - case " $rmdirs " in - *" $odir "*) ;; - *) func_append rmdirs " $odir" ;; - esac - fi - - # Don't error if the file doesn't exist and rm -f was used. - if { test -L "$file"; } >/dev/null 2>&1 || - { test -h "$file"; } >/dev/null 2>&1 || - test -f "$file"; then - : - elif test -d "$file"; then - exit_status=1 - continue - elif test "$rmforce" = yes; then - continue - fi - - rmfiles="$file" - - case $name in - *.la) - # Possibly a libtool archive, so verify it. - if func_lalib_p "$file"; then - func_source $dir/$name - - # Delete the libtool libraries and symlinks. - for n in $library_names; do - func_append rmfiles " $odir/$n" - done - test -n "$old_library" && func_append rmfiles " $odir/$old_library" - - case "$opt_mode" in - clean) - case " $library_names " in - *" $dlname "*) ;; - *) test -n "$dlname" && func_append rmfiles " $odir/$dlname" ;; - esac - test -n "$libdir" && func_append rmfiles " $odir/$name $odir/${name}i" - ;; - uninstall) - if test -n "$library_names"; then - # Do each command in the postuninstall commands. - func_execute_cmds "$postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1' - fi - - if test -n "$old_library"; then - # Do each command in the old_postuninstall commands. - func_execute_cmds "$old_postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1' - fi - # FIXME: should reinstall the best remaining shared library. - ;; - esac - fi - ;; - - *.lo) - # Possibly a libtool object, so verify it. - if func_lalib_p "$file"; then - - # Read the .lo file - func_source $dir/$name - - # Add PIC object to the list of files to remove. - if test -n "$pic_object" && - test "$pic_object" != none; then - func_append rmfiles " $dir/$pic_object" - fi - - # Add non-PIC object to the list of files to remove. - if test -n "$non_pic_object" && - test "$non_pic_object" != none; then - func_append rmfiles " $dir/$non_pic_object" - fi - fi - ;; - - *) - if test "$opt_mode" = clean ; then - noexename=$name - case $file in - *.exe) - func_stripname '' '.exe' "$file" - file=$func_stripname_result - func_stripname '' '.exe' "$name" - noexename=$func_stripname_result - # $file with .exe has already been added to rmfiles, - # add $file without .exe - func_append rmfiles " $file" - ;; - esac - # Do a test to see if this is a libtool program. - if func_ltwrapper_p "$file"; then - if func_ltwrapper_executable_p "$file"; then - func_ltwrapper_scriptname "$file" - relink_command= - func_source $func_ltwrapper_scriptname_result - func_append rmfiles " $func_ltwrapper_scriptname_result" - else - relink_command= - func_source $dir/$noexename - fi - - # note $name still contains .exe if it was in $file originally - # as does the version of $file that was added into $rmfiles - func_append rmfiles " $odir/$name $odir/${name}S.${objext}" - if test "$fast_install" = yes && test -n "$relink_command"; then - func_append rmfiles " $odir/lt-$name" - fi - if test "X$noexename" != "X$name" ; then - func_append rmfiles " $odir/lt-${noexename}.c" - fi - fi - fi - ;; - esac - func_show_eval "$RM $rmfiles" 'exit_status=1' - done - - # Try to remove the ${objdir}s in the directories where we deleted files - for dir in $rmdirs; do - if test -d "$dir"; then - func_show_eval "rmdir $dir >/dev/null 2>&1" - fi - done - - exit $exit_status -} - -{ test "$opt_mode" = uninstall || test "$opt_mode" = clean; } && - func_mode_uninstall ${1+"$@"} - -test -z "$opt_mode" && { - help="$generic_help" - func_fatal_help "you must specify a MODE" -} - -test -z "$exec_cmd" && \ - func_fatal_help "invalid operation mode \`$opt_mode'" - -if test -n "$exec_cmd"; then - eval exec "$exec_cmd" - exit $EXIT_FAILURE -fi - -exit $exit_status - - -# The TAGs below are defined such that we never get into a situation -# in which we disable both kinds of libraries. Given conflicting -# choices, we go for a static library, that is the most portable, -# since we can't tell whether shared libraries were disabled because -# the user asked for that or because the platform doesn't support -# them. This is particularly important on AIX, because we don't -# support having both static and shared libraries enabled at the same -# time on that platform, so we default to a shared-only configuration. -# If a disable-shared tag is given, we'll fallback to a static-only -# configuration. But we'll never go from static-only to shared-only. - -# ### BEGIN LIBTOOL TAG CONFIG: disable-shared -build_libtool_libs=no -build_old_libs=yes -# ### END LIBTOOL TAG CONFIG: disable-shared - -# ### BEGIN LIBTOOL TAG CONFIG: disable-static -build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac` -# ### END LIBTOOL TAG CONFIG: disable-static - -# Local Variables: -# mode:shell-script -# sh-indentation:2 -# End: -# vi:sw=2 - diff --git a/man/.gitignore b/man/.gitignore new file mode 100644 index 00000000..a5a91a95 --- /dev/null +++ b/man/.gitignore @@ -0,0 +1,8 @@ +.xml2po.mo +config.xml +generate_mans.deps + +*.[0-9] + +/po/POTFILES +/po/stamp-po diff --git a/man/Makefile.in b/man/Makefile.in deleted file mode 100644 index 63ec15de..00000000 --- a/man/Makefile.in +++ /dev/null @@ -1,1052 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@ENABLE_SUBIDS_TRUE@am__append_2 = $(man_subids) -@USE_PAM_TRUE@am__append_3 = $(man_nopam) -@ENABLE_SUBIDS_FALSE@am__append_4 = $(man_subids) -DIST_COMMON = $(srcdir)/generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am $(srcdir)/config.xml.in -subdir = man -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = config.xml -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ - ctags-recursive dvi-recursive html-recursive info-recursive \ - install-data-recursive install-dvi-recursive \ - install-exec-recursive install-html-recursive \ - install-info-recursive install-pdf-recursive \ - install-ps-recursive install-recursive installcheck-recursive \ - installdirs-recursive pdf-recursive ps-recursive \ - tags-recursive uninstall-recursive -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -am__recursive_targets = \ - $(RECURSIVE_TARGETS) \ - $(RECURSIVE_CLEAN_TARGETS) \ - $(am__extra_recursive_targets) -AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ - distdir -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = po cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr \ - zh_CN zh_TW -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -am__relativize = \ - dir0=`pwd`; \ - sed_first='s,^\([^/]*\)/.*$$,\1,'; \ - sed_rest='s,^[^/]*/*,,'; \ - sed_last='s,^.*/\([^/]*\)$$,\1,'; \ - sed_butlast='s,/*[^/]*$$,,'; \ - while test -n "$$dir1"; do \ - first=`echo "$$dir1" | sed -e "$$sed_first"`; \ - if test "$$first" != "."; then \ - if test "$$first" = ".."; then \ - dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ - dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ - else \ - first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ - if test "$$first2" = "$$first"; then \ - dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ - else \ - dir2="../$$dir2"; \ - fi; \ - dir0="$$dir0"/"$$first"; \ - fi; \ - fi; \ - dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ - done; \ - reldir="$$dir2" -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -@USE_NLS_FALSE@SUBDIRS = - -# subdirectories for translated manual pages -@USE_NLS_TRUE@SUBDIRS = po cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW -man_MANS = man1/chage.1 man1/chfn.1 man8/chgpasswd.8 man8/chpasswd.8 \ - man1/chsh.1 man1/expiry.1 man5/faillog.5 man8/faillog.8 \ - man3/getspnam.3 man1/gpasswd.1 man8/groupadd.8 man8/groupdel.8 \ - man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ - man8/grpconv.8 man8/grpunconv.8 man5/gshadow.5 man8/lastlog.8 \ - man1/login.1 man5/login.defs.5 man8/logoutd.8 man1/newgrp.1 \ - man8/newusers.8 man8/nologin.8 man1/passwd.1 man5/passwd.5 \ - man8/pwck.8 man8/pwconv.8 man8/pwunconv.8 man1/sg.1 \ - man3/shadow.3 man5/shadow.5 man1/su.1 man5/suauth.5 \ - man8/useradd.8 man8/userdel.8 man8/usermod.8 man8/vigr.8 \ - man8/vipw.8 $(am__append_1) $(am__append_2) -man_nopam = \ - man5/limits.5 \ - man5/login.access.5 \ - man5/porttime.5 - -man_subids = \ - man1/newgidmap.1 \ - man1/newuidmap.1 \ - man5/subgid.5 \ - man5/subuid.5 - -man_XMANS = \ - chage.1.xml \ - chfn.1.xml \ - chgpasswd.8.xml \ - chpasswd.8.xml \ - chsh.1.xml \ - expiry.1.xml \ - faillog.5.xml \ - faillog.8.xml \ - gpasswd.1.xml \ - groupadd.8.xml \ - groupdel.8.xml \ - groupmems.8.xml \ - groupmod.8.xml \ - groups.1.xml \ - grpck.8.xml \ - gshadow.5.xml \ - lastlog.8.xml \ - limits.5.xml \ - login.1.xml \ - login.access.5.xml \ - login.defs.5.xml \ - logoutd.8.xml \ - newgidmap.1.xml \ - newgrp.1.xml \ - newuidmap.1.xml \ - newusers.8.xml \ - nologin.8.xml \ - passwd.1.xml \ - passwd.5.xml \ - porttime.5.xml \ - pwck.8.xml \ - pwconv.8.xml \ - shadow.3.xml \ - shadow.5.xml \ - sg.1.xml \ - su.1.xml \ - suauth.5.xml \ - subgid.5.xml \ - subuid.5.xml \ - useradd.8.xml \ - userdel.8.xml \ - usermod.8.xml \ - vipw.8.xml - -login_defs_v = \ - CHFN_AUTH.xml \ - CHFN_RESTRICT.xml \ - CHSH_AUTH.xml \ - CONSOLE.xml \ - CONSOLE_GROUPS.xml \ - CREATE_HOME.xml \ - DEFAULT_HOME.xml \ - ENCRYPT_METHOD.xml \ - ENV_HZ.xml \ - ENVIRON_FILE.xml \ - ENV_PATH.xml \ - ENV_SUPATH.xml \ - ENV_TZ.xml \ - ERASECHAR.xml \ - FAIL_DELAY.xml \ - FAILLOG_ENAB.xml \ - FAKE_SHELL.xml \ - FTMP_FILE.xml \ - GID_MAX.xml \ - HUSHLOGIN_FILE.xml \ - ISSUE_FILE.xml \ - KILLCHAR.xml \ - LASTLOG_ENAB.xml \ - LOGIN_RETRIES.xml \ - LOGIN_STRING.xml \ - LOGIN_TIMEOUT.xml \ - LOG_OK_LOGINS.xml \ - LOG_UNKFAIL_ENAB.xml \ - MAIL_CHECK_ENAB.xml \ - MAIL_DIR.xml \ - MAX_MEMBERS_PER_GROUP.xml \ - MD5_CRYPT_ENAB.xml \ - MOTD_FILE.xml \ - NOLOGINS_FILE.xml \ - OBSCURE_CHECKS_ENAB.xml \ - PASS_ALWAYS_WARN.xml \ - PASS_CHANGE_TRIES.xml \ - PASS_MAX_DAYS.xml \ - PASS_MAX_LEN.xml \ - PASS_MIN_DAYS.xml \ - PASS_WARN_AGE.xml \ - PORTTIME_CHECKS_ENAB.xml \ - QUOTAS_ENAB.xml \ - SHA_CRYPT_MIN_ROUNDS.xml \ - SULOG_FILE.xml \ - SU_NAME.xml \ - SU_WHEEL_ONLY.xml \ - SYSLOG_SG_ENAB.xml \ - SYSLOG_SU_ENAB.xml \ - TCB_AUTH_GROUP.xml \ - TCB_SYMLINKS.xml \ - TTYGROUP.xml \ - TTYTYPE_FILE.xml \ - UID_MAX.xml \ - ULIMIT.xml \ - UMASK.xml \ - USERDEL_CMD.xml \ - USERGROUPS_ENAB.xml \ - USE_TCB.xml \ - SUB_GID_COUNT.xml \ - SUB_UID_COUNT.xml \ - SYS_GID_MAX.xml \ - SYS_UID_MAX.xml - -EXTRA_DIST = $(man_MANS) $(man_XMANS) $(addprefix \ - login.defs.d/,$(login_defs_v)) man1/id.1 id.1.xml \ - man8/sulogin.8 sulogin.8.xml generate_mans.mak \ - generate_translations.mak $(am__append_3) $(am__append_4) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -@ENABLE_REGENERATE_MAN_TRUE@CLEANFILES = $(man_MANS) man1/id.1 man8/sulogin.8 -all: all-recursive - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): -config.xml: $(top_builddir)/config.status $(srcdir)/config.xml.in - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man3: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man3dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.3[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ - done; } - -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man3dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.3[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) - -# This directory's subdirectories are mostly independent; you can cd -# into them and run 'make' without going through this Makefile. -# To change the values of 'make' variables: instead of editing Makefiles, -# (1) if the variable is set in 'config.status', edit 'config.status' -# (which will cause the Makefiles to be regenerated when you run 'make'); -# (2) otherwise, pass the desired values on the 'make' command line. -$(am__recursive_targets): - @fail=; \ - if $(am__make_keepgoing); then \ - failcom='fail=yes'; \ - else \ - failcom='exit 1'; \ - fi; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-recursive -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-recursive - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscopelist: cscopelist-recursive - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done - @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - $(am__make_dryrun) \ - || test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ - $(am__relativize); \ - new_distdir=$$reldir; \ - dir1=$$subdir; dir2="$(top_distdir)"; \ - $(am__relativize); \ - new_top_distdir=$$reldir; \ - echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ - echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ - ($(am__cd) $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$new_top_distdir" \ - distdir="$$new_distdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - am__skip_mode_fix=: \ - distdir) \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-recursive -all-am: Makefile $(MANS) -installdirs: installdirs-recursive -installdirs-am: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-recursive - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -html-am: - -info: info-recursive - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-recursive - -install-dvi-am: - -install-exec-am: - -install-html: install-html-recursive - -install-html-am: - -install-info: install-info-recursive - -install-info-am: - -install-man: install-man1 install-man3 install-man5 install-man8 - -install-pdf: install-pdf-recursive - -install-pdf-am: - -install-ps: install-ps-recursive - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ - uninstall-man8 - -.MAKE: $(am__recursive_targets) install-am install-strip - -.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \ - check-am clean clean-generic clean-libtool clean-local \ - cscopelist-am ctags ctags-am distclean distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-man1 install-man3 \ - install-man5 install-man8 install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man3 \ - uninstall-man5 uninstall-man8 - - -generate_mans.deps: *.xml - echo "# This file is generated" > $@ - awk 'BEGIN{FS="\"";} /^$$/{ f=FILENAME; sub(/.xml/,"",f); print "man" substr(f, length (f)) "/" f ": " $$2 }' $(man_XMANS) >> $@ - -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_REGENERATE_MAN_TRUE@include generate_mans.deps - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^/%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(/\1 [%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -@ENABLE_REGENERATE_MAN_FALSE@$(man_MANS): -@ENABLE_REGENERATE_MAN_FALSE@ @echo "" -@ENABLE_REGENERATE_MAN_FALSE@ @echo "Error: you need to run configure with '--enable-man'" -@ENABLE_REGENERATE_MAN_FALSE@ @echo " in order to regenerate man pages." -@ENABLE_REGENERATE_MAN_FALSE@ @echo "" -@ENABLE_REGENERATE_MAN_FALSE@ @false - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/chgpasswd.8.xml b/man/chgpasswd.8.xml index 88a64095..cd616873 100644 --- a/man/chgpasswd.8.xml +++ b/man/chgpasswd.8.xml @@ -92,7 +92,7 @@ The default encryption algorithm can be defined for the system with the variable of /etc/login.defs, - and can be overwiten with the , + and can be overwritten with the , , or options. diff --git a/man/chpasswd.8.xml b/man/chpasswd.8.xml index 31238d97..19ef36e7 100644 --- a/man/chpasswd.8.xml +++ b/man/chpasswd.8.xml @@ -98,7 +98,7 @@ The default encryption algorithm can be defined for the system with the or variables of - /etc/login.defs, and can be overwitten with the + /etc/login.defs, and can be overwritten with the , , or options. @@ -112,7 +112,7 @@ Except when PAM is used to encrypt the passwords, chpasswd first updates all the passwords in memory, and then commits all the changes to disk if no - errors occured for any user. + errors occurred for any user. When PAM is used to encrypt the passwords (and update the passwords in diff --git a/man/cs/Makefile.in b/man/cs/Makefile.in deleted file mode 100644 index f11e6864..00000000 --- a/man/cs/Makefile.in +++ /dev/null @@ -1,647 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/cs -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/cs -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = \ - man1/expiry.1 \ - man5/faillog.5 \ - man8/faillog.8 \ - man1/gpasswd.1 \ - man8/groupadd.8 \ - man8/groupdel.8 \ - man8/groupmod.8 \ - man1/groups.1 \ - man8/grpck.8 \ - man5/gshadow.5 \ - man8/lastlog.8 \ - man8/nologin.8 \ - man5/passwd.5 \ - man5/shadow.5 \ - man1/su.1 \ - man8/vipw.8 - -EXTRA_DIST = $(man_MANS) \ - man1/id.1 \ - man8/groupmems.8 \ - man8/logoutd.8 - -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/cs/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/cs/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man5 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man5 \ - uninstall-man8 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/da/Makefile.in b/man/da/Makefile.in deleted file mode 100644 index a7bd4ca8..00000000 --- a/man/da/Makefile.in +++ /dev/null @@ -1,685 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@USE_PAM_TRUE@am__append_2 = $(man_nopam) -DIST_COMMON = $(srcdir)/../generate_translations.mak \ - $(srcdir)/../generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am -subdir = man/da -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/da -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ - -# 2012.01.28 - activate manpages with more than 50% translated messages -man_MANS = man1/chfn.1 man8/groupdel.8 man1/groups.1 man5/gshadow.5 \ - man8/logoutd.8 man1/newgrp.1 man8/nologin.8 man1/sg.1 \ - man8/vigr.8 man8/vipw.8 $(am__append_1) -man_nopam = -EXTRA_DIST = $(man_MANS) man1/id.1 $(am__append_2) -LANG = $(notdir $(CURDIR)) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/da/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/da/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-am - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - clean-local cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man5 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man5 \ - uninstall-man8 - - -@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in -@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml -@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml ../po/$(LANG).po -@ENABLE_REGENERATE_MAN_TRUE@ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@ -@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^:\1 lang="$(LANG)">:' $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^/%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(/\1 [%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/da/man1/chfn.1 b/man/da/man1/chfn.1 deleted file mode 100644 index 4233a876..00000000 --- a/man/da/man1/chfn.1 +++ /dev/null @@ -1,162 +0,0 @@ -'\" t -.\" Title: chfn -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "CHFN" "1" "09/05/2014" "shadow\-utils 4\&.2" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -chfn \- change real user name and information -.SH "SYNOPSIS" -.HP \w'\fBchfn\fR\ 'u -\fBchfn\fR [\fItilvalg\fR] [\fILOGIND\fR] -.SH "BESKRIVELSE" -.PP -The -\fBchfn\fR -command changes user fullname, office room number, office phone number, and home phone number information for a user\*(Aqs account\&. This information is typically printed by -\fBfinger\fR(1) -and similar programs\&. A normal user may only change the fields for her own account, subject to the restrictions in -/etc/login\&.defs\&. (The default configuration is to prevent users from changing their fullname\&.) The superuser may change any field for any account\&. Additionally, only the superuser may use the -\fB\-o\fR -option to change the undefined portions of the GECOS field\&. -.PP -These fields must not contain any colons\&. Except for the -\fIother\fR -field, they should not contain any comma or equal sign\&. It is also recommended to avoid non\-US\-ASCII characters, but this is only enforced for the phone numbers\&. The -\fIother\fR -field is used to store accounting information used by other applications\&. -.SH "TILVALG" -.PP -Tilvalgende som g\(aelder for kommandoen -\fBchfn\fR -er: -.PP -\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fINAVN\fR -.RS 4 -\(AEndr brugerens navn\&. -.RE -.PP -\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fITELEFONNUMMER\fR -.RS 4 -\(AEndr brugerens telefonnummer\&. -.RE -.PP -\fB\-o\fR, \fB\-\-other\fR\ \&\fIANDEN\fR -.RS 4 -\(AEndr brugerens anden GECOS\-information\&. Dette felt bruges til at gemme kontoinformation brugt af andre programmer, og kan kun \(aendres af en superbruger\&. -.RE -.PP -\fB\-r\fR, \fB\-\-room\fR\ \&\fIV\(AERELSESNUMMER\fR -.RS 4 -\(AEndr brugerens v\(aerelsesnummer\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Brug \(aendringer i mappen -\fICHROOT_DIR\fR -og brug konfigurationsfilerne fra mappen -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-help\fR -.RS 4 -Vis hj\(aelpeteksten og afslut\&. -.RE -.PP -\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fIARBEJDSTELEFON\fR -.RS 4 -\(AEndr brugerens arbejdsnummer\&. -.RE -.PP -If none of the options are selected, -\fBchfn\fR -operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of -\fB[ ]\fR -marks\&. Without options, -\fBchfn\fR -prompts for the current user account\&. -.SH "KONFIGURATION" -.PP -De f\(/olgende konfigurationsvariabler i -/etc/login\&.defs -\(aendrer opf\(/orelsen for dette v\(aerkt\(/oj: -.PP -\fBCHFN_AUTH\fR (boolesk) -.RS 4 -If -\fIyes\fR, the -\fBchfn\fR -program will require authentication before making any changes, unless run by the superuser\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (string) -.RS 4 -This parameter specifies which values in the -\fIgecos\fR -field of the -/etc/passwd -file may be changed by regular users using the -\fBchfn\fR -program\&. It can be any combination of letters -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR, for Full name, Room number, Work phone, and Home phone, respectively\&. For backward compatibility, -\fIyes\fR -is equivalent to -\fIrwh\fR -and -\fIno\fR -is equivalent to -\fIfrwh\fR\&. If not specified, only the superuser can make any changes\&. The most restrictive setting is better achieved by not installing -\fBchfn\fR -SUID\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will not be translated\&. -.sp -If the string contains -\fI%s\fR, this will be replaced by the user\*(Aqs name\&. -.RE -.SH "FILER" -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.PP -/etc/passwd -.RS 4 -Information om brugerkonto\&. -.RE -.SH "SE OGS\(oA" -.PP -\fBchsh\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/da/man1/groups.1 b/man/da/man1/groups.1 deleted file mode 100644 index 096d341c..00000000 --- a/man/da/man1/groups.1 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "GROUPS" "1" "09/05/2014" "shadow\-utils 4\&.2" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -groups \- vis aktuelle gruppenavne -.SH "SYNOPSIS" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIbruger\fR] -.SH "BESKRIVELSE" -.PP -The -\fBgroups\fR -command displays the current group names or ID values\&. If the value does not have a corresponding entry in -/etc/group, the value will be displayed as the numerical group value\&. The optional -\fIuser\fR -parameter will display the groups for the named -\fIuser\fR\&. -.SH "NOTE" -.PP -Systems which do not support concurrent group sets will have the information from -/etc/group -reported\&. The user must use -\fBnewgrp\fR -or -\fBsg\fR -to change his current real and effective group ID\&. -.SH "FILER" -.PP -/etc/group -.RS 4 -Information om gruppekonto\&. -.RE -.SH "SE OGS\(oA" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/da/man1/id.1 b/man/da/man1/id.1 deleted file mode 100644 index a321d6d3..00000000 --- a/man/da/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "ID" "1" "09/05/2014" "shadow\-utils 4\&.2" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -id \- display current user and group ID names -.SH "SYNOPSIS" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "BESKRIVELSE" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "FILER" -.PP -/etc/group -.RS 4 -Information om gruppekonto\&. -.RE -.PP -/etc/passwd -.RS 4 -Information om brugerkonto\&. -.RE -.SH "SE OGS\(oA" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/da/man1/newgrp.1 b/man/da/man1/newgrp.1 deleted file mode 100644 index b2b81603..00000000 --- a/man/da/man1/newgrp.1 +++ /dev/null @@ -1,98 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "NEWGRP" "1" "09/05/2014" "shadow\-utils 4\&.2" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -newgrp \- log ind p\(oa en ny gruppe -.SH "SYNOPSIS" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIgroup\fR] -.SH "BESKRIVELSE" -.PP -Kommandoen -\fBnewgrp\fR -bruges til at \(aendre den aktuelle grupp\-id under en logindsession\&. Hvis det valgfrie flag -\fB\-\fR -er angivet, s\(oa vil brugerens milj\(/o blive geninitialiseres som om at brugeren havde logget ind, ellers bevares det aktuelle milj\(/o, inklusiv aktuel arbejdsmappe, u\(aendret\&. -.PP -\fBnewgrp\fR -changes the current real group ID to the named group, or to the default group listed in -/etc/passwd -if no group name is given\&. -\fBnewgrp\fR -also tries to add the group to the user groupset\&. If not root, the user will be prompted for a password if she does not have a password (in -/etc/shadow -if this user has an entry in the shadowed password file, or in -/etc/passwd -otherwise) and the group does, or if the user is not listed as a member and the group has a password\&. The user will be denied access if the group password is empty and the user is not listed as a member\&. -.PP -If there is an entry for this group in -/etc/gshadow, then the list of members and the password of this group will be taken from this file, otherwise, the entry in -/etc/group -is considered\&. -.SH "KONFIGURATION" -.PP -De f\(/olgende konfigurationsvariabler i -/etc/login\&.defs -\(aendrer opf\(/orelsen for dette v\(aerkt\(/oj: -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Information om brugerkonto\&. -.RE -.PP -/etc/shadow -.RS 4 -Information om sikret brugerkonto\&. -.RE -.PP -/etc/group -.RS 4 -Information om gruppekonto\&. -.RE -.PP -/etc/gshadow -.RS 4 -Information om sikret gruppekonto\&. -.RE -.SH "SE OGS\(oA" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/da/man1/sg.1 b/man/da/man1/sg.1 deleted file mode 100644 index 2971890d..00000000 --- a/man/da/man1/sg.1 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "SG" "1" "09/05/2014" "shadow\-utils 4\&.2" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -sg \- execute command as different group ID -.SH "SYNOPSIS" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [group\ [\-c\ ]\ command] -.SH "BESKRIVELSE" -.PP -The -\fBsg\fR -command works similar to -\fBnewgrp\fR -but accepts a command\&. The command will be executed with the -/bin/sh -shell\&. With most shells you may run -\fBsg\fR -from, you need to enclose multi\-word commands in quotes\&. Another difference between -\fBnewgrp\fR -and -\fBsg\fR -is that some shells treat -\fBnewgrp\fR -specially, replacing themselves with a new instance of a shell that -\fBnewgrp\fR -creates\&. This doesn\*(Aqt happen with -\fBsg\fR, so upon exit from a -\fBsg\fR -command you are returned to your previous group ID\&. -.SH "KONFIGURATION" -.PP -De f\(/olgende konfigurationsvariabler i -/etc/login\&.defs -\(aendrer opf\(/orelsen for dette v\(aerkt\(/oj: -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Information om brugerkonto\&. -.RE -.PP -/etc/shadow -.RS 4 -Information om sikret brugerkonto\&. -.RE -.PP -/etc/group -.RS 4 -Information om gruppekonto\&. -.RE -.PP -/etc/gshadow -.RS 4 -Information om sikret gruppekonto\&. -.RE -.SH "SE OGS\(oA" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/da/man5/gshadow.5 b/man/da/man5/gshadow.5 deleted file mode 100644 index 8d04005c..00000000 --- a/man/da/man5/gshadow.5 +++ /dev/null @@ -1,101 +0,0 @@ -'\" t -.\" Title: gshadow -.\" Author: Nicolas Fran\(,cois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "GSHADOW" "5" "09/05/2014" "shadow\-utils 4\&.2" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -gshadow \- shadowed group file -.SH "BESKRIVELSE" -.PP -/etc/gshadow -contains the shadowed information for group accounts\&. -.PP -This file must not be readable by regular users if password security is to be maintained\&. -.PP -Each line of this file contains the following colon\-separated fields: -.PP -\fBgruppenavn\fR -.RS 4 -Det skal v\(aere et gyldigt gruppenavn, som findes p\(oa systemet\&. -.RE -.PP -\fBencrypted password\fR -.RS 4 -Refer to -\fBcrypt\fR(3) -for details on how this string is interpreted\&. -.sp -If the password field contains some string that is not a valid result of -\fBcrypt\fR(3), for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password)\&. -.sp -The password is used when an user who is not a member of the group wants to gain the permissions of this group (see -\fBnewgrp\fR(1))\&. -.sp -This field may be empty, in which case only the group members can gain the group permissions\&. -.sp -A password field which starts with a exclamation mark means that the password is locked\&. The remaining characters on the line represent the password field before the password was locked\&. -.sp -This password supersedes any password specified in -/etc/group\&. -.RE -.PP -\fBadministratorer\fR -.RS 4 -Det skal v\(aere en kommaadskilt liste af brugernavne\&. -.sp -Administratorer kan \(aendre adgangskoden eller medlemmerne af gruppen\&. -.sp -Administratorer har ogs\(oa de samme rettigheder som medlemmerne (se nedenfor)\&. -.RE -.PP -\fBmedlemmer\fR -.RS 4 -Det skal v\(aere en kommaadskilt liste af brugernavne\&. -.sp -Medlemmer kan tilg\(oa gruppen uden at blive spurgt efter en adgangskode\&. -.sp -Du skal bruge den samme liste over brugere som i -/etc/group\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Information om gruppekonto\&. -.RE -.PP -/etc/gshadow -.RS 4 -Information om sikret gruppekonto\&. -.RE -.SH "SE OGS\(oA" -.PP -\fBgpasswd\fR(5), -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBgrpconv\fR(8), -\fBnewgrp\fR(1)\&. diff --git a/man/da/man8/groupdel.8 b/man/da/man8/groupdel.8 deleted file mode 100644 index 0234d080..00000000 --- a/man/da/man8/groupdel.8 +++ /dev/null @@ -1,135 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Kommandoer for systemh\(oandtering -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "GROUPDEL" "8" "09/05/2014" "shadow\-utils 4\&.2" "Kommandoer for systemh\(oandterin" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -groupdel \- slet en gruppe -.SH "SYNOPSIS" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fItilvalg\fR] \fIGRUPPE\fR -.SH "BESKRIVELSE" -.PP -The -\fBgroupdel\fR -command modifies the system account files, deleting all entries that refer to -\fIGROUP\fR\&. The named group must exist\&. -.SH "TILVALG" -.PP -Tilvalgene som g\(aelder for kommandoen -\fBgroupdel\fR -er: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Vis hj\(aelpeteksten og afslut\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Brug \(aendringer i mappen -\fICHROOT_DIR\fR -og brug konfigurationsfilerne fra mappen -\fICHROOT_DIR\fR\&. -.RE -.SH "CAVEATS" -.PP -De kan ikke fjerne den prim\(aere gruppe for en eksisterende bruger\&. Du skal fjerne brugeren f\(/or du fjerner gruppen\&. -.PP -Du skal manuelt kontrollere alle filsystemer for at sikre dig, at ingen filer fortsat er ejet af denne gruppe\&. -.SH "KONFIGURATION" -.PP -De f\(/olgende konfigurationsvariabler i -/etc/login\&.defs -\(aendrer opf\(/orelsen for dette v\(aerkt\(/oj: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Information om gruppekonto\&. -.RE -.PP -/etc/gshadow -.RS 4 -Information om sikret gruppekonto\&. -.RE -.SH "EXIT VALUES" -.PP -Kommandoen -\fBgroupdel\fR -findes med de f\(/olgende v\(aerdier: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI2\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI6\fR -.RS 4 -angivet gruppe findes ikke -.RE -.PP -\fI8\fR -.RS 4 -Kan ikke fjerne brugers prim\(aere gruppe -.RE -.PP -\fI10\fR -.RS 4 -can\*(Aqt update group file -.RE -.SH "SE OGS\(oA" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/da/man8/logoutd.8 b/man/da/man8/logoutd.8 deleted file mode 100644 index 3c2afb50..00000000 --- a/man/da/man8/logoutd.8 +++ /dev/null @@ -1,57 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Kommandoer for systemh\(oandtering -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "LOGOUTD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Kommandoer for systemh\(oandterin" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -logoutd \- p\(oatving restriktioner for logindperiode -.SH "SYNOPSIS" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "BESKRIVELSE" -.PP -\fBlogoutd\fR -enforces the login time and port restrictions specified in -/etc/porttime\&. -\fBlogoutd\fR -should be started from -/etc/rc\&. The -/var/run/utmp -file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time\&. Any login session which is violating the restrictions in -/etc/porttime -is terminated\&. -.SH "FILER" -.PP -/etc/porttime -.RS 4 -File containing port access\&. -.RE -.PP -/var/run/utmp -.RS 4 -Liste over aktuelle logindsessioner\&. -.RE diff --git a/man/da/man8/nologin.8 b/man/da/man8/nologin.8 deleted file mode 100644 index 60169f09..00000000 --- a/man/da/man8/nologin.8 +++ /dev/null @@ -1,51 +0,0 @@ -'\" t -.\" Title: nologin -.\" Author: Nicolas Fran\(,cois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Kommandoer for systemh\(oandtering -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "NOLOGIN" "8" "09/05/2014" "shadow\-utils 4\&.2" "Kommandoer for systemh\(oandterin" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -nologin \- n\(aegt venligt et logind -.SH "SYNOPSIS" -.HP \w'\fBnologin\fR\ 'u -\fBnologin\fR -.SH "BESKRIVELSE" -.PP -The -\fBnologin\fR -command displays a message that an account is not available and exits non\-zero\&. It is intended as a replacement shell field for accounts that have been disabled\&. -.PP -To disable all logins, investigate -\fBnologin\fR(5)\&. -.SH "SE OGS\(oA" -.PP -\fBlogin\fR(1), -\fBnologin\fR(5)\&. -.SH "HISTORIK" -.PP -Kommandoen -\fBnologin\fR -fremkom i BSD 4\&.4\&. diff --git a/man/da/man8/vipw.8 b/man/da/man8/vipw.8 deleted file mode 100644 index ad554fb1..00000000 --- a/man/da/man8/vipw.8 +++ /dev/null @@ -1,135 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Kommandoer for systemh\(oandtering -.\" Source: shadow-utils 4.2 -.\" Language: Danish -.\" -.TH "VIPW" "8" "09/05/2014" "shadow\-utils 4\&.2" "Kommandoer for systemh\(oandterin" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAVN" -vipw, vigr \- rediger adgangskoden, gruppe, shadow\-adgangskode\- eller shadow\-gruppe\-fil -.SH "SYNOPSIS" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fItilvalg\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fItilvalg\fR] -.SH "BESKRIVELSE" -.PP -Kommandoerne -\fBvipw\fR -og -\fBvigr\fR -redigerer filerne -/etc/passwd -og -/etc/group, respektivt\&. Med flaget -\fB\-s\fR -vil de redigere versionerne for Shadow for disse filer, -/etc/shadow -og -/etc/gshadow, respektivt\&. Programmerne vil s\(aette de passende l\(oase for at forhindre fil\(/odel\(aeggelse\&. N\(oar der kigges efter et redigerngsprogram, s\(oa vil programmet \(/ofrst fors\(/oge med milj\(/ovariablen -\fB$VISUAL\fR, derefter milj\(/ovariablen -\fB$EDITOR\fR, og endelig standardredigeringsprogrammet, -\fBvi\fR(1)\&. -.SH "TILVALG" -.PP -Tilvalgene som g\(aelder for kommandoerne -\fBvipw\fR -og -\fBvigr\fR -er: -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -Rediger gruppedatabase\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Vis hj\(aelpeteksten og afslut\&. -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -Rediger passwd\-database\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Stille tilstand\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Brug \(aendringer i mappen -\fICHROOT_DIR\fR -og brug konfigurationsfilerne fra mappen -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -Rediger shadow\- eller gshadow\-database\&. -.RE -.SH "MILJ\(/O" -.PP -\fBVISUEL\fR -.RS 4 -Redigeringsprogram der skal bruges\&. -.RE -.PP -\fBREDIGERINGSPROGRAM\fR -.RS 4 -Redigeringsprogram der skal bruges hvis -\fBVISUAL\fR -ikke er angivet\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Information om gruppekonto\&. -.RE -.PP -/etc/gshadow -.RS 4 -Information om sikret gruppekonto\&. -.RE -.PP -/etc/passwd -.RS 4 -Information om brugerkonto\&. -.RE -.PP -/etc/shadow -.RS 4 -Information om sikret brugerkonto\&. -.RE -.SH "SE OGS\(oA" -.PP -\fBvi\fR(1), -\fBgruppe\fR(5), -\fBgshadow\fR(5), -\fBpasswd\fR(5), , -\fBshadow\fR(5)\&. diff --git a/man/de/Makefile.in b/man/de/Makefile.in deleted file mode 100644 index 2c02e490..00000000 --- a/man/de/Makefile.in +++ /dev/null @@ -1,740 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@USE_PAM_TRUE@am__append_2 = $(man_nopam) -DIST_COMMON = $(srcdir)/../generate_translations.mak \ - $(srcdir)/../generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am -subdir = man/de -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/de -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = man1/chage.1 man1/chfn.1 man8/chgpasswd.8 man8/chpasswd.8 \ - man1/chsh.1 man1/expiry.1 man5/faillog.5 man8/faillog.8 \ - man3/getspnam.3 man1/gpasswd.1 man8/groupadd.8 man8/groupdel.8 \ - man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ - man8/grpconv.8 man8/grpunconv.8 man5/gshadow.5 man8/lastlog.8 \ - man1/login.1 man5/login.defs.5 man8/logoutd.8 man1/newgrp.1 \ - man8/newusers.8 man8/nologin.8 man1/passwd.1 man5/passwd.5 \ - man8/pwck.8 man8/pwconv.8 man8/pwunconv.8 man1/sg.1 \ - man3/shadow.3 man5/shadow.5 man1/su.1 man5/suauth.5 \ - man8/useradd.8 man8/userdel.8 man8/usermod.8 man8/vigr.8 \ - man8/vipw.8 $(am__append_1) -man_nopam = \ - man5/limits.5 \ - man5/login.access.5 \ - man5/porttime.5 - -EXTRA_DIST = $(man_MANS) man1/id.1 man8/sulogin.8 $(am__append_2) -LANG = $(notdir $(CURDIR)) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/de/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/de/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man3: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man3dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.3[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ - done; } - -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man3dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.3[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-am - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man3 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ - uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - clean-local cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man3 install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-man3 uninstall-man5 uninstall-man8 - - -@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in -@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml -@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml ../po/$(LANG).po -@ENABLE_REGENERATE_MAN_TRUE@ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@ -@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^:\1 lang="$(LANG)">:' $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^/%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(/\1 [%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/de/man1/chage.1 b/man/de/man1/chage.1 deleted file mode 100644 index 8b18caa0..00000000 --- a/man/de/man1/chage.1 +++ /dev/null @@ -1,183 +0,0 @@ -'\" t -.\" Title: chage -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "CHAGE" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chage \- \(:andert die Information zum Passwortverfall -.SH "\(:UBERSICHT" -.HP \w'\fBchage\fR\ 'u -\fBchage\fR [\fIOptionen\fR] \fIANMELDENAME\fR -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBchage\fR -ver\(:andert die Anzahl der Tage zwischen dem letzten Wechsel des Passworts und dem n\(:achsten Wechsel\&. Mit dieser Information bestimmt das System, wann ein Benutzer sein Passwort ver\(:andern muss\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBchage\fR -unterst\(:utzt werden, sind: -.PP -\fB\-d\fR, \fB\-\-lastday\fR\ \&\fILETZTER_TAG\fR -.RS 4 -Legt die Anzahl der Tage, gerechnet ab dem 1\&. Januar 1970, fest, seit denen das Passwort das letzte Mal gewechselt wurde\&. Das Datum kann auch im Format JJJJ\-MM\-TT (oder in dem Format, das in Ihrer Region verbreitet ist) angegeben werden\&. -.RE -.PP -\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIVERFALLSDATUM\fR -.RS 4 -Setzt das Datum oder die Anzahl der Tage seit dem 1\&. Januar 1970, ab dem auf das Benutzerkonto nicht mehr zugegriffen werden kann\&. Das Datum kann auch im Format JJJJ\-MM\-TT (oder in dem Format, das in Ihrer Region verbreitet ist) angegeben werden\&. Ein Benutzer, dessen Konto gesperrt ist, muss sich mit dem Systemadministrator in Verbindung setzen, ehe er sich wieder am System anmelden kann\&. -.sp -Wenn -\fI\-1\fR -als -\fIVERFALLSDATUM\fR -angegeben wird, wird das Verfallsdatum f\(:ur das Konto entfernt\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIINAKTIV\fR -.RS 4 -Legt die Anzahl der Tage der Unt\(:atigkeit fest, nach denen ein Passwort abgelaufen ist, bevor das Konto gesperrt wird\&. Die Option -\fIINAKTIV\fR -bezeichnet die Anzahl der Tage, f\(:ur die das Konto inaktiv ist\&. Ein Benutzer, dessen Konto gesperrt ist, muss sich mit dem Systemadministrator in Verbindung setzen, ehe er sich wieder am System anmelden kann\&. -.sp -Wenn -\fI\-1\fR -als -\fIINAKTIV\fR -angegeben wird, wird die \(:Uberwachung der fehlenden Verwendung des Kontos entfernt\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -zeigt Informationen zur Kontoalterung an -.RE -.PP -\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_TAGE\fR -.RS 4 -Setzt die Anzahl von Tagen, die mindestens zwischen zwei \(:Anderungen eines Passworts vergehen m\(:ussen, auf -\fIMIN_TAGE\fR\&. Ein Wert von Null in diesem Feld bedeutet, dass der Benutzer sein Passwort jederzeit \(:andern darf\&. -.RE -.PP -\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_TAGE\fR -.RS 4 -Bestimmt die maximale Anzahl von Tagen, die das Passwort g\(:ultig bleibt\&. Wenn -\fIMAX_TAGE\fR -plus -\fILETZTER_TAG\fR -\(:alter als das aktuelle Datum ist, muss der Benutzer sein Passwort \(:andern, ehe er sein Konto benutzen kann\&. Mit der Option -\fB\-W\fR -werden die Benutzer vor dem drohenden Verfall ihres Passworts gewarnt\&. -.sp -Wenn -\fI\-1\fR -als -\fIMAX_TAGE\fR -angegeben wird, wird der Passwortverfall entfernt\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIWARN_TAGE\fR -.RS 4 -Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erh\(:alt, bevor sein Passwort ge\(:andert werden muss\&. Die Option -\fIWARN_TAGE\fR -bezeichnet die Anzahl der Tage, f\(:ur die ein Benutzer vor Verfall seines Passworts gewarnt wird\&. -.RE -.PP -Wenn keine Option ausgew\(:ahlt wird, arbeitet -\fBchage\fR -interaktiv\&. Dabei wird der Benutzer nach den aktuellen Werten f\(:ur alle Felder befragt\&. Bei Eingabe eines neuen Wertes wird dieser verwendet, bei Eingabe einer Leerzeile stattdessen der Originalwert beibehalten\&. Der aktuelle Wert wird zwischen einem Paar von -\fB[ ]\fR -angezeigt\&. -.SH "ANMERKUNGEN" -.PP -F\(:ur das Programm -\fBchage\fR -ist es notwendig, dass eine Shadow\-Passwort\-Datei vorhanden ist\&. -.PP -Der Befehl -\fBchage\fR -kann nur von Root ausgef\(:uhrt werden\&. Alle anderen Benutzer k\(:onnen nur die Option -\fB\-l\fR -verwenden, um die Verfallsdaten f\(:ur ihr Konto einzusehen\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBchage\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI1\fR -.RS 4 -Berechtigung verweigert -.RE -.PP -\fI2\fR -.RS 4 -unzul\(:assige Syntax f\(:ur diesen Befehl -.RE -.PP -\fI15\fR -.RS 4 -Eine Shadow\-Passwort\-Datei kann nicht gefunden werden\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/de/man1/chfn.1 b/man/de/man1/chfn.1 deleted file mode 100644 index 99ac8b9a..00000000 --- a/man/de/man1/chfn.1 +++ /dev/null @@ -1,161 +0,0 @@ -'\" t -.\" Title: chfn -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "CHFN" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chfn \- \(:andert den vollst\(:andigen Namen eines Benutzers und sonstige Informationen -.SH "\(:UBERSICHT" -.HP \w'\fBchfn\fR\ 'u -\fBchfn\fR [\fIOptionen\fR] [\fIANMELDENAME\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBchfn\fR -\(:andert den vollst\(:andigen Namen, die B\(:urozimmernummer sowie die berufliche und private Telefonnummer f\(:ur ein Benutzerkonto\&. Diese Informationen werden typischerweise von -\fBfinger\fR(1) -und \(:ahnlichen Programmen verwendet\&. Ein normaler Benutzer darf nur die Felder seines eigenen Kontos \(:andern und muss dabei zudem die Einschr\(:ankungen in -/etc/login\&.defs -beachten\&. So ist es Benutzern standardm\(:a\(ssig nicht m\(:oglich, ihren vollst\(:andigen Namen zu \(:andern\&. Root kann die Felder aller Konten ver\(:andern\&. Au\(sserdem darf nur Root mittels der Option -\fB\-o\fR -die undefinierten Teile des GECOS\-Feldes \(:andern\&. -.PP -Diese Felder d\(:urfen keinen Doppelpunkt enthalten\&. Mit Ausnahme des Feldes -\fIsonstiges\fR -sollten sie kein Komma oder Gleichheitszeichen enthalten\&. Au\(sserdem wird abgeraten, andere Zeichen als US\-ASCII zu verwenden, aber nur f\(:ur die Telefonnummern ist dies zwingend\&. Das Feld -\fIsonstiges\fR -wird von anderen Anwendungen verwendet, um dort Informationen \(:uber das Konto abzuspeichern\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBchfn\fR -unterst\(:utzt werden, sind: -.PP -\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fIVOLLST\(:ANDIGER_NAME\fR -.RS 4 -ver\(:andert den vollst\(:andigen Namen des Benutzers -.RE -.PP -\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fITEL_PRIV\fR -.RS 4 -\(:andert die private Telefonnummer des Benutzers -.RE -.PP -\fB\-o\fR, \fB\-\-other\fR\ \&\fISONSTIGES\fR -.RS 4 -Ver\(:andert die sonstigen Informationen \(:uber den Benutzer in der GECOS\-Zeile\&. In diesem Feld werden Kontoinformationen anderer Anwendungen gespeichert\&. Es kann nur vom Superuser ver\(:andert werden\&. -.RE -.PP -\fB\-r\fR, \fB\-\-room\fR\ \&\fIZIMMER_NUMMER\fR -.RS 4 -\(:andert die Zimmernummer des Benutzers -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-u\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fITEL_BERUF\fR -.RS 4 -ver\(:andert die berufliche Telefonnummer des Benutzers -.RE -.PP -Wenn keine Option ausgew\(:ahlt wird, arbeitet -\fBchfn\fR -interaktiv\&. Dabei wird der Benutzer nach den aktuellen Werten f\(:ur alle Felder befragt\&. Bei Eingabe eines neuen Wertes wird dieser verwendet, bei keiner Eingabe stattdessen der Originalwert beibehalten\&. Der aktuelle Wert wird zwischen einem Paar von -\fB[ ]\fR -angezeigt\&. Ohne Optionen fragt -\fBchfn\fR -nach einem Benutzerkonto\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBCHFN_AUTH\fR (boolesch) -.RS 4 -Falls -\fIyes\fR, ben\(:otigt das Programm -\fBchfn\fR -eine Authentifizierung, bevor es \(:Anderungen vornimmt, sofern es nicht von Root ausgef\(:uhrt wird\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (Zeichenkette) -.RS 4 -Der Parameter bestimmt, welcher Wert in dem -\fIgecos\fR\-Feld von -/etc/passwd -von gew\(:ohnlichen Benutzern mittels des Programms -\fBchfn\fR -ge\(:andert werden darf\&. Er kann aus jeder Kombination der Buchstaben -\fIf\fR -,\fIr\fR, -\fIw\fR -und -\fIh\fR -bestehen\&. Diese Buchstaben stehen f\(:ur den vollst\(:andigen Namen, die Zimmernummer, die gesch\(:aftliche Telefonnummer und die private Telefonnummer\&. Zum Zweck der Abw\(:artskompatibilit\(:at entspricht -\fIyes\fR\fIrwh\fR -und -\fIno\fR\fIfrwh\fR\&. Falls nichts festgelegt wird, kann nur Root \(:Anderungen vornehmen\&. Die gr\(:o\(sste Einschr\(:ankung erreicht man besser, indem -chfn -nicht mit SUID\-Rechten ausgestattet wird\&. -.RE -.PP -\fBLOGIN_STRING\fR (Zeichenkette) -.RS 4 -Diese Zeichenkette wird bei der Eingabeaufforderung des Passworts (Prompt) verwendet\&. Standardm\(:a\(ssig wird \(FcPassword: \(Fo oder eine \(:Ubersetzung davon benutzt\&. Wenn Sie diese Variable definieren, wird die Eingabeaufforderung nicht \(:ubersetzt\&. -.sp -Wenn die Zeichenkette ein -\fI%s\fR -enth\(:alt, wird dies durch den Benutzernamen ersetzt\&. -.RE -.SH "DATEIEN" -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBchsh\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/de/man1/chsh.1 b/man/de/man1/chsh.1 deleted file mode 100644 index a0c6f90b..00000000 --- a/man/de/man1/chsh.1 +++ /dev/null @@ -1,122 +0,0 @@ -'\" t -.\" Title: chsh -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "CHSH" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chsh \- \(:andert die Anmelde\-Shell -.SH "\(:UBERSICHT" -.HP \w'\fBchsh\fR\ 'u -\fBchsh\fR [\fIOptionen\fR] [\fIANMELDENAME\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBchsh\fR -\(:andert die Anmelde\-Shell eines Benutzers\&. Er legt den Befehl fest, der bei der Anmeldung ausgef\(:uhrt wird\&. Ein normaler Benutzer kann nur die Anmelde\-Shell seines eigenen Kontos \(:andern, w\(:ahrend Root dies f\(:ur alle Konten darf\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBchsh\fR -unterst\(:utzt werden, sind: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Der Name der neuen Anmelde\-Shell des Benutzers\&. Falls dieses Feld leer gelassen wird, verwendet das System die Standard\-Anmelde\-Shell\&. -.RE -.PP -Wenn die Option -\fB\-s\fR -nicht ausgew\(:ahlt ist, wird -\fBchsh\fR -im interaktiven Modus betrieben\&. Dabei wird der Benutzer mit der aktuellen Anmelde\-Shell zur Eingabe einer neuen aufgefordert\&. Durch Eingabe eines Wertes wird die Shell ge\(:andert, w\(:ahrend sie bei einer leeren Zeile beibehalten wird\&. Die aktuelle Shell wird zwischen einem Paar von -\fI[ ]\fR -angezeigt\&. -.SH "ANMERKUNGEN" -.PP -Die einzige Beschr\(:ankung f\(:ur die Anmelde\-Shell ist, dass der Name des Befehls in der Datei -/etc/shells -enthalten sein muss\&. Root darf allerdings jeden beliebigen Befehl vergeben\&. Bei Konten, denen eine beschr\(:ankte Anmelde\-Shell zugewiesen ist, ist es nicht m\(:oglich, die Anmelde\-Shell zu \(:andern\&. Daher ist es nicht ratsam, -/bin/rsh -in -/etc/shells -einzutragen, da ein Benutzer nicht zu seiner urspr\(:unglichen Anmelde\-Shell zur\(:uckwechseln kann, falls er versehentlich eine beschr\(:ankte Shell als Anmelde\-Shell ausw\(:ahlt\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBCHSH_AUTH\fR (boolesch) -.RS 4 -Falls -\fIyes\fR, ben\(:otigt das Programm -\fBchsh\fR -eine Authentifizierung, bevor es \(:Anderungen vornimmt, sofern es nicht von Root ausgef\(:uhrt wird\&. -.RE -.PP -\fBLOGIN_STRING\fR (Zeichenkette) -.RS 4 -Diese Zeichenkette wird bei der Eingabeaufforderung des Passworts (Prompt) verwendet\&. Standardm\(:a\(ssig wird \(FcPassword: \(Fo oder eine \(:Ubersetzung davon benutzt\&. Wenn Sie diese Variable definieren, wird die Eingabeaufforderung nicht \(:ubersetzt\&. -.sp -Wenn die Zeichenkette ein -\fI%s\fR -enth\(:alt, wird dies durch den Benutzernamen ersetzt\&. -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shells -.RS 4 -Liste der m\(:oglichen Anmelde\-Shells -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "SIEHE AUCH" -.PP -\fBchfn\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/de/man1/expiry.1 b/man/de/man1/expiry.1 deleted file mode 100644 index b6cbf5bf..00000000 --- a/man/de/man1/expiry.1 +++ /dev/null @@ -1,78 +0,0 @@ -'\" t -.\" Title: expiry -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "EXPIRY" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -expiry \- \(:uberpr\(:uft die Regeln f\(:ur den Verfall des Passworts und setzt diese um -.SH "\(:UBERSICHT" -.HP \w'\fBexpiry\fR\ 'u -\fBexpiry\fR \fIOption\fR -.SH "BESCHREIBUNG" -.PP -Mit der Option -\fB\-c\fR -\(:uberpr\(:uft der Befehl -\fBexpiry\fR -den aktuellen Status des Verfalls des Passworts\&. Mit der Option -\fB\-f\fR -werden die notwendigen Ver\(:anderungen umgesetzt\&. Er kann von normalen Benutzern aufgerufen werden\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBexpiry\fR -unterst\(:utzt werden, sind: -.PP -\fB\-c\fR, \fB\-\-check\fR -.RS 4 -\(:uberpr\(:uft den Verfall des Passworts des aktuellen Benutzers -.RE -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -erzwingt den Wechsel des Passworts des aktuellen Benutzers, falls dieses abgelaufen ist -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/de/man1/gpasswd.1 b/man/de/man1/gpasswd.1 deleted file mode 100644 index fe858f25..00000000 --- a/man/de/man1/gpasswd.1 +++ /dev/null @@ -1,234 +0,0 @@ -'\" t -.\" Title: gpasswd -.\" Author: Rafal Maszkowski -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "GPASSWD" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -gpasswd \- verwaltet /etc/group und /etc/gshadow -.SH "\(:UBERSICHT" -.HP \w'\fBgpasswd\fR\ 'u -\fBgpasswd\fR [\fIOption\fR] \fIGruppe\fR -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBgpasswd\fR -dient zur Verwaltung von -/etc/groupund /etc/gshadow\&. Jede Gruppe kann -Gruppenverwalter, -Mitglieder und ein Passwort haben\&. -.PP -Der Systemadministrator kann mit der Option -\fB\-A\fR -Gruppenverwalter bestimmen\&. Mit der Option -\fB\-M\fR -legt er die Mitglieder fest\&. Er besitzt alle Rechte, die Gruppenverwalter und Mitglieder haben k\(:onnen\&. -.PP -Wenn ein -Gruppenverwalter\fBgpasswd\fR -nur mit dem Gruppennamen aufruft, wird er aufgefordert, f\(:ur die -\fIGruppe\fR -ein neues Passwort zu vergeben\&. -.PP -Wenn ein Passwort vergeben wurde, k\(:onnen Mitglieder der Gruppe dennoch ohne Passwort -\fBnewgrp\fR(1) -ausf\(:uhren\&. Alle anderen Benutzer ben\(:otigen dazu das Passwort\&. -.SS "Hinweise zu Gruppenpassw\(:ortern" -.PP -Gruppenpassw\(:orter beinhalten ein Sicherheitsrisiko, da mehrere Personen das Passwort kennen\&. Dennoch k\(:onnen sie sinnvoll sein, um die Zusammenarbeit zwischen Benutzern zu erleichtern\&. -.SH "OPTIONEN" -.PP -Au\(sser die Optionen -\fB\-A\fR -und -\fB\-M\fR -k\(:onnen die \(:ubrigen Optionen nicht zusammen verwendet werden\&. -.PP -Die Optionen, die vom Befehl -\fBgpasswd\fR -unterst\(:utzt werden, sind: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIBenutzer\fR -.RS 4 -F\(:ugt den -\fIBenutzer\fR -der bezeichneten -\fIGruppe\fR -zu\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIBenutzer\fR -.RS 4 -entfernt den -\fIBenutzer\fR -aus der bezeichneten -\fIGruppe\fR -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-Q\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-r\fR, \fB\-\-remove\-password\fR -.RS 4 -Entfernt das Passwort der bezeichneten -\fIGruppe\fR\&. Das Gruppenpasswort wird leer sein\&. Damit k\(:onnen nur noch Gruppenmitglieder mit -\fBnewgrp\fR -zu der bezeichneten -\fIGruppe\fR -wechseln\&. -.RE -.PP -\fB\-R\fR, \fB\-\-restrict\fR -.RS 4 -Schr\(:ankt den Zugang zur bezeichneten -\fIGruppe\fR -ein\&. Das Gruppenpasswort wird auf \(Fc!\(Fo gesetzt\&. Damit k\(:onnen nur noch Gruppenmitglieder mit einem Passwort mit -\fBnewgrp\fR -zu der bezeichneten -\fIGruppe\fR -wechseln\&. -.RE -.PP -\fB\-A\fR, \fB\-\-administrators\fR\ \&\fIBenutzer\fR, \&.\&.\&. -.RS 4 -Liste der Gruppenverwalter bestimmen -.RE -.PP -\fB\-M\fR, \fB\-\-members\fR\ \&\fIBenutzer\fR, \&.\&.\&. -.RS 4 -Liste der Mitglieder der Gruppe bestimmen -.RE -.SH "WARNUNGEN" -.PP -Dieses Werkzeug bearbeitet nur -die Dateien /etc/group und /etc/gshadow\&. Sie k\(:onnen daher keine NIS\- oder LDAP\-Gruppen bearbeiten\&. Dies muss auf dem entsprechenden Server durchgef\(:uhrt werden\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBENCRYPT_METHOD\fR (Zeichenkette) -.RS 4 -Damit wird der standardm\(:a\(ssige Verschl\(:usselungsalgorithmus, mit dem Passw\(:orter verschl\(:usselt werden, bestimmt (soweit nicht in der Befehlszeile ein Algorithmus angegeben wird)\&. -.sp -Ihm kann einer der folgenden Wert zugewiesen werden: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Hinweis: Dieser Parameter \(:uberschreibt die Variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolesch) -.RS 4 -Legt fest, ob Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt werden\&. Falls diesem Wert -\fIyes\fR -zugewiesen ist, werden neue Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt, der zu dem in der aktuellen Ver\(:offentlichung von FreeBSD eingesetzten Algorithmus kompatibel ist\&. Passw\(:orter k\(:onnen dann beliebig lang sein, auch die Salt\-Zeichenketten sind l\(:anger\&. Setzen Sie diesen Wert auf -\fIno\fR, wenn Sie verschl\(:usselte Passw\(:orter auf ein anderes System kopieren m\(:ochten, das den neuen Algorithmus nicht versteht\&. Der Standardwert ist -\fIno\fR\&. -.sp -Dieser Variable geht die Variable -\fBENCRYPT_METHOD\fR -und eine Option auf der Befehlszeile, mit der der Verschl\(:usselungsalgorithmus bestimmt wird, vor\&. -.sp -Der Einsatz dieser Variable ist veraltet\&. Sie sollten -\fBENCRYPT_METHOD\fR -verwenden\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (Zahl), \fBSHA_CRYPT_MAX_ROUNDS\fR (Zahl) -.RS 4 -Wenn -\fBENCRYPT_METHOD\fR -auf -\fISHA256\fR -oder -\fISHA512\fR -gesetzt ist, legt dies die Anzahl der Runden von SHA fest, die standardm\(:a\(ssig vom Verschl\(:usselungsalgorithmus verwendet werden (falls die Anzahl der Runden nicht auf der Befehlszeile angegeben wird)\&. -.sp -Je mehr Runden Sie definieren, umso schwieriger ist es, das Passwort mit sturem Durchprobieren (brute force) zu knacken; umso mehr Rechenleistung wird jedoch auch f\(:ur die Anmeldung eines Benutzers ben\(:otigt\&. -.sp -Falls Sie nichts angeben, wird libc die Standardanzahl der Runden festlegen (5000)\&. -.sp -Die Werte m\(:ussen zwischen 1000\-999\&.999\&.999 liegen\&. -.sp -Falls nur der Wert f\(:ur -\fBSHA_CRYPT_MIN_ROUNDS\fR -oder -\fBSHA_CRYPT_MAX_ROUNDS\fR -festgelegt wird, wird dieser Wert verwendet\&. -.sp -Falls -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, wird der h\(:ohere Wert verwendet\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBnewgrp\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBgrpck\fR(8), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/de/man1/groups.1 b/man/de/man1/groups.1 deleted file mode 100644 index 4f571587..00000000 --- a/man/de/man1/groups.1 +++ /dev/null @@ -1,66 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "GROUPS" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groups \- zeigt die aktuell verwendeten Gruppennamen an -.SH "\(:UBERSICHT" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIBenutzer\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBgroups\fR -zeigt die momentan verwendeten Gruppennamen oder IDs an\&. Wenn einem Wert kein Eintrag in -/etc/group -entspricht, wird die Gruppennummer ausgegeben\&. Mit der Option -\fIuser\fR -werden nur die Gruppen des bezeichneten -\fIBenutzers\fR -angezeigt\&. -.SH "ANMERKUNGEN" -.PP -Auf Systemen, die keine simultanen Gruppen unterst\(:utzen, werden die Informationen aus -/etc/group -ausgegeben\&. Wenn der Benutzer seine tats\(:achliche und effektive Gruppen\-ID \(:andern will, muss er -\fBnewgrp\fR -oder -\fBsg\fR -verwenden\&. -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/de/man1/id.1 b/man/de/man1/id.1 deleted file mode 100644 index 9ac9729d..00000000 --- a/man/de/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "ID" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -id \- display current user and group ID names -.SH "\(:UBERSICHT" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "BESCHREIBUNG" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/de/man1/login.1 b/man/de/man1/login.1 deleted file mode 100644 index 266ca846..00000000 --- a/man/de/man1/login.1 +++ /dev/null @@ -1,500 +0,0 @@ -'\" t -.\" Title: login -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "LOGIN" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -login \- startet eine Sitzung auf dem System -.SH "\(:UBERSICHT" -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIRechner\fR] [\fIBenutzername\fR] [\fIENV=VAR\fR...] -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIRechner\fR] \-f \fIBenutzername\fR -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] \-r\ \fIRechner\fR -.SH "BESCHREIBUNG" -.PP -Das Programm -\fBlogin\fR -wird verwendet, um eine neue Sitzung auf dem System zu starten\&. Es wird normalerweise automatisch als Antwort auf die -\fIlogin:\fR\-Eingabeaufforderung auf dem Terminal des Benutzers ausgef\(:uhrt\&. -\fBlogin\fR -kann von der Shell besonders behandelt werden und kann nicht als Subprozess gestartet werden\&. Wenn -\fBlogin\fR -von einer Shell aufgerufen wird, sollte es als -\fBexec login\fR -ausgef\(:uhrt werden, so dass die aktuelle Shell des Benutzers beendet wird (und somit verhindert wird, dass der neue Benutzer in die Sitzung des alten zur\(:uckkehren kann)\&. Der Versuch, von einer Shell au\(sser der Anmelde\-Shell -\fBlogin\fR -auszuf\(:uhren, wird eine Fehlermeldung erzeugen\&. -.PP -Falls erforderlich, wird der Benutzer anschlie\(ssend nach einem Passwort gefragt\&. Dieses wird w\(:ahrend der Eingabe nicht angezeigt\&. Es sind nur eine kleine Anzahl von Anmeldeversuchen zul\(:assig, ehe -\fBlogin\fR -abbricht und die Kommunikation getrennt wird\&. -.PP -Falls der Passwortverfall f\(:ur Ihr Konto aktiviert wurde, kann es sein, dass Sie vor der weiteren Nutzung nach einem neuen Passwort gefragt werden\&. Sie m\(:ussen Ihr altes und neues Passwort angegeben, bevor Sie fortfahren k\(:onnen\&. In der Dokumentation zu -\fBpasswd\fR(1) -finden sich weitere Informationen\&. -.PP -Nach einer erfolgreichen Anmeldung werden Ihnen Systemmeldungen pr\(:asentiert, sowie das Vorhandensein von Mails angezeigt\&. Die Anzeige der systemweiten Nachrichtendatei -/etc/motd -kann abgeschaltet werden, indem im Anmeldeverzeichnis eine leere Datei -\&.hushlogin -angelegt wird\&. Je nach Zustand der Mailbox des Benutzers ist die Mailnachricht entweder \(Fc\fISie haben neue Mails\&.\fR\(Fo, \(Fc\fISie haben Mails\&.\fR\(Fo oder \(Fc\fIKeine Mails\&.\fR\(Fo\&. -.PP -Die Benutzer\- und Gruppen\-IDs werden gem\(:a\(ss den Werten in -/etc/passwd -gesetzt\&. Die Werte f\(:ur -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$PATH\fR, -\fB$LOGNAME\fR -und -\fB$MAIL\fR -werden ebenfalls entsprechend den Feldern im Passworteintrag gesetzt\&. Werte f\(:ur ulimit, umask und nice k\(:onnen ebenfalls gem\(:a\(ss den Werten im GECOS\-Feld gesetzt werden\&. -.PP -Bei einigen Installationen wird anf\(:anglich die Umgebungsvariable -\fB$TERM\fR -entsprechend dem Terminaltyp Ihrer tty\-Zeile, wie sie in -/etc/ttytype -angegeben ist, gesetzt\&. -.PP -Ein Startskript f\(:ur Ihren Befehlsinterpreter kann auch ausgef\(:uhrt werden\&. Sehen Sie bitte in den entsprechenden Handbuchseiten f\(:ur weitere Informationen dar\(:uber nach\&. -.PP -Eine Subsystem\-Anmeldung wird durch einen \(Fc*\(Fo als erstes Zeichen der Anmelde\-Shell gekennzeichnet\&. Das angegebene Home\-Verzeichnis wird als Wurzel f\(:ur das Dateisystem verwendet, auf welchem der Benutzer tats\(:achlich angemeldet ist\&. -.PP -Es liegt NICHT in der Verantwortung von -\fBlogin\fR, Benutzer aus der utmp\-Datei zu entfernen\&. Sowohl -\fBgetty\fR(8) -als auch -\fBinit\fR(8) -sind daf\(:ur zust\(:andig, die offenkundige Eigent\(:umerstellung einer Terminalsitzung aufzur\(:aumen\&. Falls Sie -\fBlogin\fR -von der Shell ohne -\fBexec\fR -verwenden, wird der Benutzer, den Sie verwenden, weiterhin als angemeldet erscheinen, obwohl Sie die \(Fcuntergeordnete Sitzung\(Fo beendet haben\&. -.SH "OPTIONEN" -.PP -\fB\-f\fR -.RS 4 -Keine Authentifizierung durchf\(:uhren, Benutzer ist bereits angemeldet\&. -.sp -Hinweis: In diesem Fall muss -\fIBenutzername\fR -angegeben werden\&. -.RE -.PP -\fB\-h\fR -.RS 4 -Name des entfernt stehenden Rechners f\(:ur die Anmeldung -.RE -.PP -\fB\-p\fR -.RS 4 -beh\(:alt die Umgebungseinstellungen bei -.RE -.PP -\fB\-r\fR -.RS 4 -f\(:uhrt das Autologin\-Protokoll f\(:ur rlogin aus -.RE -.PP -Die Optionen -\fB\-r\fR, -\fB\-h\fR -und -\fB\-f\fR -k\(:onnen nur verwendet werden, wenn -\fBlogin\fR -von Root ausgef\(:uhrt wird\&. -.SH "WARNUNGEN" -.PP -Diese Version von -\fBlogin\fR -hat viele Optionen f\(:ur die Kompilierung, wobei eventuell nicht alle Optionen auf allen Systemen verwendet werden\&. -.PP -Der Ort der Konfigurationsdateien kann je nach Konfiguration des Systems unterschiedlich sein\&. -.PP -Es liegt NICHT in der Verantwortung von -\fBlogin\fR, Benutzer aus der utmp\-Datei zu entfernen\&. Sowohl -\fBgetty\fR(8) -als auch -\fBinit\fR(8) -sind daf\(:ur zust\(:andig, die offenkundige Eigent\(:umerstellung einer Terminalsitzung aufzur\(:aumen\&. Falls Sie -\fBlogin\fR -von der Shell ohne -\fBexec\fR -verwenden, wird der Benutzer, den Sie verwenden, weiterhin als angemeldet erscheinen, obwohl Sie die \(Fcuntergeordnete Sitzung\(Fo beendet haben\&. -.PP -Wie bei jedem anderen Programm kann auch das Erscheinungsbild von -\fBlogin\fR -vorgespiegelt werden\&. Falls unseri\(:ose Benutzer physischen Zugriff auf den Rechner haben, kann dies von einem Angreifer verwendet werden, um das Passwort der Person zu erhalten, die sich als n\(:achste vor den Rechner setzt\&. In Linux k\(:onnen Benutzer den SAK\-Mechanismus verwenden, um einen vertrauensw\(:urdigen Pfad zu erstellen und somit diesem Angriff zu entgehen\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBCONSOLE\fR (Zeichenkette) -.RS 4 -Die Konfiguration erfolgt entweder \(:uber die Angabe des vollen Pfadnamens einer Datei, welche die Namen der Ger\(:ate enth\(:alt (eines pro Zeile), oder mit einer Liste der Ger\(:atenamen, die mit \(Fc:\(Fo getrennt sind\&. Root kann sich nur auf diesen Ger\(:aten anmelden\&. -.sp -Wenn es unkonfiguriert gelassen wird, kann sich Root auf jedem Ger\(:at anmelden\&. -.sp -Das Ger\(:at soll ohne vorangestelltes /dev/ angegeben werden\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (Zeichenkette) -.RS 4 -Liste von Gruppen, deren Mitglied der Benutzer wird, wenn der sich auf der Konsole anmeldet, die mit dem Parameter CONSOLE festgelegt wird\&. Standardm\(:a\(ssig ist die Liste leer\&. - -Seien Sie vorsichtig\&. Benutzer k\(:onnen dauerhaft Zugang zu den Gruppen erlangen, auch wenn sie nicht auf der Konsole angemeldet sind\&. -.RE -.PP -\fBDEFAULT_HOME\fR (boolesch) -.RS 4 -Legt fest, ob ein Login erlaubt wird, wenn mit cd nicht in das Home\-Verzeichnis gewechselt werden kann\&. Standardm\(:a\(ssig wird dies nicht zugelassen\&. -.sp -Falls auf -\fIyes\fR -gesetzt, wird der Benutzer mit dem Wurzelverzeichnis (/) angemeldet, wenn mit cd nicht in sein Home\-Verzeichnis gewechselt werden kann\&. -.RE -.PP -\fBENV_HZ\fR (Zeichenkette) -.RS 4 -Wenn vergeben, wird damit die Umgebungsvariable HZ definiert, wenn sich ein Benutzer anmeldet\&. Dem Wert muss ein -\fIHZ=\fR -vorangestellt werden\&. Ein \(:ublicher Wert bei Linux ist -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich ein normaler Benutzer anmeldet\&. Der Wert ist eine Liste, deren Eintr\(:age durch Doppelpunkte getrennt sind (zum Beispiel -\fI/bin:/usr/bin\fR)\&. Ihr kann ein -\fIPATH=\fR -vorangestellt werden\&. Der Standardwert ist -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich der Superuser anmeldet\&. Der Wert ist eine Liste, deren Eintr\(:age durch Doppelpunkte getrennt sind (zum Beispiel -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR)\&. Ihr kann ein -\fIPATH=\fR -vorangestellt werden\&. Der Standardwert ist -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable TZ definiert, wenn sich ein Benutzer anmeldet\&. Der Wert kann der Name der Zeitzone sein, dem -\fITZ=\fR -vorausgeht (zum Beispiel -\fITZ=CST6CDT\fR), oder der vollst\(:andige Pfad der Datei, welche die Konfiguration der Zeitzone enth\(:alt (zum Beispiel -/etc/tzname)\&. -.sp -Wenn ein vollst\(:andiger Pfadname angegeben wird, die Datei aber nicht existiert oder nicht lesbar ist, wird -\fITZ=CST6CDT\fR -verwendet\&. -.RE -.PP -\fBENVIRON_FILE\fR (Zeichenkette) -.RS 4 -Wenn diese Datei vorhanden ist, wird die Anmeldeumgebung aus ihr gelesen\&. Jede Zeile sollte die Form Name=Wert haben\&. -.sp -Zeilen, die mit einem # beginnen, werden als Kommentare behandelt und daher ignoriert\&. -.RE -.PP -\fBERASECHAR\fR (Zahl) -.RS 4 -Das L\(:oschzeichen des Terminals (\fI010\fR -= R\(:ucktaste, -\fI0177\fR -= Entf)\&. -.sp -Wenn der Wert mit \(Fc0\(Fo beginnt, wird er als Oktalzahl gewertet, wenn er mit \(Fc0x\(Fo beginnt, als Hexadezimalzahl\&. -.RE -.PP -\fBFAIL_DELAY\fR (Zahl) -.RS 4 -Wartezeit in Sekunden, ehe nach einem fehlgeschlagenen Anmeldeversuch ein neuer unternommen werden kann -.RE -.PP -\fBFAILLOG_ENAB\fR (boolesch) -.RS 4 -aktiviert die Protokollierung und Anzeige der Informationen zu fehlgeschlagenen Anmeldeversuchen in -/var/log/faillog -.RE -.PP -\fBFAKE_SHELL\fR (Zeichenkette) -.RS 4 -Falls angegeben, f\(:uhrt -\fBlogin\fR -diese Shell anstelle der in -/etc/passwd -angegebenen Shell des Benutzers aus\&. -.RE -.PP -\fBFTMP_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, werden fehlgeschlagene Anmeldeversuche in dieser Datei im Format utmp protokolliert\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, kann diese Datei die \(:ubliche Informationsanzeige w\(:ahrend des Anmeldevorgangs unterbinden\&. Wenn ein vollst\(:andiger Pfad angegeben wird, wird der Modus ohne Anmeldeinformationen verwendet, wenn der Name oder die Shell des Benutzers in der Datei enthalten sind\&. Wenn kein vollst\(:andiger Pfad angegeben wird, wird der Modus ohne Anmeldeinformationen aktiviert, wenn die Datei im Home\-Verzeichnis des Benutzers existiert\&. -.RE -.PP -\fBISSUE_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, wird diese Datei vor der Anmeldeaufforderung angezeigt\&. -.RE -.PP -\fBKILLCHAR\fR (Zahl) -.RS 4 -Das KILL\-Zeichen des Terminals (\fI025\fR -= CTRL/U)\&. -.sp -Wenn der Wert mit \(Fc0\(Fo beginnt, wird er als Oktalzahl gewertet, wenn er mit \(Fc0x\(Fo beginnt, als Hexadezimalzahl\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (boolesch) -.RS 4 -aktiviert die Protokollierung und Anzeige der Informationen zu Anmeldezeiten in -/var/log/lastlog -.RE -.PP -\fBLOGIN_RETRIES\fR (Zahl) -.RS 4 -maximale Anzahl von Anmeldeversuchen, wenn ein falsches Passwort eingegeben wird -.RE -.PP -\fBLOGIN_STRING\fR (Zeichenkette) -.RS 4 -Diese Zeichenkette wird bei der Eingabeaufforderung des Passworts (Prompt) verwendet\&. Standardm\(:a\(ssig wird \(FcPassword: \(Fo oder eine \(:Ubersetzung davon benutzt\&. Wenn Sie diese Variable definieren, wird die Eingabeaufforderung nicht \(:ubersetzt\&. -.sp -Wenn die Zeichenkette ein -\fI%s\fR -enth\(:alt, wird dies durch den Benutzernamen ersetzt\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (Zahl) -.RS 4 -H\(:ochstdauer f\(:ur einen Anmeldeversuch -.RE -.PP -\fBLOG_OK_LOGINS\fR (boolesch) -.RS 4 -aktiviert die Protokollierung erfolgreicher Anmeldungen -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (boolesch) -.RS 4 -aktiviert die Anzeige unbekannter Benutzernamen, wenn fehlgeschlagene Anmeldeversuche aufgezeichnet werden -.sp -Hinweis: Das Protokollieren unbekannter Benutzernamen kann ein Sicherheitsproblem darstellen, wenn ein Benutzer sein Passwort anstelle seines Anmeldenamens eingibt\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolesch) -.RS 4 -aktiviert die Pr\(:ufung und Anzeige des Status der Mailbox bei der Anmeldung -.sp -Sie sollten dies abschalten, wenn schon die Startdateien der Shell die Mails pr\(:ufen (\(Fcmailx \-e\(Fo oder \(:ahnliches)\&. -.RE -.PP -\fBMAIL_DIR\fR (Zeichenkette) -.RS 4 -Das Verzeichnis des Mail\-Spools\&. Diese Angabe wird ben\(:otigt, um die Mailbox zu bearbeiten, nachdem das entsprechende Benutzerkonto ver\(:andert oder gel\(:oscht wurde\&. Falls nicht angegeben, wird ein Standard verwendet, der beim Kompilieren festgelegt wurde\&. -.RE -.PP -\fBMAIL_FILE\fR (Zeichenkette) -.RS 4 -Legt den Ort der Mail\-Spool\-Dateien eines Benutzers relativ zu seinem Home\-Verzeichnis fest\&. -.RE -.PP -Die Variablen -\fBMAIL_DIR\fR -und -\fBMAIL_FILE\fR -werden von -\fBuseradd\fR, -\fBusermod\fR -und -\fBuserdel\fR -verwendet, um den Mail\-Spool eines Benutzers zu erstellen, zu verschieben oder zu l\(:oschen\&. -.PP -Falls -\fBMAIL_CHECK_ENAB\fR -auf -\fIyes\fR -gesetzt ist, werden sie auch verwendet, um die Umgebungsvariable -\fBMAIL\fR -festzulegen\&. -.PP -\fBMOTD_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, eine Aufz\(:ahlung von Dateien, welche die bei der Anmeldung anzuzeigenden \(FcNachrichten des Tages\(Fo enth\(:alt\&. Die Dateien werden mit einem \(Fc:\(Fo getrennt\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, der Name einer Datei, deren Existenz Anmeldungen au\(sser von Root verhindert\&. Der Inhalt der Datei sollte die Gr\(:unde enthalten, weshalb Anmeldungen untersagt sind\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (boolesch) -.RS 4 -aktiviert die Auswertung der in -/etc/porttime -angegebenen Zeitbegrenzungen -.RE -.PP -\fBQUOTAS_ENAB\fR (boolesch) -.RS 4 -aktiviert das Setzen von Resourcenbeschr\(:ankungen aus -/etc/limits -und von ulimit, umask und niceness aus dem gecos\-Feld des Benutzers von passwd -.RE -.PP -\fBTTYGROUP\fR (Zeichenkette), \fBTTYPERM\fR (Zeichenkette) -.RS 4 -Die Rechte des Terminals: Das Anmelde\-tty geh\(:ort der Gruppe -\fBTTYGROUP\fR -an, die Rechte werden auf -\fBTTYPERM\fR -gesetzt\&. -.sp -Standardm\(:a\(ssig ist der Eigent\(:umer des Terminals die Hauptgruppe des Benutzers, die Rechte werden auf -\fI0600\fR -gesetzt\&. -.sp -\fBTTYGROUP\fR -kann der Gruppenname oder die als Zahl ausgedr\(:uckte Gruppen\-ID sein\&. -.sp -Wenn Sie ein -\fBwrite\fR\-Programm haben, das \(Fcsetgid\(Fo f\(:ur eine Gruppe besitzt, der das Terminal geh\(:ort, sollten Sie TTYGROUP die Gruppennummer und TTYPERM den Wert 0620 zuweisen\&. Oder Sie sollten TTYGROUP als Kommentar belassen und TTYPERM den Wert 622 oder 600 zuweisen\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, eine Datei, welche einer tty\-Zeile den Umgebungsparameter TERM zuweist\&. Jede Zeile hat das Format wie etwa \(Fcvt100 tty01\(Fo\&. -.RE -.PP -\fBULIMIT\fR (Zahl) -.RS 4 -der Standardwert von -\fBulimit\fR -.RE -.PP -\fBUMASK\fR (Zahl) -.RS 4 -Die Bit\-Gruppe, welche die Rechte von erstellten Dateien bestimmt, wird anf\(:anglich auf diesen Wert gesetzt\&. Falls nicht angegeben, wird sie auf 022 gesetzt\&. -.sp -\fBuseradd\fR -und -\fBnewusers\fR -verwenden diese Bit\-Gruppe, um die Rechte des von ihnen erstellten Home\-Verzeichnisses zu setzen\&. -.sp -Sie wird auch von -\fBlogin\fR -verwendet, um die anf\(:angliche Umask eines Benutzers zu bestimmen\&. Beachten Sie, dass diese Bit\-Gruppe durch die GECOS\-Zeile des Benutzers (wenn -\fBQUOTAS_ENAB\fR -gesetzt wurde) oder die Festlegung eines Limits in -\fBlimits\fR(5) -mit der Kennung -\fIK\fR -\(:uberschrieben werden kann\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolesch) -.RS 4 -Erlaubt Benutzern, die nicht Root sind, die Umask\-Gruppen\-Bits auf ihre Umask\-Bits zu setzen (Beispiel: 022 \-> 002, 077 \-> 007), falls die UID mit der GID identisch ist sowie der Benutzername mit dem Gruppennamen \(:ubereinstimmt\&. -.sp -Wenn der Wert -\fIyes\fR -ist, wird -\fBuserdel\fR -die Gruppe des Benutzers entfernen, falls sie keine Mitglieder mehr hat, und -\fBuseradd\fR -wird standardm\(:a\(ssig eine Gruppe mit dem Namen des Benutzers erstellen\&. -.RE -.SH "DATEIEN" -.PP -/var/run/utmp -.RS 4 -Liste der aktuellen angemeldeten Sitzungen -.RE -.PP -/var/log/wtmp -.RS 4 -Liste der vorangegangenen angemeldeten Sitzungen -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/motd -.RS 4 -Datei mit der Systemmeldung des Tages -.RE -.PP -/etc/nologin -.RS 4 -verhindert, dass sich Benutzer au\(sser Root anmelden -.RE -.PP -/etc/ttytype -.RS 4 -Liste der Terminaltypen -.RE -.PP -$HOME/\&.hushlogin -.RS 4 -unterdr\(:uckt die Ausgabe von Systemnachrichten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "SIEHE AUCH" -.PP -\fBmail\fR(1), -\fBpasswd\fR(1), -\fBsh\fR(1), -\fBsu\fR(1), -\fBlogin.defs\fR(5), -\fBnologin\fR(5), -\fBpasswd\fR(5), -\fBsecuretty\fR(5), -\fBgetty\fR(8)\&. diff --git a/man/de/man1/newgrp.1 b/man/de/man1/newgrp.1 deleted file mode 100644 index ced41ee2..00000000 --- a/man/de/man1/newgrp.1 +++ /dev/null @@ -1,96 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "NEWGRP" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -newgrp \- als neue Gruppe anmelden -.SH "\(:UBERSICHT" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIGruppe\fR] -.SH "BESCHREIBUNG" -.PP -Mit dem Befehl -\fBnewgrp\fR -kann w\(:ahrend einer angemeldeten Sitzung die aktuelle Gruppen\-ID ge\(:andert werden\&. Wenn zus\(:atzlich der Schalter -\fB\-\fR -angegeben wird, wird die Benutzerumgebung neu gestartet, so als ob sich der Benutzer neu angemeldet h\(:atte\&. Anderenfalls bleibt die aktuelle Umgebung einschlie\(sslich des aktuellen Arbeitsverzeichnisses unver\(:andert\&. -.PP -\fBnewgrp\fR -wechselt von der aktuellen echten Gruppen\-ID zu der angegeben Gruppe oder, falls kein Gruppenname angegeben wird, zu der Standardgruppe, wie sie in -/etc/passwd -festgelegt ist\&. Zudem versucht -\fBnewgrp\fR, die Gruppe der Gruppensammlung des Benutzers hinzuzuf\(:ugen\&. Wenn der Benutzer nicht Root ist und die Gruppe ein Passwort hat und der Benutzer nicht Mitglied der Gruppe ist oder kein Passwort hat (in -/etc/shadow, falls er einen Eintrag in der Shadow\-Passwort\-Datei hat, anderenfalls in -/etc/passwd), wird er nach einem Passwort gefragt\&. -.PP -Wenn sich in -/etc/gshadow -ein Eintrag f\(:ur diese Gruppe befindet, wird die Mitgliederliste und das Passwort der Gruppe dieser Datei entnommen\&. Anderenfalls wird der Eintrag in -/etc/group -ausgewertet\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBSYSLOG_SG_ENAB\fR (boolesch) -.RS 4 -aktiviert das Protokollieren der Aktivit\(:aten von -\fBsg\fR -in \(Fcsyslog\(Fo -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/de/man1/passwd.1 b/man/de/man1/passwd.1 deleted file mode 100644 index d762a230..00000000 --- a/man/de/man1/passwd.1 +++ /dev/null @@ -1,359 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "PASSWD" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -passwd \- \(:andert das Passwort eines Benutzers -.SH "\(:UBERSICHT" -.HP \w'\fBpasswd\fR\ 'u -\fBpasswd\fR [\fIOptionen\fR] [\fIANMELDENAME\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBpasswd\fR -\(:andert die Passw\(:orter von Benutzerkonten\&. Ein normaler Benutzer kann nur das Passwort seines Kontos ver\(:andern, der Superuser dagegen kann die Passw\(:orter aller Konten \(:andern\&. Mit -\fBpasswd\fR -k\(:onnen auch die Informationen \(:uber das Konto und die G\(:ultigkeitsdauer des Passworts ver\(:andert werden\&. -.SS "Ver\(:andern des Passworts" -.PP -Der Benutzer wird zuerst nach seinem alten Passwort gefragt, falls eines vorhanden ist\&. Dieses Passwort wird dann verschl\(:usselt und mit dem gespeicherten Passwort verglichen\&. Der Benutzer hat nur eine Gelegenheit, das richtige Passwort einzugeben\&. Der Superuser kann diesen Schritt \(:uberspringen, um so vergessene Passw\(:orter zu \(:andern\&. -.PP -Nachdem das Passwort eingegeben wurde, werden Informationen \(:uber die G\(:ultigkeitsdauer des Passworts abgefragt, um festzustellen, ob der Benutzer das Passwort zu dieser Zeit ver\(:andern darf\&. Wenn nicht, lehnt -\fBpasswd\fR -die \(:Anderung des Passworts ab und beendet sich\&. -.PP -Der Benutzer wird dann aufgefordert, zweimal ein neues Passwort einzugeben\&. Beide Eingaben werden miteinander verglichen\&. Sie m\(:ussen \(:ubereinstimmen, damit das Passwort ge\(:andert wird\&. -.PP -Anschlie\(ssend wird das Passwort auf seine Komplexit\(:at \(:uberpr\(:uft\&. Eine allgemeine Richtlinie besagt, dass Passw\(:orter aus sechs bis acht Zeichen bestehen sollten und ein oder mehrere Zeichen aus folgenden Mengen enthalten sollten: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Kleinbuchstaben -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Ziffern 0 bis 9 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Satzzeichen -.RE -.PP -Seien Sie vorsichtig, dass Sie nicht die standardm\(:a\(ssigen L\(:osch\- und Kill\-Zeichen des Systems eingeben\&. -\fBpasswd\fR -weist Passw\(:orter zur\(:uck, die nicht hinreichend komplex sind\&. -.SS "Hinweise zu Benutzerpassw\(:ortern" -.PP -Die Sicherheit eines Passworts h\(:angt von der St\(:arke des Verschl\(:usselungsalgorithmus und von der Gr\(:o\(sse des Schl\(:usselraums ab\&. Die hergebrachte Verschl\(:usselung auf -\fIUNIX\fR\-Systemen basiert auf dem NBS\-DES\-Algorithmus\&. Heutzutage sind neuere Verschl\(:usselungsmethoden zu empfehlen (vergleiche -\fBENCRYPT_METHOD\fR)\&. Die Gr\(:o\(sse des Schl\(:usselraums h\(:angt von der Zuf\(:alligkeit des gew\(:ahlten Passworts ab\&. -.PP -Gefahren f\(:ur die Sicherheit von Passw\(:ortern kommen gew\(:ohnlich von sorgloser Wahl oder Handhabung des Passworts\&. Daher sollten Sie kein Passwort w\(:ahlen, das in einem W\(:orterbuch auftaucht oder das aufgeschrieben werden muss\&. Das Passwort sollte somit kein echter Name, Ihr Autokennzeichen, Geburtstag oder Ihre Adresse sein\&. All das kann dazu verwendet werden, das Passwort zu erraten, und stellt daher eine Gefahr f\(:ur die Sicherheit Ihres Systems dar\&. -.PP -Ratschl\(:age, wie Sie ein sicheres Passwort w\(:ahlen, finden Sie unter http://de\&.wikipedia\&.org/wiki/Passwort#Wahl_von_sicheren_Passw\&.C3\&.B6rtern\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBpasswd\fR -unterst\(:utzt werden, sind: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Diese Option kann nur in Verbindung mit -\fB\-S\fR -verwendet werden und f\(:uhrt dazu, dass der Status aller Benutzer angezeigt wird\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR -.RS 4 -L\(:oscht das Passwort eines Benutzers (macht es leer)\&. Dies ist ein schneller Weg, um das Passwort eines Kontos zu deaktivieren\&. Dem Konto ist dann kein Passwort zugeordnet\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expire\fR -.RS 4 -L\(:asst das Passwort eines Kontos sofort verfallen\&. Im Ergebnis kann damit erreicht werden, dass ein Benutzer beim n\(:achsten Login das Passwort \(:andern muss\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINAKTIV\fR -.RS 4 -Mit dieser Option wird ein Konto deaktiviert, nachdem das Passwort f\(:ur eine bestimmte Anzahl von Tagen abgelaufen ist\&. Wenn ein Benutzerkonto ein abgelaufenes Passwort f\(:ur l\(:anger als -\fIINAKTIV\fR -Tage hatte, kann sich der Benutzer nicht mehr auf diesem Konto anmelden\&. -.RE -.PP -\fB\-k\fR, \fB\-\-keep\-tokens\fR -.RS 4 -Zeigt an, dass nur abgelaufene Passw\(:orter ge\(:andert werden sollen\&. Der Benutzer m\(:ochte seine g\(:ultigen Passw\(:orter unver\(:andert lassen\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\fR -.RS 4 -Sperrt das Passwort des bezeichneten Kontos\&. Die Option schaltet ein Passwort ab, indem es ihm einen Wert zuweist, der mit keinem m\(:oglichen verschl\(:usselten Wert \(:ubereinstimmen kann\&. Dies geschieht, indem ein \(Fc!\(Fo dem Passwort vorangestellt wird\&. -.sp -Beachten Sie, dass damit nicht das Konto deaktiviert wird\&. Der Benutzer kann sich immer noch mit einer anderen Authentifizierungsmethode (etwa einem SSH\-Schl\(:ussel) anmelden\&. Um ein Konto abzuschalten, sollte der Administrator -\fBusermod \-\-expiredate 1\fR -verwenden; dies setzt das Verfallsdatum des Kontos auf den 2\&. Januar 1970\&. -.sp -Benutzer mit einem gesperrten Passwort k\(:onnen dieses nicht \(:andern\&. -.RE -.PP -\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_TAGE\fR -.RS 4 -Setzt die Anzahl von Tagen, die mindestens zwischen zwei \(:Anderungen eines Passworts vergehen m\(:ussen, auf -\fIMIN_TAGE\fR\&. Ein Wert von Null in diesem Feld bedeutet, dass der Benutzer sein Passwort jederzeit \(:andern darf\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -stiller Modus -.RE -.PP -\fB\-r\fR, \fB\-\-repository\fR\ \&\fIDEPOT\fR -.RS 4 -\(:andert das Passwort im Depot -\fIDEPOT\fR -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-S\fR, \fB\-\-status\fR -.RS 4 -Zeigt Informationen \(:uber den Kontostatus an\&. Die Statusinformation besteht aus sieben Feldern\&. Das erste Feld ist der Anmeldename des Benutzers\&. Das zweite Feld zeigt an, ob das Benutzerkonto ein gesperrtes Passwort (L), kein Passwort (NP) oder ein verwendbares Passwort hat (P)\&. Das dritte Feld zeigt das Datum der letzten \(:Anderung des Passworts an\&. Die n\(:achsten vier Felder sind das Mindestalter, das H\(:ochstalter, die Dauer der Warnung und die Dauer der Unt\(:atigkeit f\(:ur das Passwort\&. Die Zeitr\(:aume werden in Tagen ausgedr\(:uckt\&. -.RE -.PP -\fB\-u\fR, \fB\-\-unlock\fR -.RS 4 -Entsperrt das bezeichnete Konto\&. Diese Option reaktiviert ein Konto wieder, indem das Passwort auf seinen alten Wert zur\(:uckgesetzt wird, den es hatte, bevor die Option -\fB\-l\fR -verwendet wurde\&. -.RE -.PP -\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIWARN_TAGE\fR -.RS 4 -Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erh\(:alt, bevor sein Passwort ung\(:ultig wird\&. Die Option -\fIWARN_TAGE\fR -bezeichnet die Anzahl der Tage, f\(:ur die ein Benutzer vor Verfall seines Passworts gewarnt wird\&. -.RE -.PP -\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_TAGE\fR -.RS 4 -Bestimmt die maximale Anzahl von Tagen, die das Passwort g\(:ultig bleibt\&. Nach -\fIMAX_TAGE\fR -Tagen muss das Passwort ge\(:andert werden\&. -.RE -.SH "WARNUNGEN" -.PP -Die Komplexit\(:at der Passwortpr\(:ufung kann sich auf verschiedenen Systemen unterscheiden\&. Der Benutzer wird angehalten, ein m\(:oglichst komplexes, von ihm aber gut zu verwendendes Passwort zu w\(:ahlen\&. -.PP -Benutzer k\(:onnen unter Umst\(:anden ihr Passwort nicht \(:andern, wenn auf dem System NIS aktiviert ist, sie aber nicht am NIS\-Server angemeldet sind\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBENCRYPT_METHOD\fR (Zeichenkette) -.RS 4 -Damit wird der standardm\(:a\(ssige Verschl\(:usselungsalgorithmus, mit dem Passw\(:orter verschl\(:usselt werden, bestimmt (soweit nicht in der Befehlszeile ein Algorithmus angegeben wird)\&. -.sp -Ihm kann einer der folgenden Wert zugewiesen werden: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Hinweis: Dieser Parameter \(:uberschreibt die Variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolesch) -.RS 4 -Legt fest, ob Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt werden\&. Falls diesem Wert -\fIyes\fR -zugewiesen ist, werden neue Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt, der zu dem in der aktuellen Ver\(:offentlichung von FreeBSD eingesetzten Algorithmus kompatibel ist\&. Passw\(:orter k\(:onnen dann beliebig lang sein, auch die Salt\-Zeichenketten sind l\(:anger\&. Setzen Sie diesen Wert auf -\fIno\fR, wenn Sie verschl\(:usselte Passw\(:orter auf ein anderes System kopieren m\(:ochten, das den neuen Algorithmus nicht versteht\&. Der Standardwert ist -\fIno\fR\&. -.sp -Dieser Variable geht die Variable -\fBENCRYPT_METHOD\fR -und eine Option auf der Befehlszeile, mit der der Verschl\(:usselungsalgorithmus bestimmt wird, vor\&. -.sp -Der Einsatz dieser Variable ist veraltet\&. Sie sollten -\fBENCRYPT_METHOD\fR -verwenden\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (boolesch) -.RS 4 -Aktiviert zus\(:atzliche Tests bei der Ver\(:anderung eines Passworts\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (boolesch) -.RS 4 -weist auf schwache Passw\(:orter hin (aber l\(:asst sie zu), falls Sie root sind -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (Zahl) -.RS 4 -maximale Anzahl von Versuchen, ein Passwort zu \(:andern, wenn dies wegen zu geringer St\(:arke des gew\(:ahlten Passworts abgelehnt wurde -.RE -.PP -\fBPASS_MAX_LEN\fR (Zahl), \fBPASS_MIN_LEN\fR (Zahl) -.RS 4 -Anzahl der von crypt() ber\(:ucksichtigten Zeichen des Passworts\&. Standardm\(:a\(ssig ist -\fBPASS_MAX_LEN\fR -8\&. Diese Option wird ignoriert, wenn -\fBMD5_CRYPT_ENAB\fR -auf -\fIyes\fR -gesetzt ist\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (Zahl), \fBSHA_CRYPT_MAX_ROUNDS\fR (Zahl) -.RS 4 -Wenn -\fBENCRYPT_METHOD\fR -auf -\fISHA256\fR -oder -\fISHA512\fR -gesetzt ist, legt dies die Anzahl der Runden von SHA fest, die standardm\(:a\(ssig vom Verschl\(:usselungsalgorithmus verwendet werden (falls die Anzahl der Runden nicht auf der Befehlszeile angegeben wird)\&. -.sp -Je mehr Runden Sie definieren, umso schwieriger ist es, das Passwort mit sturem Durchprobieren (brute force) zu knacken; umso mehr Rechenleistung wird jedoch auch f\(:ur die Anmeldung eines Benutzers ben\(:otigt\&. -.sp -Falls Sie nichts angeben, wird libc die Standardanzahl der Runden festlegen (5000)\&. -.sp -Die Werte m\(:ussen zwischen 1000\-999\&.999\&.999 liegen\&. -.sp -Falls nur der Wert f\(:ur -\fBSHA_CRYPT_MIN_ROUNDS\fR -oder -\fBSHA_CRYPT_MAX_ROUNDS\fR -festgelegt wird, wird dieser Wert verwendet\&. -.sp -Falls -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, wird der h\(:ohere Wert verwendet\&. -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBpasswd\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI1\fR -.RS 4 -Berechtigung verweigert -.RE -.PP -\fI2\fR -.RS 4 -ung\(:ultige Kombination von Optionen -.RE -.PP -\fI3\fR -.RS 4 -unerwarteter Fehler, nichts wurde ver\(:andert -.RE -.PP -\fI4\fR -.RS 4 -unerwarteter Fehler, die Datei -passwd -fehlt -.RE -.PP -\fI5\fR -.RS 4 -Datei -passwd -wird benutzt, bitte nochmal versuchen -.RE -.PP -\fI6\fR -.RS 4 -ung\(:ultiges Argument f\(:ur Option -.RE -.SH "SIEHE AUCH" -.PP -\fBchpasswd\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBlogin.defs\fR(5),\fBusermod\fR(8)\&. diff --git a/man/de/man1/sg.1 b/man/de/man1/sg.1 deleted file mode 100644 index ee5c370f..00000000 --- a/man/de/man1/sg.1 +++ /dev/null @@ -1,96 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "SG" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -sg \- f\(:uhrt einen Befehl unter einer anderen Gruppen\-ID aus -.SH "\(:UBERSICHT" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [Gruppe\ [\-c]\ Befehl] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBsg\fR -funktioniert so \(:ahnlich wie der Befehl -\fBnewgrp\fR, \(:ubernimmt aber auch einen Befehl\&. Dieser Befehl wird in der Shell -/bin/sh -ausgef\(:uhrt\&. Bei den meisten Shells, in denen Sie -\fBsg\fR -ausf\(:uhren, m\(:ussen Sie die Befehle, die aus mehrere W\(:ortern bestehen, in Anf\(:uhrungszeichen einfassen\&. Ein weiterer Unterschied zwischen -\fBnewgrp\fR -und -\fBsg\fR -ist, dass einige Shells -\fBnewgrp\fR -besonders behandeln: sie ersetzen sich mit einer neuen Instanz der Shell, die von -\fBnewgrp\fR -erzeugt wurde\&. Dies geschieht nicht mit -\fBsg\fR, daher werden Sie nach Beenden des Befehls -\fBsg\fR -zu Ihrer vorherigen Gruppen\-ID zur\(:uckkehren\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBSYSLOG_SG_ENAB\fR (boolesch) -.RS 4 -aktiviert das Protokollieren der Aktivit\(:aten von -\fBsg\fR -in \(Fcsyslog\(Fo -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/de/man1/su.1 b/man/de/man1/su.1 deleted file mode 100644 index 8c3bada5..00000000 --- a/man/de/man1/su.1 +++ /dev/null @@ -1,463 +0,0 @@ -'\" t -.\" Title: su -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dienstprogramme f\(:ur Benutzer -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "SU" "1" "09.05.2014" "shadow\-utils 4\&.2" "Dienstprogramme f\(:ur Benutzer" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -su \- \(:andert die Benutzer\-ID oder wechselt zu Root -.SH "\(:UBERSICHT" -.HP \w'\fBsu\fR\ 'u -\fBsu\fR [\fIOptionen\fR] [\fIBenutzername\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBsu\fR -dient dazu, w\(:ahrend einer Sitzung ein anderer Benutzer zu werden\&. Wenn -\fBsu\fR -ohne -\fBusername\fR -aufgerufen wird, wechselt es standardm\(:a\(ssig zu Root\&. Zus\(:atzlich kann das Argument -\fB\-\fR -angegeben werden\&. Damit wird eine Umgebung zur Verf\(:ugung gestellt, die der entspricht, die der Benutzer nach einer direkten Anmeldung erwartet\&. -.PP -Zus\(:atzliche Argumente k\(:onnen nach dem Benutzernamen angegeben werden\&. In diesem Fall werden sie an die Anmelde\-Shell des Benutzers weitergereicht\&. Insbesondere f\(:uhrt das Argument -\fB\-c\fR -dazu, dass das n\(:achste Argument von den meisten Interpretatoren als Befehl behandelt wird\&. Dieser Befehl wird von der Shell ausgef\(:uhrt, die in -/etc/passwd -f\(:ur den Zielbenutzer angegeben ist\&. -.PP -Sie k\(:onnen das Argument -\fB\-\-\fR -verwenden, um Optionen f\(:ur -\fBsu\fR -von Argumenten f\(:ur die Shell zu trennen\&. -.PP -Der Benutzer wird gegebenenfalls nach einem Passwort gefragt\&. Ung\(:ultige Passworteingaben werden eine Fehlermeldung erzeugen\&. Sowohl erfolgreiche als auch misslungene Versuche werden protokolliert, um Missbrauch des Systems zu entdecken\&. -.PP -Die aktuelle Umgebung wird an die neue Shell \(:ubergeben\&. Der Wert von -\fB$PATH\fR -wird f\(:ur normale Benutzer auf -/bin:/usr/bin -gesetzt, f\(:ur Root auf -/sbin:/bin:/usr/sbin:/usr/bin\&. Dieses Verhalten kann durch die Definition von -\fBENV_PATH\fR -und -\fBENV_SUPATH\fR -in -/etc/login\&.defs -ge\(:andert werden\&. -.PP -Eine Subsystem\-Anmeldung wird durch einen \(Fc*\(Fo als erstes Zeichen der Anmelde\-Shell gekennzeichnet\&. Das angegebene Home\-Verzeichnis wird als Wurzel f\(:ur das Dateisystem verwendet, auf welchem der Benutzer tats\(:achlich angemeldet ist\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBsu\fR -unterst\(:utzt werden, sind: -.PP -\fB\-c\fR, \fB\-\-command\fR\ \&\fIBEFEHL\fR -.RS 4 -gibt einen Befehl an, der von der Shell mittels ihrer Option -\fB\-c\fR -ausgef\(:uhrt wird -.sp -The executed command will have no controlling terminal\&. This option cannot be used to execute interactive programs which need a controlling TTY\&. -.RE -.PP -\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR -.RS 4 -Eine Umgebung wird zur Verf\(:ugung gestellt, die der entspricht, die der Benutzer nach einer direkten Anmeldung erwartet\&. -.sp -When -\fB\-\fR -is used, it must be specified before any -\fBusername\fR\&. For portability it is recommended to use it as last option, before any -\fBusername\fR\&. The other forms (\fB\-l\fR -and -\fB\-\-login\fR) do not have this restriction\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -die Shell, die gestartet wird -.sp -Die aufgerufene Shell wird bestimmt durch (h\(:ochste Priorit\(:at zuerst): -.PP -.RS 4 -die Shell, die mit \-\-shell angegeben wurde -.RE -.PP -.RS 4 -Falls -\fB\-\-preserve\-environment\fR -verwendet wird, die Shell, die durch die Umgebungsvariable -\fB$SHELL\fR -festgelegt wird\&. -.RE -.PP -.RS 4 -die Shell, die in -/etc/passwd -f\(:ur den Zielbenutzer angegeben ist -.RE -.PP -.RS 4 -/bin/sh, falls durch die obigen Methoden keine Shell gefunden werden kann -.RE -.sp -Falls der Zielbenutzer eine beschr\(:ankte Shell hat (d\&.h\&. das Feld f\(:ur die Shell im Eintrag des Benutzers in -/etc/passwd -ist nicht in -/etc/shells) aufgef\(:uhrt), werden die Option -\fB\-\-shell\fR -und die Umgebungsvariable -\fB$SHELL\fR -nicht beachtet, sofern -\fBsu\fR -nicht von Root aufgerufen wird\&. -.RE -.PP -\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR -.RS 4 -Erh\(:alt die aktuelle Umgebung mit Ausnahme von: -.PP -\fB$PATH\fR -.RS 4 -auf den Ausgangswert entsprechend der Optionen -\fBENV_PATH\fR -oder -\fBENV_SUPATH\fR -in -/etc/login\&.defs -zur\(:ucksetzen (siehe unten); -.RE -.PP -\fB$IFS\fR -.RS 4 -auf -\(Bq\(lq -zur\(:ucksetzen, falls es ver\(:andert wurde -.RE -.sp -Falls der Zielbenutzer eine beschr\(:ankte Shell besitzt, hat diese Option keinen Effekt (sofern -\fBsu\fR -nicht von Root aufgerufen wird)\&. -.sp -Beachten Sie, dass Folgendes das Standardverhalten f\(:ur die Umgebung ist: -.PP -.RS 4 -Die Umgebungsvariablen -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$USER\fR, -\fB$LOGNAME\fR, -\fB$PATH\fR -und -\fB$IFS\fR -werden zur\(:uckgesetzt\&. -.RE -.PP -.RS 4 -Falls nicht -\fB\-\-login\fR -verwendet wurde, wird die Umgebung mit der Ausnahme der genannten Variablen kopiert\&. -.RE -.PP -.RS 4 -Falls -\fB\-\-login\fR -verwendet wurde, werden die Variablen -\fB$TERM\fR, -\fB$COLORTERM\fR, -\fB$DISPLAY\fR -und -\fB$XAUTHORITY\fR -\(:ubernommen, wenn ihnen ein Wert zugewiesen wurde\&. -.RE -.PP -.RS 4 -Falls -\fB\-\-login\fR -verwendet wurde, werden die Umgebungsvariablen -\fB$TZ\fR, -\fB$HZ\fR -und -\fB$MAIL\fR -auf die in -/etc/login\&.defs -definierten Optionen -\fBENV_TZ\fR, -\fBENV_HZ\fR, -\fBMAIL_DIR\fR -und -\fBMAIL_FILE\fR -(siehe unten) gesetzt\&. -.RE -.PP -.RS 4 -Wenn -\fB\-\-login\fR -verwendet wird, k\(:onnen andere Umgebungsvariablen mit der Datei -\fBENVIRON_FILE\fR -vergeben werden (siehe unten)\&. -.RE -.RE -.SH "WARNUNGEN" -.PP -Diese Version von -\fBsu\fR -hat viele Kompilierungsoptionen\&. Deren N\(:utzlichkeit h\(:angt von den Anforderungen der jeweiligen Umgebung ab\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBCONSOLE\fR (Zeichenkette) -.RS 4 -Die Konfiguration erfolgt entweder \(:uber die Angabe des vollen Pfadnamens einer Datei, welche die Namen der Ger\(:ate enth\(:alt (eines pro Zeile), oder mit einer Liste der Ger\(:atenamen, die mit \(Fc:\(Fo getrennt sind\&. Root kann sich nur auf diesen Ger\(:aten anmelden\&. -.sp -Wenn es unkonfiguriert gelassen wird, kann sich Root auf jedem Ger\(:at anmelden\&. -.sp -Das Ger\(:at soll ohne vorangestelltes /dev/ angegeben werden\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (Zeichenkette) -.RS 4 -Liste von Gruppen, deren Mitglied der Benutzer wird, wenn der sich auf der Konsole anmeldet, die mit dem Parameter CONSOLE festgelegt wird\&. Standardm\(:a\(ssig ist die Liste leer\&. - -Seien Sie vorsichtig\&. Benutzer k\(:onnen dauerhaft Zugang zu den Gruppen erlangen, auch wenn sie nicht auf der Konsole angemeldet sind\&. -.RE -.PP -\fBDEFAULT_HOME\fR (boolesch) -.RS 4 -Legt fest, ob ein Login erlaubt wird, wenn mit cd nicht in das Home\-Verzeichnis gewechselt werden kann\&. Standardm\(:a\(ssig wird dies nicht zugelassen\&. -.sp -Falls auf -\fIyes\fR -gesetzt, wird der Benutzer mit dem Wurzelverzeichnis (/) angemeldet, wenn mit cd nicht in sein Home\-Verzeichnis gewechselt werden kann\&. -.RE -.PP -\fBENV_HZ\fR (Zeichenkette) -.RS 4 -Wenn vergeben, wird damit die Umgebungsvariable HZ definiert, wenn sich ein Benutzer anmeldet\&. Dem Wert muss ein -\fIHZ=\fR -vorangestellt werden\&. Ein \(:ublicher Wert bei Linux ist -\fIHZ=100\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (Zeichenkette) -.RS 4 -Wenn diese Datei vorhanden ist, wird die Anmeldeumgebung aus ihr gelesen\&. Jede Zeile sollte die Form Name=Wert haben\&. -.sp -Zeilen, die mit einem # beginnen, werden als Kommentare behandelt und daher ignoriert\&. -.RE -.PP -\fBENV_PATH\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich ein normaler Benutzer anmeldet\&. Der Wert ist eine Liste, deren Eintr\(:age durch Doppelpunkte getrennt sind (zum Beispiel -\fI/bin:/usr/bin\fR)\&. Ihr kann ein -\fIPATH=\fR -vorangestellt werden\&. Der Standardwert ist -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich der Superuser anmeldet\&. Der Wert ist eine Liste, deren Eintr\(:age durch Doppelpunkte getrennt sind (zum Beispiel -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR)\&. Ihr kann ein -\fIPATH=\fR -vorangestellt werden\&. Der Standardwert ist -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable TZ definiert, wenn sich ein Benutzer anmeldet\&. Der Wert kann der Name der Zeitzone sein, dem -\fITZ=\fR -vorausgeht (zum Beispiel -\fITZ=CST6CDT\fR), oder der vollst\(:andige Pfad der Datei, welche die Konfiguration der Zeitzone enth\(:alt (zum Beispiel -/etc/tzname)\&. -.sp -Wenn ein vollst\(:andiger Pfadname angegeben wird, die Datei aber nicht existiert oder nicht lesbar ist, wird -\fITZ=CST6CDT\fR -verwendet\&. -.RE -.PP -\fBLOGIN_STRING\fR (Zeichenkette) -.RS 4 -Diese Zeichenkette wird bei der Eingabeaufforderung des Passworts (Prompt) verwendet\&. Standardm\(:a\(ssig wird \(FcPassword: \(Fo oder eine \(:Ubersetzung davon benutzt\&. Wenn Sie diese Variable definieren, wird die Eingabeaufforderung nicht \(:ubersetzt\&. -.sp -Wenn die Zeichenkette ein -\fI%s\fR -enth\(:alt, wird dies durch den Benutzernamen ersetzt\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolesch) -.RS 4 -aktiviert die Pr\(:ufung und Anzeige des Status der Mailbox bei der Anmeldung -.sp -Sie sollten dies abschalten, wenn schon die Startdateien der Shell die Mails pr\(:ufen (\(Fcmailx \-e\(Fo oder \(:ahnliches)\&. -.RE -.PP -\fBMAIL_DIR\fR (Zeichenkette) -.RS 4 -Das Verzeichnis des Mail\-Spools\&. Diese Angabe wird ben\(:otigt, um die Mailbox zu bearbeiten, nachdem das entsprechende Benutzerkonto ver\(:andert oder gel\(:oscht wurde\&. Falls nicht angegeben, wird ein Standard verwendet, der beim Kompilieren festgelegt wurde\&. -.RE -.PP -\fBMAIL_FILE\fR (Zeichenkette) -.RS 4 -Legt den Ort der Mail\-Spool\-Dateien eines Benutzers relativ zu seinem Home\-Verzeichnis fest\&. -.RE -.PP -Die Variablen -\fBMAIL_DIR\fR -und -\fBMAIL_FILE\fR -werden von -\fBuseradd\fR, -\fBusermod\fR -und -\fBuserdel\fR -verwendet, um den Mail\-Spool eines Benutzers zu erstellen, zu verschieben oder zu l\(:oschen\&. -.PP -Falls -\fBMAIL_CHECK_ENAB\fR -auf -\fIyes\fR -gesetzt ist, werden sie auch verwendet, um die Umgebungsvariable -\fBMAIL\fR -festzulegen\&. -.PP -\fBQUOTAS_ENAB\fR (boolesch) -.RS 4 -aktiviert das Setzen von Resourcenbeschr\(:ankungen aus -/etc/limits -und von ulimit, umask und niceness aus dem gecos\-Feld des Benutzers von passwd -.RE -.PP -\fBSULOG_FILE\fR (Zeichenkette) -.RS 4 -Wenn angegeben, wird jeder Aufruf von su in dieser Datei protokolliert\&. -.RE -.PP -\fBSU_NAME\fR (Zeichenkette) -.RS 4 -Damit kann die Anzeige des Namens des Befehls festgelegt werden, wenn \(Fcsu \-\(Fo ausgef\(:uhrt wird\&. Wenn beispielsweise dies auf \(Fcsu\(Fo gesetzt wurde, zeigt \(Fcps\(Fo den Befehl als \(Fc\-su\(Fo an\&. Wenn es dagegen nicht vergeben wurde, wird \(Fcps\(Fo den Namen der Shell anzeigen, die ausgef\(:uhrt wird, also etwa \(Fc\-sh\(Fo\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (boolesch) -.RS 4 -Falls -\fIyes\fR, muss der Benutzer Mitglied der ersten Gruppe mit der GID 0 in -/etc/group -sein (auf den meisten Linux\-Systemen hei\(sst die -\fIroot\fR), um mit -\fBsu\fR -zu einem Konto mit der UID 0 wechseln zu k\(:onnen\&. Falls die Gruppe nicht existiert oder keine Mitglieder hat, kann niemand mittels -\fBsu\fR -zur UID 0 wechseln\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (boolesch) -.RS 4 -aktiviert das Protokollieren der Aktivit\(:aten von -\fBsu\fR -in \(Fcsyslog\(Fo neben der Protokollierung in der sulog\-Datei -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolesch) -.RS 4 -Erlaubt Benutzern, die nicht Root sind, die Umask\-Gruppen\-Bits auf ihre Umask\-Bits zu setzen (Beispiel: 022 \-> 002, 077 \-> 007), falls die UID mit der GID identisch ist sowie der Benutzername mit dem Gruppennamen \(:ubereinstimmt\&. -.sp -Wenn der Wert -\fIyes\fR -ist, wird -\fBuserdel\fR -die Gruppe des Benutzers entfernen, falls sie keine Mitglieder mehr hat, und -\fBuseradd\fR -wird standardm\(:a\(ssig eine Gruppe mit dem Namen des Benutzers erstellen\&. -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Wenn -\fBsu\fR -erfolgreich ausgef\(:uhrt wird, gibt es den R\(:uckgabewert des mit ihm ausgef\(:uhrten Befehls zur\(:uck\&. -.PP -Wenn dieser Befehl mit einem Signal beendet wurde, gibt -\fBsu\fR -die Nummer des Signals plus 128 zur\(:uck\&. -.PP -Wenn -\fBsu\fR -den Befehl mit kill beenden musste (weil er der Aufforderung, sich zu beenden, nicht rechtzeitig nachgekommen ist), gibt es 255 zur\(:uck\&. -.PP -Einige R\(:uckgabewerte von -\fBsu\fR -sind unabh\(:angig von dem ausgef\(:uhrten Befehl: -.PP -\fI0\fR -.RS 4 -Erfolg (nur bei -\fB\-\-help\fR) -.RE -.PP -\fI1\fR -.RS 4 -System\- oder Anmeldefehler -.RE -.PP -\fI126\fR -.RS 4 -Der angegebene Befehl konnte nicht gefunden werden\&. -.RE -.PP -\fI127\fR -.RS 4 -Der angegebene Befehl konnte nicht ausgef\(:uhrt werden\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBlogin\fR(1), -\fBlogin.defs\fR(5), -\fBsg\fR(1), -\fBsh\fR(1)\&. diff --git a/man/de/man3/getspnam.3 b/man/de/man3/getspnam.3 deleted file mode 100644 index cd473da3..00000000 --- a/man/de/man3/getspnam.3 +++ /dev/null @@ -1 +0,0 @@ -.so man3/shadow.3 diff --git a/man/de/man3/shadow.3 b/man/de/man3/shadow.3 deleted file mode 100644 index a264c010..00000000 --- a/man/de/man3/shadow.3 +++ /dev/null @@ -1,242 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Bibliotheksaufrufe -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "SHADOW" "3" "09.05.2014" "shadow\-utils 4\&.2" "Bibliotheksaufrufe" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -shadow, getspnam \- Routinen f\(:ur die Datei, die die verschl\(:usselten Passw\(:orter enth\(:alt -.SH "SYNTAX" -.PP -\fI#include \fR -.PP -\fIstruct spwd *getspent();\fR -.PP -\fItruct spwd *getspnam(char\fR\fI*name\fR\fI);\fR -.PP -\fIvoid setspent();\fR -.PP -\fIvoid endspent();\fR -.PP -\fIstruct spwd *fgetspent(FILE\fR\fI*fp\fR\fI);\fR -.PP -\fIstruct spwd *sgetspent(char\fR\fI*cp\fR\fI);\fR -.PP -\fIint putspent(struct spwd\fR\fI*p,\fR\fIDATEIEN\fR\fI*fp\fR\fI);\fR -.PP -\fIint lckpwdf();\fR -.PP -\fIint ulckpwdf();\fR -.SH "BESCHREIBUNG" -.PP -\fIshadow\fR -ver\(:andert den Inhalt der Shadow\-Passwort\-Datei -/etc/shadow\&. Der Aufbau der Datei -\fI#include\fR -ist: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct spwd { - char *sp_namp; /* Anmeldename des Benutzers */ - char *sp_pwdp; /* verschl\(:usseltes Passwort */ - long int sp_lstchg; /* letzte \(:Anderung des Passworts */ - long int sp_min; /* Tage, ehe \(:Anderung erlaubt ist */ - long int sp_max; /* Tage, bis \(:Anderung erfolgen muss */ - long int sp_warn; /* Tage f\(:ur Warnung vor Verfall */ - long int sp_inact; /* Tage, ehe Konto inaktiv wird */ - long int sp_expire; /* Datum, an dem Konto abgeschaltet wird */ - unsigned long int sp_flag; /* reserviert f\(:ur zuk\(:unftigen Gebrauch*/ -} - -.fi -.if n \{\ -.RE -.\} -.PP -Die Bedeutung dieser Felder ist: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_namp \- Verweis auf Benutzername, der mit einer Null endet -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_pwdp \- Verweis auf Passwort, das mit einer Null endet -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_lstchg \- Anzahl der Tage gerechnet ab dem 1\&. Januar 1970, seitdem das Passwort das letzte Mal ge\(:andert wurde -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_min \- Anzahl der Tage, ehe das Passwort nicht ge\(:andert werden darf -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_max \- Anzahl der Tage, nach denen das Passwort ge\(:andert werden muss -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_warn \- Anzahl der Tage ehe das Passwort verf\(:allt, an denen der Benutzer vor dem Verfall gewarnt wird -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_inact \- Anzahl der Tage nach dem Verfall des Passworts, nach denen das Konto als inaktiv angesehen und abgeschaltet wird -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_expire \- Anzahl Tage gerechnet ab dem 1\&. Januar 1970, f\(:ur die das Konto abgeschaltet ist -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_flag \- f\(:ur zuk\(:unftigen Gebrauch reserviert -.RE -.SH "BESCHREIBUNG" -.PP -\fIgetspent\fR, -\fIgetspname\fR, -\fIfgetspent\fR -und -\fIsgetspent\fR -geben einen Verweis auf -\fIstruct spwd\fR -zur\(:uck\&. -\fIgetspent\fR -gibt den n\(:achsten Eintrag der Datei zur\(:uck\&. -\fIfgetspent\fR -gibt den n\(:achsten Eintrag im angegebenen Datenstrom zur\(:uck, f\(:ur den angenommen wird, dass es sich dabei um eine Datei im zul\(:assigen Format handelt\&. -\fIsgetspent\fR -gibt einen Verweis auf einen -\fIstruct spwd\fR -zur\(:uck, wobei die angegebene Zeichenkette als Eingabe verwendet wird\&. -\fIgetspnam\fR -sucht ab der aktuellen Position in der Datei nach einem Eintrag, der mit -\fIname\fR -\(:ubereinstimmt\&. -.PP -\fIsetspent\fR -und -\fIendspent\fR -k\(:onnen verwendet werden, um den Zugriff auf die Shadow\-Passwort\-Datei zu beginnen oder zu beenden\&. -.PP -Die Routinen -\fIlckpwdf\fR -und -\fIulckpwdf\fR -sollten eingesetzt werden, da so sichergestellt werden kann, dass exlusiv auf die Datei -/etc/shadow -zugegriffen wird\&. -\fIlckpwdf\fR -versucht, eine Sperre durch -\fIpw_lock\fR -f\(:ur bis zu 15 Sekunden zu erhalten\&. Dann versucht es, eine zweite Sperre durch -\fIspw_lock\fR -f\(:ur den Rest der 15 Sekunden zu erhalten\&. Sollte einer der beiden Versuche nach insgesamt 15 Sekunden scheitern, gibt -\fIlckpwdf\fR -\-1 zur\(:uck\&. Wurden beide Sperren erhalten, wird 0 zur\(:uckgegeben\&. -.SH "DIAGNOSE" -.PP -Wenn kein weiterer Eintrag vorhanden ist oder w\(:ahrend der Verarbeitung ein Fehler auftritt, geben die Routinen NULL zur\(:uck\&. Routinen, die -\fIint\fR -als R\(:uckgabewert haben, geben im Erfolgsfall 0 und beim Scheitern \-1 zur\(:uck\&. -.SH "WARNUNGEN" -.PP -Diese Routinen k\(:onnen nur von Root verwendet werden, da der Zugriff auf die Shadow\-Passwort\-Datei beschr\(:ankt ist\&. -.SH "DATEIEN" -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBgetpwent\fR(3), -\fBshadow\fR(5)\&. diff --git a/man/de/man5/faillog.5 b/man/de/man5/faillog.5 deleted file mode 100644 index 35b46bd8..00000000 --- a/man/de/man5/faillog.5 +++ /dev/null @@ -1,65 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "FAILLOG" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -faillog \- Datei mit fehlgeschlagenen Anmeldungen -.SH "BESCHREIBUNG" -.PP -In -/var/log/faillog -wird der Z\(:ahlerstand von fehlgeschlagenen Anmeldungen und die Beschr\(:ankungen f\(:ur jedes Konto niedergelegt\&. -.PP -Eintr\(:age in dieser Datei haben eine festgelegte L\(:ange und sind der zahlenm\(:a\(ssigen UID nach angeordnet\&. Jeder Eintrag besteht aus der Anzahl der fehlgeschlagenen Anmeldungen seit der letzten erfolgreichen Anmeldung, der maximalen Anzahl von Fehlschl\(:agen, ehe das Konto abgeschaltet wird, dem Ger\(:at, auf dem die letzte fehlgeschlagene Anmeldung erfolgte, das Datum der letzten fehlgeschlagenen Anmeldung und die Dauer in Sekunden, f\(:ur die das Konto nach einem Fehlschlag gesperrt ist\&. -.PP -Die Datei ist so aufgebaut: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct faillog { - short fail_cnt; - short fail_max; - char fail_line[12]; - time_t fail_time; - long fail_locktime; -}; -.fi -.if n \{\ -.RE -.\} -.SH "DATEIEN" -.PP -/var/log/faillog -.RS 4 -Datei mit fehlgeschlagenen Anmeldungen -.RE -.SH "SIEHE AUCH" -.PP -\fBfaillog\fR(8) diff --git a/man/de/man5/gshadow.5 b/man/de/man5/gshadow.5 deleted file mode 100644 index 85111d37..00000000 --- a/man/de/man5/gshadow.5 +++ /dev/null @@ -1,105 +0,0 @@ -'\" t -.\" Title: gshadow -.\" Author: Nicolas Fran\(,cois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "GSHADOW" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -gshadow \- Shadow\-Datei f\(:ur Gruppen -.SH "BESCHREIBUNG" -.PP -In -/etc/gshadow -befinden sich die Informationen f\(:ur das Shadow\-Gruppen\-System\&. -.PP -Um die Sicherheit der Passw\(:orter zu gew\(:ahrleisten, darf diese Datei nicht f\(:ur normale Benutzer lesbar sein\&. -.PP -Die darin enthaltenen Zeilen haben folgende Felder, die durch Doppelpunkt getrennt sind: -.PP -\fBGruppenname\fR -.RS 4 -Es muss sich um einen g\(:ultigen, auf dem System vorhandenen Gruppennamen handeln\&. -.RE -.PP -\fBverschl\(:usseltes Passwort\fR -.RS 4 -Sie sollten in -\fBcrypt\fR(3) -nachsehen, wenn Sie mehr \(:uber die Bedeutung dieser Zeichenkette wissen wollen\&. -.sp -Wenn das Passwortfeld eine Zeichenkette enth\(:alt, die kein zul\(:assiges Ergebnis von -\fBcrypt\fR(3) -ist, z\&.B\&. ! oder *, k\(:onnen Benutzer nicht mit einem Unix\-Passwort Zugang zu der Gruppe erhalten, wobei Gruppenmitglieder kein Passwort ben\(:otigen\&. -.sp -Das Passwort wird angefordert, wenn ein Benutzer, der nicht Mitglied der Gruppe ist, die Berechtigungen dieser Gruppe erhalten will (vergleiche -\fBnewgrp\fR(1))\&. -.sp -Dieses Feld kann leer bleiben\&. Dies hat zur Folge, dass nur Gruppenmitglieder von den Rechten der Gruppe Gebrauch machen k\(:onnen\&. -.sp -Ein Passwortfeld, das mit einem Ausrufezeichen beginnt, f\(:uhrt dazu, dass das Passwort gesperrt ist\&. Die \(:ubrigen Zeichen sind das Passwort vor der Sperrung\&. -.sp -Dieses Passwort geht den in -/etc/group -definierten Passw\(:ortern vor\&. -.RE -.PP -\fBGruppenverwalter\fR -.RS 4 -Es muss sich dabei um eine durch Kommas getrennte Liste von Benutzernamen handeln\&. -.sp -Gruppenverwalter k\(:onnen das Passwort und die Mitglieder der Gruppe \(:andern\&. -.sp -Gruppenverwalter haben die gleichen Recht wie die Gruppenmitglieder (siehe unten)\&. -.RE -.PP -\fBMitglieder\fR -.RS 4 -Es muss sich dabei um eine durch Kommas getrennte Liste von Benutzernamen handeln\&. -.sp -Mitglieder haben Zugang zu der Gruppe, ohne eine Passwort eingeben zu m\(:ussen\&. -.sp -Sie sollten die gleiche Benutzerliste wie in -/etc/group -verwenden\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBgpasswd\fR(5), -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBgrpconv\fR(8), -\fBnewgrp\fR(1)\&. diff --git a/man/de/man5/limits.5 b/man/de/man5/limits.5 deleted file mode 100644 index 396ae527..00000000 --- a/man/de/man5/limits.5 +++ /dev/null @@ -1,277 +0,0 @@ -'\" t -.\" Title: limits -.\" Author: Luca Berra -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "LIMITS" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -limits \- Festlegung von Resourcenbeschr\(:ankungen -.SH "BESCHREIBUNG" -.PP -Die -\fIlimits\fR\-Datei (standardm\(:a\(ssig -/etc/limits -oder die durch LIMITS_FILE in -config\&.h -festgelegte) bezeichnet die von Ihnen eingef\(:uhrte Beschr\(:ankung von Ressourcen\&. Sie sollte Root geh\(:oren und nur von ihm lesbar sein\&. -.PP -Standardm\(:a\(ssig bestehen f\(:ur Root keine Einschr\(:ankungen\&. Tats\(:achlich gibt es keine M\(:oglichkeit, mit diesem Verfahren Root\-Konten (Konten mit der UID 0) Beschr\(:ankungen aufzuerlegen\&. -.PP -Jede Zeile beschreibt eine Beschr\(:ankung f\(:ur einen Benutzer in der Form: -.PP -\fIBenutzer BESCHR\(:ANKUNGSZEICHENKETTE\fR -.PP -oder in der Form: -.PP -\fI@Gruppe BESCHR\(:ANKUNGSZEICHENKETTE\fR -.PP -Die -\fIBESCHR\(:ANKUNGSZEICHENKETTE\fR -ist eine Kette von Ressourcen\-Beschr\(:ankungen\&. Jede Beschr\(:ankung besteht aus einer Buchstabenkennung, der eine zahlenm\(:a\(ssige Beschr\(:ankung folgt\&. -.PP -G\(:ultige Kennungen sind: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -A: maximaler Adressraum (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -C: maximale Gr\(:o\(sse der Speicherabbild\-Datei -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -D: maximale Datengr\(:o\(sse (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -F: maximale Dateigr\(:o\(sse (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -K: Maske f\(:ur die Dateierstellung, wird von -\fBumask\fR(2) -gesetzt\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -I: Maximaler Wert von nice (0 bis 39, was in 20 bis \-19 \(:ubersetzt wird) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -L: maximale Anzahl von Logins f\(:ur diesen Benutzer -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -M: maximaler gesperrter Adressbereich im Speicher (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -N: maximale Anzahl offener Dateien -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -O: Maximale Echtzeit\-Priorit\(:at -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -P: Prozesspriorit\(:at, wird von -\fBsetpriority\fR(2) -gesetzt\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -R: maximale Resident Set Size (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -S: maximale Gr\(:o\(sse des Stapelverarbeitungsspeichers (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -T: maximale CPU\-Zeit (Min) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -U: maximale Anzahl von Prozessen -.RE -.PP -Zum Beispiel ist -\fIL2D2048N5\fR -eine g\(:ultige -\fIBESCHR\(:ANKUNGSZEICHENKETTE\fR\&. Um das Lesen zu erleichtern, werden folgende Eintr\(:age gleich behandelt: -.sp -.if n \{\ -.RS 4 -.\} -.nf - Benutzername L2D2048N5 - Benutzername L2 D2048 N5 - -.fi -.if n \{\ -.RE -.\} -.PP -Beachten Sie, dass nach -\fIBenutzername\fR -die \(:ubrige Zeile als Zeichenkette f\(:ur Beschr\(:ankungen angesehen wird\&. Kommentare sind daher nicht zul\(:assig\&. Eine ung\(:ultige Zeichenkette wird von -\fBlogin\fR -ignoriert\&. -.PP -Standardwerte werden mit dem Benutzernamen \(Fc\fI*\fR\(Fo festgelegt\&. Falls Sie mehrfach -\fIStandard\fR\-Werte in der -\fIBESCHR\(:ANKUNGSDATEI\fR -bestimmen, wird nur der letzte ber\(:ucksichtigt\&. -.PP -Beschr\(:ankungen, die in der Form \(Fc\fI@group\fR\(Fo festgelegt wurden, gelten f\(:ur alle Mitglieder der angegebenen Gruppe -\fIgroup\fR\&. -.PP -Wenn mehr als eine Zeile mit Beschr\(:ankungen f\(:ur einen Benutzer vorhanden ist, wird f\(:ur ihn nur die erste Zeile ber\(:ucksichtigt\&. -.PP -Wenn keine Zeile auf einen Benutzer zutrifft, wird auf ihn die letzte Zeile mit -\fI@group\fR -angewendet, die auf eine Gruppe verweist, deren Mitglied er ist\&. Wenn er auch nicht Mitglied einer der aufgef\(:uhrten Gruppe ist, wird auf ihn die letzte Zeile, in der Standardwerte bestimmt sind, angewendet\&. -.PP -Mit einem Gedankenstrich \(Fc\fI\-\fR\(Fo k\(:onnen Sie alle Beschr\(:ankungen f\(:ur einen Benutzer zu entfernen\&. -.PP -Um f\(:ur einen Benutzer eine bestimmte Beschr\(:ankung zu entfernen, m\(:ussen Sie f\(:ur diese Beschr\(:ankung anstelle des numerischen Wertes einen Gedankenstrich \(Fc\fI\-\fR\(Fo setzen\&. -.PP -Ber\(:ucksichtigen Sie auch, dass alle Beschr\(:ankungen nur JE ANMELDUNG gelten\&. Sie sind nicht global und auch nicht dauerhaft\&. Vielleicht wird es einmal globale Beschr\(:ankungen geben, f\(:ur jetzt muss dies aber reichen ;) -.SH "DATEIEN" -.PP -/etc/limits -.RS 4 -.RE -.SH "SIEHE AUCH" -.PP -\fBlogin\fR(1), -\fBsetpriority\fR(2), -\fBsetrlimit\fR(2)\&. diff --git a/man/de/man5/login.access.5 b/man/de/man5/login.access.5 deleted file mode 100644 index b2a698f4..00000000 --- a/man/de/man5/login.access.5 +++ /dev/null @@ -1,62 +0,0 @@ -'\" t -.\" Title: login.access -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "LOGIN\&.ACCESS" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -login.access \- Tabelle f\(:ur die Zugangskontrolle zur Anmeldung -.SH "BESCHREIBUNG" -.PP -Die Datei -\fIlogin\&.access\fR -legt Kombinationen von (Benutzer, Rechner) und (Benutzer, tty) fest, f\(:ur die eine Anmeldung erlaubt oder abgelehnt wird\&. -.PP -Wenn sich jemand anmeldet, wird -\fIlogin\&.access\fR -nach dem ersten Eintrag durchsucht, auf den die Kombination von (Benutzer, Rechner) oder, bei lokalen Anmeldungen, von (Benutzer, tty) zutrifft\&. Das Feld f\(:ur die Erlaubnis bestimmt, ob die Anmeldung zugelassen oder abgelehnt wird\&. -.PP -Jede Zeile der Tabelle f\(:ur die Zugangskontrolle enth\(:alt drei Felder, die jeweils durch einen Doppelpunkt \(Fc:\(Fo getrennt sind: -.PP -\fIErlaubnis\fR:\fIBenutzer\fR:\fIHerkunft\fR -.PP -Das erste Feld kann das Zeichen \(Fc\fI+\fR\(Fo (Zugriff erlaubt) oder \(Fc\fI\-\fR\(Fo (Zugriff verweigert) sein\&. Das zweite Feld kann eine Liste von einem oder mehreren Anmeldenamen, Gruppennamen oder -\fIALL\fR\fI\fI (trifft immer zu) sein\&. Das dritte Feld kann eine Liste von einem oder mehreren tty\-Namen (f\(:ur lokale Anmeldungen), Rechner\-Namen, Domain\-Namen (beginnen mit einem \(Fc\fR\fI\&.\fR\fI\(Fo), Rechner\-Adressen, Internet\-Netzwerk\-Nummern (enden mit einem \(Fc\fR\fI\&.\fR\fI\(Fo), \fR\fI\fIALL\fR\fR\fI (trifft immer zu) oder \fR\fI\fILOCAL\fR\fR\fI (trifft auf alle Zeichenketten zu, die keinen \(Fc\fR\fI\&.\fR\fI\(Fo enthalten)\&. Falls Sie NIS einsetzen, k\(:onnen Sie in den Rechner\- und Benutzerangaben auch @netgroupname verwenden\&.\fR\fR -.PP -Der Operator -\fIEXCEPT\fR -erm\(:oglicht es, sehr kurze Regeln zu schreiben\&. -.PP -Die Gruppendatei wird nur durchsucht, wenn ein Name nicht mit dem des angemeldeten Benutzers \(:ubereinstimmt\&. Eine \(:Ubereinstimmung mit Gruppen wird nur festgestellt, wenn darin der Benutzer ausdr\(:ucklich aufgef\(:uhrt ist\&. Das Programm beachtet also nicht den Wert der Hauptgruppe des Benutzers\&. -.SH "DATEIEN" -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "SIEHE AUCH" -.PP -\fBlogin\fR(1)\&. diff --git a/man/de/man5/login.defs.5 b/man/de/man5/login.defs.5 deleted file mode 100644 index de77445c..00000000 --- a/man/de/man5/login.defs.5 +++ /dev/null @@ -1,834 +0,0 @@ -'\" t -.\" Title: login.defs -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "LOGIN\&.DEFS" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -login.defs \- Konfiguration der Werkzeugsammlung f\(:ur Shadow\-Passw\(:orter -.SH "BESCHREIBUNG" -.PP -Die Datei -/etc/login\&.defs -legt die systemspezifische Konfiguration der Werkzeugsammlung f\(:ur Shadow\-Passw\(:orter fest\&. Diese Datei muss vorhanden sein\&. Wenn sie fehlt, wird das System zwar laufen, es k\(:onnen aber unerw\(:unschte Ergebnisse auftauchen\&. -.PP -Diese Datei ist eine lesbare Textdatei\&. Jede Zeile der Datei beschreibt einen Konfigurationsparameter\&. Eine Zeile besteht aus einem Konfigurationsnamen und einem Wert, die durch ein Leerzeichen getrennt sind\&. Leer\- und Kommentarzeilen werden nicht beachtet\&. Kommentare werden mit dem Rautezeichen \(Fc#\(Fo eingeleitet\&. Die Raute muss das erste nicht leere Zeichen der Zeile sein\&. -.PP -Die Parameterwerte k\(:onnen aus vier Typen bestehen: Zeichenketten, Boolesch, Zahlen und lange Zahlen\&. Eine Zeichenkette kann aus jedem druckbaren Zeichen bestehen\&. Ein Boolesch sollte \(Fcyes\(Fo oder \(Fcno\(Fo sein\&. Einem anderen oder undefinierten Parameter f\(:ur Boolesch wird der Wert \(Fcno\(Fo zugewiesen\&. Normale und lange Zahlen k\(:onnen aus Dezimalzahlen, Oktalzahlen (beginnen mit \(Fc0\(Fo) oder Hexadezimalzahlen (beginnen mit \(Fc0x\(Fo) bestehen\&. Die maximale Gr\(:o\(sse der Parameter normaler und langer Zahlen ist systemabh\(:angig\&. -.PP -Die folgenden Konfigurationsm\(:oglichkeiten sind vorhanden: -.PP -\fBCHFN_AUTH\fR (boolesch) -.RS 4 -Falls -\fIyes\fR, ben\(:otigt das Programm -\fBchfn\fR -eine Authentifizierung, bevor es \(:Anderungen vornimmt, sofern es nicht von Root ausgef\(:uhrt wird\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (Zeichenkette) -.RS 4 -Der Parameter bestimmt, welcher Wert in dem -\fIgecos\fR\-Feld von -/etc/passwd -von gew\(:ohnlichen Benutzern mittels des Programms -\fBchfn\fR -ge\(:andert werden darf\&. Er kann aus jeder Kombination der Buchstaben -\fIf\fR -,\fIr\fR, -\fIw\fR -und -\fIh\fR -bestehen\&. Diese Buchstaben stehen f\(:ur den vollst\(:andigen Namen, die Zimmernummer, die gesch\(:aftliche Telefonnummer und die private Telefonnummer\&. Zum Zweck der Abw\(:artskompatibilit\(:at entspricht -\fIyes\fR\fIrwh\fR -und -\fIno\fR\fIfrwh\fR\&. Falls nichts festgelegt wird, kann nur Root \(:Anderungen vornehmen\&. Die gr\(:o\(sste Einschr\(:ankung erreicht man besser, indem -chfn -nicht mit SUID\-Rechten ausgestattet wird\&. -.RE -.PP -\fBCHSH_AUTH\fR (boolesch) -.RS 4 -Falls -\fIyes\fR, ben\(:otigt das Programm -\fBchsh\fR -eine Authentifizierung, bevor es \(:Anderungen vornimmt, sofern es nicht von Root ausgef\(:uhrt wird\&. -.RE -.PP -\fBCONSOLE\fR (Zeichenkette) -.RS 4 -Die Konfiguration erfolgt entweder \(:uber die Angabe des vollen Pfadnamens einer Datei, welche die Namen der Ger\(:ate enth\(:alt (eines pro Zeile), oder mit einer Liste der Ger\(:atenamen, die mit \(Fc:\(Fo getrennt sind\&. Root kann sich nur auf diesen Ger\(:aten anmelden\&. -.sp -Wenn es unkonfiguriert gelassen wird, kann sich Root auf jedem Ger\(:at anmelden\&. -.sp -Das Ger\(:at soll ohne vorangestelltes /dev/ angegeben werden\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (Zeichenkette) -.RS 4 -Liste von Gruppen, deren Mitglied der Benutzer wird, wenn der sich auf der Konsole anmeldet, die mit dem Parameter CONSOLE festgelegt wird\&. Standardm\(:a\(ssig ist die Liste leer\&. - -Seien Sie vorsichtig\&. Benutzer k\(:onnen dauerhaft Zugang zu den Gruppen erlangen, auch wenn sie nicht auf der Konsole angemeldet sind\&. -.RE -.PP -\fBCREATE_HOME\fR (boolesch) -.RS 4 -bestimmt, ob standardm\(:a\(ssig ein Home\-Verzeichnis f\(:ur neue Benutzer erstellt werden soll -.sp -Diese Einstellung trifft nicht auf Systembenutzer zu\&. Sie kann auf der Befehlszeile \(:uberschrieben werden\&. -.RE -.PP -\fBDEFAULT_HOME\fR (boolesch) -.RS 4 -Legt fest, ob ein Login erlaubt wird, wenn mit cd nicht in das Home\-Verzeichnis gewechselt werden kann\&. Standardm\(:a\(ssig wird dies nicht zugelassen\&. -.sp -Falls auf -\fIyes\fR -gesetzt, wird der Benutzer mit dem Wurzelverzeichnis (/) angemeldet, wenn mit cd nicht in sein Home\-Verzeichnis gewechselt werden kann\&. -.RE -.PP -\fBENCRYPT_METHOD\fR (Zeichenkette) -.RS 4 -Damit wird der standardm\(:a\(ssige Verschl\(:usselungsalgorithmus, mit dem Passw\(:orter verschl\(:usselt werden, bestimmt (soweit nicht in der Befehlszeile ein Algorithmus angegeben wird)\&. -.sp -Ihm kann einer der folgenden Wert zugewiesen werden: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Hinweis: Dieser Parameter \(:uberschreibt die Variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBENV_HZ\fR (Zeichenkette) -.RS 4 -Wenn vergeben, wird damit die Umgebungsvariable HZ definiert, wenn sich ein Benutzer anmeldet\&. Dem Wert muss ein -\fIHZ=\fR -vorangestellt werden\&. Ein \(:ublicher Wert bei Linux ist -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich ein normaler Benutzer anmeldet\&. Der Wert ist eine Liste, deren Eintr\(:age durch Doppelpunkte getrennt sind (zum Beispiel -\fI/bin:/usr/bin\fR)\&. Ihr kann ein -\fIPATH=\fR -vorangestellt werden\&. Der Standardwert ist -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich der Superuser anmeldet\&. Der Wert ist eine Liste, deren Eintr\(:age durch Doppelpunkte getrennt sind (zum Beispiel -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR)\&. Ihr kann ein -\fIPATH=\fR -vorangestellt werden\&. Der Standardwert ist -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable TZ definiert, wenn sich ein Benutzer anmeldet\&. Der Wert kann der Name der Zeitzone sein, dem -\fITZ=\fR -vorausgeht (zum Beispiel -\fITZ=CST6CDT\fR), oder der vollst\(:andige Pfad der Datei, welche die Konfiguration der Zeitzone enth\(:alt (zum Beispiel -/etc/tzname)\&. -.sp -Wenn ein vollst\(:andiger Pfadname angegeben wird, die Datei aber nicht existiert oder nicht lesbar ist, wird -\fITZ=CST6CDT\fR -verwendet\&. -.RE -.PP -\fBENVIRON_FILE\fR (Zeichenkette) -.RS 4 -Wenn diese Datei vorhanden ist, wird die Anmeldeumgebung aus ihr gelesen\&. Jede Zeile sollte die Form Name=Wert haben\&. -.sp -Zeilen, die mit einem # beginnen, werden als Kommentare behandelt und daher ignoriert\&. -.RE -.PP -\fBERASECHAR\fR (Zahl) -.RS 4 -Das L\(:oschzeichen des Terminals (\fI010\fR -= R\(:ucktaste, -\fI0177\fR -= Entf)\&. -.sp -Wenn der Wert mit \(Fc0\(Fo beginnt, wird er als Oktalzahl gewertet, wenn er mit \(Fc0x\(Fo beginnt, als Hexadezimalzahl\&. -.RE -.PP -\fBFAIL_DELAY\fR (Zahl) -.RS 4 -Wartezeit in Sekunden, ehe nach einem fehlgeschlagenen Anmeldeversuch ein neuer unternommen werden kann -.RE -.PP -\fBFAILLOG_ENAB\fR (boolesch) -.RS 4 -aktiviert die Protokollierung und Anzeige der Informationen zu fehlgeschlagenen Anmeldeversuchen in -/var/log/faillog -.RE -.PP -\fBFAKE_SHELL\fR (Zeichenkette) -.RS 4 -Falls angegeben, f\(:uhrt -\fBlogin\fR -diese Shell anstelle der in -/etc/passwd -angegebenen Shell des Benutzers aus\&. -.RE -.PP -\fBFTMP_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, werden fehlgeschlagene Anmeldeversuche in dieser Datei im Format utmp protokolliert\&. -.RE -.PP -\fBGID_MAX\fR (Zahl), \fBGID_MIN\fR (Zahl) -.RS 4 -der Bereich von Gruppen\-IDs, aus dem die Programme -\fBuseradd\fR, -\fBgroupadd\fR -oder -\fBnewusers\fR -bei der Erstellung normaler Gruppen ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBGID_MIN\fR -ist 1000, f\(:ur -\fBGID_MAX\fR -60\&.000\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, kann diese Datei die \(:ubliche Informationsanzeige w\(:ahrend des Anmeldevorgangs unterbinden\&. Wenn ein vollst\(:andiger Pfad angegeben wird, wird der Modus ohne Anmeldeinformationen verwendet, wenn der Name oder die Shell des Benutzers in der Datei enthalten sind\&. Wenn kein vollst\(:andiger Pfad angegeben wird, wird der Modus ohne Anmeldeinformationen aktiviert, wenn die Datei im Home\-Verzeichnis des Benutzers existiert\&. -.RE -.PP -\fBISSUE_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, wird diese Datei vor der Anmeldeaufforderung angezeigt\&. -.RE -.PP -\fBKILLCHAR\fR (Zahl) -.RS 4 -Das KILL\-Zeichen des Terminals (\fI025\fR -= CTRL/U)\&. -.sp -Wenn der Wert mit \(Fc0\(Fo beginnt, wird er als Oktalzahl gewertet, wenn er mit \(Fc0x\(Fo beginnt, als Hexadezimalzahl\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (boolesch) -.RS 4 -aktiviert die Protokollierung und Anzeige der Informationen zu Anmeldezeiten in -/var/log/lastlog -.RE -.PP -\fBLOG_OK_LOGINS\fR (boolesch) -.RS 4 -aktiviert die Protokollierung erfolgreicher Anmeldungen -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (boolesch) -.RS 4 -aktiviert die Anzeige unbekannter Benutzernamen, wenn fehlgeschlagene Anmeldeversuche aufgezeichnet werden -.sp -Hinweis: Das Protokollieren unbekannter Benutzernamen kann ein Sicherheitsproblem darstellen, wenn ein Benutzer sein Passwort anstelle seines Anmeldenamens eingibt\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (Zahl) -.RS 4 -maximale Anzahl von Anmeldeversuchen, wenn ein falsches Passwort eingegeben wird -.RE -.PP -\fBLOGIN_STRING\fR (Zeichenkette) -.RS 4 -Diese Zeichenkette wird bei der Eingabeaufforderung des Passworts (Prompt) verwendet\&. Standardm\(:a\(ssig wird \(FcPassword: \(Fo oder eine \(:Ubersetzung davon benutzt\&. Wenn Sie diese Variable definieren, wird die Eingabeaufforderung nicht \(:ubersetzt\&. -.sp -Wenn die Zeichenkette ein -\fI%s\fR -enth\(:alt, wird dies durch den Benutzernamen ersetzt\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (Zahl) -.RS 4 -H\(:ochstdauer f\(:ur einen Anmeldeversuch -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolesch) -.RS 4 -aktiviert die Pr\(:ufung und Anzeige des Status der Mailbox bei der Anmeldung -.sp -Sie sollten dies abschalten, wenn schon die Startdateien der Shell die Mails pr\(:ufen (\(Fcmailx \-e\(Fo oder \(:ahnliches)\&. -.RE -.PP -\fBMAIL_DIR\fR (Zeichenkette) -.RS 4 -Das Verzeichnis des Mail\-Spools\&. Diese Angabe wird ben\(:otigt, um die Mailbox zu bearbeiten, nachdem das entsprechende Benutzerkonto ver\(:andert oder gel\(:oscht wurde\&. Falls nicht angegeben, wird ein Standard verwendet, der beim Kompilieren festgelegt wurde\&. -.RE -.PP -\fBMAIL_FILE\fR (Zeichenkette) -.RS 4 -Legt den Ort der Mail\-Spool\-Dateien eines Benutzers relativ zu seinem Home\-Verzeichnis fest\&. -.RE -.PP -Die Variablen -\fBMAIL_DIR\fR -und -\fBMAIL_FILE\fR -werden von -\fBuseradd\fR, -\fBusermod\fR -und -\fBuserdel\fR -verwendet, um den Mail\-Spool eines Benutzers zu erstellen, zu verschieben oder zu l\(:oschen\&. -.PP -Falls -\fBMAIL_CHECK_ENAB\fR -auf -\fIyes\fR -gesetzt ist, werden sie auch verwendet, um die Umgebungsvariable -\fBMAIL\fR -festzulegen\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolesch) -.RS 4 -Legt fest, ob Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt werden\&. Falls diesem Wert -\fIyes\fR -zugewiesen ist, werden neue Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt, der zu dem in der aktuellen Ver\(:offentlichung von FreeBSD eingesetzten Algorithmus kompatibel ist\&. Passw\(:orter k\(:onnen dann beliebig lang sein, auch die Salt\-Zeichenketten sind l\(:anger\&. Setzen Sie diesen Wert auf -\fIno\fR, wenn Sie verschl\(:usselte Passw\(:orter auf ein anderes System kopieren m\(:ochten, das den neuen Algorithmus nicht versteht\&. Der Standardwert ist -\fIno\fR\&. -.sp -Dieser Variable geht die Variable -\fBENCRYPT_METHOD\fR -und eine Option auf der Befehlszeile, mit der der Verschl\(:usselungsalgorithmus bestimmt wird, vor\&. -.sp -Der Einsatz dieser Variable ist veraltet\&. Sie sollten -\fBENCRYPT_METHOD\fR -verwenden\&. -.RE -.PP -\fBMOTD_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, eine Aufz\(:ahlung von Dateien, welche die bei der Anmeldung anzuzeigenden \(FcNachrichten des Tages\(Fo enth\(:alt\&. Die Dateien werden mit einem \(Fc:\(Fo getrennt\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, der Name einer Datei, deren Existenz Anmeldungen au\(sser von Root verhindert\&. Der Inhalt der Datei sollte die Gr\(:unde enthalten, weshalb Anmeldungen untersagt sind\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (boolesch) -.RS 4 -Aktiviert zus\(:atzliche Tests bei der Ver\(:anderung eines Passworts\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (boolesch) -.RS 4 -weist auf schwache Passw\(:orter hin (aber l\(:asst sie zu), falls Sie root sind -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (Zahl) -.RS 4 -maximale Anzahl von Versuchen, ein Passwort zu \(:andern, wenn dies wegen zu geringer St\(:arke des gew\(:ahlten Passworts abgelehnt wurde -.RE -.PP -\fBPASS_MAX_DAYS\fR (Zahl) -.RS 4 -Die maximale Anzahl von Tagen, f\(:ur die ein Passwort verwendet werden darf\&. Wenn das Passwort \(:alter ist, wird ein Wechsel des Passworts erzwungen\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (Zahl) -.RS 4 -Die Mindestanzahl von Tagen, bevor ein Wechsel des Passworts zugelassen wird\&. Ein vorheriger Versuch, das Passwort zu \(:andern, wird abgelehnt\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (Zahl) -.RS 4 -Die Anzahl von Tagen, an denen der Benutzer vorgewarnt wird, bevor das Passwort verf\(:allt\&. Eine Null bedeutet, dass eine Warnung nur am Tag des Verfalls ausgegeben wird\&. Ein negativer Wert bedeutet, dass keine Vorwarnung erfolgt\&. Falls nicht angegeben, wird keine Vorwarnung ausgegeben\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR, -\fBPASS_MIN_DAYS\fR -und -\fBPASS_WARN_AGE\fR -werden nur bei der Erstellung eines Kontos verwendet\&. Sp\(:atere \(:Anderungen dieser Werte ber\(:uhren bestehende Konten nicht\&. -.PP -\fBPASS_MAX_LEN\fR (Zahl), \fBPASS_MIN_LEN\fR (Zahl) -.RS 4 -Anzahl der von crypt() ber\(:ucksichtigten Zeichen des Passworts\&. Standardm\(:a\(ssig ist -\fBPASS_MAX_LEN\fR -8\&. Diese Option wird ignoriert, wenn -\fBMD5_CRYPT_ENAB\fR -auf -\fIyes\fR -gesetzt ist\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (boolesch) -.RS 4 -aktiviert die Auswertung der in -/etc/porttime -angegebenen Zeitbegrenzungen -.RE -.PP -\fBQUOTAS_ENAB\fR (boolesch) -.RS 4 -aktiviert das Setzen von Resourcenbeschr\(:ankungen aus -/etc/limits -und von ulimit, umask und niceness aus dem gecos\-Feld des Benutzers von passwd -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (Zahl), \fBSHA_CRYPT_MAX_ROUNDS\fR (Zahl) -.RS 4 -Wenn -\fBENCRYPT_METHOD\fR -auf -\fISHA256\fR -oder -\fISHA512\fR -gesetzt ist, legt dies die Anzahl der Runden von SHA fest, die standardm\(:a\(ssig vom Verschl\(:usselungsalgorithmus verwendet werden (falls die Anzahl der Runden nicht auf der Befehlszeile angegeben wird)\&. -.sp -Je mehr Runden Sie definieren, umso schwieriger ist es, das Passwort mit sturem Durchprobieren (brute force) zu knacken; umso mehr Rechenleistung wird jedoch auch f\(:ur die Anmeldung eines Benutzers ben\(:otigt\&. -.sp -Falls Sie nichts angeben, wird libc die Standardanzahl der Runden festlegen (5000)\&. -.sp -Die Werte m\(:ussen zwischen 1000\-999\&.999\&.999 liegen\&. -.sp -Falls nur der Wert f\(:ur -\fBSHA_CRYPT_MIN_ROUNDS\fR -oder -\fBSHA_CRYPT_MAX_ROUNDS\fR -festgelegt wird, wird dieser Wert verwendet\&. -.sp -Falls -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, wird der h\(:ohere Wert verwendet\&. -.RE -.PP -\fBSULOG_FILE\fR (Zeichenkette) -.RS 4 -Wenn angegeben, wird jeder Aufruf von su in dieser Datei protokolliert\&. -.RE -.PP -\fBSU_NAME\fR (Zeichenkette) -.RS 4 -Damit kann die Anzeige des Namens des Befehls festgelegt werden, wenn \(Fcsu \-\(Fo ausgef\(:uhrt wird\&. Wenn beispielsweise dies auf \(Fcsu\(Fo gesetzt wurde, zeigt \(Fcps\(Fo den Befehl als \(Fc\-su\(Fo an\&. Wenn es dagegen nicht vergeben wurde, wird \(Fcps\(Fo den Namen der Shell anzeigen, die ausgef\(:uhrt wird, also etwa \(Fc\-sh\(Fo\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (boolesch) -.RS 4 -Falls -\fIyes\fR, muss der Benutzer Mitglied der ersten Gruppe mit der GID 0 in -/etc/group -sein (auf den meisten Linux\-Systemen hei\(sst die -\fIroot\fR), um mit -\fBsu\fR -zu einem Konto mit der UID 0 wechseln zu k\(:onnen\&. Falls die Gruppe nicht existiert oder keine Mitglieder hat, kann niemand mittels -\fBsu\fR -zur UID 0 wechseln\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (Zahl), \fBSYS_GID_MIN\fR (Zahl) -.RS 4 -der Bereich von Gruppen\-IDs, aus dem die Programme -\fBuseradd\fR, -\fBgroupadd\fR -oder -\fBnewusers\fR -bei der Erstellung von Systemgruppen ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBSYS_GID_MIN\fR -ist 101, f\(:ur -\fBSYS_GID_MAX\fR\fBGID_MIN\fR\-1\&. -.RE -.PP -\fBSYS_UID_MAX\fR (Zahl), \fBSYS_UID_MIN\fR (Zahl) -.RS 4 -der Bereich von Benutzer\-IDs, aus dem die Programme -\fBuseradd\fR -oder -\fBnewusers\fR -bei der Erstellung von Systembenutzern ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBSYS_UID_MIN\fR -ist 101, f\(:ur -\fBSYS_UID_MAX\fR\fBUID_MIN\fR\-1\&. -.RE -.PP -\fBSYSLOG_SG_ENAB\fR (boolesch) -.RS 4 -aktiviert das Protokollieren der Aktivit\(:aten von -\fBsg\fR -in \(Fcsyslog\(Fo -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (boolesch) -.RS 4 -aktiviert das Protokollieren der Aktivit\(:aten von -\fBsu\fR -in \(Fcsyslog\(Fo neben der Protokollierung in der sulog\-Datei -.RE -.PP -\fBTTYGROUP\fR (Zeichenkette), \fBTTYPERM\fR (Zeichenkette) -.RS 4 -Die Rechte des Terminals: Das Anmelde\-tty geh\(:ort der Gruppe -\fBTTYGROUP\fR -an, die Rechte werden auf -\fBTTYPERM\fR -gesetzt\&. -.sp -Standardm\(:a\(ssig ist der Eigent\(:umer des Terminals die Hauptgruppe des Benutzers, die Rechte werden auf -\fI0600\fR -gesetzt\&. -.sp -\fBTTYGROUP\fR -kann der Gruppenname oder die als Zahl ausgedr\(:uckte Gruppen\-ID sein\&. -.sp -Wenn Sie ein -\fBwrite\fR\-Programm haben, das \(Fcsetgid\(Fo f\(:ur eine Gruppe besitzt, der das Terminal geh\(:ort, sollten Sie TTYGROUP die Gruppennummer und TTYPERM den Wert 0620 zuweisen\&. Oder Sie sollten TTYGROUP als Kommentar belassen und TTYPERM den Wert 622 oder 600 zuweisen\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (Zeichenkette) -.RS 4 -Falls angegeben, eine Datei, welche einer tty\-Zeile den Umgebungsparameter TERM zuweist\&. Jede Zeile hat das Format wie etwa \(Fcvt100 tty01\(Fo\&. -.RE -.PP -\fBUID_MAX\fR (Zahl), \fBUID_MIN\fR (Zahl) -.RS 4 -der Bereich von Benutzer\-IDs, aus dem die Programme -\fBuseradd\fR -oder -\fBnewusers\fR -bei der Erstellung normaler Benutzer ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBUID_MIN\fR -ist 1000, f\(:ur -\fBUID_MAX\fR -60\&.000\&. -.RE -.PP -\fBULIMIT\fR (Zahl) -.RS 4 -der Standardwert von -\fBulimit\fR -.RE -.PP -\fBUMASK\fR (Zahl) -.RS 4 -Die Bit\-Gruppe, welche die Rechte von erstellten Dateien bestimmt, wird anf\(:anglich auf diesen Wert gesetzt\&. Falls nicht angegeben, wird sie auf 022 gesetzt\&. -.sp -\fBuseradd\fR -und -\fBnewusers\fR -verwenden diese Bit\-Gruppe, um die Rechte des von ihnen erstellten Home\-Verzeichnisses zu setzen\&. -.sp -Sie wird auch von -\fBlogin\fR -verwendet, um die anf\(:angliche Umask eines Benutzers zu bestimmen\&. Beachten Sie, dass diese Bit\-Gruppe durch die GECOS\-Zeile des Benutzers (wenn -\fBQUOTAS_ENAB\fR -gesetzt wurde) oder die Festlegung eines Limits in -\fBlimits\fR(5) -mit der Kennung -\fIK\fR -\(:uberschrieben werden kann\&. -.RE -.PP -\fBUSERDEL_CMD\fR (Zeichenkette) -.RS 4 -Falls angegeben, wird dieser Befehl ausgef\(:uhrt, wenn ein Benutzer entfernt wird\&. Damit k\(:onnen At\-, Cron\- und Druckauftr\(:age etc\&. des entfernten Benutzers (wird als erstes Argument \(:ubergeben) gel\(:oscht werden\&. -.sp -Der R\(:uckgabewert des Skripts wird nicht ausgewertet\&. -.sp -Dies ist ein Beispielsskript, das die cron\-, at\- und Druckauftr\(:age des Benutzers entfernt: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Pr\(:ufen, ob das ben\(:otigte Argument angegeben wurde -if [ $# != 1 ]; then - echo "Verwendungsweise: $0 Benutzername" - exit 1 -fi - -# cron\-Auftr\(:age entfernen -crontab \-r \-u $1 - -# at\-Auftr\(:age entfernen\&. -# Hinweis: Dies wird alle Auftr\(:age entfernen, die der gleichen UID -# geh\(:oren, selbst wenn sie von einem Benutzer mit einem anderen Namen -# eingerichtet wurden\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Druck\-Auftr\(:age entfernen -lprm $1 - -# Fertig -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolesch) -.RS 4 -Erlaubt Benutzern, die nicht Root sind, die Umask\-Gruppen\-Bits auf ihre Umask\-Bits zu setzen (Beispiel: 022 \-> 002, 077 \-> 007), falls die UID mit der GID identisch ist sowie der Benutzername mit dem Gruppennamen \(:ubereinstimmt\&. -.sp -Wenn der Wert -\fIyes\fR -ist, wird -\fBuserdel\fR -die Gruppe des Benutzers entfernen, falls sie keine Mitglieder mehr hat, und -\fBuseradd\fR -wird standardm\(:a\(ssig eine Gruppe mit dem Namen des Benutzers erstellen\&. -.RE -.SH "QUERVERWEISE" -.PP -Die folgenden Querverweise zeigen, welche Programme aus der Shadow\-Passwort\-Werkzeugsammlung welche Parameter verwenden\&. -.PP -chfn -.RS 4 -CHFN_AUTH -CHFN_RESTRICT -LOGIN_STRING -.RE -.PP -chgpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chpasswd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENABSHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chsh -.RS 4 -CHSH_AUTH LOGIN_STRING -.RE -.PP -gpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -groupadd -.RS 4 -GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN -.RE -.PP -groupdel -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmems -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmod -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpck -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpunconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -login -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE -ERASECHAR FAIL_DELAY -FAILLOG_ENAB -FAKE_SHELL -FTMP_FILE -HUSHLOGIN_FILE -ISSUE_FILE -KILLCHAR -LASTLOG_ENAB -LOGIN_RETRIES -LOGIN_STRING -LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB -MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB -TTYGROUP TTYPERM TTYTYPE_FILE -ULIMIT UMASK -USERGROUPS_ENAB -.RE -.PP -newgrp / sg -.RS 4 -SYSLOG_SG_ENAB -.RE -.PP -newusers -.RS 4 -ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -passwd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -pwck -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -pwconv -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -su -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENVIRON_FILE -ENV_PATH ENV_SUPATH -ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB -SULOG_FILE SU_NAME -SU_WHEEL_ONLY -SYSLOG_SU_ENAB -USERGROUPS_ENAB -.RE -.PP -sulogin -.RS 4 -ENV_HZ -ENV_TZ -.RE -.PP -useradd -.RS 4 -CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -userdel -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB -.RE -.PP -usermod -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP -.RE -.SH "SIEHE AUCH" -.PP -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBsu\fR(1), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBpam\fR(8)\&. diff --git a/man/de/man5/passwd.5 b/man/de/man5/passwd.5 deleted file mode 100644 index f92bd6b1..00000000 --- a/man/de/man5/passwd.5 +++ /dev/null @@ -1,179 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "PASSWD" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -passwd \- die Passwortdatei -.SH "BESCHREIBUNG" -.PP -/etc/passwd -enth\(:alt einen Eintrag pro Benutzerkonto, wobei jeder Eintrag sieben Felder besitzt, die durch Doppelpunkt (\(Bq:\(lq) getrennt sind\&. Diese Felder sind: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Anmeldename -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -optional verschl\(:usseltes Passwort -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerische Benutzer\-ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerische Gruppen\-ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Benutzername oder Kommentarfeld -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Home\-Verzeichnis des Benutzers -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -optional Befehlsinterpreter des Benutzers -.RE -.PP -Das Feld f\(:ur das verschl\(:usselte Passwort kann leer sein\&. In diesem Fall wird kein Passwort ben\(:otigt, um sich beim System anzumelden\&. Allerdings werden einige Anwendung, die -/etc/passwd -auswerten, -\fIkeinen\fR -Zugriff erlauben, wenn das -\fIPasswort\fR\-Feld leer ist\&. Wenn das -\fIPasswort\fR\-Feld ein kleines -\(Bqx\(lq -enth\(:alt, ist das Passwort in der Datei -\fBshadow\fR(5) -gespeichert\&. Es -\fImuss\fR -sich dann ein passender Eintrag in -/etc/shadow -befinden, oder das Benutzerkonto ist ung\(:ultig\&. Wenn das -\fIPasswort\fR\-Feld eine andere Zeichenkette enth\(:alt, wird diese als ein verschl\(:usseltes Passwort behandelt\&. Genaueres dazu befindet sich unter -\fBcrypt\fR(3)\&. -.PP -Das Kommentarfeld wird von verschiedenen Systemprogrammen wie z\&.B\&. -\fBfinger\fR(1) -ausgewertet\&. -.PP -Das Feld f\(:ur das Home\-Verzeichnis gibt den Namen f\(:ur das anf\(:angliche Arbeitsverzeichnis an\&. Das Programm -\fBlogin\fR -benutzt diese Information, um den Wert der Umgebungsvariable -\fB$HOME\fR -zu setzen\&. -.PP -Das Feld f\(:ur den Befehlsinterpreter enth\(:alt den Namen des Befehlssprachen\-Interpreters des Benutzers oder den Namen des Programms, das zuerst ausgef\(:uhrt werden soll\&. Das Programm -\fBlogin\fR -benutzt diese Information, um den Wert der Umgebungsvariable -\fB$SHELL\fR -zu setzen\&. Falls dieses Feld leer ist, wird ihm standardm\(:a\(ssig der Wert -/bin/sh -zugewiesen\&. -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -optionale Datei f\(:ur verschl\(:usseltes Passwort -.RE -.PP -/etc/passwd\- -.RS 4 -Sicherungskopie von /etc/passwd -.sp -Beachten Sie, dass diese Datei von Werkzeugen der Shadow\-Werkzeugsammlung verwendet wird, aber nicht von allen sonstigen Programmen zur Benutzer\- und Passwortverwaltung\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBcrypt\fR(3), -\fBgetent\fR(1), -\fBgetpwnam\fR(3), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBshadow\fR(5), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/de/man5/porttime.5 b/man/de/man5/porttime.5 deleted file mode 100644 index b59d217c..00000000 --- a/man/de/man5/porttime.5 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: porttime -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "PORTTIME" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -porttime \- Datei f\(:ur zeitlich begrenzten Zugang zu Ports -.SH "BESCHREIBUNG" -.PP -\fIporttime\fR -enth\(:alt eine Liste von tty\-Ger\(:aten, Benutzernamen und zul\(:assigen Anmeldezeiten\&. -.PP -Jeder Eintrag besteht aus drei Feldern, die durch Doppelpunkte getrennt sind\&. Das erste Feld enth\(:alt eine Liste von tty\-Ger\(:aten, die durch Kommata getrennt sind, oder einen Stern, was bedeutet, dass dieser Eintrag auf alle tty\-Ger\(:ate zutrifft\&. Das zweite Feld enth\(:alt eine Liste von Benutzernamen, die durch Kommata getrennt sind, oder einen Stern, was bedeutet, dass dieser Eintrag auf alle Benutzernamen zutrifft\&. Das dritte Feld ist eine Liste von Anmeldezeiten, die durch Kommata getrennt sind\&. -.PP -Jeder Zeiteintrag kann aus einem oder mehreren Wochentagen bestehen, die mit -\fISu\fR, -\fIMo\fR, -\fITu\fR, -\fIWe\fR, -\fITh\fR, -\fIFr\fR -und -\fISa\fR -abgek\(:urzt werden\&. Danach folgt die Angabe von zwei Uhrzeiten, die durch einen Bindestrich getrennt sind\&. Mit der Abk\(:urzung -\fIWk\fR -wird Montag bis Freitag bezeichnet\&. Mit -\fIAl\fR -wird jeder Tag gew\(:ahlt\&. Falls keine Tage angegeben werden, wird -\fIAl\fR -angenommen\&. -.SH "BEISPIELE" -.PP -Der folgende Eintrag erlaubt dem Benutzer -\fBjfh\fR -Zugriff auf jeden Port w\(:ahrend Werktagen von 9 bis 17 Uhr\&. -.PP -*:jfh:Wk0900\-1700 -.PP -Die folgenden Eintr\(:age erlauben nur den Benutzern -\fIroot\fR -und -\fIoper\fR -jederzeit Zugriff auf -/dev/console\&. Hier ist auch ersichtlich, dass -/etc/porttime -eine geordnete Liste der Zugriffszeiten ist\&. Jeder andere Benutzer f\(:allt unter den zweiten Eintrag, welcher Zugriff zu keiner Zeit erlaubt\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - console:root,oper:Al0000\-2400 - console:*: - -.fi -.if n \{\ -.RE -.\} -.PP -Der folgende Eintrag erlaubt dem Benutzer -\fIgames\fR -Zugriff auf jeden Port au\(sserhalb von Arbeitszeiten\&. -.PP -*:games:Wk1700\-0900,SaSu0000\-2400 -.SH "DATEIEN" -.PP -/etc/porttime -.RS 4 -Datei, die den Port\-Zugriff enth\(:alt\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBlogin\fR(1)\&. diff --git a/man/de/man5/shadow.5 b/man/de/man5/shadow.5 deleted file mode 100644 index 9ebee0f3..00000000 --- a/man/de/man5/shadow.5 +++ /dev/null @@ -1,149 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "SHADOW" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -shadow \- Shadow\-Passwortdatei -.SH "BESCHREIBUNG" -.PP -shadow -ist eine Datei, welche die Passwortinformationen f\(:ur die Konten des Systems und fakultativ Informationen zum Verfall der Passw\(:orter enth\(:alt\&. -.PP -Um die Sicherheit der Passw\(:orter zu gew\(:ahrleisten, darf diese Datei nicht f\(:ur normale Benutzer lesbar sein\&. -.PP -Jede Zeile dieser Datei enth\(:alt folgende neun Felder, die durch Doppelpunkt (\(Bq:\(lq) getrennt werden: -.PP -\fBAnmeldename\fR -.RS 4 -Dabei muss es sich um eine g\(:ultigen Kontonamen handeln, der auf dem System existiert\&. -.RE -.PP -\fBverschl\(:usseltes Passwort\fR -.RS 4 -Sie sollten in -\fBcrypt\fR(3) -nachsehen, wenn Sie mehr \(:uber die Bedeutung dieser Zeichenkette wissen wollen\&. -.sp -Wenn das Passwortfeld eine Zeichenkette enth\(:alt, die kein zul\(:assiges Ergebnis von -\fBcrypt\fR(3) -ist, z\&.B\&. ! oder *, kann sich der Benutzer nicht mit einem Unix\-Passwort anmelden; eine Anmeldung auf anderem Wege wird dadurch nicht verhindert\&. -.sp -Dieses Feld kann leer bleiben\&. In diesem Fall kann sich der angegebene Benutzer ohne Passwort anmelden\&. M\(:oglicherweise verweigern Anwendungen, welche die Datei -/etc/shadow -auswerten, dennoch den Zugang, wenn das Passwortfeld leer ist\&. -.sp -Ein Passwortfeld, das mit einem Ausrufezeichen beginnt, f\(:uhrt dazu, dass das Passwort gesperrt ist\&. Die \(:ubrigen Zeichen sind das Passwort vor der Sperrung\&. -.RE -.PP -\fBDatum, an dem das Passwort das letzte Mal ge\(:andert wurde\fR -.RS 4 -Das Datum, als das Passwort das letzte Mal ge\(:andert wurde, wird als Anzahl der Tage seit dem 1\&. Januar 1970 ausgedr\(:uckt\&. -.sp -Dem Wert 0 kommt eine besondere Bedeutung zu: Der Benutzer sollte sein Passwort bei der n\(:achsten Anmeldung \(:andern\&. -.sp -Ein leeres Feld bedeutet, dass das Altern des Passworts abgeschaltet ist\&. -.RE -.PP -\fBMindestalter des Passworts\fR -.RS 4 -Das Mindestalter des Passworts ist die Anzahl von Tagen, die ein Benutzer warten muss, bevor er sein Passwort wieder \(:andern darf\&. -.sp -Eine leeres Feld oder der Wert 0 bedeuten, dass es kein Mindestalter eines Passworts gibt\&. -.RE -.PP -\fBH\(:ochstalter des Passworts\fR -.RS 4 -Das H\(:ochstalter des Passworts ist die Anzahl von Tagen, nach welcher der Benutzer sein Passwort \(:andern muss\&. -.sp -Auch nach Ablauf dieser Anzahl von Tagen bleibt das Passwort g\(:ultig\&. Der Benutzer wird bei der n\(:achsten Anmeldung aufgefordert, sein Passwort zu \(:andern\&. -.sp -Ein leeres Feld bedeutet, dass es kein H\(:ochstalter f\(:ur das Passwort, keine Vorwarnung und keine Dauer der Unt\(:atigkeit (siehe unten) gibt\&. -.sp -Wenn das H\(:ochstalter niedriger als das Mindestalter eines Passworts ist, kann ein Benutzer sein Passwort nicht \(:andern\&. -.RE -.PP -\fBPasswortvorwarndauer\fR -.RS 4 -Die Anzahl von Tagen, w\(:ahrend welcher der Benutzer vorgewarnt wird, bevor sein Passwort abl\(:auft (siehe das H\(:ochstalter des Passworts)\&. -.sp -Ein leeres Feld oder der Wert 0 bedeutet, dass es keine Vorwarnung gibt\&. -.RE -.PP -\fBDauer der fehlenden Verwendung des Passworts\fR -.RS 4 -Die Anzahl von Tagen, f\(:ur die ein Benutzer sein Passwort, nachdem es abgelaufen ist (vergleiche oben das H\(:ochstalter des Passworts), noch verwenden kann (und w\(:ahrend des n\(:achsten Logins \(:andern muss)\&. -.sp -Nachdem das Passwort abgelaufen ist und auch die Dauer der Unt\(:atigkeit verstrichen ist, kann sich der Benutzer mit seinem Passwort nicht mehr anmelden\&. Er muss sich dann an den Administrator wenden\&. -.sp -Ein leeres Feld bedeutet, dass es keine H\(:ochstdauer zwischen Ablauf des Passworts und erneuter Anmeldung des Benutzers gibt\&. -.RE -.PP -\fBDatum des Verfalls des Kontos\fR -.RS 4 -Das Datum, an dem das Konto verf\(:allt, wird als Anzahl der Tage seit dem 1\&. Januar 1970 ausgedr\(:uckt\&. -.sp -Beachten Sie, dass der Verfall eines Kontos sich von dem Ablaufen eines Passworts unterscheidet\&. Im ersteren Fall kann sich der Benutzer nicht mehr anmelden\&. Im letzteren Fall kann sich der Benutzer nur nicht mehr mit seinem (alten) Passwort anmelden\&. -.sp -Ein leeres Feld bedeutet, dass das Konto nicht verfallen wird\&. -.sp -Der Wert 0 sollte nicht verwendet werden, weil er sowohl bedeuten kann, dass das Konto nicht verf\(:allt als auch, dass das Konto bereits am 1\&. Januar 1970 verfallen ist\&. -.RE -.PP -\fBreserviertes Feld\fR -.RS 4 -Dieses Feld ist f\(:ur zuk\(:unftigen Gebrauch reserviert\&. -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow\- -.RS 4 -Sicherungskopie von /etc/shadow -.sp -Beachten Sie, dass diese Datei von Werkzeugen der Shadow\-Werkzeugsammlung verwendet wird, aber nicht von allen sonstigen Programmen zur Benutzer\- und Passwortverwaltung\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBchage\fR(1), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/de/man5/suauth.5 b/man/de/man5/suauth.5 deleted file mode 100644 index 62fe1337..00000000 --- a/man/de/man5/suauth.5 +++ /dev/null @@ -1,145 +0,0 @@ -'\" t -.\" Title: suauth -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Dateiformate und konvertierung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "SUAUTH" "5" "09.05.2014" "shadow\-utils 4\&.2" "Dateiformate und konvertierung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -suauth \- ausf\(:uhrliche Kontrolldatei f\(:ur su -.SH "\(:UBERSICHT" -.HP \w'\fB/etc/suauth\fR\ 'u -\fB/etc/suauth\fR -.SH "BESCHREIBUNG" -.PP -Wenn der Befehl su aufgerufen wird, wird die Datei -/etc/suauth -ausgewertet\&. Dadurch kann das Verhalten des Befehls su ver\(:andert werden\&. Dies h\(:angt von Folgendem ab: -.sp -.if n \{\ -.RS 4 -.\} -.nf - 1) auf welchen Benutzer su gerichtet ist - -.fi -.if n \{\ -.RE -.\} -.PP -2) dem Benutzer, der su ausf\(:uhrt (oder einer Gruppe, deren Mitglied er ist) -.PP -Die Datei ist folgenderma\(ssen aufgebaut, wobei Zeilen, die mit einem # beginnen, als Kommentare behandelt und daher ignoriert werden: -.sp -.if n \{\ -.RS 4 -.\} -.nf - Herkunfts\-ID:Ziel\-ID:AKTION - -.fi -.if n \{\ -.RE -.\} -.PP -Hierbei kann to\-id -\fIALL\fR, eine Aufz\(:ahlung von Benutzernamen, die durch ein \(Fc,\(Fo getrennt werden, oder -\fIALL EXCEPT\fR, die von einer Aufz\(:ahlung von Benutzernamen gefolgt werden, die durch ein \(Fc,\(Fo getrennt werden, sein\&. -.PP -from\-id hat das gleiche Format wie to\-id mit der Ausnahme, dass zus\(:atzlich -\fIGROUP\fR -zul\(:assig ist\&. Auch -\fIALL EXCEPT GROUP\fR -ist zul\(:assig\&. Nach -\fIGROUP\fR -werden ein oder mehrere Gruppennamen aufgef\(:uhrt, die durch \(Fc,\(Fo getrennt sind\&. Die Haupt\-ID einer Gruppe reicht nicht aus, sondern ein Eintrag in -\fB/etc/group\fR(5) -ist notwendig\&. -.PP -Als Aktion k\(:onnen nur die folgenden Optionen angegeben werden\&. -.PP -\fIDENY\fR -.RS 4 -Der Versuch, su auszuf\(:uhren, wird abgebrochen, ehe nach einem Passwort gefragt wird\&. -.RE -.PP -\fINOPASS\fR -.RS 4 -Der Versuch, su auszuf\(:uhren, hat automatisch Erfolg\&. Ein Passwort wird nicht abgefragt\&. -.RE -.PP -\fIOWNPASS\fR -.RS 4 -Damit der Befehl su Erfolg hat, muss der Benutzer sein eigenes Passwort eingeben\&. Darauf wird er hingewiesen\&. -.RE -.PP -Beachten Sie, dass es sich um drei selbst\(:andige Felder handelt, die durch einen Doppelpunkt getrennt sind\&. Neben den Doppelpunkten darf sich kein Leerzeichen befinden\&. Beachten Sie zudem, dass die Datei von oben nach unten Zeile f\(:ur Zeile durchgegangen wird\&. Die erste Regel, die zutreffend ist, wird angewendet, ohne dass die Datei weiter ausgewertet wird\&. Damit kann ein Systemadministrator eine strenge Kontrolle aus\(:uben\&. -.SH "BEISPIEL" -.sp -.if n \{\ -.RS 4 -.\} -.nf - # /etc/suauth\-Beispielsdatei - # - # Einige besondere Benutzer d\(:urfen su - # auf Root mit ihrem eigenen Passwort ausf\(:uhren\&. - # - root:chris,birddog:OWNPASS - # - # Alle anderen Benutzer d\(:urfen nicht su auf Root - # ausf\(:uhren, falls sie nicht in der Gruppe wheel - # sind\&. Dies wird bei BSD so gehandhabt\&. - # - root:ALL EXCEPT GROUP wheel:DENY - # - # Die Konten terry und birddog geh\(:oren derselben - # Person\&. Sie k\(:onnen ohne Passwort aufeinander - # zugreifen\&. - # - terry:birddog:NOPASS - birddog:terry:NOPASS - # - -.fi -.if n \{\ -.RE -.\} -.SH "DATEIEN" -.PP -/etc/suauth -.RS 4 -.RE -.SH "FEHLER" -.PP -Es gibt zahlreiche Fehlerquellen\&. Die Auswertung der Datei ist sehr empfindlich bei Syntaxfehlern, zus\(:atzlichen Leerzeichen (au\(sser am Anfang und Schluss einer Zeile) und dem besonderen Zeichen, das die verschiedenen Felder von einander trennt\&. -.SH "DIAGNOSE" -.PP -Fehler beim Auswerten der Datei werden an -\fBsyslogd\fR(8) -mit der Stufe ERR an das Ger\(:at AUTH gemeldet\&. -.SH "SIEHE AUCH" -.PP -\fBsu\fR(1)\&. diff --git a/man/de/man8/chgpasswd.8 b/man/de/man8/chgpasswd.8 deleted file mode 100644 index fe72fec6..00000000 --- a/man/de/man8/chgpasswd.8 +++ /dev/null @@ -1,210 +0,0 @@ -'\" t -.\" Title: chgpasswd -.\" Author: Thomas K\(/loczko -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "CHGPASSWD" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chgpasswd \- aktualisiert Gruppenpassw\(:orter im Batch\-Modus -.SH "\(:UBERSICHT" -.HP \w'\fBchgpasswd\fR\ 'u -\fBchgpasswd\fR [\fIOptionen\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBchgpasswd\fR -liest eine Liste von Gruppenname\-Passwort\-Paaren von der Standardeingabe\&. Damit werden Gruppendaten aktualisiert\&. Jede Zeile muss folgendes Format haben: -.PP -\fIGruppenname\fR:\fIPasswort\fR -.PP -Das Passwort wird standardm\(:a\(ssig im Klartext angegeben\&. Die Standardalgorithmus zur Verschl\(:usselung ist DES\&. -.PP -Der standardm\(:a\(ssige Verschl\(:usselungsalgorithmus wird systemweit mit der Variable -\fBENCRYPT_METHOD\fR -in -/etc/login\&.defs -bestimmt\&. Dies kann mit den Optionen -\fB\-e\fR, -\fB\-m\fR -oder -\fB\-c\fR -\(:uberschrieben werden\&. -.PP -Dieser Befehl ist f\(:ur den Einsatz in gro\(ssen Umgebungen vorgesehen, in der viele Konten gleichzeitig erstellt werden m\(:ussen\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBchgpasswd\fR -unterst\(:utzt werden, sind: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Definiert die Methode, mit der die Passw\(:orter verschl\(:usselt werden\&. -.sp -Die verf\(:ugbaren Methoden sind DES, MD5, NONE und SHA256 oder SHA512, soweit Ihre libc sie unterst\(:utzt\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -Passw\(:orter werden verschl\(:usselt angegeben\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -werwendet zur Verschl\(:usselung MD5 anstelle von DES, wenn die Passw\(:orter unverschl\(:usselt angegeben werden -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Verwendet die angegebene Anzahl von Runden, um die Passw\(:orter zu verschl\(:usseln\&. -.sp -Ein Wert von 0 bedeutet, dass das System die Standardanzahl der Runden (5000) f\(:ur die Verschl\(:usselung verwenden wird\&. -.sp -Der Mindestwert ist 1000, der H\(:ochstwert 999\&.999\&.999\&. -.sp -Sie k\(:onnen diese Option nur mit den Verschl\(:usselungsmethoden SHA256 und SHA512 verwenden\&. -.sp -Standardm\(:a\(ssig wird die Anzahl der Runden mit den Variablen SHA_CRYPT_MIN_ROUNDS und SHA_CRYPT_MAX_ROUNDS in -/etc/login\&.defs -definiert\&. -.RE -.SH "WARNUNGEN" -.PP -Achten Sie darauf, dass die Rechte und Umask korrekt vergeben sind, um zu verhindern, dass andere Benutzer unverschl\(:usselte Dateien lesen k\(:onnen\&. -.PP -Sie sollten darauf achten, dass Passw\(:orter und Verschl\(:usselungsmethode in Einklage mit der Passwortrichtlinie des Systems stehen\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBENCRYPT_METHOD\fR (Zeichenkette) -.RS 4 -Damit wird der standardm\(:a\(ssige Verschl\(:usselungsalgorithmus, mit dem Passw\(:orter verschl\(:usselt werden, bestimmt (soweit nicht in der Befehlszeile ein Algorithmus angegeben wird)\&. -.sp -Ihm kann einer der folgenden Wert zugewiesen werden: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Hinweis: Dieser Parameter \(:uberschreibt die Variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolesch) -.RS 4 -Legt fest, ob Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt werden\&. Falls diesem Wert -\fIyes\fR -zugewiesen ist, werden neue Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt, der zu dem in der aktuellen Ver\(:offentlichung von FreeBSD eingesetzten Algorithmus kompatibel ist\&. Passw\(:orter k\(:onnen dann beliebig lang sein, auch die Salt\-Zeichenketten sind l\(:anger\&. Setzen Sie diesen Wert auf -\fIno\fR, wenn Sie verschl\(:usselte Passw\(:orter auf ein anderes System kopieren m\(:ochten, das den neuen Algorithmus nicht versteht\&. Der Standardwert ist -\fIno\fR\&. -.sp -Dieser Variable geht die Variable -\fBENCRYPT_METHOD\fR -und eine Option auf der Befehlszeile, mit der der Verschl\(:usselungsalgorithmus bestimmt wird, vor\&. -.sp -Der Einsatz dieser Variable ist veraltet\&. Sie sollten -\fBENCRYPT_METHOD\fR -verwenden\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (Zahl), \fBSHA_CRYPT_MAX_ROUNDS\fR (Zahl) -.RS 4 -Wenn -\fBENCRYPT_METHOD\fR -auf -\fISHA256\fR -oder -\fISHA512\fR -gesetzt ist, legt dies die Anzahl der Runden von SHA fest, die standardm\(:a\(ssig vom Verschl\(:usselungsalgorithmus verwendet werden (falls die Anzahl der Runden nicht auf der Befehlszeile angegeben wird)\&. -.sp -Je mehr Runden Sie definieren, umso schwieriger ist es, das Passwort mit sturem Durchprobieren (brute force) zu knacken; umso mehr Rechenleistung wird jedoch auch f\(:ur die Anmeldung eines Benutzers ben\(:otigt\&. -.sp -Falls Sie nichts angeben, wird libc die Standardanzahl der Runden festlegen (5000)\&. -.sp -Die Werte m\(:ussen zwischen 1000\-999\&.999\&.999 liegen\&. -.sp -Falls nur der Wert f\(:ur -\fBSHA_CRYPT_MIN_ROUNDS\fR -oder -\fBSHA_CRYPT_MAX_ROUNDS\fR -festgelegt wird, wird dieser Wert verwendet\&. -.sp -Falls -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, wird der h\(:ohere Wert verwendet\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "SIEHE AUCH" -.PP -\fBgpasswd\fR(1), -\fBgroupadd\fR(8), -\fBlogin.defs\fR(5)\&. diff --git a/man/de/man8/chpasswd.8 b/man/de/man8/chpasswd.8 deleted file mode 100644 index f0cb15ce..00000000 --- a/man/de/man8/chpasswd.8 +++ /dev/null @@ -1,215 +0,0 @@ -'\" t -.\" Title: chpasswd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "CHPASSWD" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chpasswd \- aktualisiert Passw\(:orter im Batch\-Modus -.SH "\(:UBERSICHT" -.HP \w'\fBchpasswd\fR\ 'u -\fBchpasswd\fR [\fIOptionen\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBchpasswd\fR -liest eine Liste von Benutzername\-Passwort\-Paaren von der Standardeingabe\&. Damit werden Benutzerdaten aktualisiert\&. Jede Zeile muss folgendes Format haben: -.PP -\fIBenutzername\fR:\fIPasswort\fR -.PP -Das Passwort muss standardm\(:a\(ssig im Klartext angegeben werden und von -\fBchpasswd\fR -verschl\(:usselt\&. Soweit vorhanden, wird auch das Alter des Passworts aktualisiert\&. -.PP -Der standardm\(:a\(ssige Verschl\(:usselungsalgorithmus kann systemweit mit den Variablen -\fBENCRYPT_METHOD\fR -oder -\fBMD5_CRYPT_ENAB\fR -in -/etc/login\&.defs -definiert werden\&. Dieser kann mit den Optionen -\fB\-e\fR, -\fB\-m\fR -oder -\fB\-c\fR -\(:uberschrieben werden\&. -.PP -\fBchpasswd\fR -aktualisiert zun\(:achst alle Passw\(:orter im Arbeitsspeicher und schreibt dann die \(:Anderungen auf das Speichermedium, falls keine Fehler aufgetreten sind\&. -.PP -Dieser Befehl ist f\(:ur den Einsatz in gro\(ssen Umgebungen vorgesehen, in der viele Konten gleichzeitig erstellt werden m\(:ussen\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBchpasswd\fR -unterst\(:utzt werden, sind: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR\ \&\fIMETHODE\fR -.RS 4 -Definiert die Methode, mit der die Passw\(:orter verschl\(:usselt werden\&. -.sp -Die verf\(:ugbaren Methoden sind DES, MD5, NONE und SHA256 oder SHA512, soweit Ihre libc sie unterst\(:utzt\&. -.sp -Standardm\(:a\(ssig (wenn keine der Optionen -\fB\-c\fR, -\fB\-m\fR -oder -\fB\-e\fR -angegeben wird) wird die Verschl\(:usselungsmethode durch die Variablen -\fBENCRYPT_METHOD\fR -oder -\fBMD5_CRYPT_ENAB\fR -in -/etc/login\&.defs -bestimmt\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -Passw\(:orter werden verschl\(:usselt angegeben\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -werwendet zur Verschl\(:usselung MD5 anstelle von DES, wenn die Passw\(:orter unverschl\(:usselt angegeben werden -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fIRUNDEN\fR -.RS 4 -Verwendet die angegebene Anzahl von Runden, um die Passw\(:orter zu verschl\(:usseln\&. -.sp -Ein Wert von 0 bedeutet, dass das System die Standardanzahl der Runden (5000) f\(:ur die Verschl\(:usselung verwenden wird\&. -.sp -Der Mindestwert ist 1000, der H\(:ochstwert 999\&.999\&.999\&. -.sp -Sie k\(:onnen diese Option nur mit den Verschl\(:usselungsmethoden SHA256 und SHA512 verwenden\&. -.sp -Standardm\(:a\(ssig wird die Anzahl der Runden von den Variablen -\fBSHA_CRYPT_MIN_ROUNDS\fR -und -\fBSHA_CRYPT_MAX_ROUNDS\fR/etc/login\&.defs -bestimmt\&. -.RE -.SH "WARNUNGEN" -.PP -Achten Sie darauf, dass die Rechte und Umask korrekt vergeben sind, um zu verhindern, dass andere Benutzer unverschl\(:usselte Dateien lesen k\(:onnen\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBENCRYPT_METHOD\fR (Zeichenkette) -.RS 4 -Damit wird der standardm\(:a\(ssige Verschl\(:usselungsalgorithmus, mit dem Passw\(:orter verschl\(:usselt werden, bestimmt (soweit nicht in der Befehlszeile ein Algorithmus angegeben wird)\&. -.sp -Ihm kann einer der folgenden Wert zugewiesen werden: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Hinweis: Dieser Parameter \(:uberschreibt die Variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolesch) -.RS 4 -Legt fest, ob Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt werden\&. Falls diesem Wert -\fIyes\fR -zugewiesen ist, werden neue Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt, der zu dem in der aktuellen Ver\(:offentlichung von FreeBSD eingesetzten Algorithmus kompatibel ist\&. Passw\(:orter k\(:onnen dann beliebig lang sein, auch die Salt\-Zeichenketten sind l\(:anger\&. Setzen Sie diesen Wert auf -\fIno\fR, wenn Sie verschl\(:usselte Passw\(:orter auf ein anderes System kopieren m\(:ochten, das den neuen Algorithmus nicht versteht\&. Der Standardwert ist -\fIno\fR\&. -.sp -Dieser Variable geht die Variable -\fBENCRYPT_METHOD\fR -und eine Option auf der Befehlszeile, mit der der Verschl\(:usselungsalgorithmus bestimmt wird, vor\&. -.sp -Der Einsatz dieser Variable ist veraltet\&. Sie sollten -\fBENCRYPT_METHOD\fR -verwenden\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (Zahl), \fBSHA_CRYPT_MAX_ROUNDS\fR (Zahl) -.RS 4 -Wenn -\fBENCRYPT_METHOD\fR -auf -\fISHA256\fR -oder -\fISHA512\fR -gesetzt ist, legt dies die Anzahl der Runden von SHA fest, die standardm\(:a\(ssig vom Verschl\(:usselungsalgorithmus verwendet werden (falls die Anzahl der Runden nicht auf der Befehlszeile angegeben wird)\&. -.sp -Je mehr Runden Sie definieren, umso schwieriger ist es, das Passwort mit sturem Durchprobieren (brute force) zu knacken; umso mehr Rechenleistung wird jedoch auch f\(:ur die Anmeldung eines Benutzers ben\(:otigt\&. -.sp -Falls Sie nichts angeben, wird libc die Standardanzahl der Runden festlegen (5000)\&. -.sp -Die Werte m\(:ussen zwischen 1000\-999\&.999\&.999 liegen\&. -.sp -Falls nur der Wert f\(:ur -\fBSHA_CRYPT_MIN_ROUNDS\fR -oder -\fBSHA_CRYPT_MAX_ROUNDS\fR -festgelegt wird, wird dieser Wert verwendet\&. -.sp -Falls -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, wird der h\(:ohere Wert verwendet\&. -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "SIEHE AUCH" -.PP -\fBpasswd\fR(1), -\fBnewusers\fR(8), -\fBlogin.defs\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/de/man8/faillog.8 b/man/de/man8/faillog.8 deleted file mode 100644 index 220078e4..00000000 --- a/man/de/man8/faillog.8 +++ /dev/null @@ -1,167 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "FAILLOG" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -faillog \- zeigt Aufzeichnungen der fehlgeschlagenen Anmeldungen an oder richtet Beschr\(:ankungen f\(:ur fehlgeschlagene Anmeldungen ein -.SH "\(:UBERSICHT" -.HP \w'\fBfaillog\fR\ 'u -\fBfaillog\fR [\fIOptionen\fR] -.SH "BESCHREIBUNG" -.PP -\fBfaillog\fR -zeigt den Inhalt der Datenbank der fehlgeschlagenen Anmeldungen (/var/log/faillog) an\&. Es kann auch die Z\(:ahlung und Beschr\(:ankung der Fehlversuche verwalten\&. Wenn -\fBfaillog\fR -ohne Optionen ausgef\(:uhrt wird, wird nur die Liste der fehlgeschlagenen Anmeldungen aller Benutzer angezeigt, deren Anmeldung jemals gescheitert ist\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBfaillog\fR -unterst\(:utzt werden, sind: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -zeigt (oder bearbeitet) die faillog\-Eintr\(:age aller Benutzer, die einen Eintrag in der Datenbank -faillog -haben -.sp -Die Spanne der Benutzer kann mit der Option -\fB\-u\fR -eingegrenzt werden\&. -.sp -Im Anzeigemodus ist dies auf vorhandene Benutzer beschr\(:ankt, erzwingt aber die Anzeige der Faillog\-Eintr\(:age, auch wenn diese leer sind\&. -.sp -Mit den Optionen -\fB\-l\fR, -\fB\-m\fR, -\fB\-r\fR -und -\fB\-t\fR -werden die Benutzereintr\(:age selbst dann ge\(:andert, wenn der Benutzer auf dem System nicht vorhanden ist\&. Dies kann sinnvoll sein, wenn die Eintr\(:age von gel\(:oschten Benutzer zur\(:uckgesetzt werden sollen oder vorsorglich eine Richtlinie f\(:ur eine Anzahl von Benutzern eingerichtet werden soll\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEK\fR -.RS 4 -sperrt nach einer fehlgeschlagenen Anmeldung das Konto f\(:ur -\fISEK\fR -Sekunden -.sp -F\(:ur diese Option muss ein Schreibzugriff auf -/var/log/faillog -bestehen\&. -.RE -.PP -\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR -.RS 4 -setzt den Z\(:ahler der fehlgeschlagene Anmeldungen, nach denen das Konto abgeschaltet wird, auf -\fIMAX\fR -.sp -Wenn -\fIMAX\fR -den Wert 0 hat, besteht keine Beschr\(:ankung f\(:ur die Anzahl fehlgeschlagener Anmeldeversuche\&. -.sp -F\(:ur -\fIroot\fR -sollte der Wert der maximalen Anmeldeversuche immer 0 betragen, um eine durch einen Angriff ausgel\(:oste Dienstverweigerung (denial of service) zu verhindern\&. -.sp -F\(:ur diese Option muss ein Schreibzugriff auf -/var/log/faillog -bestehen\&. -.RE -.PP -\fB\-r\fR, \fB\-\-reset\fR -.RS 4 -setzt die Z\(:ahlerst\(:ande der fehlgeschlagenen Anmeldeversuche zur\(:uck -.sp -F\(:ur diese Option muss ein Schreibzugriff auf -/var/log/faillog -bestehen\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fITAGE\fR -.RS 4 -zeigt die Eintr\(:age der fehlgeschlagenen Anmeldungen an, die aktueller als -\fITAGE\fR -sind -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIMENGE\fR -.RS 4 -zeigt die Aufzeichnungen der fehlgeschlagenen Anmeldungen nur der angegebenen Benutzer an oder bearbeitet (wenn mit den Optionen -\fB\-l\fR, -\fB\-m\fR -oder -\fB\-r\fR -verwendet) nur deren Z\(:ahlerst\(:ande und Beschr\(:ankungen -.sp -Die Bestimmung der Benutzer erfolgt durch ihren Anmeldenamen, ihrer zahlenm\(:a\(ssigen Benutzer\-ID oder einer -\fIMENGE\fR -von Benutzern\&. Diese -\fIMENGE\fR -kann mit Minimum\- und Maximumwerten (\fIUID_MIN\-UID_MAX\fR), nur mit einem Maximumwert (\fIUID_MIN\-UID_MAX\fR) oder nur einem Minimumwert (\fIUID_MIN\-\fR) bestimmt werden\&. -.RE -.PP -Wenn keine der Optionen -\fB\-l\fR, -\fB\-m\fR -oder -\fB\-r\fR -verwendet wird, zeigt -\fBfaillog\fR -die Aufzeichnung der fehlgeschlagenen Anmeldeversuche der angegebenen Benutzer an\&. -.SH "WARNUNGEN" -.PP -\fBfaillog\fR -zeigt nur die Benutzer an, die sich seit der letzten fehlgeschlagenen Anmeldung nicht erfolgreich anmelden konnten\&. Um die \(:ubrigen Benutzer anzuzeigen, m\(:ussen Sie diese explizit mit der Option -\fB\-u\fR -benennen oder sich alle Benutzer mit der Option -\fB\-a\fR -anzeigen lassen\&. -.SH "DATEIEN" -.PP -/var/log/faillog -.RS 4 -Datei mit fehlgeschlagenen Anmeldungen -.RE -.SH "SIEHE AUCH" -.PP -\fBlogin\fR(1), -\fBfaillog\fR(5)\&. diff --git a/man/de/man8/groupadd.8 b/man/de/man8/groupadd.8 deleted file mode 100644 index b06116fc..00000000 --- a/man/de/man8/groupadd.8 +++ /dev/null @@ -1,254 +0,0 @@ -'\" t -.\" Title: groupadd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "GROUPADD" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groupadd \- erstellt eine neue Gruppe -.SH "\(:UBERSICHT" -.HP \w'\fBgroupadd\fR\ 'u -\fBgroupadd\fR [\fIOptionen\fR] \fIGruppe\fR -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBgroupadd\fR -erstellt ein neues Gruppenkonto\&. Dabei verwendet er die Werte, die auf der Befehlszeile angegeben wurden, oder die Standardwerte des Systems\&. Soweit es notwendig ist, wird die neue Gruppe den Systemdateien hinzugef\(:ugt\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBgroupadd\fR -unterst\(:utzt werden, sind: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Die Option f\(:uhrt dazu, dass der Befehl nur dann erfolgreich beendet wird, wenn die angegebene Gruppe existiert\&. Falls diese Option zusammen mit der Option -\fB\-g\fR -verwendet wird und die angegebene GID schon vergeben ist, wird eine andere, eindeutige GID gew\(:ahlt (d\&.h\&. -\fB\-g\fR -wird nicht beachtet)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -Der zahlenm\(:a\(ssige Wert der Gruppen\-ID\&. Dieser Wert muss eindeutig sein, sofern nicht die Option -\fB\-o\fR -verwendet wird\&. Der Wert darf nicht negativ sein\&. Standardm\(:a\(ssig wird der kleinste Wert gr\(:o\(sser als oder gleich -\fBGID_MIN\fR -und gr\(:o\(sser als jeder andere Wert einer Gruppe verwendet\&. -.sp -Vergleichen Sie auch die Option -\fB\-r\fR -und die Ausf\(:uhrungen zu -\fBGID_MAX\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fISCHL\(:USSEL\fR=\fIWERT\fR -.RS 4 -\(:Uberschreibt die Standardwerte von -/etc/login\&.defs -(GID_MIN, GID_MAX und weitere)\&. Diese Option kann mehrfach verwendet werden\&. -.sp -Beispiel: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \&\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR -.sp -Hinweis: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR -funktioniert noch nicht\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Diese Option erlaubt es, eine Gruppe mit einer nicht eindeutigen GID zu erstellen\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORT\fR -.RS 4 -Das verschl\(:usselte Passwort, wie es von -\fBcrypt\fR(3) -zur\(:uckgegeben wird\&. Standardm\(:a\(ssig ist das Passwort deaktiviert\&. -.sp -\fBHinweis:\fR -Diese Option ist nicht empfehlenswert, weil das Passwort (auch wenn es verschl\(:usselt ist) f\(:ur Benutzer sichtbar ist, die sich den Prozess anzeigen lassen\&. -.sp -Sie sollten sicherstellen, dass das Passwort den Passwortrichtlinien des Systems entspricht\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -erstellt eine neue Systemgruppe -.sp -Die zahlenm\(:a\(ssige Kennung einer neuen Systemgruppe wird aus der Spanne von -\fBSYS_GID_MIN\fR -bis -\fBSYS_GID_MAX\fR -gew\(:ahlt, welche in -login\&.defs -festgelegt wird, anstelle von -\fBGID_MIN\fR -bis -\fBGID_MAX\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBGID_MAX\fR (Zahl), \fBGID_MIN\fR (Zahl) -.RS 4 -der Bereich von Gruppen\-IDs, aus dem die Programme -\fBuseradd\fR, -\fBgroupadd\fR -oder -\fBnewusers\fR -bei der Erstellung normaler Gruppen ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBGID_MIN\fR -ist 1000, f\(:ur -\fBGID_MAX\fR -60\&.000\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -\fBSYS_GID_MAX\fR (Zahl), \fBSYS_GID_MIN\fR (Zahl) -.RS 4 -der Bereich von Gruppen\-IDs, aus dem die Programme -\fBuseradd\fR, -\fBgroupadd\fR -oder -\fBnewusers\fR -bei der Erstellung von Systemgruppen ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBSYS_GID_MIN\fR -ist 101, f\(:ur -\fBSYS_GID_MAX\fR\fBGID_MIN\fR\-1\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "WARNUNGEN" -.PP -Gruppennamen m\(:ussen mit einem Kleinbuchstaben oder einem Unterstrich beginnen\&. Nachfolgend d\(:urfen sie Kleinbuchstaben, Zahlen, Unterstriche und Gedankenstriche enthalten\&. Das letzte Zeichen darf auch ein Dollarzeichen sein\&. Als regul\(:arer Ausdruck: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Gruppennamen d\(:urfen nur bis zu 16 Zeichen lang sein\&. -.PP -Sie k\(:onnen einen Benutzer nicht einer NIS\- oder LDAP\-Gruppe hinzuf\(:ugen\&. Dies m\(:ussen Sie auf dem entsprechenden Server durchf\(:uhren\&. -.PP -Falls der Gruppenname bereits in einer externen Datenbank (wie etwa NIS oder LDAP) vergeben ist, wird -\fBgroupadd\fR -die Gruppe nicht erstellen\&. -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBgroupadd\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI2\fR -.RS 4 -unzul\(:assige Syntax f\(:ur diesen Befehl -.RE -.PP -\fI3\fR -.RS 4 -ung\(:ultiges Argument f\(:ur Option -.RE -.PP -\fI4\fR -.RS 4 -GID nicht eindeutig (wenn -\fB\-o\fR -nicht angegeben wird) -.RE -.PP -\fI9\fR -.RS 4 -Gruppenname nicht eindeutig -.RE -.PP -\fI10\fR -.RS 4 -Die Gruppendatei kann nicht aktualisieren werden\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/de/man8/groupdel.8 b/man/de/man8/groupdel.8 deleted file mode 100644 index c57ef24a..00000000 --- a/man/de/man8/groupdel.8 +++ /dev/null @@ -1,136 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "GROUPDEL" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groupdel \- l\(:oscht eine Gruppe -.SH "\(:UBERSICHT" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fIOptionen\fR] \fIGRUPPE\fR -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBgroupdel\fR -bearbeitet die Kontodateien des Systems und l\(:oscht darin alle Eintr\(:age, die auf die -\fIGruppe\fR -verweisen\&. Die bezeichnete Gruppe muss existieren\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBgroupdel\fR -unterst\(:utzt werden, sind: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.SH "WARNUNGEN" -.PP -Sie k\(:onnen nicht die Hauptgruppe eines Benutzers entfernen\&. Dazu m\(:ussten Sie zun\(:achst den betreffenden Benutzer l\(:oschen\&. -.PP -Sie sollten von Hand alle Systemdateien \(:uberpr\(:ufen, um sicherzustellen, dass keine Dateien, die der gel\(:oschten Gruppe angeh\(:oren, vorhanden sind\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBgroupdel\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI2\fR -.RS 4 -unzul\(:assige Syntax f\(:ur diesen Befehl -.RE -.PP -\fI6\fR -.RS 4 -angegebene Gruppe ist nicht vorhanden -.RE -.PP -\fI8\fR -.RS 4 -Die Hauptgruppe eines Benutzers kann nicht entfernen werden\&. -.RE -.PP -\fI10\fR -.RS 4 -Die Gruppendatei kann nicht aktualisieren werden\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/de/man8/groupmems.8 b/man/de/man8/groupmems.8 deleted file mode 100644 index 406ff528..00000000 --- a/man/de/man8/groupmems.8 +++ /dev/null @@ -1,174 +0,0 @@ -'\" t -.\" Title: groupmems -.\" Author: George Kraft, IV -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "GROUPMEMS" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groupmems \- verwaltet die Mitglieder der Hauptgruppe eines Benutzers -.SH "\(:UBERSICHT" -.HP \w'\fBgroupmems\fR\ 'u -\fBgroupmems\fR \-a\ \fIBenutzer_Name\fR | \-d\ \fIBenutzer_Name\fR | [\-g\ \fIGruppen_Name\fR] | \-l | \-p -.SH "BESCHREIBUNG" -.PP -Mit dem Befehl -\fBgroupmems\fR -kann ein Benutzer die Mitgliederliste seiner eigenen Gruppe verwalten, ohne Root\-Rechte zu ben\(:otigen\&. Das Werkzeug -\fBgroupmems\fR -ist f\(:ur Systeme gedacht, auf denen die Hauptgruppe eines Benutzers den gleichen Namen hat wie der Benutzer (z\&.B\&. fritz/fritz)\&. -.PP -Nur Root als Administrator kann mit -\fBgroupmems\fR -die Mitgliederlisten anderer Gruppen bearbeiten\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBgroupmems\fR -unterst\(:utzt werden, sind: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIBenutzer_Name\fR -.RS 4 -F\(:ugt einen Benutzer der Mitgliederliste der Gruppe hinzu\&. -.sp -Wenn die Datei -/etc/gshadow -vorhanden ist, die Gruppe darin aber keinen Eintrag hat, wird ein solcher erstellt\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIBenutzer_Name\fR -.RS 4 -L\(:oscht einen Benutzer aus der Mitgliederliste der Gruppe\&. -.sp -Wenn -/etc/gshadow -vorhanden ist, wird der Benutzer aus der Liste der Mitglieder und Gruppenverwalter entfernt\&. -.sp -Wenn die Datei -/etc/gshadow -vorhanden ist, die Gruppe darin aber keinen Eintrag hat, wird ein solcher erstellt\&. -.RE -.PP -\fB\-g\fR, \fB\-\-group\fR\ \&\fIGruppen_Name\fR -.RS 4 -Root kann eine Gruppen bestimmen, deren Mitgliederliste er bearbeiten will\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -gibt die Mitgliederliste aus -.RE -.PP -\fB\-p\fR, \fB\-\-purge\fR -.RS 4 -l\(:oscht alle Benutzer aus der Mitgliederliste der Gruppe -.sp -Wenn die Datei -/etc/gshadow -vorhanden ist, die Gruppe darin aber keinen Eintrag hat, wird ein solcher erstellt\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.SH "EINRICHTUNG" -.PP -Die ausf\(:uhrbare Datei -\fBgroupmems\fR -sollte die Rechte -2770 -haben und dem Benutzer -\fIroot\fR -und der Gruppe -\fIgroups\fR -geh\(:oren\&. Der Systemadministrator kann Benutzer der Gruppe -\fIgroups\fR -hinzuf\(:ugen, um ihnen zu erm\(:oglichen, mit -\fBgroupmems\fR -die Mitgliederliste ihrer eigenen Gruppe zu verwalten\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - $ groupadd \-r groups - $ chmod 2770 groupmems - $ chown root\&.groups groupmems - $ groupmems \-g groups \-a gk4 - -.fi -.if n \{\ -.RE -.\} -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -verschl\(:usselte Informationen zu den Gruppenkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/de/man8/groupmod.8 b/man/de/man8/groupmod.8 deleted file mode 100644 index ae45c2ee..00000000 --- a/man/de/man8/groupmod.8 +++ /dev/null @@ -1,211 +0,0 @@ -'\" t -.\" Title: groupmod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "GROUPMOD" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groupmod \- \(:andert die Eigenschaften einer Gruppe auf dem System -.SH "\(:UBERSICHT" -.HP \w'\fBgroupmod\fR\ 'u -\fBgroupmod\fR [\fIOptionen\fR] \fIGRUPPE\fR -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBgroupmod\fR -\(:andert die Eigenschaften der angegebenen -\fIGRUPPE\fR, indem die passenden Eintr\(:age in der Gruppendatenbank ge\(:andert werden\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBgroupmod\fR -unterst\(:utzt werden, sind: -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -Die Gruppen\-ID der angegebenen -\fIGRUPPE\fR -wird zu -\fIGID\fR -ge\(:andert\&. -.sp -Der Wert von -\fIGID\fR -muss eine nicht negative, dezimale Zahl sein\&. Er muss eindeutig sein, au\(sser wenn die Option -\fB\-o\fR -verwendet wird\&. -.sp -Benutzer, welche die Gruppe als Hauptgruppe verwenden, werden aktualisiert, um die Gruppe als Hauptgruppe zu behalten\&. -.sp -Bei Dateien, welche die alte Gruppen\-ID haben und weiterhin der Gruppe -\fIGROUP\fR -geh\(:oren sollen, muss die Gruppen\-ID per Hand angepasst werden\&. -.sp -Die Werte von -\fBGID_MIN\fR, -\fBGID_MAX\fR, -\fBSYS_GID_MIN\fR -und -\fBSYS_GID_MAX\fR -aus -/etc/login\&.defs -werden nicht gepr\(:uft\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fINEUE_GRUPPE\fR -.RS 4 -Der Gruppenname wird vom Namen -\fIGRUPPE\fR -zu -\fINEUE_GRUPPE\fR -ge\(:andert\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Wenn sie mit der Option -\fB\-g\fR -verwendet wird, kann mit ihr der Wert der Gruppen\-\fIGID\fR -auf einen nicht eindeutigen Wert gesetzt werden\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORT\fR -.RS 4 -das verschl\(:usselte Passwort, wie es von -\fBcrypt\fR(3) -zur\(:uckgegeben wird -.sp -\fBHinweis:\fR -Diese Option ist nicht empfehlenswert, weil das Passwort (auch wenn es verschl\(:usselt ist) f\(:ur Benutzer sichtbar ist, die sich den Prozess anzeigen lassen\&. -.sp -Sie sollten sicherstellen, dass das Passwort den Passwortrichtlinien des Systems entspricht\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBgroupmod\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI2\fR -.RS 4 -unzul\(:assige Syntax f\(:ur diesen Befehl -.RE -.PP -\fI3\fR -.RS 4 -ung\(:ultiges Argument f\(:ur Option -.RE -.PP -\fI4\fR -.RS 4 -angegebene Gruppe ist nicht vorhanden -.RE -.PP -\fI6\fR -.RS 4 -angegebene Gruppe ist nicht vorhanden -.RE -.PP -\fI9\fR -.RS 4 -Gruppenname wird schon verwendet -.RE -.PP -\fI10\fR -.RS 4 -Die Gruppendatei kann nicht aktualisieren werden\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/de/man8/grpck.8 b/man/de/man8/grpck.8 deleted file mode 100644 index 6576f8a4..00000000 --- a/man/de/man8/grpck.8 +++ /dev/null @@ -1,240 +0,0 @@ -'\" t -.\" Title: grpck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "GRPCK" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -grpck \- \(:uberpr\(:uft die Stimmigkeit der Gruppendateien -.SH "\(:UBERSICHT" -.HP \w'\fBgrpck\fR\ 'u -\fBgrpck\fR [Optionen] [\fIGruppe\fR\ [\ \fIshadow\fR\ ]] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBgrpwck\fR -\(:uberpr\(:uft die Stimmigkeit der Informationen \(:uber die Gruppen\&. Alle Eintr\(:age in -/etc/groupund /etc/gshadow -werden darauf \(:uberpr\(:uft, ob sie das richtige Format haben und g\(:ultige Daten enthalten\&. Bei einem Eintrag, der falsch formatiert ist oder andere unbehebbare Fehler enth\(:alt, wird der Benutzer aufgefordert, ihn zu l\(:oschen\&. -.PP -Es wird \(:uberpr\(:uft, ob jeder Eintrag folgende Eigenschaften aufweist: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -die richtige Anzahl von Feldern -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -einen eindeutigen und g\(:ultigen Gruppennamen -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -eine g\(:ultige Gruppenkennung -(nur f\(:ur /etc/group) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -eine g\(:ultige Liste der Mitglieder -und Gruppenverwalter -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -einen passenden Eintrag in der Datei -/etc/gshadow -(oder in -/etc/group -bei der \(:Uberpr\(:ufung von -gshadow) -.RE -.PP -Fehler bei der \(:Uberpr\(:ufung der richtigen Anzahl der Felder und des eindeutigen Benutzernamens sind schwerwiegend\&. Wenn ein Eintrag die falsche Anzahl von Feldern aufweist, wird der Benutzer aufgefordert, die gesamte Zeile zu l\(:oschen\&. Wenn er dies ablehnt, werden alle weiteren Tests ausgelassen\&. Bei einem Eintrag mit einem mehrfach verwendeten Benutzernamen wird der Benutzer aufgefordert, diesen Eintrag zu l\(:oschen\&. Sollte er dies ablehnen, werden dennoch die \(:ubrigen Tests ausgef\(:uhrt\&. Bei allen anderen Fehlern wird eine Warnung ausgegeben und der Benutzer aufgefordert, den Fehler mittels des Befehls -\fBgroupmod\fR -zu beheben\&. -.PP -Die Befehle, welche die -Dateien /etc/group und /etc/gshadow -bearbeiten, k\(:onnen falsche oder doppelte Eintr\(:age nicht ver\(:andern\&. In solchen F\(:allen sollte -\fBgrpwck\fR -verwendet werden, um die betreffenden Eintr\(:age zu entfernen\&. -.SH "OPTIONEN" -.PP -Die Optionen -\fB\-r\fR -und -\fB\-s\fR -k\(:onnen nicht zusammen verwendet werden\&. -.PP -Die Optionen, die vom Befehl -\fBgrpck\fR -unterst\(:utzt werden, sind: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -F\(:uhrt den Befehl -\fBgrpck\fR -im Modus Nur\-Lesen aus\&. Dies hat zur Folge, dass alle Fragen, ob Ver\(:anderungen vorgenommen werden sollen, mit -\fIno\fR -beantworteten werden, ohne dass der Benutzer einzugreifen braucht\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Ordnet die Eintr\(:age in -/etc/groupund /etc/gshadow -nach der GID\&. -.RE -.PP -Standardm\(:a\(ssig arbeitet -\fBgrpck\fR -mit -/etc/groupund /etc/gshadow\&. Der Benutzer kann andere Dateien mit -den Parametern \fIgroup\fR und \fIshadow\fR -ausw\(:ahlen\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBgrpck\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI1\fR -.RS 4 -unzul\(:assige Syntax f\(:ur diesen Befehl -.RE -.PP -\fI2\fR -.RS 4 -ein oder mehrere fehlerhafte Gruppeneintr\(:age -.RE -.PP -\fI3\fR -.RS 4 -Die Gruppendateien k\(:onnen nicht ge\(:offnet werden\&. -.RE -.PP -\fI4\fR -.RS 4 -Die Gruppendateien k\(:onnen nicht gesperrt werden\&. -.RE -.PP -\fI5\fR -.RS 4 -Die Gruppendateien k\(:onnen nicht aktualisiert werden\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBgroup\fR(5), -\fBgroupmod\fR(8), -\fBgshadow\fR(5),\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBshadow\fR(5)\&. diff --git a/man/de/man8/grpconv.8 b/man/de/man8/grpconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/de/man8/grpconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/de/man8/grpunconv.8 b/man/de/man8/grpunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/de/man8/grpunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/de/man8/lastlog.8 b/man/de/man8/lastlog.8 deleted file mode 100644 index 0f584050..00000000 --- a/man/de/man8/lastlog.8 +++ /dev/null @@ -1,111 +0,0 @@ -'\" t -.\" Title: lastlog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "LASTLOG" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -lastlog \- berichtet die letzte Anmeldung f\(:ur alle oder einen bestimmten Benutzer -.SH "\(:UBERSICHT" -.HP \w'\fBlastlog\fR\ 'u -\fBlastlog\fR [\fIOptionen\fR] -.SH "BESCHREIBUNG" -.PP -\fBlastlog\fR -formatiert und gibt den Inhalt der Datei mit den letzten Anmeldungen, -/var/log/lastlog, aus\&. Der -\fIAnmeldename\fR, der -\fIPort\fR -und der -\fIZeitpunkt der letzten Anmeldung\fR -werden angezeigt\&. Standardm\(:a\(ssig (keine Optionen) werden die Lastlog\-Eintr\(:age in der Reihenfolge, wie sie sich in -/etc/passwd -befinden, ausgegeben\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBlastlog\fR -unterst\(:utzt werden, sind: -.PP -\fB\-b\fR, \fB\-\-before\fR\ \&\fITAGE\fR -.RS 4 -gibt nur Lastlog\-Eintr\(:age aus, die \(:alter als -\fITAGE\fR -sind -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fITAGE\fR -.RS 4 -gibt nur Lastlog\-Eintr\(:age aus, die neuer als -\fITAGE\fR -sind -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIMENGE\fR -.RS 4 -gibt nur die Lastlog\-Eintr\(:age f\(:ur die angegebenen Benutzer aus -.sp -Die Bestimmung der Benutzer erfolgt durch ihren Anmeldenamen, ihrer zahlenm\(:a\(ssigen Benutzer\-ID oder einer -\fIMENGE\fR -von Benutzern\&. Diese -\fIMENGE\fR -kann mit Minimum\- und Maximumwerten (\fIUID_MIN\-UID_MAX\fR), nur mit einem Maximumwert (\fIUID_MIN\-UID_MAX\fR) oder nur einem Minimumwert (\fIUID_MIN\-\fR) bestimmt werden\&. -.RE -.PP -Wenn sich ein Benutzer noch nie angemeldet hat, wird die Meldung -\fI** Never logged in**\fR -anstatt von Port und Zeit angezeigt\&. -.PP -Es werden nur Eintr\(:age f\(:ur auf dem System vorhandene Benutzer angezeigt, selbst wenn Eintr\(:age \(:uber gel\(:oschte Benutzer noch vorhanden sind\&. -.SH "ANMERKUNGEN" -.PP -Bei der Datei -lastlog -handelt es sich um eine Datenbank, die Informationen zur letzten Anmeldung der Benutzer enth\(:alt\&. Sie sollten sie nicht austauschen\&. Es handelt sich um eine Sparse\-Datei, so dass die tats\(:achliche Gr\(:o\(sse auf dem Speichermedium gew\(:ohnlich viel kleiner ist als von \(Fc\fBls \-l\fR\(Fo angezeigt wird (was eine sehr gro\(sse Datei anzeigen kann, wenn sich Benutzer mit einer gro\(ssen UID in -passwd -befinden)\&. Die wirkliche Dateigr\(:o\(sse l\(:asst sich mit \(Fc\fBls \-s\fR\(Fo anzeigen\&. -.SH "DATEIEN" -.PP -/var/log/lastlog -.RS 4 -Datenbank mit Zeiten der letzten Anmeldung der Benutzer -.RE -.SH "WARNUNGEN" -.PP -Gro\(sse L\(:ucken in den UID\-Zahlen haben zur Folge, dass das Lastlog\-Programm l\(:angere Zeit ohne Bildschirmausgabe l\(:auft\&. Wenn sich z\&.B\&. in der Datenbank von Lastlog kein Eintrag f\(:ur Benutzer mit der UID zwischen 170 und 800 befindet, wird es scheinen, als ob lastlog stehen geblieben ist, w\(:ahrend es die Eintr\(:age mit der UID 171 bis 799 verarbeitet\&. diff --git a/man/de/man8/logoutd.8 b/man/de/man8/logoutd.8 deleted file mode 100644 index 357f8002..00000000 --- a/man/de/man8/logoutd.8 +++ /dev/null @@ -1,59 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "LOGOUTD" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -logoutd \- richtet Beschr\(:ankung von Anmeldezeiten ein -.SH "\(:UBERSICHT" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "BESCHREIBUNG" -.PP -\fBlogoutd\fR -setzt die Anmeldezeiten und Portbeschr\(:ankungen aus -/etc/porttime -um\&. -\fBlogoutd\fR -sollte aus -/etc/rc -gestartet werden\&. Die Datei -/var/run/utmp -wird regelm\(:a\(ssig abgerufen, wobei jeder Benutzername darauf \(:uberpr\(:uft wird, ob er f\(:ur den jeweiligen Port zur jeweiligen Zeit zugelassen ist\&. Alle angemeldeten Sitzungen, die gegen die Beschr\(:ankungen in -/etc/porttime -versto\(ssen, werden beendet\&. -.SH "DATEIEN" -.PP -/etc/porttime -.RS 4 -Datei, die den Port\-Zugriff enth\(:alt\&. -.RE -.PP -/var/run/utmp -.RS 4 -Liste der aktuellen angemeldeten Sitzungen -.RE diff --git a/man/de/man8/newusers.8 b/man/de/man8/newusers.8 deleted file mode 100644 index 9dec2dcc..00000000 --- a/man/de/man8/newusers.8 +++ /dev/null @@ -1,445 +0,0 @@ -'\" t -.\" Title: newusers -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "NEWUSERS" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -newusers \- erstellt oder aktualisiert mehrere neue Benutzer am St\(:uck -.SH "\(:UBERSICHT" -.HP \w'\fBnewusers\fR\ 'u -\fBnewusers\fR [\fIOptionen\fR] [\fIDatei\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBnewusers\fR -verwendet eine -\fIDatei\fR -(oder standardm\(:a\(ssig die Standardeingabe) und aktualisiert damit eine Gruppe bestehender Benutzer oder erstellt damit neue Benutzer\&. Jede Zeile hat dasselbe Format wie die \(:ubliche Passwortdatei (vergleiche -\fBpasswd\fR(5)) mit den unten aufgef\(:uhrten Ausnahmen: -.PP -pw_Name:pw_Passwort:pw_uid:pw_gid:pw_gecos:pw_Verz:pw_shell -.PP -\fIpw_Name\fR -.RS 4 -Dies ist der Name des Benutzers\&. -.sp -Es kann sich dabei um den Namen eines neuen oder eines existierenden Benutzer (oder eines, der zuvor mit -\fBnewusers\fR -erstellt wurde) handeln\&. F\(:ur den Fall, dass der Benutzer bereits vorhanden ist, werden seine Daten ver\(:andert, anderenfalls wird ein neuer Benutzer erstellt\&. -.RE -.PP -\fIpw_Passwort\fR -.RS 4 -Dieses Feld wird verschl\(:usselt und als neuer Wert f\(:ur das verschl\(:usselte Passwort verwendet\&. -.RE -.PP -\fIpw_uid\fR -.RS 4 -Mit diesem Feld wird die UID des Benutzers bestimmt\&. -.sp -Wenn dieses Feld leer ist, wird von -\fBnewusers\fR -automatisch eine neue (noch freie) UID gew\(:ahlt\&. -.sp -Wenn dieses Feld eine Zahl enth\(:alt, wird sie als UID verwendet\&. -.sp -Wenn dieses Feld den Namen eines existierenden Benutzers enth\(:alt (oder eines Benutzers, der zuvor mit -\fBnewusers\fR -erstellt wurde), wird die UID des angegebenen Benutzers verwendet\&. -.sp -Falls die UID eines bestehenden Benutzers ver\(:andert wird, muss der Eigent\(:umer der Dateien des Benutzers per Hand angepasst werden\&. -.RE -.PP -\fIpw_gid\fR -.RS 4 -Mit diesem Feld wird die ID der Hauptgruppe des Benutzers definiert\&. -.sp -Wenn dieses Feld den Namen einer existierenden Gruppe enth\(:alt (oder einer Gruppe, die zuvor mit -\fBnewusers\fR -erstellt wurde), wird die GID dieser Gruppe als ID der Hauptgruppe des Benutzers verwendet\&. -.sp -Wenn dieses Feld eine Zahl enth\(:alt, wird sie als ID der Hauptgruppe des Benutzers verwendet\&. Falls eine Gruppe mit dieser GID nicht existiert, wird eine neue Gruppe mit dieser GID unter dem Namen des Benutzers erstellt\&. -.sp -Wenn dieses Feld leer ist, wird eine neue Gruppe unter dem Namen des Benutzers erstellt und von -\fBnewusers\fR -automatisch eine neue GID gew\(:ahlt, die als ID der Hauptgruppe des Benutzers und als GID f\(:ur die neue Gruppe dient\&. -.sp -Wenn dieses Feld den Namen einer Gruppe enth\(:alt, die nicht vorhanden ist (und nicht zuvor von -\fBnewusers\fR -erstellt wurde), wird eine neue Gruppe unter dem angegebenen Namen erstellt und von -\fBnewusers\fR -automatisch eine neue GID gew\(:ahlt, die als ID der Hauptgruppe des Benutzers und als GID f\(:ur die neue Gruppe dient\&. -.RE -.PP -\fIpw_gecos\fR -.RS 4 -Dieses Feld wird in das GECOS\-Feld des Benutzers kopiert\&. -.RE -.PP -\fIpw_Verz\fR -.RS 4 -Mit diesem Feld wird das Home\-Verzeichnis des Benutzers definiert\&. -.sp -Wenn in diesem Feld ein Verzeichnis angegeben wird, das nicht vorhanden ist, wird es erstellt\&. Dieses geh\(:ort dem Benutzer, der gerade erstellt und aktualisiert wird, und dessen Hauptgruppe\&. -.sp -Wenn das Home\-Verzeichnis eines vorhandenen Benutzers ge\(:andert wird, verschiebt oder kopiert -\fBnewusers\fR -nicht den Inhalt des alten Verzeichnisses in das neue\&. Dies muss von Hand erledigt werden\&. -.RE -.PP -\fIpw_shell\fR -.RS 4 -Mit diesem Feld wird die Shell des Benutzers definiert\&. Diese Eingabe wird nicht \(:uberpr\(:uft\&. -.RE -.PP -Zuerst erstellt und \(:andert -\fBnewusers\fR -die angegebenen Benutzer und schreibt die \(:Anderungen in die Benutzer\- oder Gruppendatenbank\&. Falls ein Fehler auftritt (au\(sser beim Schreiben in die Datenbanken), werden in den Datenbanken keine \(:Anderungen vorgenommen\&. -.PP -Dieser Befehl ist f\(:ur den Einsatz in einer Umgebung mit zahlreichen Systemen vorgesehen, in der viele Konten gleichzeitig aktualisiert werden m\(:ussen\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBnewusers\fR -unterst\(:utzt werden, sind: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Definiert die Methode, mit der die Passw\(:orter verschl\(:usselt werden\&. -.sp -Die verf\(:ugbaren Methoden sind DES, MD5, NONE und SHA256 oder SHA512, soweit Ihre libc sie unterst\(:utzt\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -erstellt ein Systemkonto -.sp -Systembenutzer werden ohne Hinterlegung des Alters ihres Passworts in -/etc/shadow -erstellt\&. Ihre numerische Kennung wird aus der Spanne -\fBSYS_UID_MIN\fR -bis -\fBSYS_UID_MAX\fR -anstelle von -\fBUID_MIN\fR -bis -\fBUID_MAX\fR -gew\(:ahlt (gleiches gilt f\(:ur die GID bei der Erstellung von Gruppen)\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Verwendet die angegebene Anzahl von Runden, um die Passw\(:orter zu verschl\(:usseln\&. -.sp -Ein Wert von 0 bedeutet, dass das System die Standardanzahl der Runden (5000) f\(:ur die Verschl\(:usselung verwenden wird\&. -.sp -Der Mindestwert ist 1000, der H\(:ochstwert 999\&.999\&.999\&. -.sp -Sie k\(:onnen diese Option nur mit den Verschl\(:usselungsmethoden SHA256 und SHA512 verwenden\&. -.sp -Standardm\(:a\(ssig wird die Anzahl der Runden mit den Variablen SHA_CRYPT_MIN_ROUNDS und SHA_CRYPT_MAX_ROUNDS in -/etc/login\&.defs -definiert\&. -.RE -.SH "WARNUNGEN" -.PP -Die Eingabedatei muss gesch\(:utzt werden, da sie unverschl\(:usselte Passw\(:orter enth\(:alt\&. -.PP -Sie sollten darauf achten, dass Passw\(:orter und Verschl\(:usselungsmethode in Einklage mit der Passwortrichtlinie des Systems stehen\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBENCRYPT_METHOD\fR (Zeichenkette) -.RS 4 -Damit wird der standardm\(:a\(ssige Verschl\(:usselungsalgorithmus, mit dem Passw\(:orter verschl\(:usselt werden, bestimmt (soweit nicht in der Befehlszeile ein Algorithmus angegeben wird)\&. -.sp -Ihm kann einer der folgenden Wert zugewiesen werden: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Hinweis: Dieser Parameter \(:uberschreibt die Variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBGID_MAX\fR (Zahl), \fBGID_MIN\fR (Zahl) -.RS 4 -der Bereich von Gruppen\-IDs, aus dem die Programme -\fBuseradd\fR, -\fBgroupadd\fR -oder -\fBnewusers\fR -bei der Erstellung normaler Gruppen ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBGID_MIN\fR -ist 1000, f\(:ur -\fBGID_MAX\fR -60\&.000\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolesch) -.RS 4 -Legt fest, ob Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt werden\&. Falls diesem Wert -\fIyes\fR -zugewiesen ist, werden neue Passw\(:orter mit dem auf MD5 beruhenden Algorithmus verschl\(:usselt, der zu dem in der aktuellen Ver\(:offentlichung von FreeBSD eingesetzten Algorithmus kompatibel ist\&. Passw\(:orter k\(:onnen dann beliebig lang sein, auch die Salt\-Zeichenketten sind l\(:anger\&. Setzen Sie diesen Wert auf -\fIno\fR, wenn Sie verschl\(:usselte Passw\(:orter auf ein anderes System kopieren m\(:ochten, das den neuen Algorithmus nicht versteht\&. Der Standardwert ist -\fIno\fR\&. -.sp -Dieser Variable geht die Variable -\fBENCRYPT_METHOD\fR -und eine Option auf der Befehlszeile, mit der der Verschl\(:usselungsalgorithmus bestimmt wird, vor\&. -.sp -Der Einsatz dieser Variable ist veraltet\&. Sie sollten -\fBENCRYPT_METHOD\fR -verwenden\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (Zahl) -.RS 4 -Die maximale Anzahl von Tagen, f\(:ur die ein Passwort verwendet werden darf\&. Wenn das Passwort \(:alter ist, wird ein Wechsel des Passworts erzwungen\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (Zahl) -.RS 4 -Die Mindestanzahl von Tagen, bevor ein Wechsel des Passworts zugelassen wird\&. Ein vorheriger Versuch, das Passwort zu \(:andern, wird abgelehnt\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (Zahl) -.RS 4 -Die Anzahl von Tagen, an denen der Benutzer vorgewarnt wird, bevor das Passwort verf\(:allt\&. Eine Null bedeutet, dass eine Warnung nur am Tag des Verfalls ausgegeben wird\&. Ein negativer Wert bedeutet, dass keine Vorwarnung erfolgt\&. Falls nicht angegeben, wird keine Vorwarnung ausgegeben\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (Zahl), \fBSHA_CRYPT_MAX_ROUNDS\fR (Zahl) -.RS 4 -Wenn -\fBENCRYPT_METHOD\fR -auf -\fISHA256\fR -oder -\fISHA512\fR -gesetzt ist, legt dies die Anzahl der Runden von SHA fest, die standardm\(:a\(ssig vom Verschl\(:usselungsalgorithmus verwendet werden (falls die Anzahl der Runden nicht auf der Befehlszeile angegeben wird)\&. -.sp -Je mehr Runden Sie definieren, umso schwieriger ist es, das Passwort mit sturem Durchprobieren (brute force) zu knacken; umso mehr Rechenleistung wird jedoch auch f\(:ur die Anmeldung eines Benutzers ben\(:otigt\&. -.sp -Falls Sie nichts angeben, wird libc die Standardanzahl der Runden festlegen (5000)\&. -.sp -Die Werte m\(:ussen zwischen 1000\-999\&.999\&.999 liegen\&. -.sp -Falls nur der Wert f\(:ur -\fBSHA_CRYPT_MIN_ROUNDS\fR -oder -\fBSHA_CRYPT_MAX_ROUNDS\fR -festgelegt wird, wird dieser Wert verwendet\&. -.sp -Falls -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, wird der h\(:ohere Wert verwendet\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (Zahl), \fBSYS_GID_MIN\fR (Zahl) -.RS 4 -der Bereich von Gruppen\-IDs, aus dem die Programme -\fBuseradd\fR, -\fBgroupadd\fR -oder -\fBnewusers\fR -bei der Erstellung von Systemgruppen ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBSYS_GID_MIN\fR -ist 101, f\(:ur -\fBSYS_GID_MAX\fR\fBGID_MIN\fR\-1\&. -.RE -.PP -\fBSYS_UID_MAX\fR (Zahl), \fBSYS_UID_MIN\fR (Zahl) -.RS 4 -der Bereich von Benutzer\-IDs, aus dem die Programme -\fBuseradd\fR -oder -\fBnewusers\fR -bei der Erstellung von Systembenutzern ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBSYS_UID_MIN\fR -ist 101, f\(:ur -\fBSYS_UID_MAX\fR\fBUID_MIN\fR\-1\&. -.RE -.PP -\fBUID_MAX\fR (Zahl), \fBUID_MIN\fR (Zahl) -.RS 4 -der Bereich von Benutzer\-IDs, aus dem die Programme -\fBuseradd\fR -oder -\fBnewusers\fR -bei der Erstellung normaler Benutzer ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBUID_MIN\fR -ist 1000, f\(:ur -\fBUID_MAX\fR -60\&.000\&. -.RE -.PP -\fBUMASK\fR (Zahl) -.RS 4 -Die Bit\-Gruppe, welche die Rechte von erstellten Dateien bestimmt, wird anf\(:anglich auf diesen Wert gesetzt\&. Falls nicht angegeben, wird sie auf 022 gesetzt\&. -.sp -\fBuseradd\fR -und -\fBnewusers\fR -verwenden diese Bit\-Gruppe, um die Rechte des von ihnen erstellten Home\-Verzeichnisses zu setzen\&. -.sp -Sie wird auch von -\fBlogin\fR -verwendet, um die anf\(:angliche Umask eines Benutzers zu bestimmen\&. Beachten Sie, dass diese Bit\-Gruppe durch die GECOS\-Zeile des Benutzers (wenn -\fBQUOTAS_ENAB\fR -gesetzt wurde) oder die Festlegung eines Limits in -\fBlimits\fR(5) -mit der Kennung -\fIK\fR -\(:uberschrieben werden kann\&. -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBlogin.defs\fR(5), -\fBpasswd\fR(1), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/de/man8/nologin.8 b/man/de/man8/nologin.8 deleted file mode 100644 index b4eb841b..00000000 --- a/man/de/man8/nologin.8 +++ /dev/null @@ -1,51 +0,0 @@ -'\" t -.\" Title: nologin -.\" Author: Nicolas Fran\(,cois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "NOLOGIN" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -nologin \- lehnt h\(:oflich eine Anmeldung ab -.SH "\(:UBERSICHT" -.HP \w'\fBnologin\fR\ 'u -\fBnologin\fR -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBnologin\fR -zeigt die Meldung an, dass ein Konto nicht verf\(:ugbar ist, und gibt einen Wert von ungleich Null zur\(:uck\&. Dies ist als Einsatz f\(:ur das Shell\-Feld bei abgeschalteten Konten vorgesehen\&. -.PP -Wie Sie alle Konten abschalten, erfahren Sie unter -\fBnologin\fR(5)\&. -.SH "SIEHE AUCH" -.PP -\fBlogin\fR(1), -\fBnologin\fR(5)\&. -.SH "GESCHICHTE" -.PP -Der Befehl -\fBnologin\fR -tauchte erstmals in BSD 4\&.4 auf\&. diff --git a/man/de/man8/pwck.8 b/man/de/man8/pwck.8 deleted file mode 100644 index 0fa6ddf5..00000000 --- a/man/de/man8/pwck.8 +++ /dev/null @@ -1,323 +0,0 @@ -'\" t -.\" Title: pwck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "PWCK" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -pwck \- \(:uberpr\(:uft die Stimmigkeit der Passwortdateien -.SH "\(:UBERSICHT" -.HP \w'\fBpwck\fR\ 'u -\fBpwck\fR [Optionen] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBpwck\fR -\(:uberpr\(:uft die Stimmigkeit der Benutzer\- und Authentifizierungsdaten\&. Alle Eintr\(:age in -/etc/passwd -und -/etc/shadow -werden darauf \(:uberpr\(:uft, ob der Eintrag das richtige Format hat und g\(:ultige Daten enth\(:alt\&. Der Benutzer wird aufgefordert, Eintr\(:age zu l\(:oschen, die falsch formatiert sind oder andere unbehebbare Fehler enthalten\&. -.PP -Es wird \(:uberpr\(:uft, ob jeder Eintrag folgende Eigenschaften aufweist: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -die richtige Anzahl von Feldern -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -einen eindeutigen und g\(:ultigen Benutzernamen -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -eine g\(:ultige Benutzer\- und Gruppenkennung -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -eine g\(:ultige Hauptgruppe -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ein g\(:ultiges Home\-Verzeichnis -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -eine g\(:ultige Anmelde\-Shell -.RE -.PP -Eine \(:Uberpr\(:ufung von -shadow -findet statt, wenn ein zweiter Parameter angegeben wird oder auf dem System -/etc/shadow -existiert\&. -.PP -Diese Tests umfassen Folgendes: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ob jedem Eintrag in passwd ein Eintrag in shadow entspricht und umgekehrt -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ob die Passw\(:orter in der Shadow\-Datei niedergelegt sind -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ob die shadow\-Eintr\(:age die richtige Anzahl von Feldern haben -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ob die Shadow\-Eintr\(:age in shadow eindeutig sind -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -dass das Datum der letzten Passwort\(:anderung nicht in der Zukunft liegt -.RE -.PP -Fehler bei der \(:Uberpr\(:ufung der richtigen Anzahl der Felder und des eindeutigen Benutzernames sind schwerwiegend\&. Wenn ein Eintrag die falsche Anzahl von Feldern ausweist, wird der Benutzer aufgefordert, die gesamte Zeile zu l\(:oschen\&. Wenn dies der Benutzer ablehnt, werden alle weiteren Tests ausgelassen\&. Bei einem Eintrag mit einem mehrfach verwendeten Benutzernamen wird der Benutzer aufgefordert, diesen Eintrag zu l\(:oschen\&. Sollte er dies ablehnen, werden dennoch die \(:ubrigen Test ausgef\(:uhrt\&. Bei allen anderen Fehlern wird eine Warnung abgegeben und der Benutzer aufgefordert, den Fehler mittels des Befehls -\fBusermod\fR -zu beheben\&. -.PP -Die Befehle, welche die Datei -/etc/passwd -bearbeiten, k\(:onnen falsche oder doppelte Eintr\(:age nicht ver\(:andern\&. In solchen F\(:allen sollte -\fBpwck\fR -verwendet werden, um den betreffenden Eintrag zu entfernen\&. -.SH "OPTIONEN" -.PP -Die Optionen -\fB\-r\fR -und -\fB\-s\fR -k\(:onnen nicht zusammen verwendet werden\&. -.PP -Die Optionen, die vom Befehl -\fBpwck\fR -unterst\(:utzt werden, sind: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -meldet nur Fehler\&. Warnungen, die keine Handlung des Benutzers erfordern, werden nicht angezeigt -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -f\(:uhrt den Befehl -\fBpwck\fR -im Modus Nur\-Lesen aus -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -ordnet die Eintr\(:age in -/etc/passwd -und -/etc/shadow -nach der UID -.RE -.PP -Standardm\(:a\(ssig bearbeitet -\fBpwck\fR -die Dateien -/etc/passwd -und -/etc/shadow\&. Der Benutzer kann andere Dateien mit den Parametern -\fIpasswd\fR -und -\fIshadow\fR -ausw\(:ahlen\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBPASS_MAX_DAYS\fR (Zahl) -.RS 4 -Die maximale Anzahl von Tagen, f\(:ur die ein Passwort verwendet werden darf\&. Wenn das Passwort \(:alter ist, wird ein Wechsel des Passworts erzwungen\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (Zahl) -.RS 4 -Die Mindestanzahl von Tagen, bevor ein Wechsel des Passworts zugelassen wird\&. Ein vorheriger Versuch, das Passwort zu \(:andern, wird abgelehnt\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (Zahl) -.RS 4 -Die Anzahl von Tagen, an denen der Benutzer vorgewarnt wird, bevor das Passwort verf\(:allt\&. Eine Null bedeutet, dass eine Warnung nur am Tag des Verfalls ausgegeben wird\&. Ein negativer Wert bedeutet, dass keine Vorwarnung erfolgt\&. Falls nicht angegeben, wird keine Vorwarnung ausgegeben\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBpwck\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI1\fR -.RS 4 -unzul\(:assige Syntax f\(:ur diesen Befehl -.RE -.PP -\fI2\fR -.RS 4 -ein oder mehrere fehlerhafte Passworteintr\(:age -.RE -.PP -\fI3\fR -.RS 4 -Die Passwortdatei kann nicht ge\(:offnet werden\&. -.RE -.PP -\fI4\fR -.RS 4 -Die Passwortdatei kann nicht gesperret werden\&. -.RE -.PP -\fI5\fR -.RS 4 -Die Passwortdatei kann nicht aktualisieren werden\&. -.RE -.PP -\fI6\fR -.RS 4 -Die Passwortdatei kann nicht sortieren werden\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBusermod\fR(8)\&. diff --git a/man/de/man8/pwconv.8 b/man/de/man8/pwconv.8 deleted file mode 100644 index d5033da5..00000000 --- a/man/de/man8/pwconv.8 +++ /dev/null @@ -1,185 +0,0 @@ -'\" t -.\" Title: pwconv -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "PWCONV" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -pwconv, pwunconv, grpconv, grpunconv \- konvertiert zu oder von Shadow\-Passw\(:ortern und \-gruppen -.SH "\(:UBERSICHT" -.HP \w'\fBpwconv\fR\ 'u -\fBpwconv\fR [\fIOptionen\fR] -.HP \w'\fBpwunconv\fR\ 'u -\fBpwunconv\fR [\fIOptionen\fR] -.HP \w'\fBgrpconv\fR\ 'u -\fBgrpconv\fR [\fIOptionen\fR] -.HP \w'\fBgrpunconv\fR\ 'u -\fBgrpunconv\fR [\fIOptionen\fR] -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBpwconv\fR -erstellt eine -\fIshadow\fR\-Datei aus einer -\fIpasswd\fR\-Datei und gegebenenfalls aus einer bereits vorhandenen -\fIshadow\fR\-Datei\&. -.PP -Der Befehl -\fBpwunconv\fR -erstellt eine -\fIpasswd\fR\-Datei aus einer -\fIpasswd\fR\- und -\fIshadow\fR\-Datei und entfernt anschlie\(ssend die\fIshadow\fR\-Datei\&. -.PP -Der Befehl -\fBgrconv\fR -erstellt eine -\fIgshadow\fR\-Datei aus einer -\fIgroup\fR\-Datei und gegebenenfalls aus einer bereits vorhandenen -\fIgshadow\fR\-Datei\&. -.PP -Der Befehl -\fBgrpunconv\fR -erstellt eine -\fIgroup\fR\-Datei aus einer -\fIgroup\fR\- und -\fIgshadow\fR\-Datei und entfernt anschlie\(ssend die -\fIgshadow\fR\-Datei\&. -.PP -Diese vier Programme funktionieren mit der normalen und der Shadow\-Passwortdatei und den Gruppendateien: -/etc/passwd, -/etc/group, -/etc/shadow -und -/etc/gshadow\&. -.PP -Jedes dieser Programme erzeugt vor der Konvertierung die notwendigen Sperren\&. -\fBpwconv\fR -und -\fBgrpconv\fR -sind vergleichbar\&. Zuerst werden die Eintr\(:age aus der Shadow\-Datei entfernt, die nicht in der Hauptdatei enthalten sind\&. Anschlie\(ssend werden die Eintr\(:age in der Shadow\-Datei aktualisiert, die kein \(Fcx\(Fo als Passwort haben\&. Zuletzt werden die Passw\(:orter in der Hauptdatei durch \(Fcx\(Fo ersetzt\&. Diese Programme k\(:onnen f\(:ur eine erstmalige Konvertierung genutzt werden als auch, um die Shadow\-Datei zu aktualisieren, falls die Hauptdatei von Hand bearbeitet wurde\&. -.PP -\fBpwconv\fR -verwendet die Werte -\fIPASS_MIN_DAYS\fR, -\fIPASS_MAX_DAYS\fR -und -\fIPASS_WARN_AGE\fR -aus -/etc/login\&.defs, wenn neue Eintr\(:age zu -/etc/shadow -hinzugef\(:ugt werden\&. -.PP -Ebenfalls sind die Befehle -\fBpwunconv\fR -und -\fBgrpunconv\fR -\(:ahnlich\&. Passw\(:orter in der Hauptdatei werden durch die Shadow\-Datei aktualisiert\&. Eintr\(:age, welche in der Hauptdatei, aber nicht in der Shadow\-Datei vorhanden sind, bleiben unber\(:uhrt\&. Zuletzt wird die Shadow\-Datei gel\(:oscht\&. Eine Information f\(:ur den Verfall von Passw\(:ortern geht durch -\fBpwunconv\fR -verloren\&. Es wird aber so viel wie m\(:oglich umgewandelt\&. -.SH "OPTIONEN" -.PP -Die Optionen, die von den Befehlen -\fBpwconv\fR, -\fBpwunconv\fR, -\fBgrpconv\fR -und -\fBgrpunconv\fR -unterst\(:utzt werden, sind: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.SH "FEHLER" -.PP -Fehler in der Passwort\- oder Gruppendatei (wie z\&.B\&. ung\(:ultige oder doppelte Eintr\(:age) k\(:onnen zu Endlosschleifen oder anderen seltsamen Fehlern f\(:uhren\&. Sie sollten daher -\fBpwck\fR -und -\fBgrpck\fR -ausf\(:uhren, um solche Fehler zu entfernen, bevor Sie von oder zu Shadow\-Passw\(:ortern oder \-gruppen umwandeln\&. -.SH "KONFIGURATION" -.PP -Die folgende Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten von -\fBgrpconv\fR -und -\fBgrpunconv\fR: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten von -\fBpwconv\fR: -.PP -\fBPASS_MAX_DAYS\fR (Zahl) -.RS 4 -Die maximale Anzahl von Tagen, f\(:ur die ein Passwort verwendet werden darf\&. Wenn das Passwort \(:alter ist, wird ein Wechsel des Passworts erzwungen\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (Zahl) -.RS 4 -Die Mindestanzahl von Tagen, bevor ein Wechsel des Passworts zugelassen wird\&. Ein vorheriger Versuch, das Passwort zu \(:andern, wird abgelehnt\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (Zahl) -.RS 4 -Die Anzahl von Tagen, an denen der Benutzer vorgewarnt wird, bevor das Passwort verf\(:allt\&. Eine Null bedeutet, dass eine Warnung nur am Tag des Verfalls ausgegeben wird\&. Ein negativer Wert bedeutet, dass keine Vorwarnung erfolgt\&. Falls nicht angegeben, wird keine Vorwarnung ausgegeben\&. -.RE -.SH "DATEIEN" -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "SIEHE AUCH" -.PP -\fBgrpck\fR(8), -\fBlogin.defs\fR(5), -\fBpwck\fR(8)\&. diff --git a/man/de/man8/pwunconv.8 b/man/de/man8/pwunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/de/man8/pwunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/de/man8/sulogin.8 b/man/de/man8/sulogin.8 deleted file mode 100644 index 72c433f5..00000000 --- a/man/de/man8/sulogin.8 +++ /dev/null @@ -1,117 +0,0 @@ -'\" t -.\" Title: sulogin -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "SULOGIN" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -sulogin \- Single\-user login -.SH "SYNTAX" -.PP -\fBsulogin\fR -[\fItty\-device\fR] -.SH "BESCHREIBUNG" -.PP -The -\fBsulogin\fR -command is invoked by -\fBinit\fR -prior to allowing the user access to the system when in single user mode\&. This feature may only be available on certain systems where -\fBinit\fR -has been modified accordingly, or where the -/etc/inittab -has an entry for a single user login\&. -.PP -The user is prompted -.PP -Type control\-d to proceed with normal startup, (or give root password for system maintenance): -.PP -Input and output will be performed with the standard file descriptors unless the optional device name argument is provided\&. -.PP -If the user enters the correct root password, a login session is initiated\&. When -\fIEOF\fR -is pressed instead, the system enters multi\-user mode\&. -.PP -After the user exits the single\-user shell, or presses -\fIEOF\fR, the system begins the initialization process required to enter multi\-user mode\&. -.SH "WARNUNGEN" -.PP -This command can only be used if -\fBinit\fR -has been modified to call -\fBsulogin\fR -instead of -/bin/sh, or if the user has set the -\fIinittab\fR -to support a single user login\&. For example, the line: -.PP -co:s:respawn:/etc/sulogin /dev/console -.PP -should execute the sulogin command in single user mode\&. -.PP -As complete an environment as possible is created\&. However, various devices may be unmounted or uninitialized and many of the user commands may be unavailable or nonfunctional as a result\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBENV_HZ\fR (Zeichenkette) -.RS 4 -Wenn vergeben, wird damit die Umgebungsvariable HZ definiert, wenn sich ein Benutzer anmeldet\&. Dem Wert muss ein -\fIHZ=\fR -vorangestellt werden\&. Ein \(:ublicher Wert bei Linux ist -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_TZ\fR (Zeichenkette) -.RS 4 -Wenn gesetzt, wird damit die Umgebungsvariable TZ definiert, wenn sich ein Benutzer anmeldet\&. Der Wert kann der Name der Zeitzone sein, dem -\fITZ=\fR -vorausgeht (zum Beispiel -\fITZ=CST6CDT\fR), oder der vollst\(:andige Pfad der Datei, welche die Konfiguration der Zeitzone enth\(:alt (zum Beispiel -/etc/tzname)\&. -.sp -Wenn ein vollst\(:andiger Pfadname angegeben wird, die Datei aber nicht existiert oder nicht lesbar ist, wird -\fITZ=CST6CDT\fR -verwendet\&. -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBlogin\fR(1), -\fBsh\fR(1), -\fBinit\fR(8)\&. diff --git a/man/de/man8/useradd.8 b/man/de/man8/useradd.8 deleted file mode 100644 index 3e8d0f31..00000000 --- a/man/de/man8/useradd.8 +++ /dev/null @@ -1,770 +0,0 @@ -'\" t -.\" Title: useradd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "USERADD" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -useradd \- erstellt einen neuen Benutzer oder aktualisiert die Standardwerte f\(:ur neue Benutzer -.SH "\(:UBERSICHT" -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR [\fIOptionen\fR] \fIANMELDENAME\fR -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D [\fIOptionen\fR] -.SH "BESCHREIBUNG" -.PP -Wenn der Befehl -\fBuseradd\fR -ohne die Option -\fB\-D\fR -aufgerufen wird, wird ein neues Benutzerkonto mit den Werten erstellt, die auf der Befehlszeile angegeben wurden, und den Standardwerten des Systems\&. Je nach den Optionen auf der Befehlszeile aktualisiert der Befehl -\fBuseradd\fR -Systemdateien, erstellt ein Home\-Verzeichnis f\(:ur den neuen Benutzer und kopiert Dateien\&. -.PP -Standardm\(:a\(ssig wird auch eine Gruppe f\(:ur den neuen Benutzer erstellt (vergleiche -\fB\-g\fR, -\fB\-N\fR, -\fB\-U\fR -und -\fBUSERGROUPS_ENAB\fR)\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBuseradd\fR -unterst\(:utzt werden, sind: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIWURZEL_VERZ\fR -.RS 4 -Das standardm\(:a\(ssige Wurzelverzeichnis des Systems, wenn nicht eines mit -\fB\-d\fR\ \&\fIHOME_VERZ\fR -festgelegt wurde\&. Der Name des Home\-Verzeichnisses besteht aus der Verbindung von -\fIWURZEL_VERZ\fR -und dem Kontonamen\&. Wenn die Option -\fB\-m\fR -nicht verwendet wird, muss -\fIWURZEL_VERZ\fR -existieren\&. -.sp -Falls diese Option nicht angegeben wird, verwendet -\fBuseradd\fR -das Wurzelverzeichnis, das mit der Variable -\fBHOME\fR -in -/etc/default/useradd -festgelegt wurde, anderenfalls -/home\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fIKOMMENTAR\fR -.RS 4 -Eine beliebige Zeichenkette\&. Dies ist f\(:ur gew\(:ohnlich eine kurze Beschreibung des Logins und wird im Moment im Feld f\(:ur den vollst\(:andigen Namen des Benutzers gespeichert\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\-dir\fR\ \&\fIHOME_DIR\fR -.RS 4 -Beim Anlegen des neuen Benutzers wird -\fIHOME_VERZ\fR -als das Anmeldeverzeichnis des Benutzers verwendet\&. Um den Namen des Anmeldeverzeichnisses zu erhalten, wird standardm\(:a\(ssig der -\fIANMELDE\fR\-Name an -\fIWURZEL_VERZ\fR -angeh\(:angt\&. Das Verzeichnis -\fIHOME_VERZ\fR -muss nicht vorhanden sein, sondern wird gegebenenfalls angelegt\&. -.RE -.PP -\fB\-D\fR, \fB\-\-defaults\fR -.RS 4 -Lesen Sie dazu unten den Abschnitt \(FcDie Standardwerte ver\(:andern\(Fo\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIVERFALLS_DATUM\fR -.RS 4 -Das Datum, an welchem das Benutzerkonto deaktiviert wird\&. Das Datum muss im Format -\fIJJJJ\-MM\-TT\fR -angegeben werden\&. -.sp -Falls nicht definiert, verwendet -\fBuseradd\fR -das Standardverfallsdatum, das mit der Variable -\fBEXPIRE\fR -in -/etc/default/useradd -bestimmt wurde, anderenfalls eine leere Zeichenkette (kein Verfall)\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINAKTIV\fR -.RS 4 -Die Anzahl von Tagen nach Ablaufen des Passworts bis das Konto dauerhaft deaktiviert wird\&. Ein Wert von 0 deaktiviert das Konto, sobald das Passwort abl\(:auft\&. Ein Wert von \-1 schaltet diese Funktion ab\&. -.sp -Falls nicht definiert, verwendet -\fBuseradd\fR -die Standarddauer der Inaktivit\(:at, die mit der Variable -\fBINACTIVE\fR -in -/etc/default/useradd -bestimmt wurde, anderenfalls \-1\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGRUPPE\fR -.RS 4 -Der Name oder die Nummer der anf\(:anglichen Anmeldegruppe des Benutzers\&. Der Gruppenname muss existieren\&. Die Gruppenzahl muss auf eine bereits vorhandene Gruppe verweisen\&. -.sp -Falls nicht definiert, h\(:angt das Verhalten von -\fBuseradd\fR -von der Variable -\fBUSERGROUPS_ENAB\fR -in -/etc/default/useradd -ab\&. Wenn diese Variable auf -\fIyes\fR -gesetzt ist (oder auf der Befehlszeile -\fB\-U/\-\-user\-group\fR -angegeben wurde), wird f\(:ur den Benutzer eine Gruppe, die auf seinen Namen lautet, erstellt\&. Wenn die Variable auf -\fIno\fR -gesetzt ist (oder auf der Befehlszeile -\fB\-N/\-\-no\-user\-group\fR -angegeben wurde), legt useradd als Hauptgruppe des neuen Benutzers diejenige fest, die mit der Variable -\fBGROUP\fR -in -/etc/default/useradd -definiert wurde, anderenfalls 100\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGRUPPE_1\fR[\fI,GRUPPE_2, \&.\&.\&.\fR[\fI,GRUPPE_N\fR]]] -.RS 4 -Eine Liste der zus\(:atzlichen Gruppen, denen der Benutzer ebenfalls angeh\(:ort\&. Die Gruppen sind durch Kommata ohne Leerzeichen voneinander zu trennen\&. Die Gruppen unterliegen denselben Beschr\(:ankungen wie die Gruppe, die mit der Option -\fB\-g\fR -bestimmt wurde\&. Standardm\(:a\(ssig ist der Benutzer nur Mitglied der Ausgangsgruppe\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-k\fR, \fB\-\-skel\fR\ \&\fIGER\(:UST_VERZ\fR -.RS 4 -Das Ger\(:ustverzeichnis, das die Dateien und Verzeichnisse enth\(:alt, die in das Home\-Verzeichnis des Benutzers kopiert werden, wenn es von -\fBuseradd\fR -erstellt wird\&. -.sp -Diese Option ist nur zul\(:assig, wenn auch die Option -\fB\-m\fR -(oder -\fB\-\-create\-home\fR) angegeben wird\&. -.sp -Wenn diese Option nicht angegeben wird, wird das Ger\(:ustverzeichnis durch die Variable -\fBSKEL\fR -in -/etc/default/useradd -festgelegt, anderenfalls ist dieses -/etc/skel\&. -.sp -Soweit m\(:oglich, werden die ACLs und erweiterten Attribute kopiert\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fISCHL\(:USSEL\fR=\fIWERT\fR -.RS 4 -\(:Uberschreibt die Standardwerte aus -/etc/login\&.defs -(\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBUMASK\fR, -\fBPASS_MAX_DAYS\fR -und andere)\&. - -Beispiel: -\fB\-K\fR\ \&\fIPASS_MAX_TAGE\fR=\fI\-1\fR -kann eingesetzt werden, wenn ein Systemkonto erstellt wird, um den Verfall des Passworts abzuschalten, selbst wenn das Systemkonto \(:uberhaupt kein Passwort besitzt\&. Die Option -\fB\-K\fR -kann mehrmals verwendet werden, z\&.B\&.: -\fB\-K\fR\ \&\fIUID_MIN\fR=\fI100\fR\ \&\fB\-K\fR\ \&\fIUID_MAX\fR=\fI499\fR -.RE -.PP -\fB\-l\fR, \fB\-\-no\-log\-init\fR -.RS 4 -F\(:ugt den Benutzer nicht zu den Datenbanken lastlog und faillog hinzu\&. -.sp -Standardm\(:a\(ssig werden die Benutzereintr\(:age in den Datenbanken lastlog und faillog zur\(:uckgesetzt, um zu vermeiden, dass der Eintrag eines fr\(:uher gel\(:oschten Benutzers verwendet wird\&. -.RE -.PP -\fB\-m\fR, \fB\-\-create\-home\fR -.RS 4 -Erstellt das Home\-Verzeichnis des Benutzers, wenn es nicht vorhanden ist\&. Die Dateien und Verzeichnisse im Ger\(:ustverzeichnis, das mit der Option -\fB\-k\fR -festgelegt werden kann, werden in das Home\-Verzeichnis kopiert\&. -.sp -Wenn diese Option nicht angegeben wird und -\fBCREATE_HOME\fR -nicht aktiviert wurde, wird standardm\(:a\(ssig kein Home\-Verzeichnis erstellt\&. -.RE -.PP -\fB\-M\fR -.RS 4 -Erstellt nicht das Home\-Verzeichnis des Benutzers, selbst wenn die systemweite Option -\fBCREATE_HOME\fR -in -/etc/login\&.defs -auf -\fIyes\fR -gesetzt ist\&. -.RE -.PP -\fB\-N\fR, \fB\-\-no\-user\-group\fR -.RS 4 -Erstellt keine Gruppe mit dem gleichen Namen wie der Benutzer, aber f\(:ugt ihn der Gruppe hinzu, die mit der Option -\fB\-g\fR -oder mit der Variable -\fBGROUP\fR -in -/etc/default/useradd -angegeben wurde\&. -.sp -Wenn die Optionen -\fB\-g\fR, -\fB\-N\fR -und -\fB\-U\fR -nicht angegeben werden, wird das Verhalten durch die Variable -\fBUSERGROUPS_ENAB\fR -in -/etc/login\&.defs -bestimmt\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Erlaubt das Erstellen eines Benutzerkontos mit einer schon vergebenen (nicht eindeutigen) UID\&. -.sp -Diese Option kann nur in Verbindung mit der Option -\fB\-u\fR -verwendet werden\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORT\fR -.RS 4 -Das verschl\(:usselte Passwort, wie es von -\fBcrypt\fR(3) -zur\(:uckgegeben wird\&. Standardm\(:a\(ssig ist das Passwort deaktiviert\&. -.sp -\fBHinweis:\fR -Diese Option ist nicht empfehlenswert, weil das Passwort (auch wenn es verschl\(:usselt ist) f\(:ur Benutzer sichtbar ist, die sich den Prozess anzeigen lassen\&. -.sp -Sie sollten sicherstellen, dass das Passwort den Passwortrichtlinien des Systems entspricht\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -erstellt ein Systemkonto -.sp -Systembenutzer werden ohne Hinterlegung ihres Alters in -/etc/shadow -erstellt\&. Ihre numerische Kennung wird aus der Spanne -\fBSYS_UID_MIN\fR -bis -\fBSYS_UID_MAX\fR -anstelle von -\fBUID_MIN\fR -bis -\fBUID_MAX\fR -gew\(:ahlt (gleiches gilt f\(:ur die GID bei der Erstellung von Gruppen)\&. -.sp -Beachten Sie, dass -\fBuseradd\fR -f\(:ur einen solchen Benutzer unabh\(:angig von der Einstellung in -/etc/login\&.defs -(\fBCREATE_HOME\fR) kein Home\-Verzeichnis erzeugen wird\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Der Name der Anmelde\-Shell des Benutzers\&. Standardm\(:a\(ssig wird dieses Feld leer gelassen\&. Das System verwendet dann die Standard\-Anmelde\-Shell, die mit der Variable -\fBSHELL\fR -in -/etc/default/useradd -definiert wird, anderenfalls bleibt das Feld leer\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -Der zahlenm\(:a\(ssige Wert der Benutzer\-ID\&. Dieser Wert muss eindeutig sein, sofern nicht die Option -\fB\-o\fR -verwendet wird\&. Der Wert darf nicht negativ sein\&. Standardm\(:a\(ssig wird der kleinste Wert gr\(:o\(sser als oder gleich -\fBUID_MIN\fR -und gr\(:o\(sser als jeder andere Wert eines Benutzers verwendet\&. -.sp -Vergleichen Sie auch die Option -\fB\-r\fR -und die Ausf\(:uhrungen zu -\fBUID_MAX\fR\&. -.RE -.PP -\fB\-U\fR, \fB\-\-user\-group\fR -.RS 4 -erstellt eine Gruppe mit dem gleichen Name wie der Benutzer und f\(:ugt diesen der Gruppe hinzu -.sp -Wenn die Optionen -\fB\-g\fR, -\fB\-N\fR -und -\fB\-U\fR -nicht angegeben werden, wird das Verhalten durch die Variable -\fBUSERGROUPS_ENAB\fR -in -/etc/login\&.defs -bestimmt\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISE\-BENUTZER\fR -.RS 4 -Der SELinux\-Benutzer f\(:ur den Benutzer nach seiner Anmeldung\&. Standardm\(:a\(ssig bleibt dieses Feld leer und es wird dem System \(:uberlassen, den SELinux\-Benutzer zu bestimmen\&. -.RE -.SS "Die Standardwerte ver\(:andern" -.PP -Wenn -\fBuseradd\fR -nur mit der Option -\fB\-D\fR -aufgerufen wird, werden die aktuellen Standardwerte angezeigt\&. Wenn -\fBuseradd\fR -neben der Option -\fB\-D\fR -mit weiteren Optionen aufgerufen wird, werden deren Standardwerte entsprechend angepasst\&. Die g\(:ultigen Optionen, um Standardwerte zu \(:andern, sind: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIWURZEL_VERZ\fR -.RS 4 -Das Wurzelverzeichnis des Home\-Verzeichnisses eines neuen Benutzers\&. Der Benutzername wird an -\fIWURZEL_VERZ\fR -angeh\(:angt, um den Namen des Home\-Verzeichnisses zu erhalten, falls nicht die Option -\fB\-d\fR -bei der Erstellung eines neuen Kontos verwendet wird\&. -.sp -Diese Option ver\(:andert die Variable -\fBHOME\fR -in -/etc/default/useradd\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIVERFALLS_DATUM\fR -.RS 4 -das Datum, an dem das Benutzerkonto abgeschaltet wird -.sp -Diese Option ver\(:andert die Variable -\fBEXPIRE\fR -in -/etc/default/useradd\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINAKTIV\fR -.RS 4 -die Anzahl von Tagen nach dem Ablaufen des Passworts bis das Konto deaktiviert wird -.sp -Diese Option ver\(:andert die Variable -\fBINACTIVE\fR -in -/etc/default/useradd\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGRUPPE\fR -.RS 4 -Der Gruppenname oder die GID f\(:ur die Anfangsgruppe eines neuen Benutzers (wenn -\fB\-N/\-\-no\-user\-group\fR -verwendet wird oder wenn in -/etc/login\&.defs -die Variable -\fBUSERGROUPS_ENAB\fR -auf -\fIno\fR -gesetzt ist)\&. Die bezeichnete Gruppe und die GID m\(:ussen existieren\&. -.sp -Diese Option ver\(:andert die Variable -\fBGROUP\fR -in -/etc/default/useradd\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -der Name der Anmelde\-Shell des neuen Benutzers -.sp -Diese Option ver\(:andert die Variable -\fBSHELL\fR -in -/etc/default/useradd\&. -.RE -.SH "ANMERKUNGEN" -.PP -Der Systemadministrator ist daf\(:ur verantwortlich, die standardm\(:a\(ssigen Benutzerdateien im Verzeichnis -/etc/skel/ -(oder in einem anderen Ger\(:ustverzeichnis, das in -/etc/default/useradd -oder \(:uber die Befehlszeile definiert wurde), anzulegen\&. -.SH "WARNUNGEN" -.PP -Sie d\(:urfen einen Benutzer nicht einer NIS\- oder LDAP\-Gruppe hinzuf\(:ugen\&. Dies muss auf dem entsprechenden Server durchgef\(:uhrt werden\&. -.PP -Ebenso wird -\fBuseradd\fR -ablehnen, ein neues Benutzerkonto zu erstellen, wenn der Benutzername schon in einer externen Benutzerdatenbank wie z\&.B\&. NIS oder LDAP vorhanden ist\&. -.PP -Benutzernamen m\(:ussen mit einem Kleinbuchstaben oder einem Unterstrich beginnen\&. Sie d\(:urfen nur Kleinbuchstaben, Zahlen, Unterstriche oder Gedankenstriche enthalten\&. Sie k\(:onnen mit einem Dollarzeichen enden\&. Als regul\(:arer Ausdruck: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Benutzernamen d\(:urfen nur bis zu 32 Zeichen lang sein\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBCREATE_HOME\fR (boolesch) -.RS 4 -bestimmt, ob standardm\(:a\(ssig ein Home\-Verzeichnis f\(:ur neue Benutzer erstellt werden soll -.sp -Diese Einstellung trifft nicht auf Systembenutzer zu\&. Sie kann auf der Befehlszeile \(:uberschrieben werden\&. -.RE -.PP -\fBGID_MAX\fR (Zahl), \fBGID_MIN\fR (Zahl) -.RS 4 -der Bereich von Gruppen\-IDs, aus dem die Programme -\fBuseradd\fR, -\fBgroupadd\fR -oder -\fBnewusers\fR -bei der Erstellung normaler Gruppen ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBGID_MIN\fR -ist 1000, f\(:ur -\fBGID_MAX\fR -60\&.000\&. -.RE -.PP -\fBMAIL_DIR\fR (Zeichenkette) -.RS 4 -Das Verzeichnis des Mail\-Spools\&. Diese Angabe wird ben\(:otigt, um die Mailbox zu bearbeiten, nachdem das entsprechende Benutzerkonto ver\(:andert oder gel\(:oscht wurde\&. Falls nicht angegeben, wird ein Standard verwendet, der beim Kompilieren festgelegt wurde\&. -.RE -.PP -\fBMAIL_FILE\fR (Zeichenkette) -.RS 4 -Legt den Ort der Mail\-Spool\-Dateien eines Benutzers relativ zu seinem Home\-Verzeichnis fest\&. -.RE -.PP -Die Variablen -\fBMAIL_DIR\fR -und -\fBMAIL_FILE\fR -werden von -\fBuseradd\fR, -\fBusermod\fR -und -\fBuserdel\fR -verwendet, um den Mail\-Spool eines Benutzers zu erstellen, zu verschieben oder zu l\(:oschen\&. -.PP -Falls -\fBMAIL_CHECK_ENAB\fR -auf -\fIyes\fR -gesetzt ist, werden sie auch verwendet, um die Umgebungsvariable -\fBMAIL\fR -festzulegen\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (Zahl) -.RS 4 -Die maximale Anzahl von Tagen, f\(:ur die ein Passwort verwendet werden darf\&. Wenn das Passwort \(:alter ist, wird ein Wechsel des Passworts erzwungen\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (Zahl) -.RS 4 -Die Mindestanzahl von Tagen, bevor ein Wechsel des Passworts zugelassen wird\&. Ein vorheriger Versuch, das Passwort zu \(:andern, wird abgelehnt\&. Falls nicht angegeben, wird \-1 angenommen (was zur Folge hat, dass diese Beschr\(:ankung abgeschaltet ist)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (Zahl) -.RS 4 -Die Anzahl von Tagen, an denen der Benutzer vorgewarnt wird, bevor das Passwort verf\(:allt\&. Eine Null bedeutet, dass eine Warnung nur am Tag des Verfalls ausgegeben wird\&. Ein negativer Wert bedeutet, dass keine Vorwarnung erfolgt\&. Falls nicht angegeben, wird keine Vorwarnung ausgegeben\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (Zahl), \fBSYS_GID_MIN\fR (Zahl) -.RS 4 -der Bereich von Gruppen\-IDs, aus dem die Programme -\fBuseradd\fR, -\fBgroupadd\fR -oder -\fBnewusers\fR -bei der Erstellung von Systemgruppen ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBSYS_GID_MIN\fR -ist 101, f\(:ur -\fBSYS_GID_MAX\fR\fBGID_MIN\fR\-1\&. -.RE -.PP -\fBSYS_UID_MAX\fR (Zahl), \fBSYS_UID_MIN\fR (Zahl) -.RS 4 -der Bereich von Benutzer\-IDs, aus dem die Programme -\fBuseradd\fR -oder -\fBnewusers\fR -bei der Erstellung von Systembenutzern ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBSYS_UID_MIN\fR -ist 101, f\(:ur -\fBSYS_UID_MAX\fR\fBUID_MIN\fR\-1\&. -.RE -.PP -\fBUID_MAX\fR (Zahl), \fBUID_MIN\fR (Zahl) -.RS 4 -der Bereich von Benutzer\-IDs, aus dem die Programme -\fBuseradd\fR -oder -\fBnewusers\fR -bei der Erstellung normaler Benutzer ausw\(:ahlen d\(:urfen -.sp -Der Standardwert f\(:ur -\fBUID_MIN\fR -ist 1000, f\(:ur -\fBUID_MAX\fR -60\&.000\&. -.RE -.PP -\fBUMASK\fR (Zahl) -.RS 4 -Die Bit\-Gruppe, welche die Rechte von erstellten Dateien bestimmt, wird anf\(:anglich auf diesen Wert gesetzt\&. Falls nicht angegeben, wird sie auf 022 gesetzt\&. -.sp -\fBuseradd\fR -und -\fBnewusers\fR -verwenden diese Bit\-Gruppe, um die Rechte des von ihnen erstellten Home\-Verzeichnisses zu setzen\&. -.sp -Sie wird auch von -\fBlogin\fR -verwendet, um die anf\(:angliche Umask eines Benutzers zu bestimmen\&. Beachten Sie, dass diese Bit\-Gruppe durch die GECOS\-Zeile des Benutzers (wenn -\fBQUOTAS_ENAB\fR -gesetzt wurde) oder die Festlegung eines Limits in -\fBlimits\fR(5) -mit der Kennung -\fIK\fR -\(:uberschrieben werden kann\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolesch) -.RS 4 -Erlaubt Benutzern, die nicht Root sind, die Umask\-Gruppen\-Bits auf ihre Umask\-Bits zu setzen (Beispiel: 022 \-> 002, 077 \-> 007), falls die UID mit der GID identisch ist sowie der Benutzername mit dem Gruppennamen \(:ubereinstimmt\&. -.sp -Wenn der Wert -\fIyes\fR -ist, wird -\fBuserdel\fR -die Gruppe des Benutzers entfernen, falls sie keine Mitglieder mehr hat, und -\fBuseradd\fR -wird standardm\(:a\(ssig eine Gruppe mit dem Namen des Benutzers erstellen\&. -.RE -.SH "DATEIEN" -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.PP -/etc/default/useradd -.RS 4 -Standardwerte f\(:ur die Erstellung eines Kontos -.RE -.PP -/etc/skel/ -.RS 4 -Verzeichnis, das die Standarddateien enth\(:alt -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBuseradd\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI1\fR -.RS 4 -Die Passwortdatei kann nicht aktualisieren werden\&. -.RE -.PP -\fI2\fR -.RS 4 -unzul\(:assige Syntax f\(:ur diesen Befehl -.RE -.PP -\fI3\fR -.RS 4 -ung\(:ultiges Argument f\(:ur Option -.RE -.PP -\fI4\fR -.RS 4 -UID ist schon vergeben (und kein -\fB\-o\fR) -.RE -.PP -\fI6\fR -.RS 4 -angegebene Gruppe ist nicht vorhanden -.RE -.PP -\fI9\fR -.RS 4 -Benutzername ist schon vergeben -.RE -.PP -\fI10\fR -.RS 4 -Die Gruppendatei kann nicht aktualisieren werden\&. -.RE -.PP -\fI12\fR -.RS 4 -Home\-Verzeichnis kann nicht erstellt werden\&. -.RE -.PP -\fI14\fR -.RS 4 -Die Zuordnung von SELinux\-Benutzern kann nicht aktualisiert werden\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/de/man8/userdel.8 b/man/de/man8/userdel.8 deleted file mode 100644 index 5cfd5b53..00000000 --- a/man/de/man8/userdel.8 +++ /dev/null @@ -1,297 +0,0 @@ -'\" t -.\" Title: userdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "USERDEL" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -userdel \- l\(:oscht ein Benutzerkonto und die dazugeh\(:origen Dateien -.SH "\(:UBERSICHT" -.HP \w'\fBuserdel\fR\ 'u -\fBuserdel\fR [Optionen] \fIANMELDENAME\fR -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBuserdel\fR -bearbeitet die Kontodateien des Systems und l\(:oscht darin alle Eintr\(:age, die auf den -\fIANMELDENAMEN\fR -verweisen\&. Der bezeichnete Benutzer muss existieren\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBuserdel\fR -unterst\(:utzt werden, sind: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Diese Option erzwingt, dass der Benutzer entfernt wird, selbst wenn er noch angemeldet ist\&. Sie f\(:uhrt auch dazu, dass -\fBuserdel\fR -das Home\-Verzeichnis und den Mailspool des Benutzers entfernt, sogar wenn ein anderer Benutzer dasselbe Home\-Verzeichnis hat oder der Mailspool nicht dem angegebenen Benutzer geh\(:ort\&. Falls in -/etc/login\&.defs\fBUSERGROUPS_ENAB\fR -auf -\fIyes\fR -gesetzt ist und eine Gruppe mit dem gleichen Namen wie der gel\(:oschte Benutzer vorhanden ist, wird auch diese Gruppe entfernt, selbst wenn sie die Hauptgruppe anderer Benutzer ist\&. -.sp -\fIHinweis:\fR -Diese Option ist gef\(:ahrlich und kann dazu f\(:uhren, dass Ihr System nicht mehr ordnungsgem\(:a\(ss funktioniert\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-r\fR, \fB\-\-remove\fR -.RS 4 -Die Dateien im Home\-Verzeichnis des Benutzers werden zusammen mit dem Home\-Verzeichnis und dem Mailspool entfernt\&. Dateien, die sich nicht unterhalb des Home\-Verzeichnisses befinden, m\(:ussen per Hand gesucht und gel\(:oscht werden\&. -.sp -Der Mailspool wird durch die Variable -\fBMAIL_DIR\fR -in der Datei -login\&.defs -definiert\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR -.RS 4 -entfernt die Zuordnung von SELinux\-Benutzern aus den Anmeldeinformationen des Benutzers -.RE -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBMAIL_DIR\fR (Zeichenkette) -.RS 4 -Das Verzeichnis des Mail\-Spools\&. Diese Angabe wird ben\(:otigt, um die Mailbox zu bearbeiten, nachdem das entsprechende Benutzerkonto ver\(:andert oder gel\(:oscht wurde\&. Falls nicht angegeben, wird ein Standard verwendet, der beim Kompilieren festgelegt wurde\&. -.RE -.PP -\fBMAIL_FILE\fR (Zeichenkette) -.RS 4 -Legt den Ort der Mail\-Spool\-Dateien eines Benutzers relativ zu seinem Home\-Verzeichnis fest\&. -.RE -.PP -Die Variablen -\fBMAIL_DIR\fR -und -\fBMAIL_FILE\fR -werden von -\fBuseradd\fR, -\fBusermod\fR -und -\fBuserdel\fR -verwendet, um den Mail\-Spool eines Benutzers zu erstellen, zu verschieben oder zu l\(:oschen\&. -.PP -Falls -\fBMAIL_CHECK_ENAB\fR -auf -\fIyes\fR -gesetzt ist, werden sie auch verwendet, um die Umgebungsvariable -\fBMAIL\fR -festzulegen\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -\fBUSERDEL_CMD\fR (Zeichenkette) -.RS 4 -Falls angegeben, wird dieser Befehl ausgef\(:uhrt, wenn ein Benutzer entfernt wird\&. Damit k\(:onnen At\-, Cron\- und Druckauftr\(:age etc\&. des entfernten Benutzers (wird als erstes Argument \(:ubergeben) gel\(:oscht werden\&. -.sp -Der R\(:uckgabewert des Skripts wird nicht ausgewertet\&. -.sp -Dies ist ein Beispielsskript, das die cron\-, at\- und Druckauftr\(:age des Benutzers entfernt: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Pr\(:ufen, ob das ben\(:otigte Argument angegeben wurde -if [ $# != 1 ]; then - echo "Verwendungsweise: $0 Benutzername" - exit 1 -fi - -# cron\-Auftr\(:age entfernen -crontab \-r \-u $1 - -# at\-Auftr\(:age entfernen\&. -# Hinweis: Dies wird alle Auftr\(:age entfernen, die der gleichen UID -# geh\(:oren, selbst wenn sie von einem Benutzer mit einem anderen Namen -# eingerichtet wurden\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Druck\-Auftr\(:age entfernen -lprm $1 - -# Fertig -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolesch) -.RS 4 -Erlaubt Benutzern, die nicht Root sind, die Umask\-Gruppen\-Bits auf ihre Umask\-Bits zu setzen (Beispiel: 022 \-> 002, 077 \-> 007), falls die UID mit der GID identisch ist sowie der Benutzername mit dem Gruppennamen \(:ubereinstimmt\&. -.sp -Wenn der Wert -\fIyes\fR -ist, wird -\fBuserdel\fR -die Gruppe des Benutzers entfernen, falls sie keine Mitglieder mehr hat, und -\fBuseradd\fR -wird standardm\(:a\(ssig eine Gruppe mit dem Namen des Benutzers erstellen\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "R\(:UCKGABEWERTE" -.PP -Der Befehl -\fBuserdel\fR -gibt beim Beenden folgende Werte zur\(:uck: -.PP -\fI0\fR -.RS 4 -Erfolg -.RE -.PP -\fI1\fR -.RS 4 -Die Passwortdatei kann nicht aktualisieren werden\&. -.RE -.PP -\fI2\fR -.RS 4 -unzul\(:assige Syntax f\(:ur diesen Befehl -.RE -.PP -\fI6\fR -.RS 4 -Der angegebene Benutzer ist nicht vorhanden\&. -.RE -.PP -\fI8\fR -.RS 4 -Benutzer ist im Moment angemeldet\&. -.RE -.PP -\fI10\fR -.RS 4 -Die Gruppendatei kann nicht aktualisieren werden\&. -.RE -.PP -\fI12\fR -.RS 4 -Das Home\-Verzeichnis kann nicht gel\(:oscht werden\&. -.RE -.SH "WARNUNGEN" -.PP -\fBuserdel\fR -l\(:oscht ein Benutzerkonto nicht, wenn Prozesse laufen, die diesem Konto geh\(:oren\&. In diesem Fall m\(:ussen Sie entweder diese Prozesse beenden oder das Passwort oder Konto des Benutzers sperren und das Konto sp\(:ater entfernen\&. Die Option -\fB\-f\fR -erzwingt das L\(:oschen eines Kontos\&. -.PP -Sie sollten von Hand alle Systemdateien \(:uberpr\(:ufen, um sicherzustellen, dass keine Dateien vorhanden sind, die dem gel\(:oschten Benutzer geh\(:oren\&. -.PP -Sie sollten keine NIS\-Attribute auf einem NIS\-Client l\(:oschen\&. Dies muss auf dem NIS\-Server durchgef\(:uhrt werden\&. -.PP -Falls in -/etc/login\&.defs\fBUSERGROUPS_ENAB\fR -auf -\fIyes\fR -gesetzt ist, wird -\fBuserdel\fR -die Gruppe mit dem gleichen Namen wie der Benutzer entfernen\&. Um Unstimmigkeiten in der Passwort\- und Gruppendatenbank zu vermeiden, \(:uberpr\(:uft -\fBuserdel\fR, ob diese Gruppe die Hauptgruppe f\(:ur andere Benutzer ist\&. Gegebenenfalls wird eine Warnung angezeigt und die betreffende Gruppe nicht entfernt\&. Mit der Option -\fB\-f\fR -kann das L\(:oschen dieser Gruppe erzwungen werden\&. -.SH "SIEHE AUCH" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBlogin.defs\fR(5), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/de/man8/usermod.8 b/man/de/man8/usermod.8 deleted file mode 100644 index 98ba9b27..00000000 --- a/man/de/man8/usermod.8 +++ /dev/null @@ -1,450 +0,0 @@ -'\" t -.\" Title: usermod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "USERMOD" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -usermod \- ver\(:andert ein Benutzerkonto -.SH "\(:UBERSICHT" -.HP \w'\fBusermod\fR\ 'u -\fBusermod\fR [\fIOptionen\fR] \fIANMELDENAME\fR -.SH "BESCHREIBUNG" -.PP -Der Befehl -\fBusermod\fR -ver\(:andert die Kontodateien des Systems, so dass sie die \(:Anderungen enthalten, die in der Befehlszeile eingegeben wurden\&. -.SH "OPTIONEN" -.PP -Die Optionen, die vom Befehl -\fBusermod\fR -unterst\(:utzt werden, sind: -.PP -\fB\-a\fR, \fB\-\-append\fR -.RS 4 -F\(:ugt den Benutzer weiteren Gruppen hinzu\&. Kann nur zusammen mit der Option -\fB\-G\fR -verwendet werden\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fIKOMMENTAR\fR -.RS 4 -Der neue Wert des Kommentarfelds in der Passwortdatei des Benutzers\&. Er wird normalerweise mit dem Werkzeug -\fBchfn\fR(1) -ver\(:andert\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_VERZ\fR -.RS 4 -das neue Home\-Verzeichnis des Benutzers -.sp -Wenn die Option -\fB\-m\fR -verwendet wurde, wird der Inhalt des aktuellen Home\-Verzeichnisses in das neue Home\-Verzeichnis verschoben\&. Falls dieses nicht existiert, wird es angelegt\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIVERFALLS_DATUM\fR -.RS 4 -Das Datum, an welchem das Benutzerkonto deaktiviert wird\&. Das Datum muss im Format -\fIJJJJ\-MM\-TT\fR -angegeben werden\&. -.sp -Wenn das Argument -\fIVERFALLS_DATUM\fR -leer bleibt, wird der Verfall des Kontos deaktiviert\&. -.sp -Diese Option ben\(:otigt die Datei -/etc/shadow\&. Falls die Datei -/etc/shadow -leer sein sollte, wird ein Eintrag erstellt\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINAKTIV\fR -.RS 4 -Die Anzahl von Tagen, nach denen ein Passwort abgelaufen ist, bis das Konto deaktiviert wird\&. -.sp -Ein Wert von 0 deaktiviert das Konto, sobald das Passwort abl\(:auft\&. Ein Wert von \-1 schaltet diese Funktion ab\&. -.sp -Diese Option ben\(:otigt die Datei -/etc/shadow\&. Falls die Datei -/etc/shadow -leer sein sollte, wird ein Eintrag erstellt\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGRUPPE\fR -.RS 4 -Der Name oder die Zahl der anf\(:anglichen Anmeldegruppe eines neuen Benutzers\&. Der Gruppenname muss existieren\&. -.sp -Jede Datei im Home\-Verzeichnis des Benutzers, die der alten Hauptgruppe des Benutzers geh\(:orte, wird dieser neuen Gruppe geh\(:oren\&. -.sp -Die Gruppenzugeh\(:origkeit von Dateien au\(sserhalb des Home\-Verzeichnisses des Benutzers muss per Hand angepasst werden\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGRUPPE_1\fR[\fI,GRUPPE_2, \&.\&.\&.\fR[\fI,GRUPPE_N\fR]]] -.RS 4 -Eine Liste zus\(:atzlicher Gruppen, denen der Benutzer ebenfalls angeh\(:ort\&. Die Gruppen sind durch Kommata ohne Leerzeichen von einander zu trennen\&. Die Gruppen unterliegen denselben Beschr\(:ankungen wie die Gruppe, die mit der Option -\fB\-g\fR -bestimmt wurde\&. -.sp -Wenn der Benutzer aktuell Mitglied einer Gruppe ist, die nicht angegeben ist, wird er aus dieser Gruppe entfernt\&. Dieses Verhalten kann mit der Option -\fB\-a\fR -abgeschaltet werden\&. Damit wird der Benutzer nur den angegebenen Gruppen hinzugef\(:ugt, ohne aus den \(:ubrigen gel\(:oscht zu werden\&. -.RE -.PP -\fB\-l\fR, \fB\-\-login\fR\ \&\fINEUER_ANMELDENAME\fR -.RS 4 -Der Benutzername wird von -\fIANMELDENAME\fR -zu -\fINEUER_ANMELDENAME\fR -ver\(:andert\&. Andere Ver\(:anderungen werden nicht vorgenommen\&. Daher sollte wahrscheinlich der Name des Home\-Verzeichnisses des Benutzers per Hand ge\(:andert werden, um dem neuen Anmeldenamen Rechnung zu tragen\&. -.RE -.PP -\fB\-L\fR, \fB\-\-lock\fR -.RS 4 -Sperrt das Passwort eines Benutzers\&. Dadurch wird ein \(Fc!\(Fo vor das verschl\(:usselte Passwort gesetzt, wodurch im Ergebnis das Passwort abgeschaltet wird\&. Sie k\(:onnen diese Option nicht mit -\fB\-p\fR -oder -\fB\-U\fR -verwenden\&. -.sp -Hinweis: Wenn Sie das Konto sperren wollen (und nicht nur den Zugang mit einem Passwort), m\(:ussen Sie auch das -\fIVERFALLSDATUM\fR -auf -\fI1\fR -setzen\&. -.RE -.PP -\fB\-m\fR, \fB\-\-move\-home\fR -.RS 4 -verschiebt den Inhalt des Home\-Verzeichnisses eines Benutzers zu dem neuen Ziel -.sp -Diese Option ist nur in Verbindung mit der Option -\fB\-d\fR -(oder -\fB\-\-home\fR) zul\(:assig\&. -.sp -\fBusermod\fR -versucht, den Eigent\(:umer der Dateien anzupassen und die Rechte, ACL und erweiterten Attribute zu \(:ubernehmen, aber Anpassungen per Hand k\(:onnen dennoch notwendig sein\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Wenn es mit der Option -\fB\-u\fR -verwendet wird, kann mit dieser Option der Wert der Benutzer\-ID auf einen nicht eindeutigen Wert gesetzt werden\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORT\fR -.RS 4 -das verschl\(:usselte Passwort, wie es von -\fBcrypt\fR(3) -zur\(:uckgegeben wird -.sp -\fBHinweis:\fR -Diese Option ist nicht empfehlenswert, weil das Passwort (auch wenn es verschl\(:usselt ist) f\(:ur Benutzer sichtbar ist, die sich den Prozess anzeigen lassen\&. -.sp -Sie sollten sicherstellen, dass das Passwort den Passwortrichtlinien des Systems entspricht\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Der Name der neuen Anmelde\-Shell des Benutzers\&. Falls dieses Feld leer gelassen wird, verwendet das System die Standard\-Anmelde\-Shell\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -der neue numerische Wert der UID des Benutzers -.sp -Dieser Wert muss eindeutig sein, sofern nicht die Option -\fB\-o\fR -verwendet wird\&. Der Wert darf nicht negativ sein\&. -.sp -F\(:ur die Mailbox des Benutzers und alle Dateien, die ihm geh\(:oren und sich in seinem Home\-Verzeichnis befinden, wird die ID des Eigent\(:umers automatisch angepasst\&. -.sp -Der Eigent\(:umer von Dateien au\(sserhalb des Home\-Verzeichnisses des Benutzers muss per Hand angepasst werden\&. -.sp -Die Werte von -\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBSYS_UID_MIN\fR -und -\fBSYS_UID_MAX\fR -aus -/etc/login\&.defs -werden nicht gepr\(:uft\&. -.RE -.PP -\fB\-U\fR, \fB\-\-unlock\fR -.RS 4 -Gibt das Passwort eines Benutzers frei\&. Dies entfernt das \(Fc!\(Fo vor dem verschl\(:usselten Passwort\&. Sie k\(:onnen diese Option nicht mit -\fB\-p\fR -oder -\fB\-U\fR -verwenden\&. -.sp -Hinweis: Falls Sie das Benutzerkonto freigeben wollen (und nicht nur den Zugang mit einem Passwort), sollten Sie auch das -\fIVERFALLSDATUM\fR -bearbeiten (zum Beispiel auf -\fI99999\fR -oder den Wert von -\fBEXPIRE\fR -aus -/etc/default/useradd -setzen)\&. -.RE -.PP -\fB\-v\fR, \fB\-\-add\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate uids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-V\fR, \fB\-\-del\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate uids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-uids\fR -and -\fB\-\-add\-sub\-uids\fR -are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-w\fR, \fB\-\-add\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate gids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-W\fR, \fB\-\-del\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate gids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-gids\fR -and -\fB\-\-add\-sub\-gids\fR -are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISE\-BENUTZER\fR -.RS 4 -der neue SELinux\-Benutzer f\(:ur den Anmeldenamen des Benutzers -.sp -Wenn -\fISEBENUTZER\fR -leer ist, wird die Zuordnung von SELinux\-Benutzern (sofern vorhanden) aus den Anmeldeinformationen des Benutzers entfernt -.RE -.SH "WARNUNGEN" -.PP -Wenn Sie mit diesem Befehl die numerische UID, den Namen oder das Home\-Verzeichnis eines Benutzers ver\(:andern wollen, m\(:ussen Sie sicherstellen, dass dieser Benutzer keine Prozesse laufen l\(:asst\&. Bei Linux stellt dies -\fBusermod\fR -sicher, auf anderen Architekturen \(:uberpr\(:uft es nur, ob der Benutzer laut utmp eingeloggt ist\&. -.PP -Sie m\(:ussen den Eigent\(:umer von -\fBcrontab\fR\-Dateien oder -\fBat\fR\-Auftr\(:agen per Hand \(:andern\&. -.PP -Sie m\(:ussen alle \(:Anderung in Bezug auf NIS auf dem NIS\-Server vornehmen\&. -.SH "KONFIGURATION" -.PP -Die folgenden Konfigurationsvariablen in -/etc/login\&.defs -beeinflussen das Verhalten dieses Werkzeugs: -.PP -\fBMAIL_DIR\fR (Zeichenkette) -.RS 4 -Das Verzeichnis des Mail\-Spools\&. Diese Angabe wird ben\(:otigt, um die Mailbox zu bearbeiten, nachdem das entsprechende Benutzerkonto ver\(:andert oder gel\(:oscht wurde\&. Falls nicht angegeben, wird ein Standard verwendet, der beim Kompilieren festgelegt wurde\&. -.RE -.PP -\fBMAIL_FILE\fR (Zeichenkette) -.RS 4 -Legt den Ort der Mail\-Spool\-Dateien eines Benutzers relativ zu seinem Home\-Verzeichnis fest\&. -.RE -.PP -Die Variablen -\fBMAIL_DIR\fR -und -\fBMAIL_FILE\fR -werden von -\fBuseradd\fR, -\fBusermod\fR -und -\fBuserdel\fR -verwendet, um den Mail\-Spool eines Benutzers zu erstellen, zu verschieben oder zu l\(:oschen\&. -.PP -Falls -\fBMAIL_CHECK_ENAB\fR -auf -\fIyes\fR -gesetzt ist, werden sie auch verwendet, um die Umgebungsvariable -\fBMAIL\fR -festzulegen\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (Zahl) -.RS 4 -Maximale Anzahl von Mitgliedern je Gruppeneintrag\&. Wenn das Maximum erreicht wird, wird ein weiterer Eintrag in -/etc/group -(mit dem gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt\&. -.sp -Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder einer Gruppe nicht begrenzt ist\&. -.sp -Diese F\(:ahigkeit (der aufgeteilten Gruppe) erm\(:oglicht es, die Zeilenl\(:ange in der Gruppendatei zu begrenzen\&. Damit kann sichergestellt werden, dass die Zeilen f\(:ur NIS\-Gruppen nicht l\(:anger als 1024 Zeichen sind\&. -.sp -Falls Sie eine solche Begrenzung ben\(:otigen, k\(:onnen Sie 25 verwenden\&. -.sp -Hinweis: Aufgeteilte Gruppen werden m\(:oglicherweise nicht von allen Werkzeugen unterst\(:utzt, selbst nicht aus der Shadow\-Werkzeugsammlung\&. Sie sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguration der Shadow\-Passwort\-Werkzeugsammlung -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "SIEHE AUCH" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/de/man8/vigr.8 b/man/de/man8/vigr.8 deleted file mode 100644 index ff72d7ae..00000000 --- a/man/de/man8/vigr.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/vipw.8 diff --git a/man/de/man8/vipw.8 b/man/de/man8/vipw.8 deleted file mode 100644 index 8fa93588..00000000 --- a/man/de/man8/vipw.8 +++ /dev/null @@ -1,136 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09.05.2014 -.\" Manual: Befehle zur Systemverwaltung -.\" Source: shadow-utils 4.2 -.\" Language: German -.\" -.TH "VIPW" "8" "09.05.2014" "shadow\-utils 4\&.2" "Befehle zur Systemverwaltung" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -vipw, vigr \- bearbeitet die Passwort\-, Gruppen\-, Shadow\-Passwort\- oder Shadow\-Gruppen\-Datei -.SH "\(:UBERSICHT" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fIOptionen\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fIOptionen\fR] -.SH "BESCHREIBUNG" -.PP -Die Befehle -\fBvipw\fR -und -\fBvigr\fR -bearbeiten die Dateien -/etc/passwd -beziehungsweise -/etc/group\&. Mit der Option -\fB\-s\fR -bearbeiten Sie die Shadow\-Versionen beider Dateien, -/etc/shadow -und -/etc/gshadow\&. Die Programme werden die geeigneten Sperren setzen, um eine Besch\(:adigung der Dateien zu verhindern\&. Wenn ein Editor ben\(:otigt wird, wird zuerst die Umgebungsvariable -\fB$VISUAL\fR -ausgewertet, danach die Umgebungsvariable -\fB$EDITOR\fR\&. Zuletzt wird der Standard\-Editor -\fBvi\fR(1) -verwendet\&. -.SH "OPTIONEN" -.PP -Die Optionen, die von den Befehlen -\fBvipw\fR -und -\fBvigr\fR -unterst\(:utzt werden, sind: -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -bearbeitet die Gruppendatenbank -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -zeigt die Hilfe an und beendet das Programm -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -bearbeitet die Passwd\-Datenbank -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -stiller Modus -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_VERZ\fR -.RS 4 -f\(:uhrt die Ver\(:anderungen in dem Verzeichnis -\fICHROOT_VERZ\fR -durch und verwendet die Konfigurationsdateien aus dem Verzeichnis -\fICHROOT_VERZ\fR -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -bearbeitet die Shadow\- oder Gshadow\-Datenbank -.RE -.SH "UMGEBUNGSVARIABLEN" -.PP -\fBVISUAL\fR -.RS 4 -der verwendete Editor -.RE -.PP -\fBEDITOR\fR -.RS 4 -der verwendete Editor, wenn -\fBVISUAL\fR -nicht gesetzt ist -.RE -.SH "DATEIEN" -.PP -/etc/group -.RS 4 -Informationen zu den Gruppenkonten -.RE -.PP -/etc/gshadow -.RS 4 -sichere Informationen zu den Gruppenkonten -.RE -.PP -/etc/passwd -.RS 4 -Informationen zu den Benutzerkonten -.RE -.PP -/etc/shadow -.RS 4 -verschl\(:usselte Informationen zu den Benutzerkonten -.RE -.SH "SIEHE AUCH" -.PP -\fBvi\fR(1),\fBgroup\fR(5), -\fBgshadow\fR(5), -\fBpasswd\fR(5), , -\fBshadow\fR(5)\&. diff --git a/man/es/Makefile.in b/man/es/Makefile.in deleted file mode 100644 index eddfb825..00000000 --- a/man/es/Makefile.in +++ /dev/null @@ -1,467 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/es -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/es -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = - -# These Spanish manpages are outdated. -# Please contact pkg-shadow-devel@lists.alioth.debian.org if you wish to -# provide updates. -# man1/login.1 \ -# man1/newgrp.1 \ -# man1/passwd.1 \ -# man5/passwd.5 \ -# man1/su.1 \ -# man8/vigr.8 \ -# man8/vipw.8 -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/es/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/es/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/es/man1/login.1 b/man/es/man1/login.1 new file mode 100644 index 00000000..ae3b7fc9 --- /dev/null +++ b/man/es/man1/login.1 @@ -0,0 +1,332 @@ +.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu) +.\" May be distributed under the GNU General Public License +.\" +.\" Translated 17 sep. 1998 by Juan JosĆ© LĆ³pez Mellado(laveneno@hotmail.com) +.\" +.TH LOGIN 1 "4 Noviembre 1996" "Util\-linux 1.6" "Manual del Programador de Linux" +.SH NOMBRE +login \- firmar +.SH SINOPSIS +.BR "login [ " name " ]" +.br +.B "login \-p" +.br +.BR "login \-h " hostname +.br +.BR "login \-f " name +.SH DESCRIPCIƓN +.B login +es usado cuando se firma en un sistema. Puede ser usado para cambiar +desde un usuario a otro en cualquier momento (los shells mĆ”s modernos +disponen de esta caracterĆ­stica incluida internamente). + +Si no se da ningĆŗn argumento, +.B login +pregunta por el nombre de usuario. + +Si el usuario +.I no +es root, y si existe +.IR /etc/nologin , +el contenido de este fichero se escribe en la pantalla y el ingreso +finaliza. Esto se usa tĆ­picamente para prevenir los ingresos cuando el +sistema se estĆ” cerrando. + +Si se han especificado restricciones de acceso para el usuario en +.IR /etc/usertty , +estas son requeridas, o la peticiĆ³n de ingreso serĆ” denegada y se +generarĆ” un mensaje a travĆ©s de +.BR syslog . +Vea la secciĆ³n "Restricciones de Acceso Especiales". + +Si el usuario es root, entonces el ingreso debe estar ocurriendo en +alguno de los tty listados en +.IR /etc/securetty . +Los fallos serĆ”n registrados mediante +.BR syslog . + +DespuĆ©s de comprobar estas condiciones, se pedirĆ” la contraseƱa y se +validarĆ” (si es que se requiere de una contraseƱa para el usuario). Se +permite un total de diez intentos antes de que +.B login +muera, pero despuĆ©s de los tres primeros, la respuesta comienza a ser muy +lenta. Los fallos de ingreso son registrados a travĆ©s de +.BR syslog . +TambiĆ©n es usado para registrar cualquier ingreso correcto del usuario +root. + +Si el fichero +.I .hushlogin +existe, entonces se realiza un ingreso "reservado" (esto deshabilita la +comprobaciĆ³n del correo y la escritura de la hora del Ćŗltimo ingreso asĆ­ +como el mensaje del dĆ­a). Por otro lado, si existe +.IR /var/log/lastlog , +la hora del Ćŗltimo ingreso se imprime (y el ingreso actual es +registrado). + +Se llevan a cabo algunas tareas administrativas, como el cambio del UID y +GID del tty. La variable de entorno TERM se preserva, si existe (las +otras variables de entorno son preservadas si se usa la opciĆ³n +.BR \-p ). +DespuĆ©s son definidas las variables HOME, PATH, SHELL, TERM, MAIL y +LOGNAME. El PATH por defecto serĆ” +.I /usr/local/bin:/bin:/usr/bin:. +para usuarios normales, y +.I /sbin:/bin:/usr/sbin:/usr/bin +para root. Por Ćŗltimo, si no es un ingreso "reservado", el mensaje del +dĆ­a serĆ” imprimido y se comprobarĆ” el fichero con el nombre del usuario en +.I /usr/spool/mail +y se imprimirĆ” un mensaje si este tuviera un tamaƱo diferente de cero. + +A continuaciĆ³n, se inicia el shell del usuario. Si no se especifica ninguno +para el usuario en +.BR /etc/passwd , +entonces se usarĆ” +.BR /bin/sh . +Si no hay un directorio especificado en +.IR /etc/passwd , +entonces se usarĆ” +.I / +(el directorio del usuario se analizarĆ” en busca del fichero +.I .hushlogin +descrito mĆ”s abajo). + +.SH OPCIONES +.TP +.B \-p +Usado por +.BR getty (8) +para indicar a +.B login +que no destruya el entorno +.TP +.B \-f +Usado para evitar la segunda autenticaciĆ³n del ingreso. Esto +.B no +funciona especĆ­ficamente para root y no parece que funcione +correctamente bajo Linux. +.TP +.B \-h +Usado por otros servidores (por ejemplo, +.BR telnetd (8)) +para pasar el nombre del host remoto a +.B login +de tal manera que pueda ser puesto en utmp y wtmp. Solo el superusuario +podrĆ” usar esta opciĆ³n. + +.SH "RESTRICCIONES DE ACCESO ESPECIALES" +El fichero +.I /etc/securetty +lista los nombres de los ttys donde se permite que el root pueda +ingresar. DeberĆ” especificarse un nombre de tty por lĆ­nea (sin el prefijo +/dev/). Si el fichero no existiera, se permitirĆ” su ingreso desde +cualquier tty. +.PP +El fichero +.I /etc/usertty +especifica restricciones de acceso adicionales para usuarios especĆ­ficos. +Si no existiera este fichero, no se impondrĆ” ninguna restricciĆ³n de +acceso adicional. El fichero consiste en una secuencia de secciones. Hay +tres tipos de secciones posibles: CLASSES, GROUPS y USERS. Una secciĆ³n +de tipo CLASSES define tipos de ttys y patrones de nombres de hosts, una +secciĆ³n de tipo GROUPS define los ttys permitidos y los hosts grupo por +grupo y una secciĆ³n USERS define los ttys permitidos y los hosts usuario +por usuario. +.PP +Cada lĆ­nea de este fichero no puede tener mĆ”s de 255 caracteres. Los +comentarios comienzan con un carĆ”cter # y se extienden hasta el final de +la lĆ­nea. +.PP +.SS "La secciĆ³n CLASSES" +Una secciĆ³n de tipo CLASSES comienza por la palabra CLASSES al principio +de la lĆ­nea escrito en mayĆŗsculas. Cada una de las lĆ­neas hasta el +principio de una nueva secciĆ³n o del final del fichero consiste en una +secuencia de palabras separadas pos tabuladores o espacios. Cada lĆ­nea +define una clase de ttys y patrones de hosts. +.PP +La palabra al principio de la lĆ­nea es tomada como el nombre colectivo +para los ttys y patrones de hosts especificados en el resto de la lĆ­nea. +Este nombre colectivo puede usarse en las siguientes secciones de tipo +GROUPS o USERS. No deberĆ­a aparecer el nombre de una clase como parte de +la definiciĆ³n de una clase para evitar problemas de recursividad de +nombres. +.PP +Una secciĆ³n CLASSES de ejemplo: +.PP +.nf +.in +.5 +CLASSES +miclase1 tty1 tty2 +miclase2 tty3 @.foo.com +.in -.5 +.fi +.PP +Esto define las clases +.I miclase1 +y +.I miclase2 +como las partes derechas correspondientes. +.PP + +.SS "La secciĆ³n GROUPS" +Una secciĆ³n GROUPS define los ttys y hosts permitidos para cada grupo +.I /etc/passwd +y +.I /etc/group +y ese grupo es mencionado en una secciĆ³n de tipo GROUPS en +.I /etc/usertty +entonces el usuario tiene acceso permitido. +.PP +Una secciĆ³n GROUPS comienza con la palabra GROUPS en mayĆŗsculas en el +principio de una lĆ­nea, y cada una de las siguientes lĆ­neas es una +secuencia de palabras separadas pos espacios o tabuladores. La primera +palabra de una lĆ­nea es el nombre del grupo, y el resto de las palabras +de la lĆ­nea especifican los ttys y hosts donde los miembros de ese grupo +tienen permitido el acceso. Estas especificaciones pueden comportar el +uso de las clases definidas en secciones CLASSES anteriores. +.PP +Un ejemplo de una secciĆ³n GROUPS: +.PP +.nf +.in +0.5 +GROUPS +sys tty1 @.bar.edu +stud miclase1 tty4 +.in -0.5 +.fi +.PP +Este ejemplo especifica que los miembros del grupo +.I sys +pueden ingresar en el tty1 y desde los hosts en el dominio bar.edu. Los +usuarios en el grupo +.I stud +pueden ingresar desde los hosts/ttys especificados en la clase miclase1 o +desde el tty4. +.PP + +.SS "La secciĆ³n USERS" +Una secciĆ³n USERS comienza con la palabra USERS toda en mayĆŗsculas al +principio de la lĆ­nea, y cada una de las lĆ­neas siguientes es una +secuencia de palabras separadas por espacios o tabuladores. La primera +palabra de una lĆ­nea es un nombre de usuario y a ese usuario se le +permite ingresar en los ttys y desde los hosts mencionados en el resto de +la lĆ­nea. Estas especificaciones pueden contener clases definidas en +secciones CLASSES anteriores. Si no se especifica al principio del +fichero una cabecera de secciĆ³n, por defecto la primera secciĆ³n se +interpreta como del tipo USERS. + +.PP +Una secciĆ³n USERS de ejemplo: +.PP +.nf +.in +0.5 +USERS +zacho tty1 @130.225.16.0/255.255.255.0 +pepe tty3 miclase2 +.in -0.5 +.fi +.PP +Esto autoriza al usuario zacho a ingresar solo en el tty1 y desde los +hosts con direcciones IP en el rango 130.225.16.0 \- 130.225.16.255, y +tambiĆ©n autoriza al usuario pepe a ingresar en el tty3 y desde cualquier +parte mencionada en la clase miclase2. +.PP +PodrĆ” aparecer una lĆ­nea en la secciĆ³n USERS que comience por un nombre +de usuario *. Esta es la regla por defecto y serĆ” aplicada a cualquier +usuario que no aparezca en ninguna de las otras lĆ­neas. +.PP +Si un usuario encaja con una lĆ­nea USERS y con una lĆ­nea GROUPS, el +usuario estarĆ” autorizado a ingresar desde la uniĆ³n de todos los +ttys/hosts mencionados en estas especificaciones. + +.SS OrĆ­genes +Las especificaciones de patrones de tty y host usadas en la +especificaciĆ³n de las clases, grupos y usuarios se llaman orĆ­genes. Un +origen es una cadena de caracteres que puede tener uno de estos formatos: +.IP o +El nombre de un dispositivo tty sin el prefijo /dev/, por ejemplo tty1 o +ttyS0. +.PP +.IP o +La cadena @localhost, indicando que el usuario estĆ” autorizado a +telnet/rlogin desde el host local al mismo host. Esto tambiĆ©n habilita al +usuario a ejecutar, por ejemplo, el comando: xterm \-e /bin/login. +.PP +.IP o +Un sufijo de nombre de dominio como @.algun.dom, indicando que el usuario +podrĆ” hacer rlogin/telnet desde cualquier host cuyo nombre de dominio +tenga el sufijo .algun.dom. +.PP +.IP o +Un rango de direcciones IPv4, escritas @x.x.x.x/y.y.y.y donde x.x.x.x es +la direcciĆ³n IP en la notaciĆ³n decimal tradicional con puntos, e y.y.y.y +es una mĆ”scara de bits en la misma notaciĆ³n especificando cuales de los +bits de la direcciĆ³n serĆ”n comparados con la direcciĆ³n IP del host +remoto. Por ejemplo @130.255.16.0/255.255.254.0 significa que el usuario +podrĆ” hacer rlogin/telnet desde cualquier host cuya direcciĆ³n IP estĆ© en +el rango 130.255.16.0 \- 130.255.17.255. +.PP +Cualquiera de los orĆ­genes anteriores pueden tener un prefijo con la +especificaciĆ³n temporal acordando con la sintaxis: +.PP +.nf +espec\-tiempo ::= '[' [':' ]* ']' +dĆ­a ::= 'mon' | 'tue' | 'wed' | 'thu' | 'fri' | 'sat' | 'sun' +hora ::= '0' | '1' | ... | '23' +espec\-hora ::= | '\-' +dĆ­a\-u\-hora ::= | +.fi +.PP +Por ejemplo, el origen [mon:tue:wed:thu:fri:8\-17]tty3 significa que solo +se permitirĆ”n ingresos de lunes a viernes entre las 8:00 y las 17:59 +(5:59 pm) en el tty3. Esto tambiĆ©n muestra que un rango de horas a\-b +incluye todo momento entre a:00 y b:59. Una sola hora (por ejemplo 10) +significarĆ” un espacio temporal entre las 10:00 y las 10:59. +.PP +Si no se especifica ningĆŗn prefijo temporal para un tty o host significarĆ” +que se permitirĆ” el ingreso desde ese origen a cualquier hora. Si da un +prefijo temporal asegĆŗrese de especificar tanto el conjunto de dĆ­as como +una o mĆ”s horas o rango de horas. Una especificaciĆ³n de tiempo no puede +incluir espacios en blanco. +.PP +Si no se define ninguna regla por defecto entonces los usuarios que no +concuerden con ninguna lĆ­nea de +.I /etc/usertty +estĆ” autorizados para ingresar desde cualquier lugar en la manera +estĆ”ndar. +.PP +.SH FICHEROS +.nf +.I /var/run/utmp +.I /var/log/wtmp +.I /var/log/lastlog +.I /usr/spool/mail/* +.I /etc/motd +.I /etc/passwd +.I /etc/nologin +.I /etc/usertty +.I .hushlogin +.fi +.SH "VƉASE TAMBIƉN" +.BR init (8), +.BR getty (8), +.BR mail (1), +.BR passwd (1), +.BR passwd (5), +.BR environ (7), +.BR shutdown (8) +.SH FALLOS + +Linux, a diferencia de otros sistemas operativos draconianos, no comprueba +las cuotas. + +La opciĆ³n no documentada +.B \-r +de BSD no estĆ” soportada. Esta podrĆ­a ser requerida por algĆŗn programa +.BR rlogind (8) +. +.SH AUTOR +Derivado de login 5.40 de BSD (5/9/89) por Michael Glad (glad@daimi.dk) +para HP\-UX +.br +Portado a Linux 0.12: Peter Orbaek (poe@daimi.aau.dk) diff --git a/man/es/man1/newgrp.1 b/man/es/man1/newgrp.1 new file mode 100644 index 00000000..09854f15 --- /dev/null +++ b/man/es/man1/newgrp.1 @@ -0,0 +1,32 @@ +.\" Original author unknown. This man page is in the public domain. +.\" Modified Sat Oct 9 17:46:48 1993 by faith@cs.unc.edu +.\" +.\" Translated 19 Sep 1998 by Juan JosĆ© LĆ³pez Mellado +.\" (laveneno@hotmail.com) +.\" +.TH NEWGRP 1 "9 Octubre 1993" "Linux 1.2" "Manual del Programador de Linux" +.SH NOMBRE +newgrp \- ingresar con un nuevo grupo +.SH SINOPSIS +.BI "newgrp [ " group " ]" +.SH DESCRIPCIƓN +.B Newgrp +cambia la identificaciĆ³n de grupo de su invocador, anĆ”logamente a +.BR login (1). +La misma persona queda ingresada, y el directorio actual no es +modificado, pero los cĆ”lculos de los permisos de acceso a los ficheros se +realizan con respecto al nuevo ID de grupo. +.LP +Si no se espcifica un grupo, el GID es cambiado al GID de ingreso. +.LP +.SH FICHEROS +.I /etc/group +.br +.I /etc/passwd + +.SH "VƉASE TAMBIƉN" +.BR login "(1), " group (5) + +.SH AUTOR +Originalmente por Michael Haardt. Actualmente mantenido por +Peter Orbaek (poe@daimi.aau.dk). diff --git a/man/es/man1/passwd.1 b/man/es/man1/passwd.1 new file mode 100644 index 00000000..fb17e64b --- /dev/null +++ b/man/es/man1/passwd.1 @@ -0,0 +1,138 @@ +.\" Copyright 1992 Rickard E. Faith (faith@cs.unc.edu) +.\" May be distributed under the GNU General Public License +.\" +.\" Translated 2 Dec 1998 by Victor Moral (victor@venexma.es) +.\" +.TH PASSWD 1 "11 Noviembre 1996" "Util\-linux 2.6" "Manual del Programador Linux" +.SH NOMBRE +passwd \- cambia contraseƱas +.SH SINOPSIS +.BR "passwd" +.RB [ " \-o " ] +.RB [ " \-q " ] +.RB [ " \-v " ] +.RI [ " usuario " [ " contraseƱa " ]] +.br +.BR "passwd \-f " +.RI [ " parĆ”metros para el cambio de nombre completo del usuario " ] +.br +.BR "passwd \-s " +.RI [ " parĆ”metros para el cambio de shell " ] + +.SH DESCRIPCIƓN + +Cuando se utiliza sin parĆ”metros +.B passwd +cambia la contraseƱa para el usuario que lo invoca. Primero le exigirĆ” +la contraseƱa vigente, y a continuaciĆ³n pedirĆ” dos veces la nueva para +prevenir errores de escritura. + +La invocaciĆ³n del programa con los parĆ”metros +.IR usuario +y +.IR contraseƱa +sĆ³lo puede realizarse desde la cuenta de superusuario. + +Utilizando la invocaciĆ³n sĆ³lo con el parĆ”metro +.IR usuario +, el +superusuario puede cambiar la contraseƱa para ese +.IR usuario . + +En este caso no se exige al superusuario la contraseƱa vigente para el usuario, +pero las reglas para validar contraseƱas se siguen aplicando a menos que se +utilice la opciĆ³n +.B "\-o". +El superusuario puede tener razones legĆ­timas para elegir una contraseƱa no +conforme a las reglas. + + +El uso de los dos parĆ”metros asigna al +.IR usuario " la " contraseƱa +indicada en el segundo parĆ”metro. Puede ser Ćŗtil cuando se debe dar a muchos +usuarios una contraseƱa inicial predefinida. Pero tambiĆ©n puede ser +extremadamente peligroso. Un simple fallo en un programa podrĆ­a cambiar la +contraseƱa del superusuario (root) a cualquier cosa desconocida. + +Indicar una cadena vacĆ­a como el segundo parĆ”metro borra la contraseƱa para +el usuario, pero sĆ³lo en combinaciĆ³n de la opciĆ³n +.B "\-o". + +Los cambios de contraseƱa pueden registrarse utilizando el servicio +.BR syslog (3), +dependiendo de las definiciones hechas en tiempo de compilaciĆ³n del programa +(estando esta caracterĆ­stica activa por omisiĆ³n). +Si es asĆ­, todos los cambios se registrarĆ”n a un nivel bajo como auth.notice, +excepto para cambiar la contraseƱa del superusuario (root); en este caso se +registrarĆ”n con nivel auth.warning. + +.SH OPCIONES +.TP +.B "\-f, \-\-fullname" +Cambia el nombre completo del usuario (el campo GECOS del registro de +contraseƱas). Invoca el programa /usr/bin/chfn utilizando los parĆ”metros +que ha recibido que no son opciones. + +.TP +.B "\-o, \-\-force" +Desactiva las verificaciones de validaciĆ³n sobre la nueva contraseƱa . SĆ³lo +puede ser utilizada por el superusuario, y estĆ” pensado para permitirle +asignar contraseƱas iniciales simples. + +.TP +.B "\-s, \-\-shell" +Cambia el shell del usuario mediante la invocaciĆ³n del programa /usr/bin/chsh +con los parĆ”metros recibidos que no son opciones. + +.TP +.B "\-q, \-\-quiet, \-\-silent" +En este modo de funcionamiento passwd no indica que la contraseƱa se haya +cambiado. + +.TP +.B "\-v, \-V, \-\-version" +Muestra informaciĆ³n acerca de la versiĆ³n del programa y finaliza. + +.SH REGLAS DE CONTRASEƑAS +La nueva contraseƱa debe cumplir estas reglas: +.TP +o +tener como mĆ­nimo seis caracteres; + +.TP +o +no ser igual a la contraseƱa anterior; + +.TP +o +contener caracteres que pertenezcan, como mĆ­nimo, a dos de las +siguientes categorĆ­as: mayĆŗsculas y minĆŗsculas, dĆ­gitos y caracteres no +alfanumĆ©ricos; + +.TP +o +no debe coincidir ni con el nombre del usuario, ni con ninguna de las palabras +que forman su nombre completo (real), tanto en orden normal como inverso, ni +al principio ni al final. + +.SH FALLOS (BUGS) + +Si cambia de opiniĆ³n no hay escape del programa. InsistirĆ” en obtener una +contraseƱa nueva hasta que sea muerto (mediante kill) desde otro terminal. +(Esto es provocado por un fallo en getpass(3): e ignora las seƱales.) + +.SH FICHEROS +.TP +.I /etc/passwd +El archivo que contiene las contraseƱas. +.SH "VƉASE TAMBIƉN" +.BR group (5), +.BR passwd (5), +.BR shadow (5) +.SH AUTOR +Peter Orbaek (poe@daimi.aau.dk). +.br +Martin Schulze (joey@infodrom.north.de) con extensas mejoras y reescrituras. +.br +.SH MANTENIMIENTO +Nicolai Langfeldt (janl@math.uio.no) diff --git a/man/es/man1/su.1 b/man/es/man1/su.1 new file mode 100644 index 00000000..1acf8c7d --- /dev/null +++ b/man/es/man1/su.1 @@ -0,0 +1,139 @@ +.\" \-*\- nroff \-*\- +.\"Translated 21 Jul 1998 by Javi Diaz (javid@si.upc.es) +.TH SU 1 "Utilidades Shell de GNU" "FSF" +.SH NOMBRE +su \- ejecuta una shell con identificadores de grupo y de usuario distintos +.SH SINOPSIS +.B su +[\-flmp] [\-c comando] [\-s shell] [\-\-login] [\-\-fast] +[\-\-preserve\-environment] [\-\-command=comando] [\-\-shell=shell] [\-] +[\-\-help] [\-\-version] [usuario [arg...]] +.SH DESCRIPCIƓN +Este documento ya no es mantenido y puede ser impreciso o incompleto. La +documentaciĆ³n de Texinfo es ahora la fuente de informaciĆ³n recomendada. +.PP +Esta pĆ”gina del manual documenta la versiĆ³n GNU de +.BR su . +.B su +permite a un usuario convertirse temporalmente en otro usuario. Se ejecuta +una shell con los identificadores reales y efectivos, el identificador de +grupo, y los identificadores suplementarios del grupo del USUARIO. Si no se +especifica ningĆŗn USUARIO, por defecto se usa root, el superusuario. +La shell a ejecutar se toma de la entrada correspondiente al USUARIO en el +fichero de passwords, o /bin/sh si no se especifica ninguna en dicho fichero. +Si el USUARIO tiene password, +.B su +lo solicitarĆ”, a menos que sea ejecutado por el usuario con identificador real +0 (el superusuario). +.PP +Por defecto, +.B su +no cambia el directorio actual. +.B su +modifica las variables de entorno `HOME' y `SHELL' de acuerdo con la entrada +del fichero de passwords correspondiente al USUARIO, y si el USUARIO no es el +superusuario, coloca en las variables `USER' y `LOGNAME' el valor de USUARIO. +Por defecto, la shell ejecutada no es una shell de entrada al sistema. +.PP +Si se facilitan uno o mĆ”s ARGs, estos son pasados como argumentos adicionales +a la shell ejecutada. +.PP +.B su +no ejecuta de manera especial /bin/sh u otras shells (colocando en argv[0] el +valor "\-su", pasando \-c Ćŗnicamente a algunas shells, etc.). +.PP +En sistemas que utilicen syslog, +.B su +puede ser compilado para reportar fallo, y opcionalmente Ć©xito en syslog. +.B su +intentarĆ” utilizar syslog. +.PP +Este programa no soporta el grupo "wheel", el cual restringe quien podrĆ” +ejecutar +.B su +hacia la cuenta de root (el superusuario) ya que esta polĆ­tica podrĆ­a +ayudar a los administradores de mĆ”quinas a facilitar un uso inadecuado a otros +usuarios. +.SS OPCIONES +.TP +.I "\-c COMANDO, \-\-command=COMANDO" +Pasa el COMANDO, una Ćŗnica lĆ­nea a ejecutar, a la shell con la opciĆ³n +.I \-c +en vez de ejecutar una shell interactiva. +.TP +.I "\-f, \-\-fast" +Pasa la opciĆ³n +.I \-f +a la shell. Esto probablemente tiene sentido con +.B csh +y +.BR tcsh , +en estos casos la opciĆ³n +.I \-f +indica que no se lean los ficheros de arranque de la shell (.cshrc). +Con las shells del estilo Bourne shell, la opciĆ³n +.I \-f +deshabilita la expansiĆ³n de los patrones de fichero, la cual cosa no es +demasiado deseable. +.TP +.I "\-\-help" +Escribe un mensaje sobre el uso en la salida estĆ”ndar y acaba sin +provocar error. +.TP +.I "\-, \-l, \-\-login" +Provoca que la shell a ejecutar sea una shell de login. Lo cual significa que +se eliminan del entorno todas las variables excepto `TERM', `HOME' y `SHELL' +(las cuales se modifican como se explicĆ³ anteriormente) y `USER'y `LOGNAME' +(que se modifican, incluso para el superusuario, como se explicĆ³ anteriormente), +la variable `PATH' se aƱade al entorno con el valor por defecto que se +estableciĆ³ al compilar +.B su +, ademĆ”s de los cambios anteriores, +.B su +cambia al directorio por defecto del USUARIO. Si se antepone "\-" al nombre de +la shell a ejecutar, se leerĆ”n los ficheros de arraque pertinentes. +.TP +.I "\-m, \-p, \-\-preserve\-environment" +No se cambian las variables de entorno `HOME', `USER', `LOGNAME' ni `SHELL'. +Se ejecuta la shell especificada en la variable de entorno `SHELL' en vez +de la shell que indique la entrada para el USUARIO en el fichero /etc/passwd, +a menos que el usuario que ejecute +.B su +no sea el superusuario y la shell del USUARIO estĆ© restringida. +Una shell restringida es aquella que no estĆ” listada en el fichero /etc/shells +o en una lista generada al compilar +.B su +si dicho fichero no existe. Algunos detalles de lo que hace esta opciĆ³n pueden +ser invalidadas mediante la opciĆ³n +.I \-\-login +y +.IR \-\-shell . +.TP +.I "\-s, \-\-shell shell" +Ejecuta la SHELL en vez de la shell del USUARIO especificada en el fichero +\fI/etc/passwd\fR, a menos que el usuario que ejecute +.B su +no sea el superusuario y la shell del USUARIO estĆ© restringida. +.TP +.I "\-\-version" +Escribe informaciĆ³n sobre la versiĆ³n en la salida estĆ”ndar y acaba sin +provocar error. + +.SH Por que GNU no soporta el grupo "wheel" (por Richard Stallman) +A veces, algunos listillos intentan hacerse con el poder total +sobre el resto de usuarios. Por ejemplo, en 1984, un grupo de usuarios del +laboratorio de Inteligencia Artificial del MIT decidieron tomar el poder +cambiando el password de operador del sistema Twenex y manteniendolo secreto +para el resto de usuarios. (De todas maneras, hubiera sido posible desbaratar +la situaciĆ³n y devolver el control a los usuarios legĆ­timos parcheando el +kernel, pero no sabrĆ­a como realizar esta operaciĆ³n en un sistema Unix.) +.PP +Sin embargo, casualmente alguien contĆ³ el secreto. Mediante el uso habitual de +.B su +una vez que alguien conoce el password de root puede contarselo al resto de +usuarios. El grupo "wheel" harĆ” que esto sea imposible, protegiendo asĆ­ el poder +de los superusuarios. +.PP +Yo estoy del lado de las masas, no de los superusuarios. Si eres de los que +estan de acuerdo con los jefes y los administradores de sistemas en cualquier +cosa que hagan, al principio encontrarĆ”s esta idea algo extraƱa. diff --git a/man/es/man5/passwd.5 b/man/es/man5/passwd.5 new file mode 100644 index 00000000..bff54128 --- /dev/null +++ b/man/es/man5/passwd.5 @@ -0,0 +1,138 @@ +.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr 2 11:32:09 MET DST 1993 +.\" +.\" This is free documentation; you can redistribute it and/or +.\" modify it under the terms of the GNU General Public License as +.\" published by the Free Software Foundation; either version 2 of +.\" the License, or (at your option) any later version. +.\" +.\" The GNU General Public License's references to "object code" +.\" and "executables" are to be interpreted as the output of any +.\" document formatting or typesetting system, including +.\" intermediate and printed output. +.\" +.\" This manual is distributed in the hope that it will be useful, +.\" but WITHOUT ANY WARRANTY; without even the implied warranty of +.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.\" GNU General Public License for more details. +.\" +.\" You should have received a copy of the GNU General Public +.\" License along with this manual; if not, write to the Free +.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, +.\" USA. +.\" +.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu) +.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu) +.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl) +.\" Translated Tue Jul 23 11:06:10 1996 by Diego Novillo (diego@cs.ualberta.ca) +.\" Modified Mon Jan 5 20:24:40 MET 1998 by Michael Haardt +.\" (michael@cantor.informatik.rwth-aachen.de) +.\" Translation revised June 6 1998 +.\" Translation revised Wed Aug 19 1998 by Juan Piernas +.\" +.TH PASSWD 5 "5 Enero 1998" "Linux" "Formatos de Fichero" +.SH NOMBRE +passwd \- fichero de contraseƱas +.SH DESCRIPCIƓN +.B Passwd +es un fichero de texto que contiene una lista de las cuentas del sistema, +proporcionando para cada cuenta cierta informaciĆ³n Ćŗtil como el +identificador (ID) de usuario, el ID de grupo, el directorio `home', el +intĆ©rprete de Ć³rdenes, etc. +Con frecuencia, tambiĆ©n contiene la contraseƱa cifrada de cada cuenta. +Este fichero debe tener permiso de lectura para todos (muchas utilidades, +como +.BR ls (1), +lo usan para traducir el nĆŗmero de identificador de +usuario (UID) al nombre del usuario), pero sĆ³lo el superusuario debe +poder escribirlo. +.PP +En los buenos viejos tiempos no habĆ­a grandes problemas con estos permisos +generales de lectura. Cualquiera podĆ­a leer contraseƱas cifradas, ya que el +hardware era demasiado lento para descifrar una clave bien elegida +y, ademĆ”s, la suposiciĆ³n bĆ”sica solĆ­a ser que la comunidad de usuarios era +bastante amigable. Hoy en dĆ­a, mucha gente +utiliza alguna versiĆ³n del paquete \fBshadow password\fP, donde en +.I /etc/passwd +encontramos *'s en lugar de las claves cifradas; Ć©stas se encuentran +en el fichero +.IR /etc/shadow , +el cual sĆ³lo lo puede leer el superusuario. +.PP +Sin tener en cuenta si se utilizan o no `shadow passwords', muchos +administradores de sistemas usan un asterisco en el campo de contraseƱa +para asegurarse de que dicho usuario no se puede autenticar a sĆ­ +mismo usando una contraseƱa. (No obstante, vea la secciĆ³n OBSERVACIONES mĆ”s abajo). +.PP +Si crea una nueva cuenta, coloque primero un asterisco en el campo de +contraseƱa y a continuaciĆ³n use +.BR passwd (1) +para asignarla. +.PP +Hay una entrada por lĆ­nea, cada lĆ­nea tiene el siguiente formato: +.sp +.RS +cuenta:contraseƱa:UID:GID:GECOS:directorio:intĆ©rprete +.RE +.sp +Las descripciones de los campos son las siguientes: +.sp +.RS +.TP 1.0in +.I cuenta +el nombre del usuario en el sistema. No debe contener letras mayĆŗsculas. +.TP +.I contraseƱa +la contraseƱa cifrada del usuario o un asterisco. +.TP +.I UID +el nĆŗmero del ID de usuario. +.TP +.I GID +el nĆŗmero del ID de grupo primario para este usuario. +.TP +.I GECOS +Este campo es opcional y sĆ³lo se usa para propĆ³sitos de informaciĆ³n. +Normalmente, contiene el nombre completo del usuario. GECOS significa General +Electric Comprehensive Operating System, que se renombrĆ³ a GCOS cuando +la divisiĆ³n de grandes sistemas de GE se vendiĆ³ a Honeywell. Dennis Ritchie +ha dicho: "Algunas veces enviĆ”bamos una salida de impresora o unos trabajos +por lotes a la mĆ”quina GCOS. El campo gcos en el fichero password era el +lugar para esconder la informaciĆ³n de la $IDENTcard. No era elegante." +.TP +.I directorio +el directorio base del usuario ($HOME). +.TP +.I intĆ©rprete +el programa que se debe ejecutar cuando el usuario ingresa (si estĆ” vacĆ­o, +se utiliza +.BR /bin/sh ). +Si se establece a un ejecutable que no existe, el usuario serĆ” incapaz de +entrar al sistema a travĆ©s de +.BR login (1). +.RE +.SH OBSERVACIONES +Para crear un grupo de usuarios, sus GIDs deben ser iguales y debe +haber una entrada en \fI/etc/group\fP, de lo contrario no existirĆ” ningĆŗn +grupo. +.PP +Si la contraseƱa cifrada es un asterisco, el usuario serĆ” incapaz de entrar +al sistema usando +.BR login (1), +pero todavĆ­a podrĆ” entrar utilizando +.BR rlogin (1), +ejecutar procesos existentes e iniciar nuevos procesos a travĆ©s de +.BR rsh (1), +.BR cron (1), +.BR at (1), +filtros de correo, etc. Intentar cerrar una cuenta cambiando simplemente el +campo del intĆ©rprete de Ć³rdenes produce el mismo resultado y permite +ademĆ”s el uso de +.BR su (1). +.SH FICHEROS +.I /etc/passwd +.SH "VƉASE TAMBIƉN" +.BR passwd (1), +.BR login (1), +.BR su (1), +.BR group (5), +.BR shadow (5) diff --git a/man/da/man8/vigr.8 b/man/es/man8/vigr.8 similarity index 100% rename from man/da/man8/vigr.8 rename to man/es/man8/vigr.8 diff --git a/man/es/man8/vipw.8 b/man/es/man8/vipw.8 new file mode 100644 index 00000000..b33d14be --- /dev/null +++ b/man/es/man8/vipw.8 @@ -0,0 +1,92 @@ +.\" Copyright (c) 1983, 1991 The Regents of the University of California. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" from: @(#)vipw.8 6.7 (Berkeley) 3/16/91 +.\" $Id$ +.\" +.\" +.\" Translated into Spanish on Fri Aug 28 1998 by Gerardo Aburruzaga +.\" GarcĆ­a +.\" +.Dd 7 Julio 1996 +.Dt VIPW 8 +.Os Util-Linux 2.6 +.Sh NOMBRE +.Nm vipw, vigr +.Nd editan los ficheros de cuentas y grupos +.Sh SINOPSIS +.Nm vipw +.Op -V +.Op --version +.Pp +.Nm vigr +.Op -V +.Op --version +.Sh DESCRIPCIƓN +.Nm Vipw +edita el fichero de cuentas tras establecer los bloqueos apropiados, y +hace cualquier procesado que sea necesario despuĆ©s de que el fichero +de cuentas se desbloquee. +Si el fichero de cuentas ya estĆ” bloqueado para la ediciĆ³n por parte +de otro usuario, +.Nm vipw +le pedirĆ” que lo intente de nuevo mĆ”s tarde. El editor predeterminado +para +.Nm vipw +suele ser, como indica su nombre, +.Xr vi 1 . +.br +.Nm Vigr +edita el fichero de grupos de la misma manera que vipw. +.Sh ENTORNO +Si la siguiente variable de entorno existe, serĆ” utilizada por +.Nm vipw : +.Bl -tag -width EDITOR +.It Ev EDITOR +El editor especificado por la cadena +.Ev EDITOR +serĆ” llamado en vez del predeterminado +.Xr vi 1 . +.El +.Sh VƉASE TAMBIƉN +.Xr passwd 1 , +.Xr vi 1 , +.Xr passwd 5 +.Sh HISTORIA +La orden +.Nm vipw +apareciĆ³ en +.Bx 4.0 . +.br +La orden +.Nm vigr +apareciĆ³ en +Util-Linux 2.6. diff --git a/man/fi/Makefile.in b/man/fi/Makefile.in deleted file mode 100644 index 40b0ecf8..00000000 --- a/man/fi/Makefile.in +++ /dev/null @@ -1,543 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/fi -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/fi -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = \ - man1/chfn.1 \ - man1/chsh.1 \ - man1/su.1 - - -# Outdated manpages -# passwd.1 (https://bugs.launchpad.net/ubuntu/+bug/384024) -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/fi/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/fi/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am tags-am uninstall uninstall-am uninstall-man \ - uninstall-man1 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/fi/man1/passwd.1 b/man/fi/man1/passwd.1 new file mode 100644 index 00000000..930300f4 --- /dev/null +++ b/man/fi/man1/passwd.1 @@ -0,0 +1,95 @@ +.\" Hey Emacs! This file is -*- nroff -*- source. +.\" (above from Rik Faith..:*) +.\" Copyright (c) Andrew G. Morgan 1996, +.\" Proofread by Raimo Koski, Nov-Dec. 1999 +.\" Translated into Finnish by Tuomo PyhƤlƤ (tuomo@lesti.kpnet.fi) +.\" Proofread by Raimo Koski (rkoski@pp.weppi.fi) +.\" +.TH PASSWD 1 "28. Huhtikuuta 1998" "SimplePAMApps 0.50" "KƤyttƤjƤn sovellusohjelmat" +.SH NIMI +passwd \- pƤivitƤ kƤyttƤjƤn todennustunnukset + +.SH "YLEISKATSAUS" +.B passwd [-u] [kƤyttƤjƤnimi] +.sp 2 +.SH KUVAUS +Passwd on apuohjelma kƤyttƤjƤn todennustunnusten +pƤivittƤmiseen. Todennustunnus on lƤhes kaikissa jƤrjestelmissƤ +salasana ja termejƤ kƤytetƤƤn jƤljempƤnƤ ristiin. + +.sp +Ainoastaan pƤƤkƤyttƤjƤ voi pƤivittƤƤ toisen kƤyttƤjƤn salasanan syƶttƤmƤllƤ +.BR kƤyttƤjƤnimen ". " +Optiota +.BR -u +kƤytetƤƤn, kun halutaan kertoa passwd:lle, ettƤ sen tulisi pƤivittƤƤ vain +vanhentuneet salasanat (todennustunnukset) sƤilyttƤen vanhentumattomat +salasanat entisellƤƤn. + +.sp +Passwd kƤyttƤƤ +.BR "Linux-PAM" +ohjelmointirajapintaa ja se voidaan mƤƤrittƤƤ kƤyttƤmƤƤn +haluttuja moduuleita salasanaa vaihtavan kƤyttƤjƤn todennukseen ja +salasanan vaihtoon. Alustaessaan ohjelmointirajapintaa passwd toimii nimellƤ +"passwd". + +.sp +Yksinkertainen osio +.I Linux-PAM +mƤƤritystiedostossa passwd:lle olisi: +.br + +.br + # +.br + # passwd palvelun mƤƤrittely, joka tarkistaa ettei ehdotettu salasana +.br + # ole helposti arvattavissa, ennen salasanan pƤivittƤmistƤ. +.br + # +.br + passwd password requisite pam_cracklib.so retry=3 +.br + passwd password required pam_pwdb.so use_authtok +.br + # + +.sp +Huomaa, ettƤ passwd ei tarvitse muun tyyppisten moduulien mƤƤrittelyƤ. + +.SH PALUUARVO + +VirheettƶmƤn suorituksen jƤlkeen +.B passwd +pƤƤttƤƤ toimintansa paluuarvolla 0. Paluuarvo 1 palautetaan virheen +sattuessa. Virheilmoitukset kirjoitetaan virhetulosteeseen. + +.SH "NOUDATTAA:" +.br +.BR Linux-PAM +(Pluggable Authentication modules for Linux). + +.SH TIEDOSTOT +.br +.B /etc/pam.conf +- the +.BR Linux-PAM +asetus tiedosto + +.SH BUGIT +.sp 2 +Ei tunnettuja virheitƤ. + +.SH "KATSO MYƖS" +.BR pam (8), +ja +.BR pam_chauthok (2). +.sp +Monipuolisempi selostus tƤmƤn ohjelman ja Linux-PAMin asetuksista +lƶytyy englanninkielisestƤ +.BR "'Linux-PAM System Adminstarators' Guide'":sta +WWW-osoitteesta: +.br +.I +.\" TERM authentication_token todennustunnus diff --git a/man/fr/Makefile.in b/man/fr/Makefile.in deleted file mode 100644 index b339c00b..00000000 --- a/man/fr/Makefile.in +++ /dev/null @@ -1,749 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@ENABLE_SUBIDS_TRUE@am__append_2 = $(man_subids) -@USE_PAM_TRUE@am__append_3 = $(man_nopam) -@ENABLE_SUBIDS_FALSE@am__append_4 = $(man_subids) -DIST_COMMON = $(srcdir)/../generate_translations.mak \ - $(srcdir)/../generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am -subdir = man/fr -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/fr -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = man1/chage.1 man1/chfn.1 man8/chgpasswd.8 man8/chpasswd.8 \ - man1/chsh.1 man1/expiry.1 man5/faillog.5 man8/faillog.8 \ - man3/getspnam.3 man1/gpasswd.1 man8/groupadd.8 man8/groupdel.8 \ - man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ - man8/grpconv.8 man8/grpunconv.8 man5/gshadow.5 man8/lastlog.8 \ - man1/login.1 man5/login.defs.5 man8/logoutd.8 man1/newgrp.1 \ - man8/newusers.8 man8/nologin.8 man1/passwd.1 man5/passwd.5 \ - man8/pwck.8 man8/pwconv.8 man8/pwunconv.8 man1/sg.1 \ - man3/shadow.3 man5/shadow.5 man1/su.1 man5/suauth.5 \ - man8/useradd.8 man8/userdel.8 man8/usermod.8 man8/vigr.8 \ - man8/vipw.8 $(am__append_1) $(am__append_2) -man_nopam = \ - man5/limits.5 \ - man5/login.access.5 \ - man5/porttime.5 - -man_subids = \ - man1/newgidmap.1 \ - man1/newuidmap.1 \ - man5/subgid.5 \ - man5/subuid.5 - -EXTRA_DIST = $(man_MANS) man1/id.1 man8/sulogin.8 $(am__append_3) \ - $(am__append_4) -LANG = $(notdir $(CURDIR)) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/fr/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/fr/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man3: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man3dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.3[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ - done; } - -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man3dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.3[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-am - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man3 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ - uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - clean-local cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man3 install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-man3 uninstall-man5 uninstall-man8 - - -@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in -@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml -@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml ../po/$(LANG).po -@ENABLE_REGENERATE_MAN_TRUE@ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@ -@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^:\1 lang="$(LANG)">:' $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^/%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(/\1 [%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/fr/man1/chage.1 b/man/fr/man1/chage.1 deleted file mode 100644 index 7c0f6482..00000000 --- a/man/fr/man1/chage.1 +++ /dev/null @@ -1,180 +0,0 @@ -'\" t -.\" Title: chage -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "CHAGE" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -chage \- Modifier les informations de validit\('e d\*(Aqun mot de passe -.SH "SYNOPSIS" -.HP \w'\fBchage\fR\ 'u -\fBchage\fR [\fIoptions\fR] \fILOGIN\fR -.SH "DESCRIPTION" -.PP -La commande -\fBchage\fR -modifie le nombre de jours entre les changements de mot de passe et la date du dernier changement\&. Ces informations sont utilis\('ees par le syst\(`eme pour d\('eterminer si un utilisateur doit changer son mot de passe\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBchage\fR -sont\ \&: -.PP -\fB\-d\fR, \fB\-\-lastday\fR\ \&\fILAST_DAY\fR -.RS 4 -Configurer le nombre du jour, \(`a compter du 1er\ \&janvier\ \&1970, o\(`u le mot de passe a \('et\('e chang\('e la derni\(`ere fois\&. La date peut aussi \(^etre exprim\('ee dans le format AAAA\-MM\-JJ (ou le format utilis\('e plus commun\('ement dans votre r\('egion)\&. -.RE -.PP -\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -Configurer la date, ou le nombre de jours \(`a compter du 1er\ \&janvier\ \&1970, \(`a partir de laquelle le compte de l\*(Aqutilisateur ne sera plus accessible\&. La date peut aussi \(^etre exprim\('ee dans le format AAAA\-MM\-JJ (ou le format plus commun\('ement utilis\('e dans votre r\('egion)\&. Un utilisateur dont le compte est bloqu\('e doit contacter l\*(Aqadministrateur syst\(`eme pour pouvoir utiliser \(`a nouveau le syst\(`eme\&. -.sp -Une valeur de -\fI\-1\fR -pour -\fIDATE_FIN_VALIDIT\('E\fR -aura pour effet de supprimer la date de fin de validit\('e\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -Configurer le nombre de jours d\*(Aqinactivit\('e, apr\(`es qu\*(Aqun mot de passe ait d\('epass\('e la date de fin de validit\('e, avant que le compte ne soit bloqu\('e\&. La valeur -\fIDUR\('EE_INACTIVIT\('E\fR -est le nombre de jours d\*(Aqinactivit\('e\&. Un utilisateur dont le compte est bloqu\('e doit contacter l\*(Aqadministrateur syst\(`eme avant de pouvoir utiliser de nouveau le syst\(`eme\&. -.sp -Une valeur de -\fI\-1\fR -pour -\fIDUR\('EE_INACTIVIT\('E\fR -supprime la dur\('ee d\*(Aqinactivit\('e pour un compte\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -Afficher les informations sur l\*(Aq\(^age des comptes\&. -.RE -.PP -\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR -.RS 4 -D\('efinir le nombre minimum de jours entre chaque changement de mot de passe \(`a -\fIMIN_DAYS\fR\&. Une valeur de z\('ero pour ce champ indique que l\*(Aqutilisateur peut changer son mot de passe quand il le souhaite\&. -.RE -.PP -\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR -.RS 4 -Configurer le nombre maximum de jours pendant lesquels un mot de passe est valable\&. Quand -\fIJOURS_MAX\fR -plus -\fIDERNIER_JOUR\fR -est inf\('erieur \(`a la date actuelle, l\*(Aqutilisateur est oblig\('e de changer son mot de passe avant de pouvoir utiliser son compte\&. Cet \('ev\('enement peut \(^etre d\('eclench\('e plus t\(^ot gr\(^ace \(`a l\*(Aqoption -\fB\-W\fR -qui pr\('evient l\*(Aqutilisateur \(`a l\*(Aqavance par un message d\*(Aqalerte\&. -.sp -Une valeur de -\fI\-1\fR -pour -\fIJOURS_MAX\fR -supprime la v\('erification de validit\('e\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR -.RS 4 -Configurer le nombre de jours d\*(Aqavertissement avant que le changement de mot de passe ne soit obligatoire\&. La valeur -\fIDUR\('EE_AVERTISSEMENT\fR -est le nombre de jours pr\('ec\('edant la fin de validit\('e pendant lesquels un utilisateur sera pr\('evenu que son mot de passe est sur le point d\*(Aqarriver en fin de validit\('e\&. -.RE -.PP -Si aucune de ces options n\*(Aqest donn\('ee, -\fBchage\fR -utilise un mode interactif, demandant confirmation \(`a l\*(Aqutilisateur pour les valeurs de tous les champs\&. Entrez la nouvelle valeur pour modifier la valeur du champ, ou laissez la ligne vide pour conserver la valeur actuelle\&. La valeur actuelle est affich\('ee entre crochets\&. -.SH "NOTE" -.PP -Le programme -\fBchage\fR -n\('ecessite l\*(Aqutilisation d\*(Aqun fichier de mots de passe cach\('es (\(Fo\ \&shadow password file\ \&\(Fc)\&. -.PP -La commande -\fBchage\fR -est r\('eserv\('ee \(`a l\*(Aqutilisateur root, sauf pour l\*(Aqoption -\fB\-l\fR, qui peut \(^etre utilis\('ee par un utilisateur non privil\('egi\('e pour lui permettre de savoir quand son mot de passe ou son compte arrivera en fin de validit\('e\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBchage\fR -retourne les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI1\fR -.RS 4 -permission refus\('ee -.RE -.PP -\fI2\fR -.RS 4 -erreur de syntaxe -.RE -.PP -\fI15\fR -.RS 4 -impossible de trouver le fichier des mots de passe cach\('es -.RE -.SH "VOIR AUSSI" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/fr/man1/chfn.1 b/man/fr/man1/chfn.1 deleted file mode 100644 index 2519047b..00000000 --- a/man/fr/man1/chfn.1 +++ /dev/null @@ -1,160 +0,0 @@ -'\" t -.\" Title: chfn -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "CHFN" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -chfn \- Modifier le nom complet et les informations associ\('ees \(`a un utilisateur -.SH "SYNOPSIS" -.HP \w'\fBchfn\fR\ 'u -\fBchfn\fR [\fIoptions\fR] [\fILOGIN\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBchfn\fR -modifie le nom complet d\*(Aqun utilisateur, son num\('ero de bureau, son num\('ero de t\('el\('ephone professionnel, son extension, et son num\('ero de t\('el\('ephone personnel\&. Ces informations sont g\('en\('eralement affich\('ees par -\fBfinger\fR(1) -ou d\*(Aqautres programmes similaires\&. Un utilisateur normal ne peut modifier que les informations associ\('ees \(`a son propre compte, avec les restrictions pr\('ecis\('ees dans -/etc/login\&.defs\&. (Par d\('efaut, les utilisateurs ne peuvent pas modifier leur nom complet)\&. Le superutilisateur peut modifier n\*(Aqimporte quel champ pour n\*(Aqimporte quel compte\&. De plus, seul le superutilisateur peut utiliser l\*(Aqoption -\fB\-o\fR -pour modifier les parties non pr\('ecis\('ees du champ GECOS\&. -.PP -Ces champs ne doivent contenir aucun \(Fo\ \&:\ \&\(Fc\&. \(`A l\*(Aqexception du champ -\fIautre\fR, ils ne doivent contenir aucune virgule ou signe \('egal\&. Il est \('egalement recommand\('e d\*(Aq\('eviter les caract\(`eres non US\-ASCII, mais cela n\*(Aqest impos\('e que pour les num\('eros de t\('el\('ephone\&. Le champ -\fIautre\fR -est utilis\('e pour garder des informations de compte utilis\('ees par d\*(Aqautres applications\&. -.SH "OPTIONS" -.PP -Les options applicables \(`a la commande -\fBchfn\fR -sont\ \&: -.PP -\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fIFULL_NAME\fR -.RS 4 -Modifier le nom complet de l\*(Aqutilisateur\&. -.RE -.PP -\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fIHOME_PHONE\fR -.RS 4 -Modifier le num\('ero de t\('el\('ephone personnel de l\*(Aqutilisateur\&. -.RE -.PP -\fB\-o\fR, \fB\-\-other\fR\ \&\fIOTHER\fR -.RS 4 -Modifier les informations GECO de l\*(Aqutilisateur\&. Ce champ est utilis\('e pour enregistrer les informations de l\*(Aqutilisateur utilis\('ees par d\*(Aqautres applications et peut \(^etre chang\('e seulement par un superutilisateur\&. -.RE -.PP -\fB\-r\fR, \fB\-\-room\fR\ \&\fIROOM_NUMBER\fR -.RS 4 -Modifier le num\('ero de bureau de l\*(Aqutilisateur\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fIWORK_PHONE\fR -.RS 4 -Modifier le num\('ero de t\('el\('ephone professionnel de l\*(Aqutilisateur\&. -.RE -.PP -Si aucune option n\*(Aqest s\('electionn\('ee, -\fBchfn\fR -op\(`ere de mani\(`ere interactive, demandant \(`a l\*(Aqutilisateur d\*(Aqentrer les valeurs actuelles de chacun des champs\&. Entrer une nouvelle valeur pour la modifier, ou de laisser une ligne blanche pour conserver la valeur actuelle\&. La valeur actuelle est indiqu\('ee entre crochets (\fB[ ]\fR)\&. En l\*(Aqabsence d\*(Aqoption, -\fBchfn\fR -op\(`ere sur l\*(Aqutilisateur actuel\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBCHFN_AUTH\fR (bool\('een) -.RS 4 -La valeur -\fIyes\fR -indique que le programme -\fBchfn\fR -n\('ecessitera une authentification avant de proc\('eder \(`a tout changement, \(`a moins qu\*(Aqils ne soient ex\('ecut\('es par le superutilisateur\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (cha\(^ine de caract\(`eres) -.RS 4 -Ce param\(`etre pr\('ecise quelles valeurs du champ -\fIgecos\fR -du fichier -passwd -peuvent \(^etre modifi\('ees par les utilisateurs ordinaires \(`a l\*(Aqaide du programme -\fBchfn\fR\&. Il est constitu\('e d\*(Aqune combinaison de lettres parmi -\fIf\fR, -\fIr\fR, -\fIw\fR -et -\fIh\fR, correspondant respectivement au nom complet, au num\('ero de bureau, au num\('ero de t\('el\('ephone professionnel et au num\('ero de t\('el\('ephone personnel\&. Pour des raisons de compatibilit\('e avec des versions ant\('erieures, -\fIyes\fR -est \('equivalent \(`a -\fIrwh\fR -et -\fIno\fR -\(`a -\fIfrwh\fR\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, seul le superutilisateur peut effectuer des modifications\&. Pour une configuration encore plus restrictive, il sera pr\('ef\('erable de ne pas installer -\fBchfn\fR -avec l\*(Aqindicateur SUID positionn\('e\&. -.RE -.PP -\fBLOGIN_STRING\fR (cha\(^ine de caract\(`eres) -.RS 4 -La cha\(^ine de caract\(`eres utilis\('ee pour l\*(Aqinvite de mot de passe\&. La valeur par d\('efaut est d\*(Aqutiliser "Password: " (\(Fo\ \&mot de passe\ \&:\ \&\(Fc), ou une traduction de cette cha\(^ine\&. Si vous d\('efinissez cette variable, l\*(Aqinvite ne sera pas traduite\&. -.sp -Si la cha\(^ine contient -\fI%s\fR, ces caract\(`eres seront remplac\('es par le nom de l\*(Aqutilisateur\&. -.RE -.SH "FICHIERS" -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBchsh\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/fr/man1/chsh.1 b/man/fr/man1/chsh.1 deleted file mode 100644 index e82f2ef9..00000000 --- a/man/fr/man1/chsh.1 +++ /dev/null @@ -1,118 +0,0 @@ -'\" t -.\" Title: chsh -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "CHSH" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -chsh \- Changer l\*(Aqinterpr\('eteur de commandes initial -.SH "SYNOPSIS" -.HP \w'\fBchsh\fR\ 'u -\fBchsh\fR [\fIoptions\fR] [\fILOGIN\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBchsh\fR -modifie l\*(Aqinterpr\('eteur de commandes initial (\(Fo\ \&login shell\ \&\(Fc) de l\*(Aqutilisateur qui sera invoqu\('e lors des connexions de l\*(Aqutilisateur\&. Un utilisateur normal ne peut changer que l\*(Aqinterpr\('eteur associ\('e \(`a son propre compte\&. Le superutilisateur peut changer l\*(Aqinterpr\('eteur de commandes initial de n\*(Aqimporte quel compte\&. -.SH "OPTIONS" -.PP -Les options applicables \(`a la commande -\fBchsh\fR -sont\ \&: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Nom du nouvel interpr\('eteur de commandes initial (\(Fo\ \&login shell\ \&\(Fc) de l\*(Aqutilisateur\&. Si ce champ est vide, le syst\(`eme s\('electionnera l\*(Aqinterpr\('eteur de commandes initial par d\('efaut\&. -.RE -.PP -Quand l\*(Aqoption -\fB\-s\fR -n\*(Aqest pas s\('electionn\('ee, -\fBchsh\fR -op\(`ere de fa\(,con interactive, demandant \(`a l\*(Aqutilisateur quel doit \(^etre le nouvel interpr\('eteur de commandes initial (\(Fo\ \&login shell\ \&\(Fc)\&. L\*(Aqutilisateur pourra entrer une nouvelle valeur pour modifier l\*(Aqinterpr\('eteur, ou laisser la ligne blanche pour conserver l\*(Aqinterpr\('eteur actuel\&. L\*(Aqinterpr\('eteur actuel est indiqu\('e entre crochets (\fI[\ \&]\fR)\&. -.SH "NOTE" -.PP -La seule restriction plac\('ee sur l\*(Aqinterpr\('eteur de commandes initial (\(Fo\ \&login shell\ \&\(Fc) est que cette commande doit faire partie de -/etc/shells, \(`a moins qu\*(Aqelle ne soit invoqu\('ee par le superutilisateur, qui peut ajouter n\*(Aqimporte quelle valeur\&. Un compte avec un interpr\('eteur de commandes initial restreint ne peut pas changer son interpr\('eteur\&. Pour cette raison, il est d\('econseill\('e de placer -/bin/rsh -dans -/etc/shells, puisqu\*(Aqune modification accidentelle vers un interpr\('eteur restreint emp\(^echera alors l\*(Aqutilisateur de revenir ensuite \(`a l\*(Aqinterpr\('eteur pr\('ec\('edent\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBCHSH_AUTH\fR (bool\('een) -.RS 4 -La valeur -\fIyes\fR -indique que le programme -\fBchsh\fR -n\('ecessitera une authentification avant de proc\('eder \(`a tout changement, \(`a moins qu\*(Aqils ne soient ex\('ecut\('es par le superutilisateur\&. -.RE -.PP -\fBLOGIN_STRING\fR (cha\(^ine de caract\(`eres) -.RS 4 -La cha\(^ine de caract\(`eres utilis\('ee pour l\*(Aqinvite de mot de passe\&. La valeur par d\('efaut est d\*(Aqutiliser "Password: " (\(Fo\ \&mot de passe\ \&:\ \&\(Fc), ou une traduction de cette cha\(^ine\&. Si vous d\('efinissez cette variable, l\*(Aqinvite ne sera pas traduite\&. -.sp -Si la cha\(^ine contient -\fI%s\fR, ces caract\(`eres seront remplac\('es par le nom de l\*(Aqutilisateur\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shells -.RS 4 -Liste des interpr\('eteurs de commandes initiaux valables\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBchfn\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/fr/man1/expiry.1 b/man/fr/man1/expiry.1 deleted file mode 100644 index 57388e6f..00000000 --- a/man/fr/man1/expiry.1 +++ /dev/null @@ -1,76 +0,0 @@ -'\" t -.\" Title: expiry -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "EXPIRY" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -expiry \- V\('erifier et s\('ecuriser la dur\('ee de validit\('e des mots de passe -.SH "SYNOPSIS" -.HP \w'\fBexpiry\fR\ 'u -\fBexpiry\fR \fIoption\fR -.SH "DESCRIPTION" -.PP -Avec l\*(Aqoption -\fB\-c\fR, -\fBexpiry\fR -v\('erifie la validit\('e du mot de passe de l\*(Aqutilisateur actuel, et force (avec l\*(Aqoption -\fB\-f\fR) des modifications si n\('ecessaire\&. Il peut \(^etre appel\('e par un utilisateur normal\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBexpiry\fR -sont\ \&: -.PP -\fB\-c\fR, \fB\-\-check\fR -.RS 4 -V\('erifier la dur\('ee de validit\('e du mot de passe de l\*(Aqutilisateur courant\&. -.RE -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Forcer le changement du mot de passe si l\*(Aqutilisateur courant poss\(`ede un mot de passe qui a expir\('e\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/fr/man1/gpasswd.1 b/man/fr/man1/gpasswd.1 deleted file mode 100644 index cce77dfd..00000000 --- a/man/fr/man1/gpasswd.1 +++ /dev/null @@ -1,225 +0,0 @@ -'\" t -.\" Title: gpasswd -.\" Author: Rafal Maszkowski -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "GPASSWD" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -gpasswd \- Administrer /etc/group et /etc/gshadow -.SH "SYNOPSIS" -.HP \w'\fBgpasswd\fR\ 'u -\fBgpasswd\fR [\fIoption\fR] \fIgroupe\fR -.SH "DESCRIPTION" -.PP -La commande -\fBgpasswd\fR -est utilis\('ee pour administrer -/etc/groupet /etc/gshadow\&. Chaque groupe peut avoir -des administrateurs, -des membres et un mot de passe\&. -.PP -Les administrateurs syst\(`eme peuvent utiliser l\*(Aqoption -\fB\-A\fR -pour d\('efinir un ou des administrateurs de groupe et l\*(Aqoption -\fB\-M\fR -pour d\('efinir les membres\&. Ils ont tous les droits des administrateurs et membres du groupe\&. -.PP -\fBgpasswd\fR -appel\('ee par -un administrateur de groupe -avec un nom de groupe demande seulement le nouveau mot de passe du -\fIgroupe\fR\&. -.PP -Si un mot de passe est configur\('e, les membres peuvent toujours utiliser -\fBnewgrp\fR(1) -sans mot de passe\&. Les non membres doivent fournir le mot de passe\&. -.SS "Notes sur les mots de passe de groupe" -.PP -Les mots de passe de groupe repr\('esentent naturellement un risque en mati\(`ere de s\('ecurit\('e, puisque plusieurs personnes ont connaissance du mot de passe\&. Cependant, les groupes sont utiles pour permettre la coop\('eration entre diff\('erents utilisateurs\&. -.SH "OPTIONS" -.PP -\(`A part les options -\fB\-A\fR -et -\fB\-M\fR, les options ne peuvent pas \(^etre combin\('ees\&. -.PP -Les options disponibles pour la commande -\fBgpasswd\fR -sont\ \&: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser\fR -.RS 4 -Ajouter l\*(Aq\fIutilisateur\fR -\(`a ce -\fIgroupe\fR\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser\fR -.RS 4 -Enlever l\*(Aq\fIutilisateur\fR -de ce -\fIgroupe\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-Q\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\-password\fR -.RS 4 -Enlever le mot de passe pour ce -\fIgroupe\fR\&. Le mot de passe du groupe sera vide\&. Seuls les membres du groupe seront autoris\('es \(`a utiliser -\fBnewgrp\fR -pour rejoindre ce -\fIgroupe\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-restrict\fR -.RS 4 -Restreindre l\*(Aqacc\(`es \(`a ce -\fIgroupe\fR\&. Le mot de passe du groupe est d\('efini \(`a \(Fo\ \&!\ \&\(Fc\&. Seuls les membres du groupe seront autoris\('es \(`a utiliser -\fBnewgrp\fR -pour rejoindre ce -\fIgroupe\fR\&. -.RE -.PP -\fB\-A\fR, \fB\-\-administrators\fR\ \&\fIuser\fR,\&.\&.\&. -.RS 4 -Configurer la liste des administrateurs\&. -.RE -.PP -\fB\-M\fR, \fB\-\-members\fR\ \&\fIuser\fR,\&.\&.\&. -.RS 4 -Configurer la liste des membres du groupe\&. -.RE -.SH "AVERTISSEMENTS" -.PP -Cet outil ne fonctionne que sur -les fichiers/etc/groupet /etc/gshadow\&. Par cons\('equent vous ne pouvez modifier aucun groupe NIS ou LDAP\&. Cela doit \(^etre effectu\('e sur le serveur correspondant\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBENCRYPT_METHOD\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir les algorithmes de chiffrement par d\('efaut du syst\(`eme pour coder les mots de passes (si aucun algorithme n\*(Aqa \('et\('e indiqu\('e sur la ligne de commandes)\&. -.sp -Les valeurs suivantes sont accept\('ees\ \&: -\fIDES\fR -(par d\('efaut), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Remarque\ \&: ce param\(`etre remplace la variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (bool\('een) -.RS 4 -Indiquer si un mot de passe doit \(^etre chiffr\('e en utilisant l\*(Aqalgorithme bas\('e sur MD5\&. Si configur\('ee \(`a -\fIyes\fR, les nouveaux mots de passe seront chiffr\('es en utilisant l\*(Aqalgorithme bas\('e sur MD5 compatible avec celui utilis\('e par les versions r\('ecentes de FreeBSD\&. Il g\(`ere des mots de passe de longueur illimit\('ee et des cha\(^ines de salage plus longues\&. Configurez\-la \(`a -\fIno\fR -pour copier les mots de passe chiffr\('es sur d\*(Aqautres syst\(`emes qui ne comprennent pas le nouvel algorithme\&. la valeur par d\('efaut est -\fIno\fR\&. -.sp -Cette variable est \('ecras\('ee par la variable -\fBENCRYPT_METHOD\fR -ou par toute option de la ligne de commande utilis\('ee pour configurer l\*(Aqalgorithme de chiffrement\&. -.sp -Cette variable est obsol\(`ete\&. Vous devriez utiliser -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (nombre), \fBSHA_CRYPT_MAX_ROUNDS\fR (nombre) -.RS 4 -Quand -\fBENCRYPT_METHOD\fR -est configur\('ee \(`a -\fISHA256\fR -ou -\fISHA512\fR, cela d\('efinit le nombre de rounds de SHA utilis\('es par l\*(Aqalgorithme de chiffrement par d\('efaut (quand le nombre de rounds n\*(Aqest pas pr\('ecis\('e sur la ligne de commande)\&. -.sp -Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe avec une attaque par force brute\&. Veuillez remarquer que plus de ressources processeur seront n\('ecessaires pour authentifier les utilisateurs\&. -.sp -Si non pr\('ecis\('ee, la libc utilisera le nombre de rounds par d\('efaut (5000)\&. -.sp -Les valeurs doivent \(^etre comprises dans l\*(Aqintervalle 1\ \&000\ \&\-\ \&999\ \&999\ \&999\&. -.sp -Si une seule des variables -\fBSHA_CRYPT_MIN_ROUNDS\fR -ou -\fBSHA_CRYPT_MAX_ROUNDS\fR -est configur\('ee, alors cette valeur sera utilis\('ee\&. -.sp -Si -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, la valeur la plus \('elev\('ee sera utilis\('ee\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBnewgrp\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBgrpck\fR(8), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/fr/man1/groups.1 b/man/fr/man1/groups.1 deleted file mode 100644 index 704cb607..00000000 --- a/man/fr/man1/groups.1 +++ /dev/null @@ -1,63 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "GROUPS" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -groups \- Afficher la liste des groupes auxquels appartient l\*(Aqutilisateur -.SH "SYNOPSIS" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIutilisateur\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBgroups\fR -affiche la liste des noms de groupe (ou leur identifiant num\('erique) de l\*(Aqutilisateur courant\&. Si une valeur n\*(Aqa pas d\*(Aqentr\('ee correspondante dans -/etc/group, l\*(Aqidentifiant num\('erique du groupe est affich\('e\&. Le param\(`etre optionnel -\fIutilisateur\fR -permet d\*(Aqafficher la liste des groupes pour cet utilisateur\&. -.SH "NOTE" -.PP -Sur les syst\(`emes qui ne g\(`erent pas l\*(Aqappartenance \(`a plusieurs groupes, seules les informations contenues dans -/etc/group -sont affich\('ees\&. L\*(Aqutilisateur doit utiliser -\fBnewgrp\fR -ou -\fBsg\fR -pour modifier l\*(Aqidentifiant de groupe r\('eel et effectif\&. -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/fr/man1/id.1 b/man/fr/man1/id.1 deleted file mode 100644 index 0ec3a049..00000000 --- a/man/fr/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "ID" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -id \- display current user and group ID names -.SH "SYNOPSIS" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "DESCRIPTION" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/fr/man1/login.1 b/man/fr/man1/login.1 deleted file mode 100644 index 484b3e94..00000000 --- a/man/fr/man1/login.1 +++ /dev/null @@ -1,476 +0,0 @@ -'\" t -.\" Title: login -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "LOGIN" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -login \- D\('emarrer une session sur le syst\(`eme -.SH "SYNOPSIS" -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIh\(^ote\fR] [\fInom_utilisateur\fR] [\fIENV=VAR\fR...] -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIh\(^ote\fR] \-f \fInom_utilisateur\fR -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] \-r\ \fIh\(^ote\fR -.SH "DESCRIPTION" -.PP -Le programme -\fBlogin\fR -permet d\*(Aq\('etablir une nouvelle session sur le syst\(`eme\&. Il est g\('en\('eralement invoqu\('e apr\(`es avoir r\('epondu \(`a l\*(Aqinvite de connexion -\fIlogin:\fR -sur le terminal de l\*(Aqutilisateur\&. -\fBlogin\fR -peut \(^etre sp\('ecifique \(`a l\*(Aqinterpr\('eteur de commandes et ne devrait pas \(^etre invoqu\('e comme un sous\-processus\&. Lorsqu\*(Aqil est appel\('e depuis un interpr\('eteur de commande, -\fBlogin\fR -doit \(^etre ex\('ecut\('e comme -\fB>exec login\fR, ce qui entra\(^ine la sortie de l\*(Aqinterpr\('eteur de commandes en cours (et ainsi emp\(^eche le nouvel utilisateur connect\('e de retourner \(`a la session de l\*(Aqappelant)\&. L\*(Aqex\('ecution de -\fBlogin\fR -depuis un interpr\('eteur de commandes autre qu\*(Aqun interpr\('eteur de commandes initial (\(Fo\ \&login shell\ \&\(Fc) produira un message d\*(Aqerreur\&. -.PP -Un mot de passe est ensuite demand\('e \(`a l\*(Aqutilisateur\&. L\*(Aqaffichage du mot de passe est d\('esactiv\('e pour \('eviter de r\('ev\('eler le mot de passe\&. Seul un petit nombre d\*(Aq\('echecs est permis avant que -\fBlogin\fR -ne quitte et que la liaison ne soit interrompue\&. -.PP -Si une date de fin de validit\('e du mot de passe a \('et\('e d\('efinie pour ce compte, un nouveau mot de passe pourra vous \(^etre demand\('e\&. Votre ancien mot de passe et votre nouveau mot de passe vous seront alors demand\('es avant de pouvoir continuer\&. Veuillez lire la page de manuel -\fBpasswd\fR(1) -pour plus d\*(Aqinformations\&. -.PP -Apr\(`es une connexion r\('eussie, vous serez inform\('e des messages du syst\(`eme et de la pr\('esence de courrier\&. Vous pouvez d\('esactiver l\*(Aqaffichage du message du syst\(`eme (/etc/motd), en cr\('eant un fichier vide -\&.hushlogin -dans le r\('epertoire de votre compte\&. Le message concernant les courriers sera \(Fo\ \&\fIYou have new mail\&.\fR\ \&\(Fc, \(Fo\ \&\fIYou have mail\&.\fR\ \&\(Fc, ou \(Fo\ \&\fINo Mail\&.\fR\ \&\(Fc suivant l\*(Aq\('etat de votre bo\(^ite aux lettres\&. -.PP -Vos identifiants d\*(Aqutilisateur et de groupe seront d\('efinis en fonction des valeurs sp\('ecifi\('ees dans le fichier -/etc/passwd\&. Les valeurs des variables d\*(Aqenvironnement -\fI$HOME\fR, -\fI$SHELL\fR, -\fI$PATH\fR, -\fI$LOGNAME\fR, et -\fI$MAIL\fR -seront d\('efinies en fonction des champs appropri\('es de l\*(Aqentr\('ee qui vous correspond\&. Les valeurs d\*(Aqulimit, d\*(Aqumask et de nice pourront \('egalement \(^etre affect\('ees en fonction des entr\('ees du champ GECOS\&. -.PP -Sur certains syst\(`emes, la variable d\*(Aqenvironnement -\fI$TERM\fR -sera initialis\('ee au type de terminal de votre tty, comme sp\('ecifi\('e dans -/etc/ttytype\&. -.PP -Un script d\*(Aqinitialisation pour votre interpr\('eteur de commandes pourra \('egalement \(^etre ex\('ecut\('e\&. Veuillez vous r\('ef\('erer \(`a la section de manuel appropri\('ee pour plus d\*(Aqinformations sur cette fonctionnalit\('e\&. -.PP -Une connexion \(`a un sous\-syst\(`eme est indiqu\('ee par la pr\('esence d\*(Aqun \(Fo\ \&*\ \&\(Fc comme premier caract\(`ere de l\*(Aqinterpr\('eteur de commandes initial\&. Le r\('epertoire personnel sera utilis\('e comme racine d\*(Aqun nouveau syst\(`eme de fichiers dans lequel l\*(Aqutilisateur sera connect\('e\&. -.PP -Le programme -\fBlogin\fR -n\*(Aqest PAS responsable de la suppression d\*(Aqutilisateurs dans le fichier utmp\&. Les responsables du nettoyage de l\*(Aqappartenance des sessions de terminal sont -\fBgetty\fR(8) -et -\fBinit\fR(8)\&. Si vous utilisez -\fBlogin\fR -depuis un interpr\('eteur de commandes sans -\fBexec\fR, l\*(Aqutilisateur que vous utilisez continuera \(`a appara\(^itre comme \('etant connect\('e m\(^eme apr\(`es s\*(Aq\(^etre d\('econnect\('e de cette \(Fo\ \&sous\-session\ \&\(Fc\&. -.SH "OPTIONS" -.PP -\fB\-f\fR -.RS 4 -Ne pas r\('ealiser d\*(Aqauthentification\&. L\*(Aqutilisateur est pr\('e\-authentifi\('e\&. -.sp -Remarque\ \&: Dans ce cas, -\fIusername\fR -est n\('ecessaire\&. -.RE -.PP -\fB\-h\fR -.RS 4 -Nom de l\*(Aqh\(^ote distant pour cette connexion\&. -.RE -.PP -\fB\-p\fR -.RS 4 -Pr\('eserver l\*(Aqenvironnement\&. -.RE -.PP -\fB\-r\fR -.RS 4 -Ex\('ecuter le protocole de connexion automatique (autologin) pour rlogin\&. -.RE -.PP -Les options -\fB\-r\fR, -\fB\-h\fR -et -\fB\-f\fR -ne peuvent \(^etre utilis\('ees que par root\&. -.SH "AVERTISSEMENTS" -.PP -Cette version de -\fBlogin\fR -comporte de nombreuses options de compilation\&. Seules certaines d\*(Aqentre elles peuvent avoir \('et\('e activ\('ees sur votre site\&. -.PP -L\*(Aqemplacement des fichiers peut varier suivant la configuration du syst\(`eme\&. -.PP -Le programme -\fBlogin\fR -n\*(Aqest PAS responsable de la suppression d\*(Aqutilisateurs dans le fichier utmp\&. Les responsables du nettoyage de l\*(Aqappartenance des sessions de terminal sont -\fBgetty\fR(8) -et -\fBinit\fR(8)\&. Si vous utilisez -\fBlogin\fR -depuis un interpr\('eteur de commandes sans -\fBexec\fR, l\*(Aqutilisateur que vous utilisez continuera \(`a appara\(^itre comme \('etant connect\('e m\(^eme apr\(`es s\*(Aq\(^etre d\('econnect\('e de cette \(Fo\ \&sous\-session\ \&\(Fc\&. -.PP -Comme pour n\*(Aqimporte quel programme, l\*(Aqapparence de -\fBlogin\fR -peut \(^etre imit\('ee\&. Si des utilisateurs non s\(^urs ont un acc\(`es physique \(`a la machine, un attaquant pourrait utiliser cet acc\(`es pour obtenir le mot de passe de la personne qui s\*(Aqassi\('erait ensuite face \(`a l\*(Aq\('ecran\&. Sous Linux, le m\('ecanisme SAK peut \(^etre utilis\('e par les utilisateurs pour initier un chemin de confiance et pr\('evenir ce genre d\*(Aqattaques\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBCONSOLE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, soit un chemin complet du fichier contenant les noms de p\('eriph\('eriques (un par ligne), soit une liste de noms du p\('eriph\('erique d\('elimit\('ee par des \(Fo\ \&:\ \&\(Fc\&. Les connexions d\*(Aqun administrateur ne seront autoris\('ees que depuis ces p\('eriph\('eriques\&. -.sp -S\*(Aqil n\*(Aqest pas d\('efini, root pourra se connecter depuis n\*(Aqimporte quel p\('eriph\('erique\&. -.sp -Le p\('eriph\('erique doit \(^etre pr\('ecis\('e sans le pr\('efixe /dev/\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (cha\(^ine de caract\(`eres) -.RS 4 -Une liste de groupes \(`a rajouter aux groupes suppl\('ementaires de l\*(Aqutilisateur lors d\*(Aqune connexion sur une console (d\('etermin\('e par le param\(`etre CONSOLE)\&. Par d\('efaut, aucun groupe n\*(Aqest ajout\('e\&. - -\(`A utiliser avec pr\('ecaution\ \&: il est possible que les utilisateurs aient un acc\(`es permanent \(`a ces groupes, et cela m\(^eme s\*(Aqils ne sont pas connect\('es sur la console\&. -.RE -.PP -\fBDEFAULT_HOME\fR (bool\('een) -.RS 4 -Indiquer si la connexion est permise si on ne peut pas acc\('eder au r\('epertoire personnel\&. Le r\('eglage par d\('efaut est \(Fo\ \&no\ \&\(Fc\&. -.sp -Si elle est configur\('ee \(`a -\fIyes\fR, l\*(Aqutilisateur va se connecter dans le r\('epertoire racine (/) s\*(Aqil n\*(Aqest pas possible d\*(Aqacc\('eder \(`a son r\('epertoire personnel\&. -.RE -.PP -\fBENV_HZ\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement HZ lorsqu\*(Aqun utilisateur se connecte\&. La valeur doit \(^etre pr\('ec\('ed\('ee par -\fIHZ=\fR\&. Une valeur commune sur Linux est -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement PATH quand un utilisateur ordinaire se connecte\&. La valeur est une liste de chemins s\('epar\('es par des deux points (par exemple -\fI/bin:/usr/bin\fR) et peut \(^etre pr\('ec\('ed\('ee par -\fIPATH=\fR\&. La valeur par d\('efaut est -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement PATH quand le super\-utilisateur se connecte\&. La valeur est une liste de chemins s\('epar\('es par deux points (par exemple -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) et peut \(^etre pr\('ec\('ed\('ee par -\fIPATH=\fR\&. La valeur par d\('efaut est -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement TZ quand un utilisateur se connecte\&. La valeur peut \(^etre le nom d\*(Aqun fuseau horaire pr\('ec\('ed\('e par -\fITZ=\fR -(par exemple -\fITZ=CST6CDT\fR), ou le chemin complet vers le fichier contenant la sp\('ecification du fuseau horaire (par exemple -/etc/tzname)\&. -.sp -Si un chemin complet est sp\('ecifi\('e mais que le fichier n\*(Aqexiste pas ou ne peut pas \(^etre lu, la valeur par d\('efaut utilis\('ee est -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si ce fichier existe et est lisible, l\*(Aqenvironnement de connexion sera lu \(`a\ \& partir de lui\&. Chaque ligne doit \(^etre sous la forme nom=valeur\&. -.sp -Les lignes commen\(,cant par un \(Fo\ \&#\ \&\(Fc sont consid\('er\('ees comme des commentaires, et sont ignor\('ees\&. -.RE -.PP -\fBERASECHAR\fR (nombre) -.RS 4 -Le caract\(`ere ERASE du terminal (\fI010\fR -= backspace, -\fI0177\fR -= DEL)\&. -.sp -La valeur peut \(^etre pr\('efix\('ee par \(Fo\ \&0\ \&\(Fc pour une valeur octale, ou \(Fo\ \&0x\ \&\(Fc pour une valeur hexad\('ecimale\&. -.RE -.PP -\fBFAIL_DELAY\fR (nombre) -.RS 4 -Le d\('elai en secondes avant qu\*(Aqun nouvel essai soit permis apr\(`es un \('echec de connexion\&. -.RE -.PP -\fBFAILLOG_ENAB\fR (bool\('een) -.RS 4 -Activer l\*(Aqenregistrement et l\*(Aqaffichage des informations d\*(Aq\('echec de connexion de -/var/log/faillog -.RE -.PP -\fBFAKE_SHELL\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, -\fBlogin\fR -ex\('ecutera cet interpr\('eteur de commandes au lieu de l\*(Aqinterpr\('eteur de l\*(Aqutilisateur sp\('ecifi\('e dans -/etc/passwd\&. -.RE -.PP -\fBFTMP_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, les \('echecs de connexion seront enregistr\('es dans le fichier sous le format utmp -.RE -.PP -\fBHUSHLOGIN_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, le fichier peut d\('esactiver tous les affichages habituels durant la s\('equence de connexion\&. Si un nom de chemin complet est sp\('ecifi\('e, alors le mode taiseux sera activ\('e si le nom ou l\*(Aqinterpr\('eteur de commandes de l\*(Aqutilisateur sont trouv\('es dans le fichier\&. Si ce n\*(Aqest pas un nom de chemin complet, alors le mode taiseux sera activ\('e si le fichier existe dans le r\('epertoire personnel de l\*(Aqutilisateur\&. -.RE -.PP -\fBISSUE_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, le fichier sera affich\('e avant chaque invite de connexion\&. -.RE -.PP -\fBKILLCHAR\fR (nombre) -.RS 4 -Le caract\(`ere KILL du terminal (\fI025\fR -= CTRL/U)\&. -.sp -La valeur peut \(^etre pr\('efix\('ee par \(Fo\ \&0\ \&\(Fc pour une valeur octale, ou \(Fo\ \&0x\ \&\(Fc pour une valeur hexad\('ecimale\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (bool\('een) -.RS 4 -Activer la journalisation et l\*(Aqaffichage des informations de derni\(`ere connexion de /var/log/lastlog\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (nombre) -.RS 4 -Le nombre maximum de tentatives de connexion en cas de mauvais mot de passe\&. -.RE -.PP -\fBLOGIN_STRING\fR (cha\(^ine de caract\(`eres) -.RS 4 -La cha\(^ine de caract\(`eres utilis\('ee pour l\*(Aqinvite de mot de passe\&. La valeur par d\('efaut est d\*(Aqutiliser "Password: " (\(Fo\ \&mot de passe\ \&:\ \&\(Fc), ou une traduction de cette cha\(^ine\&. Si vous d\('efinissez cette variable, l\*(Aqinvite ne sera pas traduite\&. -.sp -Si la cha\(^ine contient -\fI%s\fR, ces caract\(`eres seront remplac\('es par le nom de l\*(Aqutilisateur\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (nombre) -.RS 4 -Le temps maximum en secondes pour la connexion\&. -.RE -.PP -\fBLOG_OK_LOGINS\fR (bool\('een) -.RS 4 -Activer la journalisation des connexions r\('eussies\&. -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (bool\('een) -.RS 4 -Activer l\*(Aqaffichage des noms d\*(Aqutilisateurs inconnus quand les \('echecs de connexions sont enregistr\('es\&. -.sp -Remarque\ \&: la journalisation des noms d\*(Aqutilisateurs inconnus peut \(^etre un probl\(`eme de s\('ecurit\('e si un utilisateur entre son mot de passe au lieu de son nom d\*(Aqutilisateur\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (bool\('een) -.RS 4 -Activer le contr\(^ole et l\*(Aqaffichage du statut de la bo\(^ite aux lettres durant la connexion\&. -.sp -Vous devriez le d\('esactiver si les fichiers de d\('emarrage de l\*(Aqinterpr\('eteur de commandes v\('erifient d\('ej\(`a la pr\('esence de courriers (\(Fo\ \&mail \-e\ \&\(Fc ou \('equivalent)\&. -.RE -.PP -\fBMAIL_DIR\fR (cha\(^ine de caract\(`eres) -.RS 4 -R\('epertoire d\*(Aqattente des courriels (\(Fo\ \&mail spool directory\ \&\(Fc)\&. Ce param\(`etre est n\('ecessaire pour manipuler les bo\(^ites \(`a lettres lorsque le compte d\*(Aqun utilisateur est modifi\('e ou supprim\('e\&. S\*(Aqil n\*(Aqest pas sp\('ecifi\('e, une valeur par d\('efaut d\('efinie \(`a la compilation est utilis\('ee\&. -.RE -.PP -\fBMAIL_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir l\*(Aqemplacement des bo\(^ites aux lettres des utilisateurs relativement \(`a leur r\('epertoire personnel\&. -.RE -.PP -Les param\(`etres -\fBMAIL_DIR\fR -et -\fBMAIL_FILE\fR -sont utilis\('es par -\fBuseradd\fR, -\fBusermod\fR -et -\fBuserdel\fR -pour cr\('eer, d\('eplacer ou supprimer les bo\(^ites aux lettres des utilisateurs\&. -.PP -Si -\fBMAIL_CHECK_ENAB\fR -est r\('egl\('e sur -\fIyes\fR, ces variables servent \('egalement \(`a d\('efinir la variable d\*(Aqenvironnement -\fBMAIL\fR\&. -.PP -\fBMOTD_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, liste d\('elimit\('ee par des \(Fo\ \&:\ \&\(Fc de fichiers de \(Fo\ \&message du jour\ \&\(Fc \(`a afficher lors de la connexion\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, nom de fichier dont la pr\('esence emp\(^echera les connexions de quelqu\*(Aqun d\*(Aqautre que le superutilisateur\&. Le contenu de ces fichiers doit \(^etre un message indiquant pourquoi les connexions sont d\('esactiv\('ees\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (bool\('een) -.RS 4 -Activer la v\('erification des restrictions de temps pr\('ecis\('ees dans -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (bool\('een) -.RS 4 -Activer la mise en place de limites de resources depuis -/etc/limits -et ulimit, umask et niveau nice depuis les champs gecos de passwd\&. -.RE -.PP -\fBTTYGROUP\fR (cha\(^ine de caract\(`eres), \fBTTYPERM\fR (cha\(^ine de caract\(`eres) -.RS 4 -Les permissions de terminal\ \&: la connexion tty appartiendra au groupe -\fBTTYGROUP\fR -et les permissions seront configur\('ees \(`a -\fBTTYPERM\fR\&. -.sp -Par d\('efaut, le propri\('etaire du terminal est configur\('e au groupe primaire de l\*(Aqutilisateur et les permissions sont configur\('ees \(`a -\fI0600\fR\&. -.sp -\fBTTYGROUP\fR -peut \(^etre le nom d\*(Aqun groupe ou un identifiant num\('erique de groupe\&. -.sp -Si vous avez un programme -\fBwrite\fR -qui est \(Fo\ \&setgid\ \&\(Fc \(`a un groupe sp\('ecial auquel les terminaux appartiennent, d\('efinissez TTYGROUP comme l\*(Aqidentifiant num\('erique du groupe et TTYPERM \(`a 0620\&. Autrement laissez TTYGROUP d\('ecomment\('e et TTYPERM configur\('e soit \(`a 622 soit \(`a 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, fichier qui lie les lignes de tty \(`a la variable d\*(Aqenvironnement TERM\&. Chaque ligne du fichier est dans un format ressemblant \(`a \(Fo\ \&vt100 tty01\ \&\(Fc\&. -.RE -.PP -\fBULIMIT\fR (nombre) -.RS 4 -Valeur par d\('efaut d\*(Aq\fBulimit\fR\&. -.RE -.PP -\fBUMASK\fR (nombre) -.RS 4 -Valeur d\*(Aqinitialisation du masque de permissions\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, le masque des permissions sera initialis\('e \(`a 022\&. -.sp -\fBuseradd\fR -et -\fBnewusers\fR -utilisent ce masque pour d\('efinir les permissions d\*(Aqacc\(`es des r\('epertoires personnels qu\*(Aqils cr\('eent\&. -.sp -Il est \('egalement utilis\('e par -\fBlogin\fR -pour d\('efinir l\*(Aqumask initial de l\*(Aqutilisateur\&. Veuillez noter que cet umask peut \(^etre red\('efini par les GECOS de l\*(Aqutilisateur (si -\fBQUOTAS_ENAB\fR -est activ\('e) ou en pr\('ecisant une limite avec l\*(Aqidentifiant -\fIK\fR -dans -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (bool\('een) -.RS 4 -Activer la mise en place de bits de masque de groupe (\(Fo\ \&umask group bits\ \&\(Fc) identiques \(`a ceux du propri\('etaire (exemple\ \&: 022 \-> 002, 077 \-> 007) pour les utilisateurs non privil\('egi\('es, si l\*(AqUID est identique au GID et que l\*(Aqidentifiant de connexion est identique au groupe principal\&. -.sp -Si cette variable est configur\('ee \(`a -\fIyes\fR, -\fBuserdel\fR -supprimera le groupe de l\*(Aqutilisateur s\*(Aqil ne contient pas d\*(Aqautres membres, et -\fBuseradd\fR -cr\('eera par d\('efaut un groupe portant le nom de l\*(Aqutilisateur\&. -.RE -.SH "FICHIERS" -.PP -/var/run/utmp -.RS 4 -Liste des sessions de connexion en cours\&. -.RE -.PP -/var/log/wtmp -.RS 4 -Liste des sessions de connexion pr\('ec\('edentes\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/motd -.RS 4 -Fichier contenant le message du syst\(`eme\&. -.RE -.PP -/etc/nologin -.RS 4 -Emp\(^echer les utilisateurs non\-root de se connecter\&. -.RE -.PP -/etc/ttytype -.RS 4 -Liste des types de terminaux\&. -.RE -.PP -$HOME/\&.hushlogin -.RS 4 -Supprimer l\*(Aqaffichage des messages du syst\(`eme\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBmail\fR(1), -\fBpasswd\fR(1), -\fBsh\fR(1), -\fBsu\fR(1), -\fBlogin.defs\fR(5), -\fBnologin\fR(5), -\fBpasswd\fR(5), -\fBsecuretty\fR(5), -\fBgetty\fR(8)\&. diff --git a/man/fr/man1/newgidmap.1 b/man/fr/man1/newgidmap.1 deleted file mode 100644 index 6d14852e..00000000 --- a/man/fr/man1/newgidmap.1 +++ /dev/null @@ -1,95 +0,0 @@ -'\" t -.\" Title: newgidmap -.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "NEWGIDMAP" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -newgidmap \- set the gid mapping of a user namespace -.SH "SYNOPSIS" -.HP \w'\fBnewgidmap\fR\ 'u -\fBnewgidmap\fR \fIpid\fR \fIgid\fR \fIlowergid\fR \fIcount\fR [\fIpid\fR\ \fIgid\fR\ \fIlowergid\fR\ \fIcount\fR\ [\ \fI\&.\&.\&.\fR\ ]] -.SH "DESCRIPTION" -.PP -The -\fBnewgidmap\fR -sets -/proc/[pid]/gid_map -based on it\*(Aqs command line arguments and the gids allowed in -/etc/subgid\&. -.PP -After the pid argument, -\fBnewgidmap\fR -expects sets of 3 integers: -.PP -gid -.RS 4 -Begining of the range of GIDs inside the user namespace\&. -.RE -.PP -lowergid -.RS 4 -Begining of the range of GIDs outside the user namespace\&. -.RE -.PP -count -.RS 4 -Length of the ranges (both inside and outside the user namespace)\&. -.RE -.PP -\fBnewgidmap\fR -verifies that the caller is the owner of the process indicated by -\fBpid\fR -and that for each of the above sets, each of the GIDs in the range [lowergid, lowergid+count] is allowed to the caller according to -/etc/subgid -before setting -/proc/[pid]/gid_map\&. -.PP -Note that newgidmap may be used only once for a given process\&. -.SH "OPTIONS" -.PP -There currently are no options to the -\fBnewgidmap\fR -command\&. -.SH "FICHIERS" -.PP -/etc/subgid -.RS 4 -List of users subordinate group IDs\&. -.RE -.PP -/proc/[pid]/gid_map -.RS 4 -Mapping of gids from one between user namespaces\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubgid\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/fr/man1/newgrp.1 b/man/fr/man1/newgrp.1 deleted file mode 100644 index 1e873bf6..00000000 --- a/man/fr/man1/newgrp.1 +++ /dev/null @@ -1,96 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "NEWGRP" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -newgrp \- se connecter avec un nouveau groupe -.SH "SYNOPSIS" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIgroupe\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBnewgrp\fR -permet de changer l\*(Aqidentifiant de groupe de l\*(Aqutilisateur au cours d\*(Aqune session\&. Si l\*(Aqoption -\fB\-\fR -est fournie, l\*(Aqenvironnement de l\*(Aqutilisateur est r\('einitialis\('e, comme si l\*(Aqutilisateur venait de se connecter\&. Sinon, l\*(Aqenvironnement actuel, y compris le r\('epertoire de travail actuel est conserv\('e\&. -.PP -\fBnewgrp\fR -change l\*(Aqidentifiant de groupe r\('eel actuel \(`a la valeur du groupe indiqu\('e, ou au groupe par d\('efaut d\('efini dans -/etc/passwd -si aucun nom de groupe n\*(Aqest fourni\&. -\fBnewgrp\fR -essaiera \('egalement d\*(Aqajouter le groupe \(`a l\*(Aqensemble des groupes de l\*(Aqutilisateur\&. Si l\*(Aqutilisateur n\*(Aqest pas superutilisateur, un mot de passe lui sera demand\('e s\*(Aqil n\*(Aqutilise pas de mot de passe (dans -/etc/shadow, si cet utilisateur a une entr\('ee dans le fichier des mots de passe cach\('es, ou dans -/etc/passwd -sinon), mais que le groupe en a un, ou si l\*(Aqutilisateur n\*(Aqest pas dans la liste des membres de ce groupe et que ce groupe utilise un mot de passe\&. L\*(Aqacc\(`es sera refus\('e si le mot de passe du groupe est vide et que l\*(Aqutilisateur ne fait pas partie de ses membres\&. -.PP -S\*(Aqil y a une entr\('ee pour ce groupe dans -/etc/gshadow, alors la liste des membres et le mot de passe de ce groupe seront pris dans ce fichier, sinon, l\*(Aqentr\('ee du fichier -/etc/group -est utilis\('ee\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBSYSLOG_SG_ENAB\fR (bool\('een) -.RS 4 -Activer la journalisation \(Fo\ \&syslog\ \&\(Fc de l\*(Aqactivit\('e de -\fBsg\fR\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/fr/man1/newuidmap.1 b/man/fr/man1/newuidmap.1 deleted file mode 100644 index 7e3789c1..00000000 --- a/man/fr/man1/newuidmap.1 +++ /dev/null @@ -1,95 +0,0 @@ -'\" t -.\" Title: newuidmap -.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "NEWUIDMAP" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -newuidmap \- set the uid mapping of a user namespace -.SH "SYNOPSIS" -.HP \w'\fBnewuidmap\fR\ 'u -\fBnewuidmap\fR \fIpid\fR \fIuid\fR \fIloweruid\fR \fIcount\fR [\fIuid\fR\ \fIloweruid\fR\ \fIcount\fR\ [\ \fI\&.\&.\&.\fR\ ]] -.SH "DESCRIPTION" -.PP -The -\fBnewuidmap\fR -sets -/proc/[pid]/uid_map -based on it\*(Aqs command line arguments and the uids allowed in -/etc/subuid\&. -.PP -After the pid argument, -\fBnewuidmap\fR -expects sets of 3 integers: -.PP -uid -.RS 4 -Begining of the range of UIDs inside the user namespace\&. -.RE -.PP -loweruid -.RS 4 -Begining of the range of UIDs outside the user namespace\&. -.RE -.PP -count -.RS 4 -Length of the ranges (both inside and outside the user namespace)\&. -.RE -.PP -\fBnewuidmap\fR -verifies that the caller is the owner of the process indicated by -\fBpid\fR -and that for each of the above sets, each of the UIDs in the range [loweruid, loweruid+count] is allowed to the caller according to -/etc/subuid -before setting -/proc/[pid]/uid_map\&. -.PP -Note that newuidmap may be used only once for a given process\&. -.SH "OPTIONS" -.PP -There currently are no options to the -\fBnewuidmap\fR -command\&. -.SH "FICHIERS" -.PP -/etc/subuid -.RS 4 -List of users subordinate user IDs\&. -.RE -.PP -/proc/[pid]/uid_map -.RS 4 -Mapping of uids from one between user namespaces\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubuid\fR(5), -\fBuseradd\fR(8), -\fBusermod\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/fr/man1/passwd.1 b/man/fr/man1/passwd.1 deleted file mode 100644 index e58b1a5a..00000000 --- a/man/fr/man1/passwd.1 +++ /dev/null @@ -1,355 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "PASSWD" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -passwd \- Modifier le mot de passe d\*(Aqun utilisateur -.SH "SYNOPSIS" -.HP \w'\fBpasswd\fR\ 'u -\fBpasswd\fR [\fIoptions\fR] [\fILOGIN\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBpasswd\fR -modifie les mots de passe des comptes d\*(Aqutilisateurs\&. Un utilisateur normal ne peut changer que son propre mot de passe, alors que le superutilisateur peut changer le mot de passe associ\('e \(`a n\*(Aqimporte quel compte\&. -\fBpasswd\fR -modifie \('egalement les dates de fin de validit\('e du compte ou du mot de passe associ\('e\&. -.SS "Modifications du mot de passe" -.PP -Dans un premier temps, l\*(Aqutilisateur doit fournir son ancien mot de passe, s\*(Aqil en avait un\&. Ce mot de passe est ensuite chiffr\('e puis compar\('e avec le mot de passe enregistr\('e\&. L\*(Aqutilisateur n\*(Aqa droit qu\*(Aq\(`a un seul essai pour entrer le mot de passe correct\&. Le superutilisateur peut contourner cette premi\(`ere \('etape de mani\(`ere \(`a changer les mots de passe ayant \('et\('e oubli\('es\&. -.PP -Une fois que le mot de passe a \('et\('e entr\('e, les informations de limite de validit\('e du mot de passe sont v\('erifi\('ees pour s\*(Aqassurer que l\*(Aqutilisateur est autoris\('e \(`a modifier son mot de passe \(`a cet instant\&. Dans le cas contraire, -\fBpasswd\fR -refuse de changer le mot de passe, et quitte\&. -.PP -Le nouveau mot de passe sera demand\('e deux fois \(`a l\*(Aqutilisateur\&. Le second mot de passe est compar\('e avec le premier\&. Ces deux mots de passe devront \(^etre identiques pour que le mot de passe soit chang\('e\&. -.PP -La complexit\('e de ce mot de passe est alors test\('ee\&. Comme ligne de conduite g\('en\('erale, un mot de passe doit toujours \(^etre constitu\('e de 6 \(`a 8 caract\(`eres en en choisissant un ou plus parmi chacun des ensembles suivants\ \&: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -caract\(`eres alphab\('etiques minuscules -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -chiffres de 0 \(`a 9 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -marques de ponctuation -.RE -.PP -Il faudra faire attention \(`a ne pas utiliser les caract\(`eres de suppression ou d\*(Aqeffacement\&. -\fBpasswd\fR -rejettera tout mot de passe dont la complexit\('e ne sera pas suffisante\&. -.SS "Astuces pour les mots de passe" -.PP -La s\('ecurit\('e d\*(Aqun mot de passe repose sur la force de l\*(Aqalgorithme de chiffrement et sur la taille de l\*(Aqespace de cl\('es utilis\('e\&. La m\('ethode de chiffrement des syst\(`emes -\fIUNIX\fR -est bas\('ee sur l\*(Aqalgorithme NBS\ \&DES\&. Des m\('ethodes plus r\('ecentes sont maintenant recommand\('ees (voir -\fBENCRYPT_METHOD\fR)\&. La taille de l\*(Aqespace de cl\('es d\('epend de l\*(Aqal\('ea du mot de passe utilis\('e\&. -.PP -Les compromissions de la s\('ecurit\('e des mots de passe r\('esultent le plus souvent d\*(Aqune n\('egligence dans le choix du mot de passe, ou lors de son utilisation\&. Pour cette raison, vous ne devez pas s\('electionner de mot de passe apparaissant dans un dictionnaire ou devant \(^etre \('ecrit\&. Le mot de passe ne doit pas non plus \(^etre un nom propre, un num\('ero min\('eralogique, une date de naissance, ou une adresse\&. En effet ceux\-ci pourraient \(^etre devin\('es pour violer la s\('ecurit\('e du syst\(`eme\&. -.PP -Vous pouvez trouver des conseils sur la fa\(,con choisir un mot de passe robuste sur http://en\&.wikipedia\&.org/wiki/Password_strength (en anglais)\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBpasswd\fR -sont\ \&: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Cette option ne peut \(^etre utilis\('ee qu\*(Aqavec -\fB\-S\fR -et permet d\*(Aqafficher l\*(Aq\('etat des mots de passe pour tous les utilisateurs\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR -.RS 4 -Supprimer le mot de passe (le rendre vide) d\*(Aqun utilisateur\&. C\*(Aqest une fa\(,con rapide de supprimer l\*(Aqauthentification par mot de passe pour un compte\&. Il rend le compte indiqu\('e sans mot de passe\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expire\fR -.RS 4 -Annuler imm\('ediatement la validit\('e du mot de passe d\*(Aqun compte\&. Ceci permet d\*(Aqobliger un utilisateur \(`a changer son mot de passe lors de sa prochaine connexion\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -Cette option permet de d\('esactiver un compte quelques temps apr\(`es expiration de son mot de passe\&. -\fIDUR\('EE_INACTIVIT\('E\fR -jours apr\(`es expiration de son mot de passe, l\*(Aqutilisateur ne pourra plus se connecter avec ce compte\&. -.RE -.PP -\fB\-k\fR, \fB\-\-keep\-tokens\fR -.RS 4 -Indiquer que la modification de mot de passe ne sera effectu\('ee que lors de l\*(Aqexpiration des jetons d\*(Aqauthentification (mots de passe)\&. C\*(Aqest utile dans le cas o\(`u l\*(Aqutilisateur voudrait conserver ses jetons d\*(Aqauthentification encore valables\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\fR -.RS 4 -Verrouiller le mot de passe du compte indiqu\('e\&. Cette option d\('esactive un mot de passe en le modifiant par une valeur qui ne correspond pas \(`a un mot de passe chiffr\('e possible (cela ajoute un \(Fo\ \&!\ \&\(Fc au d\('ebut du mot de passe)\&. -.sp -Veuillez noter que cela ne d\('esactive pas le compte\&. L\*(Aqutilisateur peut toujours se connecter en utilisant une autre m\('ethode d\*(Aqauthentification (par exemple une cl\('e SSH)\&. Pour d\('esactiver un compte, les administrateurs devraient utiliser -\fBusermod \-\-expiredate 1\fR -(cela d\('efinit la date d\*(Aqexpiration du compte au 2\ \&janvier\ \&1970)\&. -.sp -Les utilisateurs avec un mot de passe verrouill\('e ne sont pas autoris\('es \(`a le changer\&. -.RE -.PP -\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR -.RS 4 -D\('efinir le nombre minimum de jours entre chaque changement de mot de passe \(`a -\fIMIN_DAYS\fR\&. Une valeur de z\('ero pour ce champ indique que l\*(Aqutilisateur peut changer son mot de passe quand il le souhaite\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Mode silencieux\&. -.RE -.PP -\fB\-r\fR, \fB\-\-repository\fR\ \&\fIREPOSITORY\fR -.RS 4 -Modifier le mot de passe dans la base -\fIREPOSITORY\fR -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-S\fR, \fB\-\-status\fR -.RS 4 -Afficher l\*(Aq\('etat d\*(Aqun compte\&. Cet \('etat est constitu\('e de 7 champs\&. Le premier champ est le nom du compte\&. Le second champ indique si le mot de passe est bloqu\('e (L), n\*(Aqa pas de mot de passe (NP) ou a un mot de passe utilisable (P)\&. Le troisi\(`eme champ donne la date de derni\(`ere modification du mot de passe\&. Les quatre champs suivants sont\ \&: la dur\('ee minimum avant modification, la dur\('ee maximum de validit\('e, la dur\('ee d\*(Aqavertissement, et la dur\('ee d\*(Aqinactivit\('e autoris\('ee pour le mot de passe\&. Les dur\('ees sont exprim\('ees en jours\&. -.RE -.PP -\fB\-u\fR, \fB\-\-unlock\fR -.RS 4 -D\('everrouiller le mot de passe du compte indiqu\('e\&. Cette option r\('eactive un mot de passe en remettant le mot de passe \(`a sa valeur pr\('ec\('edente (la valeur pr\('esente avant l\*(Aqutilisation de l\*(Aqoption -\fB\-l\fR)\&. -.RE -.PP -\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR -.RS 4 -Configurer le nombre de jours d\*(Aqavertissement avant que le changement de mot de passe ne soit obligatoire\&. La valeur -\fIDUR\('EE_AVERTISSEMENT\fR -est le nombre de jours pr\('ec\('edant la fin de validit\('e pendant lesquels un utilisateur sera pr\('evenu que son mot de passe est sur le point d\*(Aqarriver en fin de validit\('e\&. -.RE -.PP -\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR -.RS 4 -Configurer le nombre maximum de jours pendant lesquels un mot de passe reste valable\&. Apr\(`es -\fIJOURS_MAX\fR, le mot de passe devra \(^etre modifi\('e\&. -.RE -.SH "AVERTISSEMENTS" -.PP -La v\('erification de la complexit\('e des mots de passe peut varier d\*(Aqun site \(`a l\*(Aqautre\&. Il est vivement conseill\('e aux utilisateurs de choisir un mot de passe aussi complexe que possible dans la limite de ce qu\*(Aqil est capable de m\('emoriser\&. -.PP -Il se peut que les utilisateurs ne puissent pas changer leur mot de passe sur un syst\(`eme si NIS est activ\('e et qu\*(Aqils ne sont pas connect\('es au serveur NIS\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBENCRYPT_METHOD\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir les algorithmes de chiffrement par d\('efaut du syst\(`eme pour coder les mots de passes (si aucun algorithme n\*(Aqa \('et\('e indiqu\('e sur la ligne de commandes)\&. -.sp -Les valeurs suivantes sont accept\('ees\ \&: -\fIDES\fR -(par d\('efaut), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Remarque\ \&: ce param\(`etre remplace la variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (bool\('een) -.RS 4 -Indiquer si un mot de passe doit \(^etre chiffr\('e en utilisant l\*(Aqalgorithme bas\('e sur MD5\&. Si configur\('ee \(`a -\fIyes\fR, les nouveaux mots de passe seront chiffr\('es en utilisant l\*(Aqalgorithme bas\('e sur MD5 compatible avec celui utilis\('e par les versions r\('ecentes de FreeBSD\&. Il g\(`ere des mots de passe de longueur illimit\('ee et des cha\(^ines de salage plus longues\&. Configurez\-la \(`a -\fIno\fR -pour copier les mots de passe chiffr\('es sur d\*(Aqautres syst\(`emes qui ne comprennent pas le nouvel algorithme\&. la valeur par d\('efaut est -\fIno\fR\&. -.sp -Cette variable est \('ecras\('ee par la variable -\fBENCRYPT_METHOD\fR -ou par toute option de la ligne de commande utilis\('ee pour configurer l\*(Aqalgorithme de chiffrement\&. -.sp -Cette variable est obsol\(`ete\&. Vous devriez utiliser -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (bool\('een) -.RS 4 -Activer des v\('erifications suppl\('ementaires lors des changements de mot de passe\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (bool\('een) -.RS 4 -Avertir en cas de mots de passe faibles (mais les accepte quand m\(^eme) si vous \(^etes superutilisateur\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (nombre) -.RS 4 -Nombre maximum d\*(Aqessais pour changer de mot de passe si refus\('e (trop facile)\&. -.RE -.PP -\fBPASS_MAX_LEN\fR (nombre), \fBPASS_MIN_LEN\fR (nombre) -.RS 4 -Nombre de caract\(`eres significatifs dans le mot de passe pour crypt()\&. La valeur par d\('efaut de -\fBPASS_MAX_LEN\fR -est 8\&. Ne la changez pas \(`a moins que votre crypt() ne soit meilleur\&. Ceci est ignor\('e si -\fBMD5_CRYPT_ENAB\fR -est configur\('ee \(`a -\fIyes\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (nombre), \fBSHA_CRYPT_MAX_ROUNDS\fR (nombre) -.RS 4 -Quand -\fBENCRYPT_METHOD\fR -est configur\('ee \(`a -\fISHA256\fR -ou -\fISHA512\fR, cela d\('efinit le nombre de rounds de SHA utilis\('es par l\*(Aqalgorithme de chiffrement par d\('efaut (quand le nombre de rounds n\*(Aqest pas pr\('ecis\('e sur la ligne de commande)\&. -.sp -Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe avec une attaque par force brute\&. Veuillez remarquer que plus de ressources processeur seront n\('ecessaires pour authentifier les utilisateurs\&. -.sp -Si non pr\('ecis\('ee, la libc utilisera le nombre de rounds par d\('efaut (5000)\&. -.sp -Les valeurs doivent \(^etre comprises dans l\*(Aqintervalle 1\ \&000\ \&\-\ \&999\ \&999\ \&999\&. -.sp -Si une seule des variables -\fBSHA_CRYPT_MIN_ROUNDS\fR -ou -\fBSHA_CRYPT_MAX_ROUNDS\fR -est configur\('ee, alors cette valeur sera utilis\('ee\&. -.sp -Si -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, la valeur la plus \('elev\('ee sera utilis\('ee\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBpasswd\fR -retourne les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI1\fR -.RS 4 -permission refus\('ee -.RE -.PP -\fI2\fR -.RS 4 -combinaison d\*(Aqoptions non valable -.RE -.PP -\fI3\fR -.RS 4 -\('echec inattendu, rien n\*(Aqa \('et\('e fait -.RE -.PP -\fI4\fR -.RS 4 -\('echec inattendu, le fichier -passwd -est manquant -.RE -.PP -\fI5\fR -.RS 4 -fichier -passwd -en cours d\*(Aqutilisation, veuillez r\('eessayer plus tard -.RE -.PP -\fI6\fR -.RS 4 -param\(`etre non valable pour l\*(Aqoption -.RE -.SH "VOIR AUSSI" -.PP -\fBchpasswd\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBlogin.defs\fR(5),\fBusermod\fR(8)\&. diff --git a/man/fr/man1/sg.1 b/man/fr/man1/sg.1 deleted file mode 100644 index add37f66..00000000 --- a/man/fr/man1/sg.1 +++ /dev/null @@ -1,92 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "SG" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -sg \- ex\('ecuter une commande avec un autre identifiant de groupe -.SH "SYNOPSIS" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [groupe\ [\-c]\ commande] -.SH "DESCRIPTION" -.PP -La commande -\fBsg\fR -fonctionne de la m\(^eme mani\(`ere que -\fBnewgrp\fR, mais prend une commande comme param\(`etre\&. Cette commande sera ex\('ecut\('ee avec un interpr\('eteur de commandes -/bin/sh\&. Avec la plupart des interpr\('eteurs de commandes permettant d\*(Aqex\('ecuter -\fBsg\fR, si la commande comporte plusieurs mots, il faut la placer entre des guillemets (\(Fo\ \&"\ \&\(Fc)\&. Une autre diff\('erence entre -\fBnewgrp\fR -et -\fBsg\fR -est que certains interpr\('eteurs de commandes traitent -\fBnewgrp\fR -de fa\(,con particuli\(`ere, en se rempla\(,cant eux\-m\(^emes par une nouvelle instance d\*(Aqun interpr\('eteur que -\fBnewgrp\fR -cr\('ee\&. Ceci n\*(Aqest pas le cas de -\fBsg\fR, ce qui permet de retrouver le groupe pr\('ec\('edent \(`a la sortie de -\fBsg\fR\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBSYSLOG_SG_ENAB\fR (bool\('een) -.RS 4 -Activer la journalisation \(Fo\ \&syslog\ \&\(Fc de l\*(Aqactivit\('e de -\fBsg\fR\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/fr/man1/su.1 b/man/fr/man1/su.1 deleted file mode 100644 index 2b5d9674..00000000 --- a/man/fr/man1/su.1 +++ /dev/null @@ -1,451 +0,0 @@ -'\" t -.\" Title: su -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes utilisateur -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "SU" "1" "09/05/2014" "shadow\-utils 4\&.2" "Commandes utilisateur" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -su \- Changer d\*(Aqidentifiant d\*(Aqutilisateur ou devenir superutilisateur -.SH "SYNOPSIS" -.HP \w'\fBsu\fR\ 'u -\fBsu\fR [\fIoptions\fR] [\fInom_utilisateur\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBsu\fR -permet de devenir un autre utilisateur pour la dur\('ee d\*(Aqune session\&. Invoqu\('e sans nom d\*(Aq\fButilisateur\fR, le comportement par d\('efaut de -\fBsu\fRest de devenir superutilisateur\&. Le param\(`etre optionnel -\fB\-\fR -permet d\*(Aqobtenir un environnement similaire \(`a celui que l\*(Aqutilisateur aurait obtenu lors d\*(Aqune connexion directe\&. -.PP -Des param\(`etres suppl\('ementaires peuvent \(^etre fournis apr\(`es le nom de l\*(Aqutilisateur\&. Dans ce cas, ils sont donn\('es \(`a l\*(Aqinterpr\('eteur de commandes de connexion de l\*(Aqutilisateur\&. En particulier, le param\(`etre \(Fo\ \&\fB\-c\fR\ \&\(Fc consid\(`ere que le param\(`etre suivant est une commande pour la plupart des interpr\('eteurs de commandes\&. La commande sera ex\('ecut\('ee par l\*(Aqinterpr\('eteur indiqu\('e dans -/etc/passwd -pour l\*(Aqutilisateur cible\&. -.PP -Vous pouvez utiliser le param\(`etre -\fB\-\-\fR -pour s\('eparer les options de -\fBsu\fR -des param\(`etres fournis par l\*(Aqinterpr\('eteur de commandes\&. -.PP -Un mot de passe sera demand\('e \(`a l\*(Aqutilisateur, si n\('ecessaire\&. Les mots de passe incorrects produisent un message d\*(Aqerreur\&. Toutes les tentatives, r\('eussies ou non, sont enregistr\('ees afin de d\('etecter tout abus du syst\(`eme\&. -.PP -L\*(Aqenvironnement actuel est fourni au nouvel interpr\('eteur de commandes\&. La valeur de -\fB$PATH\fR -est r\('einitialis\('ee \(`a -/bin:/usr/bin -pour les utilisateurs normaux, ou \(`a -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR -pour le superutilisateur\&. Ce comportement peut \(^etre modifi\('e avec les param\(`etres -\fIENV_PATH\fR -et -\fIENV_SUPATH\fR -dans -/etc/login\&.defs\&. -.PP -Une connexion \(`a un sous\-syst\(`eme est indiqu\('ee par la pr\('esence d\*(Aqun \(Fo\ \&*\ \&\(Fc comme premier caract\(`ere de l\*(Aqinterpr\('eteur de commandes initial\&. Le r\('epertoire personnel sera utilis\('e comme racine d\*(Aqun nouveau syst\(`eme de fichiers dans lequel l\*(Aqutilisateur sera connect\('e\&. -.SH "OPTIONS" -.PP -Les options applicables \(`a la commande -\fBsu\fR -sont\ \&: -.PP -\fB\-c\fR, \fB\-\-command\fR\ \&\fICOMMAND\fR -.RS 4 -Indiquer une commande qui sera invoqu\('ee par l\*(Aqinterpr\('eteur de commandes en utilisant son option -\fB\-c\fR -.sp -The executed command will have no controlling terminal\&. This option cannot be used to execute interactive programs which need a controlling TTY\&. -.RE -.PP -\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR -.RS 4 -Fournir \(`a l\*(Aqutilisateur un environnement similaire \(`a celui qu\*(Aqil aurait obtenu s\*(Aqil s\*(Aq\('etait connect\('e directement\&. -.sp -When -\fB\-\fR -is used, it must be specified before any -\fBusername\fR\&. For portability it is recommended to use it as last option, before any -\fBusername\fR\&. The other forms (\fB\-l\fR -and -\fB\-\-login\fR) do not have this restriction\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Interpr\('eteur de commande devant \(^etre appel\('e\&. -.sp -L\*(Aqinterpr\('eteur de commandes \(`a appeler est choisi parmi (le choix de plus haute priorit\('e en t\(^ete)\ \&: -.PP -.RS 4 -Interpr\('eteur de commande indiqu\('e par \-\-shell\&. -.RE -.PP -.RS 4 -Si -\fB\-\-preserve\-environment\fR -est utilis\('e, l\*(Aqinterpr\('eteur de commandes indiqu\('e par la variable d\*(Aqenvironnement -\fB$SHELL\fR -sera utilis\('e\&. -.RE -.PP -.RS 4 -Interpr\('eteur de commandes indiqu\('e dans -/etc/passwd -pour l\*(Aqutilisateur cible\&. -.RE -.PP -.RS 4 -/bin/sh -si aucun interpr\('eteur de commandes ne peut \(^etre trouv\('e par l\*(Aqune des m\('ethodes ci\-dessus\&. -.RE -.sp -Si l\*(Aqutilisateur cible poss\(`ede un interpr\('eteur de commande restreint (par exemple, le champ de l\*(Aqinterpr\('eteur de commande dans -/etc/passwd -n\*(Aqest pas renseign\('e dans -/etc/shells), alors, ni l\*(Aqoption -\fB\-\-shell\fR -ni la variable d\*(Aqenvironnement -\fB$SHELL\fR -ne seront prises en compte \(`a moins que -\fBsu\fR -ne soit appel\('e par le superutilisateur\&. -.RE -.PP -\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR -.RS 4 -Pr\('eserver l\*(Aqenvironnement actuel, sauf pour\ \&: -.PP -\fB$PATH\fR -.RS 4 -r\('einitialise suivant les options -\fBENV_PATH\fR -ou -\fBENV_SUPATH\fR -dans -/etc/login\&.defs -(voir ci\-dessous)\ \&: -.RE -.PP -\fB$IFS\fR -.RS 4 -r\('einitialise \(`a -\(Fo\ \&\ \&\(Fc, s\*(Aqil a \('et\('e d\('efini\&. -.RE -.sp -Si l\*(Aqutilisateur cible poss\(`ede un interpr\('eteur de commandes restreint, cette option n\*(Aqa aucun effet (\(`a moins que -\fBsu\fR -ne soit appel\('e par le superutilisateur)\&. -.sp -Notez que le comportement par d\('efaut pour l\*(Aqenvironnement est le suivant\ \&: -.PP -.RS 4 -Les variables d\*(Aqenvironnement -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$USER\fR, -\fB$LOGNAME\fR, -\fB$PATH\fR -et -\fB$IFS\fR -sont r\('einitialis\('ees\&. -.RE -.PP -.RS 4 -Si -\fB\-\-login\fR -n\*(Aqest pas utilis\('ee, l\*(Aqenvironnement est copi\('e sauf pour les variables ci\-dessus\&. -.RE -.PP -.RS 4 -Si -\fB\-\-login\fR -est utilis\('ee, les variables d\*(Aqenvironnement -\fB$TERM\fR, -\fB$COLORTERM\fR, -\fB$DISPLAY\fR -et -\fB$XAUTHORITY\fR -sont copi\('ees si elles ont \('et\('e d\('efinies\&. -.RE -.PP -.RS 4 -Si -\fB\-\-login\fR -est utilis\('ee, les variables d\*(Aqenvironnement -\fB$TZ\fR, -\fB$HZ\fR -et -\fB$MAIL\fR -sont configur\('ees en accord avec les options -\fBENV_TZ\fR, -\fBENV_HZ\fR, -\fBMAIL_DIR\fR -et -\fBMAIL_FILE\fR -de -/etc/login\&.defs -(voir ci\-dessous)\&. -.RE -.PP -.RS 4 -Si -\fB\-\-login\fR -est utilis\('ee, les autres variables d\*(Aqenvironnement peuvent \(^etre configur\('ees par le fichier -\fBENVIRON_FILE\fR -(voir ci\-dessous)\&. -.RE -.RE -.SH "AVERTISSEMENTS" -.PP -Cette version de -\fBsu\fR -a de nombreuses options de compilation\&. Seules certaines d\*(Aqentre elles peuvent avoir \('et\('e activ\('ees sur votre site\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBCONSOLE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, soit un chemin complet du fichier contenant les noms de p\('eriph\('eriques (un par ligne), soit une liste de noms du p\('eriph\('erique d\('elimit\('ee par des \(Fo\ \&:\ \&\(Fc\&. Les connexions d\*(Aqun administrateur ne seront autoris\('ees que depuis ces p\('eriph\('eriques\&. -.sp -S\*(Aqil n\*(Aqest pas d\('efini, root pourra se connecter depuis n\*(Aqimporte quel p\('eriph\('erique\&. -.sp -Le p\('eriph\('erique doit \(^etre pr\('ecis\('e sans le pr\('efixe /dev/\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (cha\(^ine de caract\(`eres) -.RS 4 -Une liste de groupes \(`a rajouter aux groupes suppl\('ementaires de l\*(Aqutilisateur lors d\*(Aqune connexion sur une console (d\('etermin\('e par le param\(`etre CONSOLE)\&. Par d\('efaut, aucun groupe n\*(Aqest ajout\('e\&. - -\(`A utiliser avec pr\('ecaution\ \&: il est possible que les utilisateurs aient un acc\(`es permanent \(`a ces groupes, et cela m\(^eme s\*(Aqils ne sont pas connect\('es sur la console\&. -.RE -.PP -\fBDEFAULT_HOME\fR (bool\('een) -.RS 4 -Indiquer si la connexion est permise si on ne peut pas acc\('eder au r\('epertoire personnel\&. Le r\('eglage par d\('efaut est \(Fo\ \&no\ \&\(Fc\&. -.sp -Si elle est configur\('ee \(`a -\fIyes\fR, l\*(Aqutilisateur va se connecter dans le r\('epertoire racine (/) s\*(Aqil n\*(Aqest pas possible d\*(Aqacc\('eder \(`a son r\('epertoire personnel\&. -.RE -.PP -\fBENV_HZ\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement HZ lorsqu\*(Aqun utilisateur se connecte\&. La valeur doit \(^etre pr\('ec\('ed\('ee par -\fIHZ=\fR\&. Une valeur commune sur Linux est -\fIHZ=100\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si ce fichier existe et est lisible, l\*(Aqenvironnement de connexion sera lu \(`a\ \& partir de lui\&. Chaque ligne doit \(^etre sous la forme nom=valeur\&. -.sp -Les lignes commen\(,cant par un \(Fo\ \&#\ \&\(Fc sont consid\('er\('ees comme des commentaires, et sont ignor\('ees\&. -.RE -.PP -\fBENV_PATH\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement PATH quand un utilisateur ordinaire se connecte\&. La valeur est une liste de chemins s\('epar\('es par des deux points (par exemple -\fI/bin:/usr/bin\fR) et peut \(^etre pr\('ec\('ed\('ee par -\fIPATH=\fR\&. La valeur par d\('efaut est -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement PATH quand le super\-utilisateur se connecte\&. La valeur est une liste de chemins s\('epar\('es par deux points (par exemple -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) et peut \(^etre pr\('ec\('ed\('ee par -\fIPATH=\fR\&. La valeur par d\('efaut est -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement TZ quand un utilisateur se connecte\&. La valeur peut \(^etre le nom d\*(Aqun fuseau horaire pr\('ec\('ed\('e par -\fITZ=\fR -(par exemple -\fITZ=CST6CDT\fR), ou le chemin complet vers le fichier contenant la sp\('ecification du fuseau horaire (par exemple -/etc/tzname)\&. -.sp -Si un chemin complet est sp\('ecifi\('e mais que le fichier n\*(Aqexiste pas ou ne peut pas \(^etre lu, la valeur par d\('efaut utilis\('ee est -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBLOGIN_STRING\fR (cha\(^ine de caract\(`eres) -.RS 4 -La cha\(^ine de caract\(`eres utilis\('ee pour l\*(Aqinvite de mot de passe\&. La valeur par d\('efaut est d\*(Aqutiliser "Password: " (\(Fo\ \&mot de passe\ \&:\ \&\(Fc), ou une traduction de cette cha\(^ine\&. Si vous d\('efinissez cette variable, l\*(Aqinvite ne sera pas traduite\&. -.sp -Si la cha\(^ine contient -\fI%s\fR, ces caract\(`eres seront remplac\('es par le nom de l\*(Aqutilisateur\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (bool\('een) -.RS 4 -Activer le contr\(^ole et l\*(Aqaffichage du statut de la bo\(^ite aux lettres durant la connexion\&. -.sp -Vous devriez le d\('esactiver si les fichiers de d\('emarrage de l\*(Aqinterpr\('eteur de commandes v\('erifient d\('ej\(`a la pr\('esence de courriers (\(Fo\ \&mail \-e\ \&\(Fc ou \('equivalent)\&. -.RE -.PP -\fBMAIL_DIR\fR (cha\(^ine de caract\(`eres) -.RS 4 -R\('epertoire d\*(Aqattente des courriels (\(Fo\ \&mail spool directory\ \&\(Fc)\&. Ce param\(`etre est n\('ecessaire pour manipuler les bo\(^ites \(`a lettres lorsque le compte d\*(Aqun utilisateur est modifi\('e ou supprim\('e\&. S\*(Aqil n\*(Aqest pas sp\('ecifi\('e, une valeur par d\('efaut d\('efinie \(`a la compilation est utilis\('ee\&. -.RE -.PP -\fBMAIL_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir l\*(Aqemplacement des bo\(^ites aux lettres des utilisateurs relativement \(`a leur r\('epertoire personnel\&. -.RE -.PP -Les param\(`etres -\fBMAIL_DIR\fR -et -\fBMAIL_FILE\fR -sont utilis\('es par -\fBuseradd\fR, -\fBusermod\fR -et -\fBuserdel\fR -pour cr\('eer, d\('eplacer ou supprimer les bo\(^ites aux lettres des utilisateurs\&. -.PP -Si -\fBMAIL_CHECK_ENAB\fR -est r\('egl\('e sur -\fIyes\fR, ces variables servent \('egalement \(`a d\('efinir la variable d\*(Aqenvironnement -\fBMAIL\fR\&. -.PP -\fBQUOTAS_ENAB\fR (bool\('een) -.RS 4 -Activer la mise en place de limites de resources depuis -/etc/limits -et ulimit, umask et niveau nice depuis les champs gecos de passwd\&. -.RE -.PP -\fBSULOG_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, les activit\('es de su seront enregistr\('ees dans le fichier\&. -.RE -.PP -\fBSU_NAME\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, le nom de la commande \(`a afficher lorsque \(Fo\ \&su \-\ \&\(Fc est ex\('ecut\('ee\&. Par exemple, si elle est d\('efinie \(`a \(Fo\ \&su\ \&\(Fc alors un \(Fo\ \&ps\ \&\(Fc affichera la commande comme \(Fo\ \&\-su\ \&\(Fc\&. Si non d\('efinie, alors \(Fo\ \&ps\ \&\(Fc affichera le nom du shell qui sera en fait ex\('ecut\('e, par exemple quelque chose comme \(Fo\ \&\-sh\ \&\(Fc\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (bool\('een) -.RS 4 -Si -\fIyes\fR, l\*(Aqutilisateur doit faire partie des membres du groupe avec le premier gid 0 dans -/etc/group -(appel\('e -\fIroot\fR -sur la plupart des syst\(`emes Linux) pour \(^etre capable de -\fBsu\fR -vers des comptes \(`a uid 0\&. Si ce groupe n\*(Aqexiste pas ou est vide, personne ne pourra -\fBsu\fR -vers un uid 0\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (bool\('een) -.RS 4 -Activer la journalisation \(Fo\ \&syslog\ \&\(Fc de l\*(Aqactivit\('e de -\fBsu\fR -\- en plus de la journalisation sulog\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (bool\('een) -.RS 4 -Activer la mise en place de bits de masque de groupe (\(Fo\ \&umask group bits\ \&\(Fc) identiques \(`a ceux du propri\('etaire (exemple\ \&: 022 \-> 002, 077 \-> 007) pour les utilisateurs non privil\('egi\('es, si l\*(AqUID est identique au GID et que l\*(Aqidentifiant de connexion est identique au groupe principal\&. -.sp -Si cette variable est configur\('ee \(`a -\fIyes\fR, -\fBuserdel\fR -supprimera le groupe de l\*(Aqutilisateur s\*(Aqil ne contient pas d\*(Aqautres membres, et -\fBuseradd\fR -cr\('eera par d\('efaut un groupe portant le nom de l\*(Aqutilisateur\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -En cas de succ\(`es, -\fBsu\fR -renvoie la valeur de sortie de la commande qu\*(Aqil a ex\('ecut\('ee\&. -.PP -Si cette commande s\*(Aqest termin\('ee par un signal, -\fBsu\fR -y ajoute 128 et renvoie le r\('esultat\&. -.PP -Si -\fBsu\fR -doit tuer la commande (parce qu\*(Aqil a \('et\('e demand\('e de terminer et que la commande ne s\*(Aqest pas termin\('ee \(`a temps), -\fBsu\fR -renvoie 255\&. -.PP -Certaines valeurs de retour de -\fBsu\fR -sont ind\('ependantes de la commande ex\('ecut\('ee\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es (\fB\-\-help\fR -uniquement) -.RE -.PP -\fI1\fR -.RS 4 -\('Echec syst\(`eme ou d\*(Aqauthentification -.RE -.PP -\fI126\fR -.RS 4 -La commande demand\('ee n\*(Aqa pas \('et\('e trouv\('ee\&. -.RE -.PP -\fI127\fR -.RS 4 -La commande demand\('ee n\*(Aqa pas pu \(^etre ex\('ecut\('ee\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin\fR(1), -\fBlogin.defs\fR(5), -\fBsg\fR(1), -\fBsh\fR(1)\&. diff --git a/man/fr/man3/getspnam.3 b/man/fr/man3/getspnam.3 deleted file mode 100644 index cd473da3..00000000 --- a/man/fr/man3/getspnam.3 +++ /dev/null @@ -1 +0,0 @@ -.so man3/shadow.3 diff --git a/man/fr/man3/shadow.3 b/man/fr/man3/shadow.3 deleted file mode 100644 index 1231a1b7..00000000 --- a/man/fr/man3/shadow.3 +++ /dev/null @@ -1,237 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Appels de biblioth\(`eque -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "SHADOW" "3" "09/05/2014" "shadow\-utils 4\&.2" "Appels de biblioth\(`eque" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -shadow, getspnam \- routines d\*(Aqutilisation des mots de passe cach\('es -.SH "SYNTAX" -.PP -\fI#include \fR -.PP -\fIstruct spwd *getspent();\fR -.PP -\fIstruct spwd *getspnam(char\fR\fI*nom\fR\fI);\fR -.PP -\fIvoid setspent();\fR -.PP -\fIvoid endspent();\fR -.PP -\fIstruct spwd *fgetspent(FILE\fR\fI*fp\fR\fI);\fR -.PP -\fIstruct spwd *sgetspent(char\fR\fI*cp\fR\fI);\fR -.PP -\fIint putspent(struct spwd\fR\fI*p,\fR\fIFICHIER\fR\fI*fp\fR\fI);\fR -.PP -\fIint lckpwdf();\fR -.PP -\fIint ulckpwdf();\fR -.SH "DESCRIPTION" -.PP -\fIshadow\fR -manipule le contenu du fichier des mots de passe cach\('es, -/etc/shadow\&. La structure d\('efinie dans le fichier inclus est\ \&: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct spwd { - char *sp_namp; /* nom de connexion de l\*(Aqutilisateur */ - char *sp_pwdp; /* mot de passe chiffr\('e */ - long int sp_lstchg; /* dernier changement de mot de passe */ - long int sp_min; /* jours avant de pouvoir changer de mot de passe */ - long int sp_max; /* jours avant l\*(Aqobligation de changer de mot de passe */ - long int sp_warn; /* jours d\*(Aqavertissement avant la fin de validit\('e */ - long int sp_inact; /* jours avant que le compte soit inactif */ - long int sp_expire; /* date de fin de validit\('e du compte */ - unsigned long int sp_flag; /* r\('eserv\('e pour une utilisation future */ -} - -.fi -.if n \{\ -.RE -.\} -.PP -La signification de chaque champ est la suivante\ \&: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_namp \- pointeur vers le nom d\*(Aqutilisateur termin\('e par un z\('ero binaire (\(Fo\ \&null\-terminated\ \&\(Fc) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_pwdp \- pointeur vers le mot de passe termin\('e par un z\('ero binaire (\(Fo\ \&null\-terminated\ \&\(Fc) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_lstchg \- nombre de jours, compt\('es \(`a partir du 1er\ \&janvier\ \&1970, depuis la derni\(`ere modification du mot de passe -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_min \- nombre de jours pendant lesquels le mot de passe ne peut pas \(^etre chang\('e -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_max \- nombre maximal de jours avant que le mot de passe doive \(^etre chang\('e -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_warn \- nombre de jours avant que le mot de passe n\*(Aqarrive en fin de validit\('e pendant lesquels l\*(Aqutilisateur est averti de la fin prochaine de la validit\('e de son mot de passe -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_inact \- nombre de jours apr\(`es la fin de validit\('e du mot de passe avant de consid\('erer que le compte est inactif et soit d\('esactiv\('e -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_expire \- nombre de jours, compt\('es \(`a partir du 1er\ \&janvier\ \&1970, apr\(`es lesquels le compte sera d\('esactiv\('e -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_flag \- r\('eserv\('e pour une utilisation future -.RE -.SH "DESCRIPTION" -.PP -\fIGetspent\fR, -\fIgetspname\fR, -\fIfgetspent\fR, et -\fIsgetspent\fR -renvoient tous un pointeur vers une structure -\fIstruct spwd\fR\&. -\fIGetspent\fR -renvoie l\*(Aqentr\('ee suivante du fichier, et -\fIfgetspent\fR -renvoie l\*(Aqentr\('ee suivante du flux qui est consid\('er\('e comme \('etant un fichier au format correct\&. -\fISgetspent\fR -renvoie un pointeur vers une structure -\fIstruct spwd\fR -en utilisant la cha\(^ine de caract\(`ere fournie en entr\('ee\&. -\fIGetspnam\fR -cherche \(`a partir de la position courante une entr\('ee correspondant \(`a -\fInom\fR -dans le fichier fourni en entr\('ee\&. -.PP -\fISetspent\fR -et -\fIendspent\fR -peuvent \(^etre utilis\('es pour d\('ebuter et terminer l\*(Aqacc\(`es au fichier de mots de passe cach\('es\&. -.PP -Les fonctions -\fIlckpwdf\fR -et -\fIulckpwdf\fR -doivent \(^etre utilis\('ees pour garantir un acc\(`es exclusif au fichier -/etc/shadow\&. -\fILckpwdf\fR -essaie de placer un verrou avec -\fIpw_lock\fR -pendant 15 secondes\&. Il essaie ensuite de placer un second verrou en utilisant -\fIspw_lock\fR -pendant le reste de ces 15 secondes\&. Si un de ces verrous ne peut \(^etre plac\('e, -\fIlckpwdf\fR -renvoie \-1\&. Quand les deux verrous peuvent \(^etre plac\('es, la valeur 0 est renvoy\('ee\&. -.SH "DIAGNOSTICS" -.PP -Les fonctions renvoient NULL si plus aucune entr\('ee n\*(Aqest disponible ou si une erreur est survenue lors du traitement\&. Les fonctions dont la valeur de retour est un -\fIint\fR -renvoient 0 en cas de succ\(`es et \-1 en cas d\*(Aq\('echec\&. -.SH "AVERTISSEMENTS" -.PP -Ces fonctions peuvent n\*(Aq\(^etre utilis\('ees que par le superutilisateur car l\*(Aqacc\(`es au fichier de mots de passe cach\('es est restreint\&. -.SH "FICHIERS" -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBgetpwent\fR(3), -\fBshadow\fR(5)\&. diff --git a/man/fr/man5/faillog.5 b/man/fr/man5/faillog.5 deleted file mode 100644 index 63d818dd..00000000 --- a/man/fr/man5/faillog.5 +++ /dev/null @@ -1,63 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "FAILLOG" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -faillog \- journal des \('echecs de connexion -.SH "DESCRIPTION" -.PP -/var/log/faillog -maintient un compte des \('echecs de connexion et les limites pour chaque compte\&. -.PP -Le fichier contient un nombre constant d\*(Aqenregistrements, tri\('es par identifiant d\*(Aqutilisateur num\('erique\&. Chaque enregistrement contient le nombre d\*(Aq\('echecs de connexion depuis la derni\(`ere connexion r\('eussie, le nombre maximum d\*(Aq\('echecs de connexion avant d\('esactivation du compte, la ligne sur laquelle a eu lieu le dernier \('echec de connexion, la date du dernier \('echec de connexion et la dur\('ee (en seconde) pendant laquelle le compte sera verrouill\('e apr\(`es un \('echec\&. -.PP -La structure du fichier est la suivante\ \&: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct faillog { - short fail_cnt; /* compteur des \('echecs */ - short fail_max; /* nb max avant d\('esactivation */ - char fail_line[12]; /* ligne du dernier \('echec */ - time_t fail_time; /* date du dernier \('echec */ - long fail_locktime;}; -.fi -.if n \{\ -.RE -.\} -.SH "FICHIERS" -.PP -/var/log/faillog -.RS 4 -Journal des \('echecs de connexion\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBfaillog\fR(8) diff --git a/man/fr/man5/gshadow.5 b/man/fr/man5/gshadow.5 deleted file mode 100644 index 75fd2612..00000000 --- a/man/fr/man5/gshadow.5 +++ /dev/null @@ -1,101 +0,0 @@ -'\" t -.\" Title: gshadow -.\" Author: Nicolas Fran\(,cois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "GSHADOW" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -gshadow \- informations cach\('ees sur les groupes -.SH "DESCRIPTION" -.PP -/etc/gshadow -contient les informations cach\('ees sur les groupes\&. -.PP -Ce fichier ne doit pas \(^etre accessible en lecture par les utilisateurs normaux afin de maintenir la s\('ecurit\('e des mots de passe, en particuliers pour pr\('evenir les attaques par dictionnaires\&. -.PP -Chaque ligne de ce fichier contient les champs suivants, s\('epar\('es par des deux\-points (\(Fo\ \&:\ \&\(Fc)\ \&: -.PP -\fBnom du groupe\fR -.RS 4 -Ce doit \(^etre un nom de groupe valable, qui existe sur le syst\(`eme\&. -.RE -.PP -\fBmot de passe chiffr\('e\fR -.RS 4 -Consultez -\fBcrypt\fR(3) -pour plus d\*(Aqinformations sur le traitement de cette cha\(^ine\&. -.sp -Si le champ du mot de passe contient une cha\(^ine qui ne peut pas \(^etre un r\('esultat valable de -\fBcrypt\fR(3), par exemple si elle contient les caract\(`eres \(Fo\ \&!\ \&\(Fc ou \(Fo\ \&*\ \&\(Fc, les utilisateurs ne pourront pas utiliser le mot de passe UNIX pour acc\('eder au groupe (mais les membres du groupe n\*(Aqont pas besoin de mot de passe)\&. -.sp -Le mot de passe est utilis\('e quand un utilisateur non membre du groupe veut obtenir les permissions de ce groupe (consultez -\fBnewgrp\fR(1))\&. -.sp -Ce champ peut \(^etre vide\&. Dans ce cas seuls les membres du groupe peuvent obtenir les permissions du groupe\&. -.sp -Un champ de mot de passe qui commence avec un point d\*(Aqexclamation indique que le mot de passe est bloqu\('e\&. Les caract\(`eres restants sur la ligne repr\('esentent le champ de mot de passe avant que le mot de passe n\*(Aqait \('et\('e bloqu\('e\&. -.sp -Ce mot de passe remplace tout mot de passe indiqu\('e dans -/etc/group\&. -.RE -.PP -\fBadministrateurs\fR -.RS 4 -Ce champ doit \(^etre une liste d\*(Aqutilisateurs, s\('epar\('es par des virgules\&. -.sp -Les administrateurs peuvent modifier le mot de passe ou les membres du groupe\&. -.sp -Les administrateurs peuvent aussi avoir les m\(^emes permissions que les membres (voir ci\-dessous)\&. -.RE -.PP -\fBmembres\fR -.RS 4 -Ce champ doit \(^etre une liste d\*(Aqutilisateurs, s\('epar\('es par des virgules\&. -.sp -Les membres peuvent acc\('eder au groupe sans qu\*(Aqun mot de passe ne leur soit demand\('e\&. -.sp -Vous devez utiliser la m\(^eme liste d\*(Aqutilisateurs que dans -/etc/group\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBgpasswd\fR(5), -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBgrpconv\fR(8), -\fBnewgrp\fR(1)\&. diff --git a/man/fr/man5/limits.5 b/man/fr/man5/limits.5 deleted file mode 100644 index f81541e1..00000000 --- a/man/fr/man5/limits.5 +++ /dev/null @@ -1,272 +0,0 @@ -'\" t -.\" Title: limits -.\" Author: Luca Berra -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "LIMITS" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -limits \- d\('efinition des limites de ressources -.SH "DESCRIPTION" -.PP -Le fichier -\fIlimits\fR -(/etc/limits -par d\('efaut ou LIMITS_FILE d\('efinit dans -config\&.h) d\('ecrit les limites de ressource que vous voulez imposer\&. Il doit \(^etre poss\('ed\('e et ne doit \(^etre lisible que par le compte root\&. -.PP -Par d\('efaut, aucun quota (aucune limite) n\*(Aqest impos\('e \(`a \(Fo\ \&root\ \&\(Fc\&. En fait, il n\*(Aqest pas possible d\*(Aqimposer de cette fa\(,con de limite aux comptes root ou \('equivalents (comptes ayant un UID de 0)\&. -.PP -Chaque ligne d\('ecrit une limite pour un utilisateur, elle est de la forme suivante\ \&: -.PP -\fIutilisateur LISTE_DE_LIMITES\fR -.PP -ou sous la forme\ \&: -.PP -\fI@groupe LISTE_DE_LIMITES\fR -.PP -O\(`u -\fILISTE_DE_LIMITES\fR -est une cha\(^ine construite par la concat\('enation d\*(Aqune liste de limites de ressource\&. Chaque limite consiste en une lettre (identifiant le type de limite) et une valeur num\('erique\&. -.PP -Les identifiants possibles sont\ \&: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -A\ \&: espace d\*(Aqadressage maximal (en kilo octets) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -C\ \&: taille maximale d\*(Aqun fichier image de la m\('emoire (\(Fo\ \&core\ \&\(Fc, en kilo octets) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -D\ \&: taille maximale du segment de donn\('ees d\*(Aqun programme (en kilo octets) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -F\ \&: taille maximale des fichiers (en kilo octets) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -K\ \&: masque de cr\('eation de fichier, d\('efini par -\fBumask\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -I\ \&: valeur nice maximum (0\&.\&.39 qui sera traduit en 20\&.\&.\-19) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -L\ \&: nombre maximal de connexions simultan\('ees pour cet utilisateur -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -M\ \&: taille maximale de m\('emoire verrouill\('ee (\(Fo\ \&locked\-in\-memory\ \&\(Fc, en kilo octets) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -N\ \&: nombre maximal de fichiers ouverts -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -O\ \&: priorit\('e temps r\('eel maximale -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -P\ \&: priorit\('e des processus, d\('efini par -\fBsetpriority\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -R\ \&: taille maximale de la m\('emoire r\('esidente (\(Fo\ \&resident set size\ \&\(Fc, en kilo octets) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -S\ \&: taille maximale de la pile (en kilo octets) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -T\ \&: temps processeur maximal consomm\('e (en minutes) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -U\ \&: nombre maximal de processus -.RE -.PP -Par exemple, -\fIL2D2048N5\fR -est une cha\(^ine -\fILISTE_DE_LIMITES\fR -valable\&. Pour faciliter la lecture, les entr\('ees suivantes sont \('equivalentes\ \&: -.sp -.if n \{\ -.RS 4 -.\} -.nf - utilisateur L2D2048N5 - utilisateur L2 D2048 N5 - -.fi -.if n \{\ -.RE -.\} -.PP -Attention\ \&: tout ce qui suit -\fIutilisateur\fR -est consid\('er\('e comme une limite de cha\(^ine\&. Les commentaires ne sont pas autoris\('es\&. Une cha\(^ine de limites non valable sera rejet\('ee (non utilis\('ee) par le programme -\fBlogin\fR\&. -.PP -L\*(Aqentr\('ee par d\('efaut est repr\('esent\('ee par un utilisateur d\('enomm\('e \(Fo\ \&\fI*\fR\ \&\(Fc\&. Si plusieurs entr\('ees par d\('efaut sont pr\('esentes dans le fichier de limites, alors seule la derni\(`ere sera prise en compte\&. -.PP -Les limites pr\('ecis\('ees sous la forme \(Fo\ \&\fI@groupe\fR\ \&\(Fc s\*(Aqappliquent aux membres du -\fIgroupe\fR -pr\('ecis\('e\&. -.PP -Si plusieurs lignes avec des limites pour un utilisateur existent, seule la premi\(`ere ligne pour cet utilisateur sera prise en compte\&. -.PP -Si aucune ligne n\*(Aqest pr\('ecis\('ee pour l\*(Aqutilisateur, la derni\(`ere ligne -\fI@groupe\fR -correspondant \(`a un groupe auquel l\*(Aqutilisateur appartient sera prise en compte, ou la derni\(`ere ligne avec les limites par d\('efaut si aucun groupe ne contient l\*(Aqutilisateur\&. -.PP -Un simple tiret \(Fo\ \&\fI\-\fR\ \&\(Fc sera suffisant pour d\('esactiver toute limite \(`a un utilisateur, -.PP -Afin de d\('esactiver une limite pour un utilisateur, un simple tiret \(Fo\ \&\fI\-\fR\ \&\(Fc peut \(^etre utilis\('e au lieu d\*(Aqune valeur num\('erique pour cette limite\&. -.PP -Notez \('egalement que les limites ne sont configur\('ees que PAR CONNEXION\&. Il n\*(Aqy a pas de limite globale ou permanente\&. Des limites globales pourraient voir le jour, mais pour l\*(Aqinstant, il faut faire sans\&. -.SH "FICHIERS" -.PP -/etc/limits -.RS 4 -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin\fR(1), -\fBsetpriority\fR(2), -\fBsetrlimit\fR(2)\&. diff --git a/man/fr/man5/login.access.5 b/man/fr/man5/login.access.5 deleted file mode 100644 index c79223fe..00000000 --- a/man/fr/man5/login.access.5 +++ /dev/null @@ -1,67 +0,0 @@ -'\" t -.\" Title: login.access -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "LOGIN\&.ACCESS" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -login.access \- table de contr\(^ole des connexions -.SH "DESCRIPTION" -.PP -Le fichier -\fIlogin\&.access\fR -permet de sp\('ecifier des paires (utilisateur, h\(^ote) et/ou (utilisateur, tty) pour lesquelles toute connexion sera soit accept\('ee soit refus\('ee\&. -.PP -Lorsqu\*(Aqun utilisateur se connecte, le fichier -\fIlogin\&.access\fR -est lu jusqu\*(Aq\(`a la premi\(`ere entr\('ee correspondant \(`a la paire (utilisateur, h\(^ote) ou, dans le cas d\*(Aqune connexion ne passant pas par le r\('eseau, \(`a la premi\(`ere entr\('ee correspondant au couple (utilisateur, tty)\&. Le champ des permissions de la table pour cette entr\('ee d\('etermine alors si la connexion doit \(^etre accept\('ee ou refus\('ee\&. -.PP -Chaque ligne de la table de contr\(^ole des connexions (\(Fo\ \&login access control table\ \&\(Fc) est compos\('ee de trois champs s\('epar\('es par le caract\(`ere \(Fo\ \&:\ \&\(Fc\ \&: -.PP -\fIpermission\fR:\fIutilisateurs\fR:\fIorigines\fR -.PP -Le premier champ est soit un \(Fo\ \&\fI+\fR\ \&\(Fc (acc\(`es autoris\('e), soit un \(Fo\ \&\fI\-\fR\ \&\(Fc (acc\(`es refus\('e)\&. Le second champ est une liste d\*(Aqun ou plusieurs noms d\*(Aqutilisateurs ou de groupes, ou -\fIALL\fR -(correspond \(`a tous les utilisateurs)\&. Le troisi\(`eme champ est une liste d\*(Aqun ou plusieurs noms de tty (pour les connexions hors r\('eseau), noms d\*(Aqh\(^otes, noms de domaines (commen\(,cant par un \(Fo\ \&\&.\ \&\(Fc), adresses d\*(Aqh\(^ote, adresses de sous\-r\('eseau (terminant par un \(Fo\ \&\&.\ \&\(Fc), -\fIALL\fR -(pour sp\('ecifier n\*(Aqimporte quelle connexion), ou -\fILOCAL\fR -(correspond \(`a n\*(Aqimporte quelle cha\(^ine ne contenant pas de \(Fo\ \&\&.\ \&\(Fc)\&. Si vous utilisez NIS, vous pouvez utiliser @nomdegroupe pour les motifs d\*(Aqutilisateur et d\*(Aqh\(^ote\&. -.PP -L\*(Aqop\('erateur -\fIEXCEPT\fR -permet d\*(Aq\('ecrire des r\(`egles tr\(`es compactes\&. -.PP -Le fichier d\*(Aqinformations sur les groupes (/etc/group) n\*(Aqest utilis\('e que lorsqu\*(Aqun nom ne correspond \(`a aucun des utilisateurs connect\('es\&. Seuls les groupes pour lesquels la liste des utilisateurs est sp\('ecifi\('ee sont utilis\('es\ \&: le programme ne recherche pas parmi les groupes primaires des utilisateurs\&. -.SH "FICHIERS" -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin\fR(1)\&. diff --git a/man/fr/man5/login.defs.5 b/man/fr/man5/login.defs.5 deleted file mode 100644 index fd91a76c..00000000 --- a/man/fr/man5/login.defs.5 +++ /dev/null @@ -1,828 +0,0 @@ -'\" t -.\" Title: login.defs -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "LOGIN\&.DEFS" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -login.defs \- configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc -.SH "DESCRIPTION" -.PP -Le fichier -/etc/login\&.defs -d\('efinit la configuration de la suite shadow password (mots de passe cach\('es) pour le syst\(`eme\&. Ce fichier est indispensable\&. Son absence n\*(Aqemp\(^echera pas le syst\(`eme de fonctionner, mais aura probablement des cons\('equences ind\('esirables\&. -.PP -Ce fichier est un fichier texte, dont chaque ligne d\('ecrit un param\(`etre de configuration\&. Les lignes consistent en un nom et une valeur, s\('epar\('es par une espace\&. Les lignes blanches et les lignes de commentaires sont ignor\('ees\&. Les commentaires commencent par un caract\(`ere \(Fo\ \&#\ \&\(Fc, qui doit \(^etre le premier caract\(`ere non blanc de la ligne\&. -.PP -Les valeurs des param\(`etres sont de quatre types\ \&: cha\(^ines de caract\(`eres, bool\('eens, nombres et nombres longs\&. Une cha\(^ine de caract\(`eres est constitu\('ee de n\*(Aqimporte quels caract\(`eres imprimables\&. Un bool\('een est soit -\fIyes\fR -(oui), soit -\fIno\fR -(non)\&. Un param\(`etre bool\('een non d\('efini, ou d\('efini avec une valeur autre que celles\-l\(`a prendra la valeur -\fIno\fR\&. Un nombre (normal ou long) peut \(^etre soit d\('ecimal, soit octal (en pr\('ec\('edant la valeur d\*(Aqun -\fI0\fR), ou encore hexad\('ecimal (en pr\('ec\('edant la valeur de -\fI0x\fR)\&. La valeur maximale des param\(`etres num\('eriques normaux ou longs d\('epend de la machine\&. -.PP -Les param\(`etres de configuration suivants sont fournis\ \&: -.PP -\fBCHFN_AUTH\fR (bool\('een) -.RS 4 -La valeur -\fIyes\fR -indique que le programme -\fBchfn\fR -n\('ecessitera une authentification avant de proc\('eder \(`a tout changement, \(`a moins qu\*(Aqils ne soient ex\('ecut\('es par le superutilisateur\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (cha\(^ine de caract\(`eres) -.RS 4 -Ce param\(`etre pr\('ecise quelles valeurs du champ -\fIgecos\fR -du fichier -passwd -peuvent \(^etre modifi\('ees par les utilisateurs ordinaires \(`a l\*(Aqaide du programme -\fBchfn\fR\&. Il est constitu\('e d\*(Aqune combinaison de lettres parmi -\fIf\fR, -\fIr\fR, -\fIw\fR -et -\fIh\fR, correspondant respectivement au nom complet, au num\('ero de bureau, au num\('ero de t\('el\('ephone professionnel et au num\('ero de t\('el\('ephone personnel\&. Pour des raisons de compatibilit\('e avec des versions ant\('erieures, -\fIyes\fR -est \('equivalent \(`a -\fIrwh\fR -et -\fIno\fR -\(`a -\fIfrwh\fR\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, seul le superutilisateur peut effectuer des modifications\&. Pour une configuration encore plus restrictive, il sera pr\('ef\('erable de ne pas installer -\fBchfn\fR -avec l\*(Aqindicateur SUID positionn\('e\&. -.RE -.PP -\fBCHSH_AUTH\fR (bool\('een) -.RS 4 -La valeur -\fIyes\fR -indique que le programme -\fBchsh\fR -n\('ecessitera une authentification avant de proc\('eder \(`a tout changement, \(`a moins qu\*(Aqils ne soient ex\('ecut\('es par le superutilisateur\&. -.RE -.PP -\fBCONSOLE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, soit un chemin complet du fichier contenant les noms de p\('eriph\('eriques (un par ligne), soit une liste de noms du p\('eriph\('erique d\('elimit\('ee par des \(Fo\ \&:\ \&\(Fc\&. Les connexions d\*(Aqun administrateur ne seront autoris\('ees que depuis ces p\('eriph\('eriques\&. -.sp -S\*(Aqil n\*(Aqest pas d\('efini, root pourra se connecter depuis n\*(Aqimporte quel p\('eriph\('erique\&. -.sp -Le p\('eriph\('erique doit \(^etre pr\('ecis\('e sans le pr\('efixe /dev/\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (cha\(^ine de caract\(`eres) -.RS 4 -Une liste de groupes \(`a rajouter aux groupes suppl\('ementaires de l\*(Aqutilisateur lors d\*(Aqune connexion sur une console (d\('etermin\('e par le param\(`etre CONSOLE)\&. Par d\('efaut, aucun groupe n\*(Aqest ajout\('e\&. - -\(`A utiliser avec pr\('ecaution\ \&: il est possible que les utilisateurs aient un acc\(`es permanent \(`a ces groupes, et cela m\(^eme s\*(Aqils ne sont pas connect\('es sur la console\&. -.RE -.PP -\fBCREATE_HOME\fR (boolean) -.RS 4 -Indiquer si un r\('epertoire personnel doit \(^etre cr\('e\('e par d\('efaut pour les nouveaux utilisateurs\&. -.sp -Ce r\('eglage ne s\*(Aqapplique pas pour les utilisateurs syst\(`eme, et peut \(^etre annul\('e sur la ligne de commande\&. -.RE -.PP -\fBDEFAULT_HOME\fR (bool\('een) -.RS 4 -Indiquer si la connexion est permise si on ne peut pas acc\('eder au r\('epertoire personnel\&. Le r\('eglage par d\('efaut est \(Fo\ \&no\ \&\(Fc\&. -.sp -Si elle est configur\('ee \(`a -\fIyes\fR, l\*(Aqutilisateur va se connecter dans le r\('epertoire racine (/) s\*(Aqil n\*(Aqest pas possible d\*(Aqacc\('eder \(`a son r\('epertoire personnel\&. -.RE -.PP -\fBENCRYPT_METHOD\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir les algorithmes de chiffrement par d\('efaut du syst\(`eme pour coder les mots de passes (si aucun algorithme n\*(Aqa \('et\('e indiqu\('e sur la ligne de commandes)\&. -.sp -Les valeurs suivantes sont accept\('ees\ \&: -\fIDES\fR -(par d\('efaut), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Remarque\ \&: ce param\(`etre remplace la variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBENV_HZ\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement HZ lorsqu\*(Aqun utilisateur se connecte\&. La valeur doit \(^etre pr\('ec\('ed\('ee par -\fIHZ=\fR\&. Une valeur commune sur Linux est -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement PATH quand un utilisateur ordinaire se connecte\&. La valeur est une liste de chemins s\('epar\('es par des deux points (par exemple -\fI/bin:/usr/bin\fR) et peut \(^etre pr\('ec\('ed\('ee par -\fIPATH=\fR\&. La valeur par d\('efaut est -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement PATH quand le super\-utilisateur se connecte\&. La valeur est une liste de chemins s\('epar\('es par deux points (par exemple -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) et peut \(^etre pr\('ec\('ed\('ee par -\fIPATH=\fR\&. La valeur par d\('efaut est -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement TZ quand un utilisateur se connecte\&. La valeur peut \(^etre le nom d\*(Aqun fuseau horaire pr\('ec\('ed\('e par -\fITZ=\fR -(par exemple -\fITZ=CST6CDT\fR), ou le chemin complet vers le fichier contenant la sp\('ecification du fuseau horaire (par exemple -/etc/tzname)\&. -.sp -Si un chemin complet est sp\('ecifi\('e mais que le fichier n\*(Aqexiste pas ou ne peut pas \(^etre lu, la valeur par d\('efaut utilis\('ee est -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si ce fichier existe et est lisible, l\*(Aqenvironnement de connexion sera lu \(`a\ \& partir de lui\&. Chaque ligne doit \(^etre sous la forme nom=valeur\&. -.sp -Les lignes commen\(,cant par un \(Fo\ \&#\ \&\(Fc sont consid\('er\('ees comme des commentaires, et sont ignor\('ees\&. -.RE -.PP -\fBERASECHAR\fR (nombre) -.RS 4 -Le caract\(`ere ERASE du terminal (\fI010\fR -= backspace, -\fI0177\fR -= DEL)\&. -.sp -La valeur peut \(^etre pr\('efix\('ee par \(Fo\ \&0\ \&\(Fc pour une valeur octale, ou \(Fo\ \&0x\ \&\(Fc pour une valeur hexad\('ecimale\&. -.RE -.PP -\fBFAIL_DELAY\fR (nombre) -.RS 4 -Le d\('elai en secondes avant qu\*(Aqun nouvel essai soit permis apr\(`es un \('echec de connexion\&. -.RE -.PP -\fBFAILLOG_ENAB\fR (bool\('een) -.RS 4 -Activer l\*(Aqenregistrement et l\*(Aqaffichage des informations d\*(Aq\('echec de connexion de -/var/log/faillog -.RE -.PP -\fBFAKE_SHELL\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, -\fBlogin\fR -ex\('ecutera cet interpr\('eteur de commandes au lieu de l\*(Aqinterpr\('eteur de l\*(Aqutilisateur sp\('ecifi\('e dans -/etc/passwd\&. -.RE -.PP -\fBFTMP_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, les \('echecs de connexion seront enregistr\('es dans le fichier sous le format utmp -.RE -.PP -\fBGID_MAX\fR (nombre), \fBGID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques de groupes que les commandes -\fBuseradd\fR, -\fBgroupadd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation des groupes normaux\&. -.sp -La valeur par d\('efaut pour -\fBGID_MIN\fR -(respectivement -\fBGID_MAX\fR) est 1000 (respectivement 60000)\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, le fichier peut d\('esactiver tous les affichages habituels durant la s\('equence de connexion\&. Si un nom de chemin complet est sp\('ecifi\('e, alors le mode taiseux sera activ\('e si le nom ou l\*(Aqinterpr\('eteur de commandes de l\*(Aqutilisateur sont trouv\('es dans le fichier\&. Si ce n\*(Aqest pas un nom de chemin complet, alors le mode taiseux sera activ\('e si le fichier existe dans le r\('epertoire personnel de l\*(Aqutilisateur\&. -.RE -.PP -\fBISSUE_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, le fichier sera affich\('e avant chaque invite de connexion\&. -.RE -.PP -\fBKILLCHAR\fR (nombre) -.RS 4 -Le caract\(`ere KILL du terminal (\fI025\fR -= CTRL/U)\&. -.sp -La valeur peut \(^etre pr\('efix\('ee par \(Fo\ \&0\ \&\(Fc pour une valeur octale, ou \(Fo\ \&0x\ \&\(Fc pour une valeur hexad\('ecimale\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (bool\('een) -.RS 4 -Activer la journalisation et l\*(Aqaffichage des informations de derni\(`ere connexion de /var/log/lastlog\&. -.RE -.PP -\fBLOG_OK_LOGINS\fR (bool\('een) -.RS 4 -Activer la journalisation des connexions r\('eussies\&. -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (bool\('een) -.RS 4 -Activer l\*(Aqaffichage des noms d\*(Aqutilisateurs inconnus quand les \('echecs de connexions sont enregistr\('es\&. -.sp -Remarque\ \&: la journalisation des noms d\*(Aqutilisateurs inconnus peut \(^etre un probl\(`eme de s\('ecurit\('e si un utilisateur entre son mot de passe au lieu de son nom d\*(Aqutilisateur\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (nombre) -.RS 4 -Le nombre maximum de tentatives de connexion en cas de mauvais mot de passe\&. -.RE -.PP -\fBLOGIN_STRING\fR (cha\(^ine de caract\(`eres) -.RS 4 -La cha\(^ine de caract\(`eres utilis\('ee pour l\*(Aqinvite de mot de passe\&. La valeur par d\('efaut est d\*(Aqutiliser "Password: " (\(Fo\ \&mot de passe\ \&:\ \&\(Fc), ou une traduction de cette cha\(^ine\&. Si vous d\('efinissez cette variable, l\*(Aqinvite ne sera pas traduite\&. -.sp -Si la cha\(^ine contient -\fI%s\fR, ces caract\(`eres seront remplac\('es par le nom de l\*(Aqutilisateur\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (nombre) -.RS 4 -Le temps maximum en secondes pour la connexion\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (bool\('een) -.RS 4 -Activer le contr\(^ole et l\*(Aqaffichage du statut de la bo\(^ite aux lettres durant la connexion\&. -.sp -Vous devriez le d\('esactiver si les fichiers de d\('emarrage de l\*(Aqinterpr\('eteur de commandes v\('erifient d\('ej\(`a la pr\('esence de courriers (\(Fo\ \&mail \-e\ \&\(Fc ou \('equivalent)\&. -.RE -.PP -\fBMAIL_DIR\fR (cha\(^ine de caract\(`eres) -.RS 4 -R\('epertoire d\*(Aqattente des courriels (\(Fo\ \&mail spool directory\ \&\(Fc)\&. Ce param\(`etre est n\('ecessaire pour manipuler les bo\(^ites \(`a lettres lorsque le compte d\*(Aqun utilisateur est modifi\('e ou supprim\('e\&. S\*(Aqil n\*(Aqest pas sp\('ecifi\('e, une valeur par d\('efaut d\('efinie \(`a la compilation est utilis\('ee\&. -.RE -.PP -\fBMAIL_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir l\*(Aqemplacement des bo\(^ites aux lettres des utilisateurs relativement \(`a leur r\('epertoire personnel\&. -.RE -.PP -Les param\(`etres -\fBMAIL_DIR\fR -et -\fBMAIL_FILE\fR -sont utilis\('es par -\fBuseradd\fR, -\fBusermod\fR -et -\fBuserdel\fR -pour cr\('eer, d\('eplacer ou supprimer les bo\(^ites aux lettres des utilisateurs\&. -.PP -Si -\fBMAIL_CHECK_ENAB\fR -est r\('egl\('e sur -\fIyes\fR, ces variables servent \('egalement \(`a d\('efinir la variable d\*(Aqenvironnement -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (bool\('een) -.RS 4 -Indiquer si un mot de passe doit \(^etre chiffr\('e en utilisant l\*(Aqalgorithme bas\('e sur MD5\&. Si configur\('ee \(`a -\fIyes\fR, les nouveaux mots de passe seront chiffr\('es en utilisant l\*(Aqalgorithme bas\('e sur MD5 compatible avec celui utilis\('e par les versions r\('ecentes de FreeBSD\&. Il g\(`ere des mots de passe de longueur illimit\('ee et des cha\(^ines de salage plus longues\&. Configurez\-la \(`a -\fIno\fR -pour copier les mots de passe chiffr\('es sur d\*(Aqautres syst\(`emes qui ne comprennent pas le nouvel algorithme\&. la valeur par d\('efaut est -\fIno\fR\&. -.sp -Cette variable est \('ecras\('ee par la variable -\fBENCRYPT_METHOD\fR -ou par toute option de la ligne de commande utilis\('ee pour configurer l\*(Aqalgorithme de chiffrement\&. -.sp -Cette variable est obsol\(`ete\&. Vous devriez utiliser -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBMOTD_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, liste d\('elimit\('ee par des \(Fo\ \&:\ \&\(Fc de fichiers de \(Fo\ \&message du jour\ \&\(Fc \(`a afficher lors de la connexion\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, nom de fichier dont la pr\('esence emp\(^echera les connexions de quelqu\*(Aqun d\*(Aqautre que le superutilisateur\&. Le contenu de ces fichiers doit \(^etre un message indiquant pourquoi les connexions sont d\('esactiv\('ees\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (bool\('een) -.RS 4 -Activer des v\('erifications suppl\('ementaires lors des changements de mot de passe\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (bool\('een) -.RS 4 -Avertir en cas de mots de passe faibles (mais les accepte quand m\(^eme) si vous \(^etes superutilisateur\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (nombre) -.RS 4 -Nombre maximum d\*(Aqessais pour changer de mot de passe si refus\('e (trop facile)\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (nombre) -.RS 4 -Nombre maximum de jours de validit\('e d\*(Aqun mot de passe\&. Apr\(`es cette dur\('ee, une modification du mot de passe est obligatoire\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (nombre) -.RS 4 -Nombre minimum de jours autoris\('e avant la modification d\*(Aqun mot de passe\&. Toute tentative de modification du mot de passe avant cette dur\('ee est rejet\('ee\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (nombre) -.RS 4 -Nombre de jours durant lesquels l\*(Aqutilisateur recevra un avertissement avant que son mot de passe n\*(Aqarrive en fin de validit\('e\&. Une valeur n\('egative signifie qu\*(Aqaucun avertissement n\*(Aqest donn\('e\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, aucun avertissement n\*(Aqest donn\('e\&. -.RE -.PP -Les param\(`etres -\fBPASS_MAX_DAYS\fR, -\fBPASS_MIN_DAYS\fR -et -\fBPASS_WARN_AGE\fR -ne sont utilis\('es qu\*(Aqau moment de la cr\('eation d\*(Aqun compte\&. Les changements n\*(Aqaffecteront pas les comptes existants\&. -.PP -\fBPASS_MAX_LEN\fR (nombre), \fBPASS_MIN_LEN\fR (nombre) -.RS 4 -Nombre de caract\(`eres significatifs dans le mot de passe pour crypt()\&. La valeur par d\('efaut de -\fBPASS_MAX_LEN\fR -est 8\&. Ne la changez pas \(`a moins que votre crypt() ne soit meilleur\&. Ceci est ignor\('e si -\fBMD5_CRYPT_ENAB\fR -est configur\('ee \(`a -\fIyes\fR\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (bool\('een) -.RS 4 -Activer la v\('erification des restrictions de temps pr\('ecis\('ees dans -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (bool\('een) -.RS 4 -Activer la mise en place de limites de resources depuis -/etc/limits -et ulimit, umask et niveau nice depuis les champs gecos de passwd\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (nombre), \fBSHA_CRYPT_MAX_ROUNDS\fR (nombre) -.RS 4 -Quand -\fBENCRYPT_METHOD\fR -est configur\('ee \(`a -\fISHA256\fR -ou -\fISHA512\fR, cela d\('efinit le nombre de rounds de SHA utilis\('es par l\*(Aqalgorithme de chiffrement par d\('efaut (quand le nombre de rounds n\*(Aqest pas pr\('ecis\('e sur la ligne de commande)\&. -.sp -Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe avec une attaque par force brute\&. Veuillez remarquer que plus de ressources processeur seront n\('ecessaires pour authentifier les utilisateurs\&. -.sp -Si non pr\('ecis\('ee, la libc utilisera le nombre de rounds par d\('efaut (5000)\&. -.sp -Les valeurs doivent \(^etre comprises dans l\*(Aqintervalle 1\ \&000\ \&\-\ \&999\ \&999\ \&999\&. -.sp -Si une seule des variables -\fBSHA_CRYPT_MIN_ROUNDS\fR -ou -\fBSHA_CRYPT_MAX_ROUNDS\fR -est configur\('ee, alors cette valeur sera utilis\('ee\&. -.sp -Si -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, la valeur la plus \('elev\('ee sera utilis\('ee\&. -.RE -.PP -\fBSULOG_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, les activit\('es de su seront enregistr\('ees dans le fichier\&. -.RE -.PP -\fBSU_NAME\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, le nom de la commande \(`a afficher lorsque \(Fo\ \&su \-\ \&\(Fc est ex\('ecut\('ee\&. Par exemple, si elle est d\('efinie \(`a \(Fo\ \&su\ \&\(Fc alors un \(Fo\ \&ps\ \&\(Fc affichera la commande comme \(Fo\ \&\-su\ \&\(Fc\&. Si non d\('efinie, alors \(Fo\ \&ps\ \&\(Fc affichera le nom du shell qui sera en fait ex\('ecut\('e, par exemple quelque chose comme \(Fo\ \&\-sh\ \&\(Fc\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (bool\('een) -.RS 4 -Si -\fIyes\fR, l\*(Aqutilisateur doit faire partie des membres du groupe avec le premier gid 0 dans -/etc/group -(appel\('e -\fIroot\fR -sur la plupart des syst\(`emes Linux) pour \(^etre capable de -\fBsu\fR -vers des comptes \(`a uid 0\&. Si ce groupe n\*(Aqexiste pas ou est vide, personne ne pourra -\fBsu\fR -vers un uid 0\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (nombre), \fBSYS_GID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques de groupes que les commandes -\fBuseradd\fR, -\fBgroupadd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation de groupes syst\(`eme\&. -.sp -La valeur par d\('efaut pour -\fBSYS_GID_MIN\fR -(respectivement -\fBSYS_GID_MAX\fR) est 101 (respectivement -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (nombre), \fBSYS_UID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques d\*(Aqutilisateurs que les commandes -\fBuseradd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation d\*(Aqutilisateurs syst\(`eme\&. -.sp -La valeur par d\('efaut pour -\fBSYS_UID_MIN\fR -(respectivement -\fBSYS_UID_MAX\fR) est 101 (respectivement -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBSYSLOG_SG_ENAB\fR (bool\('een) -.RS 4 -Activer la journalisation \(Fo\ \&syslog\ \&\(Fc de l\*(Aqactivit\('e de -\fBsg\fR\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (bool\('een) -.RS 4 -Activer la journalisation \(Fo\ \&syslog\ \&\(Fc de l\*(Aqactivit\('e de -\fBsu\fR -\- en plus de la journalisation sulog\&. -.RE -.PP -\fBTTYGROUP\fR (cha\(^ine de caract\(`eres), \fBTTYPERM\fR (cha\(^ine de caract\(`eres) -.RS 4 -Les permissions de terminal\ \&: la connexion tty appartiendra au groupe -\fBTTYGROUP\fR -et les permissions seront configur\('ees \(`a -\fBTTYPERM\fR\&. -.sp -Par d\('efaut, le propri\('etaire du terminal est configur\('e au groupe primaire de l\*(Aqutilisateur et les permissions sont configur\('ees \(`a -\fI0600\fR\&. -.sp -\fBTTYGROUP\fR -peut \(^etre le nom d\*(Aqun groupe ou un identifiant num\('erique de groupe\&. -.sp -Si vous avez un programme -\fBwrite\fR -qui est \(Fo\ \&setgid\ \&\(Fc \(`a un groupe sp\('ecial auquel les terminaux appartiennent, d\('efinissez TTYGROUP comme l\*(Aqidentifiant num\('erique du groupe et TTYPERM \(`a 0620\&. Autrement laissez TTYGROUP d\('ecomment\('e et TTYPERM configur\('e soit \(`a 622 soit \(`a 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, fichier qui lie les lignes de tty \(`a la variable d\*(Aqenvironnement TERM\&. Chaque ligne du fichier est dans un format ressemblant \(`a \(Fo\ \&vt100 tty01\ \&\(Fc\&. -.RE -.PP -\fBUID_MAX\fR (nombre), \fBUID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques d\*(Aqutilisateurs que les commandes -\fBuseradd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation d\*(Aqutilisateurs normaux\&. -.sp -La valeur par d\('efaut de -\fBUID_MIN\fR -(respectivement -\fBUID_MAX\fR) est 1000 (respectivement 60000)\&. -.RE -.PP -\fBULIMIT\fR (nombre) -.RS 4 -Valeur par d\('efaut d\*(Aq\fBulimit\fR\&. -.RE -.PP -\fBUMASK\fR (nombre) -.RS 4 -Valeur d\*(Aqinitialisation du masque de permissions\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, le masque des permissions sera initialis\('e \(`a 022\&. -.sp -\fBuseradd\fR -et -\fBnewusers\fR -utilisent ce masque pour d\('efinir les permissions d\*(Aqacc\(`es des r\('epertoires personnels qu\*(Aqils cr\('eent\&. -.sp -Il est \('egalement utilis\('e par -\fBlogin\fR -pour d\('efinir l\*(Aqumask initial de l\*(Aqutilisateur\&. Veuillez noter que cet umask peut \(^etre red\('efini par les GECOS de l\*(Aqutilisateur (si -\fBQUOTAS_ENAB\fR -est activ\('e) ou en pr\('ecisant une limite avec l\*(Aqidentifiant -\fIK\fR -dans -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERDEL_CMD\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, la commande est ex\('ecut\('ee lors de la suppression d\*(Aqun utilisateur\&. Elle pourra supprimer toutes les t\(^aches p\('eriodiques cron ou at, tous les travaux d\*(Aqimpression, etc\&. de l\*(Aqutilisateur (qui sera fourni comme premier param\(`etre)\&. -.sp -Le code de retour du script n\*(Aqest pas pris en compte\&. -.sp -Voici un script exemple, qui supprime le fichier d\*(Aqentr\('ee de cron et d\*(Aqat ainsi que les travaux d\*(Aqimpression en attente\ \&; -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Check for the required argument\&. -if [ $# != 1 ]; then - echo "Usage: $0 username" - exit 1 -fi - -# Remove cron jobs\&. -crontab \-r \-u $1 - -# Remove at jobs\&. -# Note that it will remove any jobs owned by the same UID, -# even if it was shared by a different username\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Remove print jobs\&. -lprm $1 - -# All done\&. -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (bool\('een) -.RS 4 -Activer la mise en place de bits de masque de groupe (\(Fo\ \&umask group bits\ \&\(Fc) identiques \(`a ceux du propri\('etaire (exemple\ \&: 022 \-> 002, 077 \-> 007) pour les utilisateurs non privil\('egi\('es, si l\*(AqUID est identique au GID et que l\*(Aqidentifiant de connexion est identique au groupe principal\&. -.sp -Si cette variable est configur\('ee \(`a -\fIyes\fR, -\fBuserdel\fR -supprimera le groupe de l\*(Aqutilisateur s\*(Aqil ne contient pas d\*(Aqautres membres, et -\fBuseradd\fR -cr\('eera par d\('efaut un groupe portant le nom de l\*(Aqutilisateur\&. -.RE -.SH "R\('EF\('ERENCES CROIS\('EES" -.PP -Les r\('ef\('erences crois\('ees ci\-dessous montrent quels sont les param\(`etres utilis\('es par les diff\('erents programmes de la suite shadow password\&. -.PP -chfn -.RS 4 -CHFN_AUTH -CHFN_RESTRICT -LOGIN_STRING -.RE -.PP -chgpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chpasswd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENABSHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chsh -.RS 4 -CHSH_AUTH LOGIN_STRING -.RE -.PP -gpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -groupadd -.RS 4 -GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN -.RE -.PP -groupdel -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmems -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmod -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpck -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpunconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -login -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE -ERASECHAR FAIL_DELAY -FAILLOG_ENAB -FAKE_SHELL -FTMP_FILE -HUSHLOGIN_FILE -ISSUE_FILE -KILLCHAR -LASTLOG_ENAB -LOGIN_RETRIES -LOGIN_STRING -LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB -MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB -TTYGROUP TTYPERM TTYTYPE_FILE -ULIMIT UMASK -USERGROUPS_ENAB -.RE -.PP -newgrp / sg -.RS 4 -SYSLOG_SG_ENAB -.RE -.PP -newusers -.RS 4 -ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -passwd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -pwck -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -pwconv -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -su -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENVIRON_FILE -ENV_PATH ENV_SUPATH -ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB -SULOG_FILE SU_NAME -SU_WHEEL_ONLY -SYSLOG_SU_ENAB -USERGROUPS_ENAB -.RE -.PP -sulogin -.RS 4 -ENV_HZ -ENV_TZ -.RE -.PP -useradd -.RS 4 -CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -userdel -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB -.RE -.PP -usermod -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBsu\fR(1), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBpam\fR(8)\&. diff --git a/man/fr/man5/passwd.5 b/man/fr/man5/passwd.5 deleted file mode 100644 index 83c4d4e7..00000000 --- a/man/fr/man5/passwd.5 +++ /dev/null @@ -1,171 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "PASSWD" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -passwd \- fichier des mots de passe -.SH "DESCRIPTION" -.PP -/etc/passwd -contient diff\('erentes informations sur les comptes utilisateurs\&. Ces informations consistent en sept champs s\('epar\('es par des deux\-points (\(Fo\ \&:\ \&\(Fc)\ \&: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -nom de connexion de l\*(Aqutilisateur (\(Fo\ \&login\ \&\(Fc) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -un mot de passe chiffr\('e optionnel -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -l\*(Aqidentifiant num\('erique de l\*(Aqutilisateur -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -l\*(Aqidentifiant num\('erique du groupe de l\*(Aqutilisateur -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -le nom complet de l\*(Aqutilisateur ou un champ de commentaires -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -le r\('epertoire personnel de l\*(Aqutilisateur -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -l\*(Aqinterpr\('eteur de commandes de l\*(Aqutilisateur (optionnel) -.RE -.PP -Le champ du mot de passe chiffr\('e peut \(^etre vide\&. Dans ce cas, aucun mot de passe n\*(Aqest n\('ecessaire pour s\*(Aqauthentifier avec le compte donn\('e\&. Cependant, certaines applications qui lisent le fichier -/etc/passwd -peuvent d\('ecider de ne donner aucun acc\(`es si le -\fImot de\fR -passe est vide\&. Si le mot de passe est un -\(Fo\ \&x\ \&\(Fc -minuscule, alors le mot de passe chiffr\('e se trouve dans le fichier -\fBshadow\fR(5)\ \&; il -\fIdoit\fR -y avoir une ligne correspondante dans le fichier -shadow, sinon le compte de l\*(Aqutilisateur n\*(Aqest pas valide\&. Si le mot de passe est constitu\('e d\*(Aqune autre cha\(^ine, alors il est consid\('er\('e comme un mot de passe chiffr\('e, comme indiqu\('e dans -\fBcrypt\fR(3)\&. -.PP -Le champ de commentaire est utilis\('e par diff\('erents utilitaires syst\(`eme, tels que -\fBfinger\fR(1)\&. -.PP -Le champ du r\('epertoire personnel de l\*(Aqutilisateur correspond au nom du r\('epertoire de travail initial\&. -\fBlogin\fR -utilise cette information pour d\('efinir la valeur de la variable d\*(Aqenvironnement -\fB$HOME\fR\&. -.PP -Le champ de l\*(Aqinterpr\('eteur de commandes correspond au nom de l\*(Aqinterpr\('eteur de commandes de l\*(Aqutilisateur, ou au nom d\*(Aqun programme initial \(`a ex\('ecuter\&. -\fBlogin\fR -utilise cette information pour d\('efinir la valeur de la variable d\*(Aqenvironnement -\fB$SHELL\fR\&. Si ce champ est vide, -/bin/sh -est utilis\('e par d\('efaut\&. -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -un mot de passe chiffr\('e optionnel -.RE -.PP -/etc/passwd\- -.RS 4 -Fichier de sauvegarde de /etc/passwd\&. -.sp -Notez que ce fichier est utilis\('e par les outils de la suite d\*(Aqoutils shadow, mais pas par tous les outils de gestion d\*(Aqutilisateurs et de mot de passes\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBcrypt\fR(3), -\fBgetent\fR(1), -\fBgetpwnam\fR(3), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBshadow\fR(5), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/fr/man5/porttime.5 b/man/fr/man5/porttime.5 deleted file mode 100644 index eda75cf1..00000000 --- a/man/fr/man5/porttime.5 +++ /dev/null @@ -1,99 +0,0 @@ -'\" t -.\" Title: porttime -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "PORTTIME" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -porttime \- Fichier de configuration des droits d\*(Aqacc\(`es en fonction de la date et de l\*(Aqheure -.SH "DESCRIPTION" -.PP -\fIporttime\fR -contient une liste de tty, noms d\*(Aqutilisateurs, et horaires d\*(Aqacc\(`es autoris\('es\&. -.PP -Chaque entr\('ee consiste en trois champs s\('epar\('es par un caract\(`ere deux\-points \(Fo\ \&:\ \&\(Fc\&. Le premier champ est une liste de tty s\('epar\('es par des virgules, ou un ast\('erisque \(Fo\ \&*\ \&\(Fc pour indiquer que l\*(Aqentr\('ee correspond \(`a toutes les tty\&. Le second champ est une liste de noms d\*(Aqutilisateurs, ou un ast\('erisque pour indiquer que cette entr\('ee correspond \(`a n\*(Aqimporte quel utilisateur\&. Le troisi\(`eme champ est une liste d\*(Aqhoraires d\*(Aqacc\(`es autoris\('es\&. -.PP -Chaque horaire d\*(Aqacc\(`es consiste en z\('ero ou plusieurs abr\('eviations de jours de la semaine\ \&: -\fISu\fR -(dimanche), -\fIMo\fR -(lundi), -\fITu\fR -(mardi), -\fIWe\fR -(mercredi), -\fITh\fR -(jeudi), -\fIFr\fR -(vendredi), -\fISa\fR -(samedi), suivi d\*(Aqun couple d\*(Aqhoraires s\('epar\('es par un tiret\&. L\*(Aqabr\('eviation -\fIWk\fR -peut \(^etre utilis\('ee pour repr\('esenter les jours de la semaine du lundi au vendredi, et -\fIAl\fR -permet de sp\('ecifier l\*(Aqensemble des jours de la semaine\&. Par d\('efaut, si aucun jour n\*(Aqest sp\('ecifi\('e, -\fIAl\fR -est utilis\('e\&. -.SH "EXEMPLES" -.PP -L\*(Aqentr\('ee suivante autorise l\*(Aqacc\(`es \(`a l\*(Aqutilisateur -\fBjfh\fR -sur n\*(Aqimporte quel port pendant la semaine de 9 heures \(`a 17 heures\&. -.PP -*:jfh:Wk0900\-1700 -.PP -L\*(Aqentr\('ee suivante autorise l\*(Aqacc\(`es \(`a /dev/console uniquement aux utilisateurs -\fIroot\fR -et -\fIoper\fR -\(`a n\*(Aqimporte quelle heure\&. Ceci permet de montrer l\*(Aqimportance de l\*(Aqordre des entr\('ees dans le fichier -/etc/porttime\&. Les autres utilisateurs ne satisferont que la deuxi\(`eme entr\('ee, qui n\*(Aqautorise aucun acc\(`es\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - console:root,oper:Al0000\-2400 - console:*: - -.fi -.if n \{\ -.RE -.\} -.PP -L\*(Aqentr\('ee suivante autorise l\*(Aqacc\(`es \(`a tous les ports pour l\*(Aqutilisateur -\fIgames\fR, en dehors des heures de travail\&. -.PP -*:games:Wk1700\-0900,SaSu0000\-2400 -.SH "FICHIERS" -.PP -/etc/porttime -.RS 4 -Fichier contenant le port d\*(Aqacc\(`es\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin\fR(1)\&. diff --git a/man/fr/man5/shadow.5 b/man/fr/man5/shadow.5 deleted file mode 100644 index 89e7c597..00000000 --- a/man/fr/man5/shadow.5 +++ /dev/null @@ -1,148 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "SHADOW" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -shadow \- fichier des mots de passe cach\('es -.SH "DESCRIPTION" -.PP -shadow -est un fichier qui contient les informations cach\('ees concernant les mots de passe des utilisateurs et leurs dates de validit\('e\&. -.PP -Ce fichier ne doit pas \(^etre accessible en lecture par les utilisateurs normaux afin de maintenir la s\('ecurit\('e des mots de passe, en particuliers pour pr\('evenir les attaques par dictionnaires\&. -.PP -Chaque ligne de ce fichier contient 9\ \&champs, s\('epar\('es par des deux\-points (\(Fo\ \&:\ \&\(Fc), dans l\*(Aqordre suivant\ \&: -.PP -\fBnom de connexion de l\*(Aqutilisateur (\(Fo\ \&login\ \&\(Fc)\fR -.RS 4 -Ce doit \(^etre un nom de compte valable, qui existe sur le syst\(`eme\&. -.RE -.PP -\fBmot de passe chiffr\('e\fR -.RS 4 -Consultez -\fBcrypt\fR(3) -pour plus d\*(Aqinformations sur le traitement de cette cha\(^ine\&. -.sp -Si le champ du mot de passe contient une cha\(^ine qui ne peut pas \(^etre un r\('esultat valable de -\fBcrypt\fR(3), par exemple si elle contient les caract\(`eres ! ou *, alors l\*(Aqutilisateur ne pourra pas utiliser son mot de passe UNIX pour se connecter (mais il se peut que l\*(Aqutilisateur puisse se connecter au syst\(`eme par d\*(Aqautres moyens)\&. -.sp -Ce champ peut \(^etre vide\&. Dans ce cas aucun mot de passe n\*(Aqest n\('ecessaire pour s\*(Aqauthentifier avec l\*(Aqidentifiant de connexion indiqu\('e\&. Cependant, certaines applications qui lisent le fichier -/etc/shadow -peuvent n\*(Aqautoriser aucun acc\(`es si le mot de passe est vide\&. -.sp -Un champ de mot de passe qui commence avec un point d\*(Aqexclamation indique que le mot de passe est bloqu\('e\&. Les caract\(`eres restants sur la ligne repr\('esentent le champ de mot de passe avant que le mot de passe n\*(Aqait \('et\('e bloqu\('e\&. -.RE -.PP -\fBdate du dernier changement de mot de passe\fR -.RS 4 -La date du dernier changement de mot de passe, exprim\('ee en nombre de jours depuis le 1er\ \&janvier\ \&1970\&. -.sp -La valeur 0 a une signification particuli\(`ere\ \&: l\*(Aqutilisateur devra changer son mot de passe la prochaine fois qu\*(Aqil se connectera au syst\(`eme\&. -.sp -Un champ vide indique que les fonctionnalit\('es de vieillissement de mot de passe sont d\('esactiv\('ees\&. -.RE -.PP -\fB\(^age minimum du mot de passe\fR -.RS 4 -L\*(Aq\(^age minimum du mot de passe est la dur\('ee (en jour) que l\*(Aqutilisateur devra attendre avant de pouvoir le changer de nouveau\&. -.sp -Un champ vide ou une valeur de 0 signifie qu\*(Aqil n\*(Aqy a pas d\*(Aq\(^age minimum pour le mot de passe\&. -.RE -.PP -\fB\(^age maximum du mot de passe\fR -.RS 4 -L\*(Aq\(^age maximum du mot de passe est la dur\('ee (en jour) apr\(`es laquelle l\*(Aqutilisateur devra changer son mot de passe\&. -.sp -Une fois cette dur\('ee \('ecoul\('ee, le mot de passe restera valable\&. Il sera demand\('e \(`a l\*(Aqutilisateur de le changer la prochaine fois qu\*(Aqil se connectera\&. -.sp -Un champ vide signifie qu\*(Aqil n\*(Aqy a pour le mot de passe aucune limite d\*(Aq\(^age, aucune p\('eriode d\*(Aqavertissement d\*(Aqexpiration et aucune p\('eriode d\*(Aqinactivit\('e (voir ci\-dessous)\&. -.sp -Si l\*(Aq\(^age maximum du mot de passe est plus petit que l\*(Aq\(^age minimum du mot de passe, l\*(Aqutilisateur ne pourra pas changer son mot de passe\&. -.RE -.PP -\fBp\('eriode d\*(Aqavertissement d\*(Aqexpiration du mot de passe\fR -.RS 4 -La dur\('ee (en jour) pendant laquelle l\*(Aqutilisateur sera averti avant que le mot de passe n\*(Aqexpire (voir l\*(Aq\(^age maximum du mot de passe ci\-dessus)\&. -.sp -Un champ vide ou une valeur de 0 signifie qu\*(Aqil n\*(Aqy aura pas de p\('eriode d\*(Aqavertissement d\*(Aqexpiration du mot de passe\&. -.RE -.PP -\fBp\('eriode d\*(Aqinactivit\('e du mot de passe\fR -.RS 4 -La dur\('ee (en jour) pendant laquelle le mot de passe sera quand m\(^eme accept\('e apr\(`es son expiration (voir l\*(Aq\(^age maximum du mot de passe ci\-dessus)\&. L\*(Aqutilisateur devra mettre \(`a jour son mot de passe \(`a la prochaine connexion\&. -.sp -Apr\(`es expiration du mot de passe suivie de la p\('eriode d\*(Aqexpiration, plus aucune connexion n\*(Aqest possible en utilisant le mot de passe de l\*(Aqutilisateur\&. L\*(Aqutilisateur doit contacter son administrateur\&. -.sp -Un champ vide signifie qu\*(Aqaucune p\('eriode d\*(Aqinactivit\('e n\*(Aqest impos\('ee\&. -.RE -.PP -\fBdate de fin de validit\('e du compte\fR -.RS 4 -La date d\*(Aqexpiration du compte, exprim\('e en nombre de jours depuis le 1er\ \&janvier\ \&1970\&. -.sp -Veuillez noter que l\*(Aqexpiration d\*(Aqun compte diff\(`ere de l\*(Aqexpiration d\*(Aqun mot de passe\&. En cas d\*(Aqexpiration d\*(Aqun compte, l\*(Aqutilisateur ne sera plus autoris\('e \(`a se connecter\&. En cas d\*(Aqexpiration d\*(Aqun mot de passe, l\*(Aqutilisateur n\*(Aqest pas autoris\('e \(`a se connecter en utilisant son mot de passe\&. -.sp -Un champ vide signifie que le compte n\*(Aqexpirera jamais\&. -.sp -La valeur 0 ne doit pas \(^etre utilis\('ee puisqu\*(Aqelle peut \(^etre interpr\('et\('ee soit comme un compte sans expiration, soit comme ayant expir\('e le 1er\ \&janvier\ \&1970\&. -.RE -.PP -\fBchamp r\('eserv\('e\fR -.RS 4 -Ce champ est r\('eserv\('e pour une utilisation future\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/shadow\- -.RS 4 -Fichier de sauvegarde pour /etc/shadow\&. -.sp -Notez que ce fichier est utilis\('e par les outils de la suite d\*(Aqoutils shadow, mais pas par tous les outils de gestion d\*(Aqutilisateurs et de mot de passes\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBchage\fR(1), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/fr/man5/suauth.5 b/man/fr/man5/suauth.5 deleted file mode 100644 index b6e9bd6c..00000000 --- a/man/fr/man5/suauth.5 +++ /dev/null @@ -1,146 +0,0 @@ -'\" t -.\" Title: suauth -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "SUAUTH" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -suauth \- Fichier de contr\(^ole d\('etaill\('e de su -.SH "SYNOPSIS" -.HP \w'\fB/etc/suauth\fR\ 'u -\fB/etc/suauth\fR -.SH "DESCRIPTION" -.PP -Le fichier -/etc/suauth -est lu chaque fois que su est ex\('ecut\('e\&. Il permet de modifier le comportement de la commande su, en fonction de\ \&: -.sp -.if n \{\ -.RS 4 -.\} -.nf - 1) l\*(Aqutilisateur cible de su - -.fi -.if n \{\ -.RE -.\} -.PP -2) l\*(Aqutilisateur qui ex\('ecute la commande su (ou un groupe dont il est membre) -.PP -Le fichier est format\('e de la fa\(,con suivante (les lignes commen\(,cant par un \(Fo\ \&#\ \&\(Fc sont des commentaires, et sont ignor\('ees)\ \&: -.sp -.if n \{\ -.RS 4 -.\} -.nf - vers\-id:par\-id:ACTION - -.fi -.if n \{\ -.RE -.\} -.PP -O\(`u vers\-id peut \(^etre le mot -\fIALL\fR, une liste de noms d\*(Aqutilisateurs s\('epar\('es par une virgule ou -\fIALL EXCEPT\fR -suivi d\*(Aqune liste d\*(Aqutilisateurs s\('epar\('es par une virgule\&. -.PP -par\-id utilise le m\(^eme format que vers\-id, mais accepte \('egalement le mot\-cl\('e -\fIGROUP\fR\&. -\fIALL EXCEPT GROUP\fR -est \('egalement accept\('e\&. -\fIGROUP\fR -est suivi d\*(Aqun ou plusieurs noms de groupes, s\('epar\('es par une virgule\&. Il n\*(Aqest pas suffisant d\*(Aqavoir comme groupe primaire le groupe appropri\('e\ \&: une entr\('ee dans -\fB/etc/group\fR(5) -est n\('ecessaire\&. -.PP -Les valeurs d\*(AqACTION valables sont\ \&: -.PP -\fIDENY\fR -.RS 4 -La tentative de changement d\*(Aqutilisateur est arr\(^et\('ee avant que le mot de passe ne soit demand\('e\&. -.RE -.PP -\fINOPASS\fR -.RS 4 -La tentative est automatiquement r\('eussie\&. Aucun mot de passe n\*(Aqest demand\('e\&. -.RE -.PP -\fIOWNPASS\fR -.RS 4 -Pour que la commande su soit r\('eussie, l\*(Aqutilisateur doit entrer son propre mot de passe\&. Ceci lui est demand\('e\&. -.RE -.PP -Notez qu\*(Aqil y a trois champs s\('epar\('es par un \(Fo\ \&deux\-points\ \&\(Fc\&. Ne pas accoler d\*(Aqespace \(`a ce \(Fo\ \&deux\-points\ \&\(Fc\&. Notez aussi que le fichier est examin\('e s\('equentiellement ligne par ligne, et que la premi\(`ere r\(`egle applicable est utilis\('ee sans que le reste du fichier ne soit examin\('e\&. Ceci permet \(`a l\*(Aqadministrateur syst\(`eme de d\('efinir un contr\(^ole aussi fin qu\*(Aqil le souhaite\&. -.SH "EXEMPLE" -.sp -.if n \{\ -.RS 4 -.\} -.nf - # exemple de fichier /etc/suauth - # - # Deux utilisateurs privil\('egi\('es peuvent - # devenir root avec leur propre mot de passe\&. - # - root:chris,birddog:OWNPASS - # - # Les autres ne peuvent pas de venir root avec - # su, \(`a l\*(Aqexception des membres du groupe wheel\&. - # Ceci correspond au comportement des BSD\&. - # - root:ALL EXCEPT GROUP wheel:DENY - # - # terry et birddog sont des comptes poss\('ed\('es - # par la m\(^eme personne\&. - # Un acc\(`es sans mot passe est am\('enag\('e - # entre ces deux comptes\&. - # - terry:birddog:NOPASS - birddog:terry:NOPASS - # - -.fi -.if n \{\ -.RE -.\} -.SH "FICHIERS" -.PP -/etc/suauth -.RS 4 -.RE -.SH "BOGUES" -.PP -Il en reste sans doute beaucoup\&. L\*(Aqanalyseur du fichier est particuli\(`erement impitoyable avec les erreurs de syntaxe\&. Il n\*(Aqautorise d\*(Aqespace qu\*(Aqen d\('ebut et fin de ligne, et seul le d\('elimiteur sp\('ecifique doit \(^etre utilis\('e\&. -.SH "DIAGNOSTICS" -.PP -Une erreur dans l\*(Aqanalyse du fichier est report\('ee via -\fBsyslogd\fR(8) -au niveau ERR dans la cat\('egorie AUTH\&. -.SH "VOIR AUSSI" -.PP -\fBsu\fR(1)\&. diff --git a/man/fr/man5/subgid.5 b/man/fr/man5/subgid.5 deleted file mode 100644 index bbc780b0..00000000 --- a/man/fr/man5/subgid.5 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: subgid -.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "SUBGID" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -subgid \- the subordinate gid file -.SH "DESCRIPTION" -.PP -Each line in -/etc/subgid -contains a user name and a range of subordinate group ids that user is allowed to use\&. This is specified with three fields delimited by colons (\(Fo\ \&:\ \&\(Fc)\&. These fields are: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -nom de connexion de l\*(Aqutilisateur (\(Fo\ \&login\ \&\(Fc) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical subordinate group ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical subordinate group ID count -.RE -.PP -This file specifies the group IDs that ordinary users can use, with the -\fBnewgidmap\fR -command, to configure gid mapping in a user namespace\&. -.PP -Multiple ranges may be specified per user\&. -.SH "FICHIERS" -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subgid\- -.RS 4 -Backup file for /etc/subgid\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin.defs\fR(5), -\fBnewgidmap\fR(1), -\fBnewuidmap\fR(1), -\fBnewusers\fR(8), -\fBsubuid\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8), -\fBuser_namespaces\fR(7)\&. diff --git a/man/fr/man5/subuid.5 b/man/fr/man5/subuid.5 deleted file mode 100644 index ea31e9e1..00000000 --- a/man/fr/man5/subuid.5 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: subuid -.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formats et conversions de fichiers -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "SUBUID" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formats et conversions de fich" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -subuid \- the subordinate uid file -.SH "DESCRIPTION" -.PP -Each line in -/etc/subuid -contains a user name and a range of subordinate user ids that user is allowed to use\&. This is specified with three fields delimited by colons (\(Fo\ \&:\ \&\(Fc)\&. These fields are: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -nom de connexion de l\*(Aqutilisateur (\(Fo\ \&login\ \&\(Fc) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical subordinate user ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical subordinate user ID count -.RE -.PP -This file specifies the user IDs that ordinary users can use, with the -\fBnewuidmap\fR -command, to configure uid mapping in a user namespace\&. -.PP -Multiple ranges may be specified per user\&. -.SH "FICHIERS" -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.PP -/etc/subuid\- -.RS 4 -Backup file for /etc/subuid\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin.defs\fR(5), -\fBnewgidmap\fR(1), -\fBnewuidmap\fR(1), -\fBnewusers\fR(1), -\fBsubgid\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8), -\fBuser_namespaces\fR(7)\&. diff --git a/man/fr/man8/chgpasswd.8 b/man/fr/man8/chgpasswd.8 deleted file mode 100644 index 6c4e8131..00000000 --- a/man/fr/man8/chgpasswd.8 +++ /dev/null @@ -1,207 +0,0 @@ -'\" t -.\" Title: chgpasswd -.\" Author: Thomas K\(/loczko -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "CHGPASSWD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -chgpasswd \- Mettre \(`a jour par lot des mots de passe des groupes -.SH "SYNOPSIS" -.HP \w'\fBchgpasswd\fR\ 'u -\fBchgpasswd\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBchgpasswd\fR -lit une liste de paires de noms de groupes et de mots de passe depuis l\*(Aqentr\('ee standard et utilise ces informations pour mettre \(`a jour un ensemble de groupes existants\&. Chaque ligne est au format suivant\ \&: -.PP -\fInom_utilisateur\fR:\fImot_de_passe\fR -.PP -Par d\('efaut, le mot de passe doit \(^etre fourni en clair, et est chiffr\('e par -\fBchgpasswd\fR\&. -.PP -L\*(Aqalgorithme de chiffrement peut \(^etre d\('efini pour le syst\(`eme avec la variable -\fBENCRYPT_METHOD\fR -de -/etc/login\&.defs -et peut \(^etre surcharg\('e avec les options -\fB\-e\fR, -\fB\-m\fR -ou -\fB\-c\fR\&. -.PP -Cette commande est destin\('ee aux gros syst\(`emes pour lesquels un nombre importants de comptes sont cr\('e\('es en une seule fois\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBchgpasswd\fR -sont\ \&: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Utiliser la m\('ethode pr\('ecis\('ee pour chiffrer les mots de passe\&. -.sp -Les m\('ethodes disponibles sont DES, MD5, NONE et SHA256 ou SHA512 si votre libc prend en charge ces m\('ethodes\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -Indiquer que les mots de passe fournis sont chiffr\('es\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -Permettre d\*(Aqutiliser le chiffrement MD5, plut\(^ot que DES, lorsque les mots de passe fournis ne sont pas chiffr\('es\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Utiliser le nombre de rounds pr\('ecis\('e pour chiffrer les mots de passe\&. -.sp -La valeur 0 signifie que le syst\(`eme choisira la valeur par d\('efaut du nombre de rounds pour la m\('ethode de chiffrement (5\ \&000)\&. -.sp -Une valeur minimale de 1\ \&000 et une valeur maximale de 999\ \&999\ \&999 seront impos\('ees\&. -.sp -Vous ne pouvez utiliser cette m\('ethode qu\*(Aqavec les m\('ethodes de chiffrement SHA256 ou SHA512\&. -.sp -Par d\('efaut, le nombre de rounds est d\('efini par les variables SHA_CRYPT_MIN_ROUNDS et SHA_CRYPT_MAX_ROUNDS dans -/etc/login\&.defs\&. -.RE -.SH "AVERTISSEMENTS" -.PP -Pensez \(`a configurer les permissions ou umask afin d\*(Aqemp\(^echer la lecture des fichiers non chiffr\('es par les d\*(Aqautres utilisateurs\&. -.PP -Vous devez vous assurer que les mots de passe et la m\('ethode de chiffrement respectent la politique de mot de passe du syst\(`eme\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBENCRYPT_METHOD\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir les algorithmes de chiffrement par d\('efaut du syst\(`eme pour coder les mots de passes (si aucun algorithme n\*(Aqa \('et\('e indiqu\('e sur la ligne de commandes)\&. -.sp -Les valeurs suivantes sont accept\('ees\ \&: -\fIDES\fR -(par d\('efaut), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Remarque\ \&: ce param\(`etre remplace la variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (bool\('een) -.RS 4 -Indiquer si un mot de passe doit \(^etre chiffr\('e en utilisant l\*(Aqalgorithme bas\('e sur MD5\&. Si configur\('ee \(`a -\fIyes\fR, les nouveaux mots de passe seront chiffr\('es en utilisant l\*(Aqalgorithme bas\('e sur MD5 compatible avec celui utilis\('e par les versions r\('ecentes de FreeBSD\&. Il g\(`ere des mots de passe de longueur illimit\('ee et des cha\(^ines de salage plus longues\&. Configurez\-la \(`a -\fIno\fR -pour copier les mots de passe chiffr\('es sur d\*(Aqautres syst\(`emes qui ne comprennent pas le nouvel algorithme\&. la valeur par d\('efaut est -\fIno\fR\&. -.sp -Cette variable est \('ecras\('ee par la variable -\fBENCRYPT_METHOD\fR -ou par toute option de la ligne de commande utilis\('ee pour configurer l\*(Aqalgorithme de chiffrement\&. -.sp -Cette variable est obsol\(`ete\&. Vous devriez utiliser -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (nombre), \fBSHA_CRYPT_MAX_ROUNDS\fR (nombre) -.RS 4 -Quand -\fBENCRYPT_METHOD\fR -est configur\('ee \(`a -\fISHA256\fR -ou -\fISHA512\fR, cela d\('efinit le nombre de rounds de SHA utilis\('es par l\*(Aqalgorithme de chiffrement par d\('efaut (quand le nombre de rounds n\*(Aqest pas pr\('ecis\('e sur la ligne de commande)\&. -.sp -Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe avec une attaque par force brute\&. Veuillez remarquer que plus de ressources processeur seront n\('ecessaires pour authentifier les utilisateurs\&. -.sp -Si non pr\('ecis\('ee, la libc utilisera le nombre de rounds par d\('efaut (5000)\&. -.sp -Les valeurs doivent \(^etre comprises dans l\*(Aqintervalle 1\ \&000\ \&\-\ \&999\ \&999\ \&999\&. -.sp -Si une seule des variables -\fBSHA_CRYPT_MIN_ROUNDS\fR -ou -\fBSHA_CRYPT_MAX_ROUNDS\fR -est configur\('ee, alors cette valeur sera utilis\('ee\&. -.sp -Si -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, la valeur la plus \('elev\('ee sera utilis\('ee\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBgpasswd\fR(1), -\fBgroupadd\fR(8), -\fBlogin.defs\fR(5)\&. diff --git a/man/fr/man8/chpasswd.8 b/man/fr/man8/chpasswd.8 deleted file mode 100644 index e2e82eb4..00000000 --- a/man/fr/man8/chpasswd.8 +++ /dev/null @@ -1,210 +0,0 @@ -'\" t -.\" Title: chpasswd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "CHPASSWD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -chpasswd \- Mettre \(`a jour des mots de passe par lot -.SH "SYNOPSIS" -.HP \w'\fBchpasswd\fR\ 'u -\fBchpasswd\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBchpasswd\fR -lit une liste de paires de noms d\*(Aqutilisateurs et de mots de passe depuis l\*(Aqentr\('ee standard et utilise ces informations pour mettre \(`a jour un groupe d\*(Aqutilisateurs existants\&. Chaque ligne est au format suivant\ \&: -.PP -\fInom_utilisateur\fR:\fImot_de_passe\fR -.PP -Par d\('efaut, les mots de passe doivent \(^etre fournis en clair, et sont chiffr\('es par -\fBchpasswd\fR\&. L\*(Aq\(^age du mot de passe sera \('egalement mis \(`a jour, s\*(Aqil est pr\('esent\&. -.PP -L\*(Aqalgorithme de chiffrement par d\('efaut peut \(^etre d\('efini pour le syst\(`eme \(`a l\*(Aqaide des variables -\fBENCRYPT_METHOD\fR -ou -\fBMD5_CRYPT_ENAB\fR -de -/etc/login\&.defs, et peut \(^etre surcharg\('e par les options -\fB\-e\fR, -\fB\-m\fR -ou -\fB\-c\fR -.PP -\fBchpasswd\fR -modifie d\*(Aqabord tous les mots de passe en m\('emoire, puis propage toutes les modifications sur le disque si aucune erreur n\*(Aqa eu lieu, quelque soit l\*(Aqutilisateur\&. -.PP -Cette commande est destin\('ee aux gros syst\(`emes pour lesquels un nombre importants de comptes sont cr\('e\('es en une seule fois\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBchpasswd\fR -sont\ \&: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR\ \&\fIMETHOD\fR -.RS 4 -Utiliser la m\('ethode pr\('ecis\('ee pour chiffrer les mots de passe\&. -.sp -Les m\('ethodes disponibles sont DES, MD5, NONE et SHA256 ou SHA512 si votre libc prend en charge ces m\('ethodes\&. -.sp -Par d\('efaut (si aucune des options -\fB\-c\fR, -\fB\-m\fR -ou -\fB\-e\fR -n\*(Aqest pr\('ecis\('ee), la m\('ethode de chiffrement est d\('efinie par les variables -\fBENCRYPT_METHOD\fR -ou -\fBMD5_CRYPT_ENAB\fR -de -/etc/login\&.defs\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -Indiquer que les mots de passe fournis sont chiffr\('es\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -Permettre d\*(Aqutiliser le chiffrement MD5, plut\(^ot que DES, lorsque les mots de passe fournis ne sont pas chiffr\('es\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fIROUNDS\fR -.RS 4 -Utiliser le nombre de rounds pr\('ecis\('e pour chiffrer les mots de passe\&. -.sp -La valeur 0 signifie que le syst\(`eme choisira la valeur par d\('efaut du nombre de rounds pour la m\('ethode de chiffrement (5\ \&000)\&. -.sp -Une valeur minimale de 1\ \&000 et une valeur maximale de 999\ \&999\ \&999 seront impos\('ees\&. -.sp -Vous ne pouvez utiliser cette m\('ethode qu\*(Aqavec les m\('ethodes de chiffrement SHA256 ou SHA512\&. -.sp -Par d\('efaut, le nombre de rounds est d\('efini par les variables -\fBSHA_CRYPT_MIN_ROUNDS\fR -et -\fBSHA_CRYPT_MAX_ROUNDS\fR -dans -/etc/login\&.defs\&. -.RE -.SH "AVERTISSEMENTS" -.PP -Pensez \(`a configurer les permissions ou umask afin d\*(Aqemp\(^echer la lecture des fichiers non chiffr\('es par les d\*(Aqautres utilisateurs\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBENCRYPT_METHOD\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir les algorithmes de chiffrement par d\('efaut du syst\(`eme pour coder les mots de passes (si aucun algorithme n\*(Aqa \('et\('e indiqu\('e sur la ligne de commandes)\&. -.sp -Les valeurs suivantes sont accept\('ees\ \&: -\fIDES\fR -(par d\('efaut), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Remarque\ \&: ce param\(`etre remplace la variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (bool\('een) -.RS 4 -Indiquer si un mot de passe doit \(^etre chiffr\('e en utilisant l\*(Aqalgorithme bas\('e sur MD5\&. Si configur\('ee \(`a -\fIyes\fR, les nouveaux mots de passe seront chiffr\('es en utilisant l\*(Aqalgorithme bas\('e sur MD5 compatible avec celui utilis\('e par les versions r\('ecentes de FreeBSD\&. Il g\(`ere des mots de passe de longueur illimit\('ee et des cha\(^ines de salage plus longues\&. Configurez\-la \(`a -\fIno\fR -pour copier les mots de passe chiffr\('es sur d\*(Aqautres syst\(`emes qui ne comprennent pas le nouvel algorithme\&. la valeur par d\('efaut est -\fIno\fR\&. -.sp -Cette variable est \('ecras\('ee par la variable -\fBENCRYPT_METHOD\fR -ou par toute option de la ligne de commande utilis\('ee pour configurer l\*(Aqalgorithme de chiffrement\&. -.sp -Cette variable est obsol\(`ete\&. Vous devriez utiliser -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (nombre), \fBSHA_CRYPT_MAX_ROUNDS\fR (nombre) -.RS 4 -Quand -\fBENCRYPT_METHOD\fR -est configur\('ee \(`a -\fISHA256\fR -ou -\fISHA512\fR, cela d\('efinit le nombre de rounds de SHA utilis\('es par l\*(Aqalgorithme de chiffrement par d\('efaut (quand le nombre de rounds n\*(Aqest pas pr\('ecis\('e sur la ligne de commande)\&. -.sp -Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe avec une attaque par force brute\&. Veuillez remarquer que plus de ressources processeur seront n\('ecessaires pour authentifier les utilisateurs\&. -.sp -Si non pr\('ecis\('ee, la libc utilisera le nombre de rounds par d\('efaut (5000)\&. -.sp -Les valeurs doivent \(^etre comprises dans l\*(Aqintervalle 1\ \&000\ \&\-\ \&999\ \&999\ \&999\&. -.sp -Si une seule des variables -\fBSHA_CRYPT_MIN_ROUNDS\fR -ou -\fBSHA_CRYPT_MAX_ROUNDS\fR -est configur\('ee, alors cette valeur sera utilis\('ee\&. -.sp -Si -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, la valeur la plus \('elev\('ee sera utilis\('ee\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBpasswd\fR(1), -\fBnewusers\fR(8), -\fBlogin.defs\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/fr/man8/faillog.8 b/man/fr/man8/faillog.8 deleted file mode 100644 index 12f350d4..00000000 --- a/man/fr/man8/faillog.8 +++ /dev/null @@ -1,162 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "FAILLOG" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -faillog \- Examiner le fichier faillog, et configurer les limites d\*(Aq\('echecs de connexion -.SH "SYNOPSIS" -.HP \w'\fBfaillog\fR\ 'u -\fBfaillog\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -\fBfaillog\fR -affiche le contenu du journal des \('echecs de connexion (/var/log/faillog)\&. Il peut aussi configurer le d\('ecompte et les limitations de ces \('echecs\&. Ex\('ecuter -\fBfaillog\fR -sans argument n\*(Aqaffiche que la liste des \('echecs des utilisateurs qui ont d\('ej\(`a eu un \('echec de connexion\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBfaillog\fR -sont\ \&: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Afficher (ou agir sur) les enregistrements d\*(Aqerreurs de connexion pour tous les utilisateurs ayant une entr\('ee dans la base de donn\('ees -faillog\&. -.sp -La liste des utilisateurs peut \(^etre limit\('ee avec l\*(Aqoption -\fB\-u\fR\&. -.sp -En mode affichage, toujours limit\('ee aux utilisateurs existants, mais l\*(Aqaffichage des entr\('ees d\*(Aqerreur de connexion est impos\('e m\(^eme si elles sont vides\&. -.sp -Avec les options -\fB\-l\fR, -\fB\-m\fR, -\fB\-r\fR -ou -\fB\-t\fR -les enregistrements des utilisateurs sont modifi\('es, m\(^eme si l\*(Aqutilisateur n\*(Aqexiste pas sur le syst\(`eme\&. C\*(Aqest utile pour remettre \(`a z\('ero les enregistrements des utilisateurs qui ont \('et\('e supprim\('es ou pour mettre en place une politique pr\('eventive pour un ensemble d\*(Aqutilisateurs\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR -.RS 4 -Verrouiller le compte pendant -\fISEC\fR -secondes apr\(`es un \('echec de connexion\&. -.sp -L\*(Aqacc\(`es en \('ecriture sur -/var/log/faillog -est n\('ecessaire pour cette option\&. -.RE -.PP -\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR -.RS 4 -Configurer le nombre maximum d\*(Aq\('echecs de connexion apr\(`es lequel le compte sera d\('esactiv\('e \(`a -\fIMAX\fR\&. -.sp -S\('electionner une valeur -\fIMAX\fR -de 0 a pour effet de ne placer aucune limite sur le nombre d\*(Aq\('echecs de connexion\&. -.sp -Le compteur d\*(Aqerreurs maximum doit toujours \(^etre 0 pour -\fIroot\fR -afin d\*(Aq\('eviter les attaques de type d\('eni de service sur le syst\(`eme\&. -.sp -L\*(Aqacc\(`es en \('ecriture sur -/var/log/faillog -est n\('ecessaire pour cette option\&. -.RE -.PP -\fB\-r\fR, \fB\-\-reset\fR -.RS 4 -Remettre \(`a z\('ero le compteur d\*(Aq\('echecs de connexion\&. -.sp -L\*(Aqacc\(`es en \('ecriture sur -/var/log/faillog -est n\('ecessaire pour cette option\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR -.RS 4 -Afficher les entr\('ees de faillog plus r\('ecentes que -\fIJOURS\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -Afficher l\*(Aqentr\('ee de faillog ou maintient le d\('ecompte et les limitations (suivant que l\*(Aqoption -\fB\-l\fR, -\fB\-m\fR -ou -\fB\-r\fR -est utilis\('ee) seulement pour les utilisateurs indiqu\('es\&. -.sp -Les utilisateurs peuvent \(^etre pr\('ecis\('es par un nom de connexion, un identifiant num\('erique d\*(Aqutilisateur ou un -\fIINTERVALLE\fR -d\*(Aqutilisateurs\&. Cet -\fIINTERVALLE\fR -d\*(Aqutilisateurs peut \(^etre pr\('ecis\('e avec des valeurs minimale et maximale (\fIUID_MIN\-UID_MAX\fR), seulement une valeur maximale (\fI\-UID_MAX\fR) ou une valeur minimale (\fIUID_MIN\-\fR)\&. -.RE -.PP -Quand aucune des options -\fB\-l\fR, -\fB\-m\fR -ou -\fB\-r\fR -n\*(Aqest utilis\('ee, -\fBfaillog\fR -affiche l\*(Aqenregistrement des \('echecs de connexion des utilisateurs pr\('ecis\('es\&. -.SH "AVERTISSEMENTS" -.PP -\fBfaillog\fR -n\*(Aqaffiche que les utilisateurs n\*(Aqayant pas eu de connexion r\('eussie depuis leur dernier \('echec\&. Pour afficher un utilisateur ayant eu une connexion r\('eussie depuis son dernier \('echec, vous devez explicitement demander cet utilisateur avec l\*(Aqoption -\fB\-u\fR, ou demander l\*(Aqaffichage de tous les utilisateurs avec l\*(Aqoption -\fB\-a\fR\&. -.SH "FICHIERS" -.PP -/var/log/faillog -.RS 4 -Journal des \('echecs de connexion\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin\fR(1), -\fBfaillog\fR(5)\&. diff --git a/man/fr/man8/groupadd.8 b/man/fr/man8/groupadd.8 deleted file mode 100644 index 26c2954a..00000000 --- a/man/fr/man8/groupadd.8 +++ /dev/null @@ -1,249 +0,0 @@ -'\" t -.\" Title: groupadd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "GROUPADD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -groupadd \- Cr\('eer un nouveau groupe -.SH "SYNOPSIS" -.HP \w'\fBgroupadd\fR\ 'u -\fBgroupadd\fR [\fIoptions\fR] \fIgroupe\fR -.SH "DESCRIPTION" -.PP -La commande -\fBgroupadd\fR -cr\('ee un nouveau compte de groupe en utilisant les valeurs sp\('ecifi\('ees sur la ligne de commande et les valeurs par d\('efaut du syst\(`eme\&. Le nouveau groupe sera ins\('er\('e dans les fichiers du syst\(`eme selon les besoins\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBgroupadd\fR -sont\ \&: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Avec cette option, la commande quittera juste avec un \('etat de succ\(`es si le groupe indiqu\('e existe d\('ej\(`a\&. Avec l\*(Aqoption -\fB\-g\fR, si l\*(Aqidentifiant de groupe indiqu\('e existe d\('ej\(`a, un autre identifiant de groupe (non utilis\('e) sera choisi (c\&.\-\(`a\-d\&. que -\fB\-g\fR -est d\('esactiv\('ee)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -La valeur num\('erique de l\*(Aqidentifiant du groupe (\(Fo\ \&group ID\ \&\(Fc ou GID)\&. Cette valeur doit \(^etre unique, sauf si l\*(Aqoption -\fB\-o\fR -est utilis\('ee\&. La valeur ne doit pas \(^etre n\('egative\&. Par d\('efaut, le plus petit identifiant sup\('erieur au -\fBGID_MIN\fR -et aux identifiants des groupes existants est utilis\('e\&. -.sp -Voir aussi aussi la description des options -\fB\-r\fR -et -\fBGID_MAX\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR -.RS 4 -Surcharger les valeurs par d\('efaut du fichier -/etc/login\&.defs -(GID_MIN, GID_MAX et autres)\&. L\*(Aqoption -\fB\-K\fR -peut \(^etre indiqu\('ee plusieurs fois\&. -.sp -Example: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \& -\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR -.sp -Note: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR -doesn\*(Aqt work yet\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Cette option permet d\*(Aqajouter un groupe avec un identifiant (\(Fo\ \&GID\ \&\(Fc) d\('ej\(`a utilis\('e\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -Le mot de passe chiffr\('e, comme renvoy\('e par -\fBcrypt\fR(3)\&. Le comportement par d\('efaut est de d\('esactiver le mot de passe\&. -.sp -\fBRemarque\ \&:\fR -l\*(Aqutilisation de cette option est d\('econseill\('ee car le mot de passe (ou le mot de passe chiffr\('e) peut \(^etre visible des utilisateurs qui affichent la liste des processus\&. -.sp -Il est n\('ecessaire de v\('erifier si le mot de passe respecte la politique de mots de passe du syst\(`eme\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Cr\('eer un groupe syst\(`eme\&. -.sp -Les identifiants num\('eriques des nouveaux groupes syst\(`emes sont choisis dans l\*(Aqintervalle -\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR, d\('efini dans -login\&.defs, au lieu de -\fBGID_MIN\fR\-\fBGID_MAX\fR -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBGID_MAX\fR (nombre), \fBGID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques de groupes que les commandes -\fBuseradd\fR, -\fBgroupadd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation des groupes normaux\&. -.sp -La valeur par d\('efaut pour -\fBGID_MIN\fR -(respectivement -\fBGID_MAX\fR) est 1000 (respectivement 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -\fBSYS_GID_MAX\fR (nombre), \fBSYS_GID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques de groupes que les commandes -\fBuseradd\fR, -\fBgroupadd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation de groupes syst\(`eme\&. -.sp -La valeur par d\('efaut pour -\fBSYS_GID_MIN\fR -(respectivement -\fBSYS_GID_MAX\fR) est 101 (respectivement -\fBGID_MIN\fR\-1)\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "AVERTISSEMENTS" -.PP -Les noms de groupe doivent commencer par une lettre minuscule ou un tiret bas (\(Fo\ \&underscore\ \&\(Fc), et seuls des lettres minuscules, des chiffres, des \(Fo\ \&underscore\ \&\(Fc, ou des tirets peuvent suivre\&. Ils peuvent se terminer par un signe dollar\&. Soit, sous la forme d\*(Aqune expression rationnelle\ \&: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Les noms de groupe sont limit\('es \(`a 16 caract\(`eres\&. -.PP -Vous ne pouvez pas ajouter d\*(Aqutilisateur \(`a un groupe NIS ou LDAP\&. Cela doit \(^etre effectu\('e sur le serveur correspondant\&. -.PP -Si le nom du groupe existe dans une base de donn\('ees externe, telle que NIS ou LDAP, -\fBgroupadd\fR -refusera de cr\('eer le groupe\&. -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBgroupadd\fR -retourne les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI2\fR -.RS 4 -erreur de syntaxe -.RE -.PP -\fI3\fR -.RS 4 -param\(`etre non valable pour l\*(Aqoption -.RE -.PP -\fI4\fR -.RS 4 -GID d\('ej\(`a utilis\('e (et -\fB\-o\fR -n\*(Aqest pas utilis\('e) -.RE -.PP -\fI9\fR -.RS 4 -nom de groupe d\('ej\(`a utilis\('e -.RE -.PP -\fI10\fR -.RS 4 -impossible de mettre \(`a jour le fichier des groupes -.RE -.SH "VOIR AUSSI" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/fr/man8/groupdel.8 b/man/fr/man8/groupdel.8 deleted file mode 100644 index 63fb7bb1..00000000 --- a/man/fr/man8/groupdel.8 +++ /dev/null @@ -1,135 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "GROUPDEL" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -groupdel \- Supprimer un groupe -.SH "SYNOPSIS" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fIoptions\fR] \fIGROUPE\fR -.SH "DESCRIPTION" -.PP -La commande -\fBgroupdel\fR -modifie les fichiers d\*(Aqadministration des comptes du syst\(`eme, en supprimant les entr\('ees qui se r\('ef\(`erent \(`a -\fIgroupe\fR\&. Le groupe indiqu\('e doit exister\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBgroupdel\fR -sont\ \&: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.SH "AVERTISSEMENTS" -.PP -Vous ne pouvez pas supprimer le groupe primaire d\*(Aqun utilisateur existant\&. Vous devez supprimer l\*(Aqutilisateur auparavant\&. -.PP -Vous devriez v\('erifier vous\-m\(^eme qu\*(Aqaucun fichier poss\('ed\('e par le groupe ne subsiste sur tous les syst\(`emes de fichiers\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBgroupdel\fR -renvoie les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI2\fR -.RS 4 -erreur de syntaxe -.RE -.PP -\fI6\fR -.RS 4 -le groupe sp\('ecifi\('e n\*(Aqexiste pas -.RE -.PP -\fI8\fR -.RS 4 -impossible de supprimer le groupe primaire d\*(Aqun utilisateur existant -.RE -.PP -\fI10\fR -.RS 4 -impossible de mettre \(`a jour le fichier des groupes -.RE -.SH "VOIR AUSSI" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/fr/man8/groupmems.8 b/man/fr/man8/groupmems.8 deleted file mode 100644 index dc760f76..00000000 --- a/man/fr/man8/groupmems.8 +++ /dev/null @@ -1,173 +0,0 @@ -'\" t -.\" Title: groupmems -.\" Author: George Kraft, IV -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "GROUPMEMS" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -groupmems \- Administrer les membres du groupe primaire d\*(Aqun utilisateur -.SH "SYNOPSIS" -.HP \w'\fBgroupmems\fR\ 'u -\fBgroupmems\fR \-a\ \fInom_utilisateur\fR | \-d\ \fInom_utilisateur\fR | [\-g\ \fInom_groupe\fR] | \-l | \-p -.SH "DESCRIPTION" -.PP -La commande -\fBgroupmems\fR -permet \(`a un utilisateur d\*(Aqadministrer la liste des membres de son propre groupe sans avoir les privil\(`eges du superutilisateur\&. L\*(Aqutilitaire -\fBgroupmems\fR -a \('et\('e con\(,cu pour les syst\(`emes qui configurent leurs utilisateurs de telle sorte qu\*(Aqils soient responsables de leur groupe primaire (par exemple guest/guest)\&. -.PP -Seul le superutilisateur, en tant qu\*(Aqadministrateur, peut utiliser -\fBgroupmems\fR -pour modifier la liste des membres d\*(Aqun autre groupe\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBgroupmems\fR -sont\ \&: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser_name\fR -.RS 4 -Ajouter un utilisateur \(`a la liste des membres du groupe\&. -.sp -Si le fichier -/etc/gshadow -existe, et que le groupe n\*(Aqy a pas d\*(Aqentr\('ee, une nouvelle entr\('ee sera cr\('e\('ee\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser_name\fR -.RS 4 -Supprimer un utilisateur de la liste des membres du groupe\&. -.sp -Si le fichier -/etc/gshadow -existe, l\*(Aqutilisateur sera retir\('e de la liste des membres et des administrateurs du groupe\&. -.sp -Si le fichier -/etc/gshadow -existe, et que le groupe n\*(Aqy a pas d\*(Aqentr\('ee, une nouvelle entr\('ee sera cr\('e\('ee\&. -.RE -.PP -\fB\-g\fR, \fB\-\-group\fR\ \&\fIgroup_name\fR -.RS 4 -Le superutilisateur peut pr\('eciser la liste des membres du groupe \(`a modifier\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -Afficher la liste des membres du groupe\&. -.RE -.PP -\fB\-p\fR, \fB\-\-purge\fR -.RS 4 -Supprimer tous les utilisateurs de la liste des membres du groupe\&. -.sp -Si le fichier -/etc/gshadow -existe, et que le groupe n\*(Aqy a pas d\*(Aqentr\('ee, une nouvelle entr\('ee sera cr\('e\('ee\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.SH "CONFIGURATION" -.PP -L\*(Aqex\('ecutable -\fBgroupmems\fR -doit \(^etre install\('e en mode -2770 -avec pour utilisateur -\fIroot\fR -et pour groupe -\fIgroups\fR\&. L\*(Aqadministrateur syst\(`eme peut ajouter des utilisateurs au groupe -\fIgroups\fR -pour leur permettre ou leur interdire d\*(Aqutiliser -\fBgroupmems\fR -pour g\('erer leur propre liste de membres du groupe\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - $ groupadd \-r groups - $ chmod 2770 groupmems - $ chown root\&.groups groupmems - $ groupmems \-g groups \-a gk4 - -.fi -.if n \{\ -.RE -.\} -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -informations cach\('ees sur les groupes -.RE -.SH "VOIR AUSSI" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/fr/man8/groupmod.8 b/man/fr/man8/groupmod.8 deleted file mode 100644 index 73d4e8db..00000000 --- a/man/fr/man8/groupmod.8 +++ /dev/null @@ -1,204 +0,0 @@ -'\" t -.\" Title: groupmod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "GROUPMOD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -groupmod \- Modifier la d\('efinition d\*(Aqun groupe du syst\(`eme -.SH "SYNOPSIS" -.HP \w'\fBgroupmod\fR\ 'u -\fBgroupmod\fR [\fIoptions\fR] \fIGROUPE\fR -.SH "DESCRIPTION" -.PP -La commande -\fBgroupmod\fR -modifie la d\('efinition du -\fIGROUPE\fR -sp\('ecifi\('e en modifiant l\*(Aqentr\('ee correspondante de la base de donn\('ees des groupes\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBgroupmod\fR -sont\ \&: -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -L\*(Aqidentifiant num\('erique du groupe -\fIGROUPE\fR -sera modifi\('e vers -\fIGID\fR\&. -.sp -La valeur de -\fIGID\fR -doit \(^etre un nombre d\('ecimal positif\&. Cette valeur doit \(^etre unique, \(`a moins que l\*(Aqoption -\fB\-o\fR -ne soit utilis\('ee\&. -.sp -Les utilisateurs qui utilisent ce groupe comme groupe primaire seront mis \(`a jour pour garder le groupe comme groupe primaire\&. -.sp -Vous devrez modifier vous\-m\(^eme l\*(Aqidentifiant de groupe des fichiers ayant l\*(Aqancien identifiant de groupe qui doivent continuer \(`a appartenir au -\fIGROUPE\fR\&. -.sp -Aucun contr\(^ole ne sera effectu\('e sur les valeurs de -\fBGID_MIN\fR, -\fBGID_MAX\fR, -\fBSYS_GID_MIN\fR, ou -\fBSYS_GID_MAX\fR -du fichier -/etc/login\&.defs\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fINEW_GROUP\fR -.RS 4 -Le nom du groupe sera modifi\('e de -\fIGROUPE\fR -vers -\fINOUVEAU_NOM_GROUPE\fR\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -En combinaison avec l\*(Aqoption -\fB\-g\fR, cette option permet de changer l\*(Aqidentifiant du groupe (\fIGID\fR) vers une valeur d\('ej\(`a utilis\('ee\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -Mot de passe chiffr\('e, comme renvoy\('e par -\fBcrypt\fR(3)\&. -.sp -\fBRemarque\ \&:\fR -l\*(Aqutilisation de cette option est d\('econseill\('ee car le mot de passe (ou le mot de passe chiffr\('e) peut \(^etre visible des utilisateurs qui affichent la liste des processus\&. -.sp -Il est n\('ecessaire de v\('erifier si le mot de passe respecte la politique de mots de passe du syst\(`eme\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBgroupmod\fR -retourne les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI2\fR -.RS 4 -erreur de syntaxe -.RE -.PP -\fI3\fR -.RS 4 -param\(`etre non valable pour l\*(Aqoption -.RE -.PP -\fI4\fR -.RS 4 -le groupe sp\('ecifi\('e n\*(Aqexiste pas -.RE -.PP -\fI6\fR -.RS 4 -le groupe sp\('ecifi\('e n\*(Aqexiste pas -.RE -.PP -\fI9\fR -.RS 4 -nom de groupe d\('ej\(`a utilis\('e -.RE -.PP -\fI10\fR -.RS 4 -impossible de mettre \(`a jour le fichier des groupes -.RE -.SH "VOIR AUSSI" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/fr/man8/grpck.8 b/man/fr/man8/grpck.8 deleted file mode 100644 index b3d38ea6..00000000 --- a/man/fr/man8/grpck.8 +++ /dev/null @@ -1,239 +0,0 @@ -'\" t -.\" Title: grpck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "GRPCK" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -grpck \- V\('erifier l\*(Aqint\('egrit\('e des fichiers d\*(Aqadministration des groupes -.SH "SYNOPSIS" -.HP \w'\fBgrpck\fR\ 'u -\fBgrpck\fR [options] [\fIgroupe\fR\ [\ \fIshadow\fR\ ]] -.SH "DESCRIPTION" -.PP -La commande -\fBgrpck\fR -v\('erifie l\*(Aqint\('egrit\('e des informations sur les groupes du syst\(`eme\&. Toutes les entr\('ees de -/etc/groupet /etc/gshadow -sont v\('erifi\('ees afin de s\*(Aqassurer qu\*(Aqelles ont le bon format et qu\*(Aqelles contiennent des donn\('ees valables dans chaque champ\&. Une confirmation de l\*(Aqutilisateur sera demand\('ee pour d\('etruire les entr\('ees mal format\('ees ou ayant d\*(Aqautres erreurs non r\('ecup\('erables\&. -.PP -Voici les v\('erifications effectu\('ees\ \&: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -nombre correct de champs\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -unicit\('e et validit\('e des noms de groupe\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -validit\('e des identifiants de groupe -(seulement /etc/group)\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -validit\('e de la liste de membres -et d\*(Aqadministrateurs\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -correspondance d\*(Aqentr\('ee dans le fichier -/etc/gshadow -(respectivement -/etc/group -pour les v\('erifications de -gshadow)\&. -.RE -.PP -Une erreur dans le nombre de champs ou la non unicit\('e d\*(Aqun nom de groupe sera fatale\&. Si le nombre de champs n\*(Aqest pas correct, il sera demand\('e \(`a l\*(Aqutilisateur de supprimer la ligne\&. Si l\*(Aqutilisateur ne r\('epond pas par l\*(Aqaffirmative, les v\('erifications suivantes ne seront pas effectu\('ees\&. Il sera \('egalement demand\('e de supprimer les entr\('ees correspondant aux noms de groupe redondants, mais dans ce cas, les autres v\('erifications seront effectu\('ees\&. Toutes les autres erreurs ne sont que des avertissements et l\*(Aqutilisateur est encourag\('e \(`a utiliser -\fBgroupmod\fR -pour les corriger\&. -.PP -Les commandes qui op\(`erent sur -les fichiers/etc/groupet /etc/gshadow -ne peuvent pas modifier les entr\('ees corrompues ou redondantes\&. -\fBgrpck\fR -doit \(^etre utilis\('ee dans ce cas pour supprimer ces entr\('ees\&. -.SH "OPTIONS" -.PP -Les options -\fB\-r\fR -et -\fB\-s\fR -ne peuvent pas \(^etre combin\('ees\&. -.PP -Les options disponibles pour la commande -\fBgrpck\fR -sont\ \&: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Ex\('ecute la commande -\fBgrpck\fR -en mode lecture seule\&. Cela signifie qu\*(Aq\(`a toutes les questions concernant des modifications il sera r\('epondu -\fIno\fR -sans l\*(Aqintervention de l\*(Aqutilisateur\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Trie les entr\('ees de -/etc/groupet /etc/gshadow -par GID\&. -.RE -.PP -Par d\('efaut, -\fBgrpck\fR -op\(`ere sur -/etc/groupet /etc/gshadow\&. L\*(Aqutilisateur peut pr\('eciser d\*(Aqautres fichiers avec -les param\(`etres\fIgroup\fRet \fIshadow\fR\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBgrpck\fR -renvoie les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI1\fR -.RS 4 -erreur de syntaxe -.RE -.PP -\fI2\fR -.RS 4 -une entr\('ee de groupe ou plus est incorrecte -.RE -.PP -\fI3\fR -.RS 4 -impossible d\*(Aqouvrir les fichiers group -.RE -.PP -\fI4\fR -.RS 4 -impossible de verrouiller les fichiers group -.RE -.PP -\fI5\fR -.RS 4 -impossible de mettre \(`a jour les fichiers group -.RE -.SH "VOIR AUSSI" -.PP -\fBgroup\fR(5), -\fBgroupmod\fR(8), -\fBgshadow\fR(5),\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBshadow\fR(5)\&. diff --git a/man/fr/man8/grpconv.8 b/man/fr/man8/grpconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/fr/man8/grpconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/fr/man8/grpunconv.8 b/man/fr/man8/grpunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/fr/man8/grpunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/fr/man8/lastlog.8 b/man/fr/man8/lastlog.8 deleted file mode 100644 index 3446edae..00000000 --- a/man/fr/man8/lastlog.8 +++ /dev/null @@ -1,109 +0,0 @@ -'\" t -.\" Title: lastlog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "LASTLOG" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -lastlog \- signaler les connexions les plus r\('ecentes de tous les utilisateurs ou d\*(Aqun utilisateur donn\('e -.SH "SYNOPSIS" -.HP \w'\fBlastlog\fR\ 'u -\fBlastlog\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -\fBlastlog\fR -affiche le contenu du journal des derni\(`eres connexions (/var/log/lastlog)\&. Les champs -\fIUtilisateur\fR, -\fIPort\fR, date de -\fIDerni\(`ere\fR -connexion sont affich\('es\&. Par d\('efaut (aucune option de sp\('ecifi\('ee), les entr\('ees de lastlog sont affich\('ees tri\('ees par ordre d\*(Aqapparition dans -/etc/passwd\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBlastlog\fR -sont\ \&: -.PP -\fB\-b\fR, \fB\-\-before\fR\ \&\fIDAYS\fR -.RS 4 -N\*(Aqafficher que les entr\('ees du fichier lastlog plus anciennes que -\fIJOURS\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR -.RS 4 -Afficher les entr\('ees du fichier lastlog plus r\('ecentes que -\fIJOURS\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -N\*(Aqafficher que les entr\('ees correspondant aux utilisateurs indiqu\('es\&. -.sp -Les utilisateurs peuvent \(^etre pr\('ecis\('es par un nom de connexion, un identifiant num\('erique d\*(Aqutilisateur ou un -\fIINTERVALLE\fR -d\*(Aqutilisateurs\&. Cet -\fIINTERVALLE\fR -d\*(Aqutilisateurs peut \(^etre pr\('ecis\('e avec des valeurs minimale et maximale (\fIUID_MIN\-UID_MAX\fR), seulement une valeur maximale (\fI\-UID_MAX\fR) ou une valeur minimale (\fIUID_MIN\-\fR)\&. -.RE -.PP -Dans le cas o\(`u l\*(Aqutilisateur ne s\*(Aqest jamais connect\('e, le message \(Fo\ \&\fI**Never logged in**\fR\ \&\(Fc (\(Fo\ \&\fI**Jamais connect\('e**\fR\ \&\(Fc) est affich\('e \(`a la place des champs -\fIPort\fR -et date de -\fIDerni\(`ere\fR -connexion\&. -.PP -Seules les entr\('ees pour les utilisateurs actuels du syst\(`eme seront affich\('ees\&. D\*(Aqautres entr\('ees peuvent exister pour les utilisateurs supprim\('es pr\('ec\('edemment\&. -.SH "NOTE" -.PP -Le fichier -lastlog -est une base de donn\('ees qui contient des informations concernant la derni\(`ere connexion de chaque utilisateur\&. Vous n\*(Aqavez pas \(`a faire de rotation (avec -\fBlogrotate\fR) sur ce fichier\&. C\*(Aqest un fichier \(Fo\ \&creux\ \&\(Fc, donc sa taille sur le disque est bien plus petite que celle affich\('ee par \(Fo\ \&\fBls \-l\fR\ \&\(Fc (qui peut indiquer un tr\(`es gros fichier si vous avez des utilisateurs avec des UID \('elev\('es)\&. Vous pouvez afficher sa taille r\('eelle avec \(Fo\ \&\fBls \-s\fR\ \&\(Fc\&. -.SH "FICHIERS" -.PP -/var/log/lastlog -.RS 4 -Base de donn\('ees de l\*(Aqheure des connexions pr\('ec\('edentes des utilisateurs\&. -.RE -.SH "AVERTISSEMENTS" -.PP -S\*(Aqil y a des trous importants dans les valeurs des UID, -\fBlastlog\fR -s\*(Aqex\('ecutera plus lentement, sans affichage \(`a l\*(Aq\('ecran (par exemple, s\*(Aqil n\*(Aqy a pas d\*(Aqentr\('ee pour les utilisateurs ayant un UID compris entre 170 et 800 dans base de donn\('ees lastlog, le programme lastlog semblera bloqu\('e comme s\*(Aqil traitait les entr\('ees correspondant aux UID 171 \(`a 799)\&. diff --git a/man/fr/man8/logoutd.8 b/man/fr/man8/logoutd.8 deleted file mode 100644 index 4d0a0669..00000000 --- a/man/fr/man8/logoutd.8 +++ /dev/null @@ -1,57 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "LOGOUTD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -logoutd \- Imposer les restrictions de connexion dans le temps -.SH "SYNOPSIS" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "DESCRIPTION" -.PP -\fBlogoutd\fR -impose les restrictions (sur les ports, la date et l\*(Aqheure de connexion) sp\('ecifi\('ees dans -/etc/porttime\&. -\fBlogoutd\fR -doit \(^etre d\('emarr\('e depuis -/etc/rc\&. Il analyse le fichier -/var/run/utmp -r\('eguli\(`erement et, pour chaque utilisateur, il v\('erifie que ce nom d\*(Aqutilisateur est autoris\('e \(`a \(^etre connect\('e \(`a ce port \(`a ce moment\&. Toute session en violation avec les restrictions de -/etc/porttime -est termin\('ee\&. -.SH "FICHIERS" -.PP -/etc/porttime -.RS 4 -Fichier contenant le port d\*(Aqacc\(`es\&. -.RE -.PP -/var/run/utmp -.RS 4 -Liste des sessions de connexion en cours\&. -.RE diff --git a/man/fr/man8/newusers.8 b/man/fr/man8/newusers.8 deleted file mode 100644 index 200642eb..00000000 --- a/man/fr/man8/newusers.8 +++ /dev/null @@ -1,431 +0,0 @@ -'\" t -.\" Title: newusers -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "NEWUSERS" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -newusers \- Mettre \(`a jour, ou cr\('eer de nouveaux utilisateurs par lots -.SH "SYNOPSIS" -.HP \w'\fBnewusers\fR\ 'u -\fBnewusers\fR [\fIoptions\fR] [\fIfichier\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBnewusers\fR -lit un -\fIfichier\fR\fI\fI (ou l\*(Aqentr\('ee standard par d\('efaut) et utilise ces informations pour mettre \(`a jour un groupe d\*(Aqutilisateurs existants ou pour cr\('eer de nouveaux utilisateurs\&. Chaque ligne est au m\(^eme format que le fichier des mots de passe (consultez \fR\fI\fBpasswd\fR(5)\fR\fI) avec les exceptions suivantes\ \&:\fR\fR -.PP -pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell -.PP -\fIpw_name\fR -.RS 4 -C\*(Aqest le nom de l\*(Aqutilisateur\&. -.sp -Il peut s\*(Aqagir du nom d\*(Aqun nouvel utilisateur ou du nom d\*(Aqun utilisateur existant (ou d\*(Aqun utilisateur cr\('e\('e pr\('ec\('edemment par -\fBnewusers\fR)\&. Dans le cas d\*(Aqun utilisateur existant, les informations de l\*(Aqutilisateur seront modifi\('ees, sinon un nouvel utilisateur sera cr\('e\('e\&. -.RE -.PP -\fIpw_passwd\fR -.RS 4 -Ce champ sera chiffr\('e et utilis\('e comme nouvelle valeur du mot de passe chiffr\('e\&. -.RE -.PP -\fIpw_uid\fR -.RS 4 -Ce champ est utilis\('e pour d\('efinir l\*(AqUID de l\*(Aqutilisateur\&. -.sp -Si ce champ est vide, un nouvel UID (non utilis\('e) sera d\('efini automatiquement par -\fBnewusers\fR\&. -.sp -Si ce champ contient un nombre, ce nombre sera utilis\('e comme UID\&. -.sp -Si ce champ contient le nom d\*(Aqun utilisateur existant (ou le nom d\*(Aqun utilisateur cr\('e\('e pr\('ec\('edemment par -\fBnewusers\fR), l\*(AqUID de l\*(Aqutilisateur indiqu\('e sera utilis\('e\&. -.sp -Si l\*(AqUID d\*(Aqun utilisateur existant est modifi\('e, vous devrez configurer vous\-m\(^eme le propri\('etaire des fichiers de l\*(Aqutilisateur\&. -.RE -.PP -\fIpw_gid\fR -.RS 4 -Ce champ est utilis\('e pour d\('efinir l\*(Aqidentifiant du groupe primaire de l\*(Aqutilisateur\&. -.sp -Si ce champ contient le nom d\*(Aqun groupe existant (ou d\*(Aqun groupe cr\('e\('e pr\('ec\('edemment par -\fBnewusers\fR), le GID de ce groupe sera utilis\('e comme identifiant de groupe primaire pour l\*(Aqutilisateur\&. -.sp -Si ce champ est un nombre, ce nombre sera utilis\('e comme identifiant de groupe primaire de cet utilisateur\&. Si aucun groupe n\*(Aqexiste avec ce GID, un nouveau groupe sera cr\('e\('e avec ce GID et le nom de l\*(Aqutilisateur\&. -.sp -Si ce champ est vide, un nouveau groupe sera cr\('e\('e avec le nom de l\*(Aqutilisateur et un GID sera automatiquement d\('efini par -\fBnewusers\fR -pour \(^etre utilis\('e comme identifiant de groupe primaire pour l\*(Aqutilisateur et comme GID pour le nouveau groupe\&. -.sp -Si le champ contient le nom d\*(Aqun groupe qui n\*(Aqexiste pas (et qui n\*(Aqa pas \('et\('e cr\('e\('e pr\('ec\('edemment par -\fBnewusers\fR), un nouveau groupe sera cr\('e\('e avec le nom indiqu\('e et un GID sera automatiquement d\('efini par -\fBnewusers\fR -pour \(^etre utilis\('e comme identifiant de groupe primaire pour l\*(Aqutilisateur et comme identifiant pour le nouveau groupe\&. -.RE -.PP -\fIpw_gecos\fR -.RS 4 -Ce champ est copi\('e dans le champ GECOS de l\*(Aqutilisateur\&. -.RE -.PP -\fIpw_dir\fR -.RS 4 -Ce champ est utilis\('e pour d\('efinir le r\('epertoire personnel de l\*(Aqutilisateur\&. -.sp -Si ce champ n\*(Aqindique pas de r\('epertoire existant, le r\('epertoire indiqu\('e est cr\('e\('e, avec comme propri\('etaire l\*(Aqutilisateur en cours de cr\('eation ou mis \(`a jour et son groupe primaire\&. -.sp -Si le r\('epertoire personnel d\*(Aqun utilisateur existant est modifi\('e, -\fBnewusers\fR -ne d\('eplace ni ne copie le contenu de l\*(Aqancien r\('epertoire personnel \(`a la nouvelle place\&. Vous devrez effectuer cela vous\-m\(^eme\&. -.RE -.PP -\fIpw_shell\fR -.RS 4 -Ce champ d\('efinit l\*(Aqinterpr\('eteur de commande de l\*(Aqutilisateur\&. Aucune v\('erification n\*(Aqest effectu\('ee sur ce champ\&. -.RE -.PP -\fBnewusers\fR -essayera d\*(Aqabord de cr\('eer ou de modifier tous les utilisateurs indiqu\('es puis \('ecrira ces modifications dans les bases de donn\('ees d\*(Aqutilisateurs et de groupes\&. Si une erreur survient (en dehors de l\*(Aq\('ecriture finale des bases de donn\('ees), aucune modification ne sera propag\('ee dans les bases de donn\('ees\&. -.PP -Cette commande a \('et\('e con\(,cue pour les gros syst\(`emes pour lesquels un grand nombre de comptes sont mis \(`a jour en m\(^eme temps\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBnewusers\fR -sont\ \&: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Utiliser la m\('ethode pr\('ecis\('ee pour chiffrer les mots de passe\&. -.sp -Les m\('ethodes disponibles sont DES, MD5, NONE et SHA256 ou SHA512 si votre libc prend en charge ces m\('ethodes\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Cr\('eer un compte syst\(`eme\&. -.sp -Les utilisateurs syst\(`eme seront cr\('e\('es sans information d\*(Aq\(^age dans -/etc/shadow -et leurs identifiants num\('eriques sont choisis dans l\*(Aqintervalle -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR, d\('efini dans -login\&.defs, au lieu de -\fBUID_MIN\fR\-\fBUID_MAX\fR -(et leur -\fBGID\fR -correspondant pour la cr\('eation de groupes)\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Utiliser le nombre de rounds pr\('ecis\('e pour chiffrer les mots de passe\&. -.sp -La valeur 0 signifie que le syst\(`eme choisira la valeur par d\('efaut du nombre de rounds pour la m\('ethode de chiffrement (5\ \&000)\&. -.sp -Une valeur minimale de 1\ \&000 et une valeur maximale de 999\ \&999\ \&999 seront impos\('ees\&. -.sp -Vous ne pouvez utiliser cette m\('ethode qu\*(Aqavec les m\('ethodes de chiffrement SHA256 ou SHA512\&. -.sp -Par d\('efaut, le nombre de rounds est d\('efini par les variables SHA_CRYPT_MIN_ROUNDS et SHA_CRYPT_MAX_ROUNDS dans -/etc/login\&.defs\&. -.RE -.SH "AVERTISSEMENTS" -.PP -Le fichier d\*(Aqentr\('ee doit \(^etre correctement prot\('eg\('e puisqu\*(Aqil contient des mots de passe en clair\&. -.PP -Vous devez vous assurer que les mots de passe et la m\('ethode de chiffrement respectent la politique de mot de passe du syst\(`eme\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBENCRYPT_METHOD\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir les algorithmes de chiffrement par d\('efaut du syst\(`eme pour coder les mots de passes (si aucun algorithme n\*(Aqa \('et\('e indiqu\('e sur la ligne de commandes)\&. -.sp -Les valeurs suivantes sont accept\('ees\ \&: -\fIDES\fR -(par d\('efaut), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Remarque\ \&: ce param\(`etre remplace la variable -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBGID_MAX\fR (nombre), \fBGID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques de groupes que les commandes -\fBuseradd\fR, -\fBgroupadd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation des groupes normaux\&. -.sp -La valeur par d\('efaut pour -\fBGID_MIN\fR -(respectivement -\fBGID_MAX\fR) est 1000 (respectivement 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (bool\('een) -.RS 4 -Indiquer si un mot de passe doit \(^etre chiffr\('e en utilisant l\*(Aqalgorithme bas\('e sur MD5\&. Si configur\('ee \(`a -\fIyes\fR, les nouveaux mots de passe seront chiffr\('es en utilisant l\*(Aqalgorithme bas\('e sur MD5 compatible avec celui utilis\('e par les versions r\('ecentes de FreeBSD\&. Il g\(`ere des mots de passe de longueur illimit\('ee et des cha\(^ines de salage plus longues\&. Configurez\-la \(`a -\fIno\fR -pour copier les mots de passe chiffr\('es sur d\*(Aqautres syst\(`emes qui ne comprennent pas le nouvel algorithme\&. la valeur par d\('efaut est -\fIno\fR\&. -.sp -Cette variable est \('ecras\('ee par la variable -\fBENCRYPT_METHOD\fR -ou par toute option de la ligne de commande utilis\('ee pour configurer l\*(Aqalgorithme de chiffrement\&. -.sp -Cette variable est obsol\(`ete\&. Vous devriez utiliser -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (nombre) -.RS 4 -Nombre maximum de jours de validit\('e d\*(Aqun mot de passe\&. Apr\(`es cette dur\('ee, une modification du mot de passe est obligatoire\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (nombre) -.RS 4 -Nombre minimum de jours autoris\('e avant la modification d\*(Aqun mot de passe\&. Toute tentative de modification du mot de passe avant cette dur\('ee est rejet\('ee\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (nombre) -.RS 4 -Nombre de jours durant lesquels l\*(Aqutilisateur recevra un avertissement avant que son mot de passe n\*(Aqarrive en fin de validit\('e\&. Une valeur n\('egative signifie qu\*(Aqaucun avertissement n\*(Aqest donn\('e\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, aucun avertissement n\*(Aqest donn\('e\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (nombre), \fBSHA_CRYPT_MAX_ROUNDS\fR (nombre) -.RS 4 -Quand -\fBENCRYPT_METHOD\fR -est configur\('ee \(`a -\fISHA256\fR -ou -\fISHA512\fR, cela d\('efinit le nombre de rounds de SHA utilis\('es par l\*(Aqalgorithme de chiffrement par d\('efaut (quand le nombre de rounds n\*(Aqest pas pr\('ecis\('e sur la ligne de commande)\&. -.sp -Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe avec une attaque par force brute\&. Veuillez remarquer que plus de ressources processeur seront n\('ecessaires pour authentifier les utilisateurs\&. -.sp -Si non pr\('ecis\('ee, la libc utilisera le nombre de rounds par d\('efaut (5000)\&. -.sp -Les valeurs doivent \(^etre comprises dans l\*(Aqintervalle 1\ \&000\ \&\-\ \&999\ \&999\ \&999\&. -.sp -Si une seule des variables -\fBSHA_CRYPT_MIN_ROUNDS\fR -ou -\fBSHA_CRYPT_MAX_ROUNDS\fR -est configur\('ee, alors cette valeur sera utilis\('ee\&. -.sp -Si -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, la valeur la plus \('elev\('ee sera utilis\('ee\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (nombre), \fBSYS_GID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques de groupes que les commandes -\fBuseradd\fR, -\fBgroupadd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation de groupes syst\(`eme\&. -.sp -La valeur par d\('efaut pour -\fBSYS_GID_MIN\fR -(respectivement -\fBSYS_GID_MAX\fR) est 101 (respectivement -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (nombre), \fBSYS_UID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques d\*(Aqutilisateurs que les commandes -\fBuseradd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation d\*(Aqutilisateurs syst\(`eme\&. -.sp -La valeur par d\('efaut pour -\fBSYS_UID_MIN\fR -(respectivement -\fBSYS_UID_MAX\fR) est 101 (respectivement -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBUID_MAX\fR (nombre), \fBUID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques d\*(Aqutilisateurs que les commandes -\fBuseradd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation d\*(Aqutilisateurs normaux\&. -.sp -La valeur par d\('efaut de -\fBUID_MIN\fR -(respectivement -\fBUID_MAX\fR) est 1000 (respectivement 60000)\&. -.RE -.PP -\fBUMASK\fR (nombre) -.RS 4 -Valeur d\*(Aqinitialisation du masque de permissions\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, le masque des permissions sera initialis\('e \(`a 022\&. -.sp -\fBuseradd\fR -et -\fBnewusers\fR -utilisent ce masque pour d\('efinir les permissions d\*(Aqacc\(`es des r\('epertoires personnels qu\*(Aqils cr\('eent\&. -.sp -Il est \('egalement utilis\('e par -\fBlogin\fR -pour d\('efinir l\*(Aqumask initial de l\*(Aqutilisateur\&. Veuillez noter que cet umask peut \(^etre red\('efini par les GECOS de l\*(Aqutilisateur (si -\fBQUOTAS_ENAB\fR -est activ\('e) ou en pr\('ecisant une limite avec l\*(Aqidentifiant -\fIK\fR -dans -\fBlimits\fR(5)\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin.defs\fR(5), -\fBpasswd\fR(1), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/fr/man8/nologin.8 b/man/fr/man8/nologin.8 deleted file mode 100644 index 93f05244..00000000 --- a/man/fr/man8/nologin.8 +++ /dev/null @@ -1,51 +0,0 @@ -'\" t -.\" Title: nologin -.\" Author: Nicolas Fran\(,cois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "NOLOGIN" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -nologin \- refuser poliment une connexion -.SH "SYNOPSIS" -.HP \w'\fBnologin\fR\ 'u -\fBnologin\fR -.SH "DESCRIPTION" -.PP -La commande -\fBnologin\fR -affiche un message indiquant que le compte n\*(Aqest pas disponible et retourne avec un code non nul\&. Elle peut \(^etre plac\('ee dans le champ indiquant l\*(Aqinterpr\('eteur de commandes pour les comptes qui ont \('et\('e d\('esactiv\('es\&. -.PP -Pour d\('esactiver toutes les connexions, veuillez consulter -\fBnologin\fR(5)\&. -.SH "VOIR AUSSI" -.PP -\fBlogin\fR(1), -\fBnologin\fR(5)\&. -.SH "HISTORIQUE" -.PP -La commande -\fBnologin\fR -est apparue avec BSD 4\&.4\&. diff --git a/man/fr/man8/pwck.8 b/man/fr/man8/pwck.8 deleted file mode 100644 index 9e4c011f..00000000 --- a/man/fr/man8/pwck.8 +++ /dev/null @@ -1,319 +0,0 @@ -'\" t -.\" Title: pwck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "PWCK" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -pwck \- V\('erifier l\*(Aqint\('egrit\('e des fichiers de mots de passe -.SH "SYNOPSIS" -.HP \w'\fBpwck\fR\ 'u -\fBpwck\fR [options] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] -.SH "DESCRIPTION" -.PP -La commande -\fBpwck\fR -v\('erifie l\*(Aqint\('egrit\('e des informations du syst\(`eme concernant les utilisateurs et leur mots de passe\&. Toutes les entr\('ees des fichiers -/etc/passwd -et -/etc/shadow -sont v\('erifi\('ees afin de s\*(Aqassurer qu\*(Aqelles ont le bon format et qu\*(Aqelles contiennent des donn\('ees valables dans chaque champ\&. Une confirmation de l\*(Aqutilisateur sera demand\('ee pour d\('etruire les entr\('ees mal format\('ees ou ayant d\*(Aqautres erreurs non r\('ecup\('erables\&. -.PP -Voici les v\('erifications effectu\('ees\ \&: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -nombre correct de champs\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -unicit\('e et validit\('e des noms d\*(Aqutilisateur\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -validit\('e des identifiants d\*(Aqutilisateur et de groupe\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -validit\('e du groupe primaire\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -validit\('e du r\('epertoire personnel\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -validit\('e de l\*(Aqinterpr\('eteur de commandes initial (\(Fo\ \&login shell\ \&\(Fc)\&. -.RE -.PP -Les v\('erifications de -shadow -sont activ\('ees quand un second param\(`etre de fichier est indiqu\('e ou quand -/etc/shadow -existe sur le syst\(`eme\&. -.PP -Ces v\('erifications sont les suivantes\ \&: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -chaque entr\('ee de passwd a une entr\('ee correspondante dans shadow, et chaque entr\('ee shadow a une entr\('ee passwd correspondante\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -les mots de passe sont indiqu\('es dans le fichier des mot de passe cach\('es\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -les entr\('ees de shadow ont le bon nombre de champs\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -les entr\('ees de shadow sont uniques dans shadow\ \&; -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -la date du dernier changement de mot de passe n\*(Aqest pas dans le futur\&. -.RE -.PP -Une erreur dans le nombre de champs ou la non unicit\('e d\*(Aqun nom d\*(Aqutilisateur sera fatale\&. Si le nombre de champs n\*(Aqest pas correct, il sera demand\('e \(`a l\*(Aqutilisateur de supprimer la ligne\&. Si l\*(Aqutilisateur ne r\('epond pas par l\*(Aqaffirmative, les v\('erifications suivantes ne seront pas effectu\('ees\&. Il sera \('egalement demand\('e de supprimer les entr\('ees correspondant aux noms d\*(Aqutilisateur redondants, mais dans ce cas, les autres v\('erifications seront effectu\('ees\&. Toutes les autres erreurs ne sont que des avertissements et l\*(Aqutilisateur est encourag\('e \(`a utiliser -\fBusermod\fR -pour les corriger\&. -.PP -Les commandes qui op\(`erent sur le fichier -/etc/passwd -ne peuvent pas modifier les entr\('ees corrompues ou redondantes\&. -\fBpwck\fR -doit \(^etre utilis\('e dans ce cas pour retirer ces entr\('ees\&. -.SH "OPTIONS" -.PP -Les options -\fB\-r\fR -et -\fB\-s\fR -ne peuvent pas \(^etre combin\('ees\&. -.PP -Les options disponibles pour la commande -\fBpwck\fR -sont\ \&: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Ne signaler que les erreurs\&. Les avertissements qui ne n\('ecessitent pas une action de la part de l\*(Aqutilisateur ne seront pas affich\('es\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Permet d\*(Aqex\('ecuter -\fBpwck\fR -dans le mode lecture seule\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Trie les entr\('ees de -/etc/passwd -et -/etc/shadow -par UID\&. -.RE -.PP -Par d\('efaut, -\fBpwck\fR -op\(`ere sur les fichiers -/etc/passwd -et -/etc/shadow -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBPASS_MAX_DAYS\fR (nombre) -.RS 4 -Nombre maximum de jours de validit\('e d\*(Aqun mot de passe\&. Apr\(`es cette dur\('ee, une modification du mot de passe est obligatoire\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (nombre) -.RS 4 -Nombre minimum de jours autoris\('e avant la modification d\*(Aqun mot de passe\&. Toute tentative de modification du mot de passe avant cette dur\('ee est rejet\('ee\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (nombre) -.RS 4 -Nombre de jours durant lesquels l\*(Aqutilisateur recevra un avertissement avant que son mot de passe n\*(Aqarrive en fin de validit\('e\&. Une valeur n\('egative signifie qu\*(Aqaucun avertissement n\*(Aqest donn\('e\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, aucun avertissement n\*(Aqest donn\('e\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBpwck\fR -retourne les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI1\fR -.RS 4 -erreur de syntaxe -.RE -.PP -\fI2\fR -.RS 4 -une entr\('ee de mot de passe ou plus est incorrecte -.RE -.PP -\fI3\fR -.RS 4 -impossible d\*(Aqouvrir les fichiers de mots de passe -.RE -.PP -\fI4\fR -.RS 4 -impossible de verrouiller les fichiers de mots de passe -.RE -.PP -\fI5\fR -.RS 4 -impossible de mettre \(`a jour les fichiers des mots de passe -.RE -.PP -\fI6\fR -.RS 4 -impossible de trier les fichiers de mots de passe -.RE -.SH "VOIR AUSSI" -.PP -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBusermod\fR(8)\&. diff --git a/man/fr/man8/pwconv.8 b/man/fr/man8/pwconv.8 deleted file mode 100644 index ec5254ac..00000000 --- a/man/fr/man8/pwconv.8 +++ /dev/null @@ -1,203 +0,0 @@ -'\" t -.\" Title: pwconv -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "PWCONV" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -pwconv, pwunconv, grpconv, grpunconv \- Convertir vers ou depuis les fichiers de mots de passe ou de groupe cach\('es -.SH "SYNOPSIS" -.HP \w'\fBpwconv\fR\ 'u -\fBpwconv\fR [\fIoptions\fR] -.HP \w'\fBpwunconv\fR\ 'u -\fBpwunconv\fR [\fIoptions\fR] -.HP \w'\fBgrpconv\fR\ 'u -\fBgrpconv\fR [\fIoptions\fR] -.HP \w'\fBgrpunconv\fR\ 'u -\fBgrpunconv\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -La commande -\fBpwconv\fR -cr\('ee le fichier -\fIshadow\fR -\(`a partir du fichier -\fIpasswd\fR -et d\*(Aqun \('eventuel fichier -\fIshadow\fR\&. -.PP -La commande -\fBpwunconv\fR -cr\('ee le fichier -\fIpasswd\fR -\(`a partir des fichiers -\fIpasswd\fR -et -\fIshadow\fR -puis supprime -\fIshadow\fR\&. -.PP -La commande -\fBgrpconv\fR -cr\('ee -\fIgshadow\fR -\(`a partir de -\fIgroup\fR -et d\*(Aqun \('eventuel fichier -\fIgshadow\fR\&. -.PP -La commande -\fBgrpunconv\fR -cr\('ee -\fIgroup\fR -\(`a partir des fichiers -\fIgroup\fR -et -\fIgshadow\fR -puis supprime -\fIgshadow\fR\&. -.PP -Ces quatre programmes op\(`erent sur les fichiers de mots de passe et d\*(Aqinformations sur les groupes cach\('es ou non\ \&: -/etc/passwd, -/etc/group, -/etc/shadow, et -/etc/gshadow\&. -.PP -Chaque programme place les verrous n\('ecessaires avant d\*(Aqeffectuer la conversion\&. -\fBpwconv\fR -et -\fBgrpconv\fR -sont similaires\&. Dans un premier temps, les entr\('ees du fichier de mots de passe cach\('es (/etc/shadow -ou -/etc/gshadow) qui n\*(Aqexistent pas dans le fichier principal (passwd -ou -group), sont retir\('ees\&. Ensuite, les entr\('ees du fichier -shadow -n\*(Aqayant pas pour mot de passe \(Fo\ \&x\ \&\(Fc dans le fichier -passwd -sont mises \(`a jour\&. Enfin, les mots de passe du fichier -passwd -sont remplac\('es par \(Fo\ \&x\ \&\(Fc\&. Ces programmes peuvent \(^etre utilis\('es pour une premi\(`ere conversion, ou bien pour une mise \(`a jour, si les fichiers principaux [\ \&NdT\ \&: non cach\('es\ \&] ont \('et\('e \('edit\('es \(`a la main\&. -.PP -Lors de l\*(Aqajout de nouvelles entr\('ees dans -/etc/shadow, -\fBpwconv\fR -utilisera les valeurs de -\fIPASS_MIN_DAYS\fR, -\fIPASS_MAX_DAYS\fR, et -\fIPASS_WARN_AGE\fR -d\('efinies dans le fichier -/etc/login\&.defs\&. -.PP -De m\(^eme, -\fBpwunconv\fR -et -\fBgrpunconv\fR -sont similaires\&. Les mots de passe des fichiers principaux sont mis \(`a jour \(`a partir des fichiers d\*(Aqinformations cach\('ees (\(Fo\ \&shadowed file\ \&\(Fc)\&. Les entr\('ees existant dans un fichier principal, mais pas dans le fichier cach\('e sont laiss\('ees\&. Enfin, le fichier cach\('e est supprim\('e\&. Certaines informations d\*(Aq\(^age des mots de passe sont perdues par -\fBpwunconv\fR\&. Il ne convertit que ce qu\*(Aqil peut\&. -.SH "OPTIONS" -.PP -Les options applicables aux commandes -\fBpwconv\fR, -\fBpwunconv\fR, -\fBgrpconv\fR -et -\fBgrpunconv\fR -sont\ \&: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.SH "BOGUES" -.PP -Des erreurs dans les fichiers de mots de passe ou d\*(Aqinformations sur les groupes (comme des entr\('ees invalides ou redondantes) peuvent conduire ces programmes \(`a boucler ind\('efiniment ou \(`a \('echouer d\*(Aqune mani\(`ere tout aussi \('etrange\&. Veuillez ex\('ecuter -\fBpwck\fR -et -\fBgrpck\fR -pour corriger ces erreurs avant de lancer toute conversion\&. -.SH "CONFIGURATION" -.PP -La variable de configuration suivante dans -/etc/login\&.defs -change le comportement de -\fBgrpconv\fR -et -\fBgrpunconv\fR\ \&: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -changent le comportement de -\fBpwconv\fR\ \&: -.PP -\fBPASS_MAX_DAYS\fR (nombre) -.RS 4 -Nombre maximum de jours de validit\('e d\*(Aqun mot de passe\&. Apr\(`es cette dur\('ee, une modification du mot de passe est obligatoire\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (nombre) -.RS 4 -Nombre minimum de jours autoris\('e avant la modification d\*(Aqun mot de passe\&. Toute tentative de modification du mot de passe avant cette dur\('ee est rejet\('ee\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (nombre) -.RS 4 -Nombre de jours durant lesquels l\*(Aqutilisateur recevra un avertissement avant que son mot de passe n\*(Aqarrive en fin de validit\('e\&. Une valeur n\('egative signifie qu\*(Aqaucun avertissement n\*(Aqest donn\('e\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, aucun avertissement n\*(Aqest donn\('e\&. -.RE -.SH "FICHIERS" -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBgrpck\fR(8), -\fBlogin.defs\fR(5), -\fBpwck\fR(8)\&. diff --git a/man/fr/man8/pwunconv.8 b/man/fr/man8/pwunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/fr/man8/pwunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/fr/man8/sulogin.8 b/man/fr/man8/sulogin.8 deleted file mode 100644 index c0cc0e63..00000000 --- a/man/fr/man8/sulogin.8 +++ /dev/null @@ -1,115 +0,0 @@ -'\" t -.\" Title: sulogin -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "SULOGIN" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -sulogin \- Single\-user login -.SH "SYNTAX" -.PP -\fBsulogin\fR -[\fItty\-device\fR] -.SH "DESCRIPTION" -.PP -The -\fBsulogin\fR -command is invoked by -\fBinit\fR -prior to allowing the user access to the system when in single user mode\&. This feature may only be available on certain systems where -\fBinit\fR -has been modified accordingly, or where the -/etc/inittab -has an entry for a single user login\&. -.PP -The user is prompted -.PP -Type control\-d to proceed with normal startup, (or give root password for system maintenance): -.PP -Input and output will be performed with the standard file descriptors unless the optional device name argument is provided\&. -.PP -If the user enters the correct root password, a login session is initiated\&. When -\fIEOF\fR -is pressed instead, the system enters multi\-user mode\&. -.PP -After the user exits the single\-user shell, or presses -\fIEOF\fR, the system begins the initialization process required to enter multi\-user mode\&. -.SH "AVERTISSEMENTS" -.PP -This command can only be used if -\fBinit\fR -has been modified to call -\fBsulogin\fR -instead of -/bin/sh, or if the user has set the -\fIinittab\fR -to support a single user login\&. For example, the line: -.PP -co:s:respawn:/etc/sulogin /dev/console -.PP -should execute the sulogin command in single user mode\&. -.PP -As complete an environment as possible is created\&. However, various devices may be unmounted or uninitialized and many of the user commands may be unavailable or nonfunctional as a result\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBENV_HZ\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement HZ lorsqu\*(Aqun utilisateur se connecte\&. La valeur doit \(^etre pr\('ec\('ed\('ee par -\fIHZ=\fR\&. Une valeur commune sur Linux est -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_TZ\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, sera utilis\('ee pour d\('efinir la variable d\*(Aqenvironnement TZ quand un utilisateur se connecte\&. La valeur peut \(^etre le nom d\*(Aqun fuseau horaire pr\('ec\('ed\('e par -\fITZ=\fR -(par exemple -\fITZ=CST6CDT\fR), ou le chemin complet vers le fichier contenant la sp\('ecification du fuseau horaire (par exemple -/etc/tzname)\&. -.sp -Si un chemin complet est sp\('ecifi\('e mais que le fichier n\*(Aqexiste pas ou ne peut pas \(^etre lu, la valeur par d\('efaut utilis\('ee est -\fITZ=CST6CDT\fR\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBlogin\fR(1), -\fBsh\fR(1), -\fBinit\fR(8)\&. diff --git a/man/fr/man8/useradd.8 b/man/fr/man8/useradd.8 deleted file mode 100644 index c8592276..00000000 --- a/man/fr/man8/useradd.8 +++ /dev/null @@ -1,745 +0,0 @@ -'\" t -.\" Title: useradd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "USERADD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -useradd \- cr\('eer un nouvel utilisateur ou modifier les informations par d\('efaut appliqu\('ees aux nouveaux utilisateurs -.SH "SYNOPSIS" -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR [\fIoptions\fR] \fILOGIN\fR -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -Quand elle est invoqu\('ee sans l\*(Aqoption -\fB\-D\fR, la commande -\fBuseradd\fR -cr\('ee un nouveau compte utilisateur qui utilise les valeurs indiqu\('ees sur la ligne de commande et les valeurs par d\('efaut du syst\(`eme\&. En fonction des options de la ligne de commande, la commande -\fBuseradd\fR -fera la mise \(`a jour des fichiers du syst\(`eme, elle pourra cr\('eer le r\('epertoire personnel et copier les fichiers initiaux\&. -.PP -Par d\('efaut, un groupe sera \('egalement cr\('e\('e pour le nouvel utilisateur (voir -\fB\-g\fR, -\fB\-N\fR, -\fB\-U\fR, et -\fBUSERGROUPS_ENAB\fR) -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBuseradd\fR -sont\ \&: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR -.RS 4 -The default base directory for the system if -\fB\-d\fR\ \&\fIHOME_DIR\fR -is not specified\&. -\fIBASE_DIR\fR -is concatenated with the account name to define the home directory\&. If the -\fB\-m\fR -option is not used, -\fIBASE_DIR\fR -must exist\&. -.sp -Si cette option n\*(Aqest pas pr\('ecis\('ee, -\fBuseradd\fR -utilisera le r\('epertoire de base pr\('ecis\('e par la variable -\fBHOME\fR -dans -/etc/default/useradd -ou -/home -par d\('efaut\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR -.RS 4 -Toute cha\(^ine de texte\&. C\*(Aqest g\('en\('eralement une description courte du compte, elle est actuellement utilis\('ee comme champ pour le nom complet de l\*(Aqutilisateur\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\-dir\fR\ \&\fIHOME_DIR\fR -.RS 4 -Le nouvel utilisateur sera cr\('e\('e en utilisant -\fIR\('EP_PERSO\fR -comme valeur de r\('epertoire de connexion de l\*(Aqutilisateur\&. Le comportement par d\('efaut est de concat\('ener -\fIUTILISATEUR\fR -au r\('epertoire -\fIR\('EP_BASE\fR, et de l\*(Aqutiliser en tant que nom de r\('epertoire de connexion\&. Il n\*(Aqest pas n\('ecessaire que le r\('epertoire -\fIR\('EP_PERSO\fR -existe mais il ne sera pas cr\('e\('e s\*(Aqil n\*(Aqexiste pas\&. -.RE -.PP -\fB\-D\fR, \fB\-\-defaults\fR -.RS 4 -Consultez ci\-dessous la sous\-section \(Fo\ \&Modifier les valeurs par d\('efaut\ \&\(Fc\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -Date \(`a laquelle le compte utilisateur sera d\('esactiv\('e\&. La date est indiqu\('ee dans le format -\fIAAAA\-MM\-JJ\fR\&. -.sp -Si non pr\('ecis\('e, -\fBuseradd\fR -utilisera la date d\*(Aqexpiration par d\('efaut pr\('ecis\('ee par la variable -\fBEXPIRE\fR -dans -/etc/default/useradd -ou une cha\(^ine vide (pas d\*(Aqexpiration) par d\('efaut\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -Nombre de jours suivant la fin de validit\('e d\*(Aqun mot de passe apr\(`es lequel le compte est d\('efinitivement d\('esactiv\('e\&. Une valeur de 0 d\('esactive le compte d\(`es que le mot de passe a d\('epass\('e sa fin de validit\('e, et une valeur de \-1 d\('esactive cette fonctionnalit\('e\&. -.sp -Si non pr\('ecis\('e, -\fBuseradd\fR -utilisera la p\('eriode d\*(Aqinactivit\('e par d\('efaut pr\('ecis\('ee par la variable -\fBINACTIVE\fR -dans -/etc/default/useradd, ou \-1 par d\('efaut\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -Nom du groupe ou identifiant num\('erique du groupe de connexion initial de l\*(Aqutilisateur\&. Le nom du groupe doit exister\&. Un num\('ero de groupe doit se r\('ef\('erer \(`a un groupe d\('ej\(`a existant\&. -.sp -Si non pr\('ecis\('e, le comportement de -\fBuseradd\fR -d\('ependra de la variable -\fBUSERGROUPS_ENAB\fR -dans -/etc/login\&.defs\&. Si cette variable est configur\('ee \(`a -\fIyes\fR -(ou si -\fB\-U/\-\-user\-group\fR -est pr\('ecis\('ee sur la ligne de commandes), un groupe sera cr\('e\('e pour l\*(Aqutilisateur, avec le m\(^eme nom que son identifiant\&. Si la variable est configur\('ee \(`a -\fIno\fR -(ou si -\fB\-N/\-\-no\-user\-group\fR -est pr\('ecis\('e sur la ligne de commandes), useradd configurera le groupe primaire du nouvel utilisateur \(`a la valeur pr\('ecis\('ee par la variable -\fBGROUP\fR -dans -/etc/default/useradd, ou 100 par d\('efaut\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] -.RS 4 -Liste de groupes suppl\('ementaires auxquels appartient \('egalement l\*(Aqutilisateur\&. Chaque groupe est s\('epar\('e du suivant par une virgule, sans espace entre eux\&. Les groupes sont soumis aux m\(^emes restrictions que celles de l\*(Aqoption -\fB\-g\fR\&. Le comportement par d\('efaut pour l\*(Aqutilisateur est de n\*(Aqappartenir qu\*(Aqau groupe initial\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-k\fR, \fB\-\-skel\fR\ \&\fISKEL_DIR\fR -.RS 4 -Le r\('epertoire squelette, qui contient les fichiers et r\('epertoires qui seront copi\('es dans le r\('epertoire personnel de l\*(Aqutilisateur, quand le r\('epertoire personnel est cr\('e\('e par -\fBuseradd\fR\&. -.sp -Cette option n\*(Aqest valable que si l\*(Aqoption -\fB\-m\fR -(ou -\fB\-\-create\-home\fR) est utilis\('ee\&. -.sp -Si cette option n\*(Aqest pas pr\('ecis\('ee, le r\('epertoire squelette est d\('efini par la variable -\fBSKEL\fR -dans -/etc/default/useradd -ou, par d\('efaut, -/etc/skel\&. -.sp -Si possible, les ACL et les attributs \('etendus seront copi\('es\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR -.RS 4 -Overrides -/etc/login\&.defs -defaults (\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBUMASK\fR, -\fBPASS_MAX_DAYS\fR -and others)\&. - -Example: -\fB\-K\fR\ \&\fIPASS_MAX_DAYS\fR=\fI\-1\fR -can be used when creating system account to turn off password ageing, even though system account has no password at all\&. Multiple -\fB\-K\fR -options can be specified, e\&.g\&.: -\fB\-K\fR\ \&\fIUID_MIN\fR=\fI100\fR\ \& -\fB\-K\fR\ \&\fIUID_MAX\fR=\fI499\fR -.RE -.PP -\fB\-l\fR, \fB\-\-no\-log\-init\fR -.RS 4 -N\*(Aqajoute pas l\*(Aqutilisateur aux bases de donn\('ees lastlog et faillog\&. -.sp -Par d\('efaut, les entr\('ees de l\*(Aqutilisateur dans les bases de donn\('ees lastlog et faillog sont remises \(`a z\('ero pour \('eviter de r\('eutiliser les entr\('ees d\*(Aqun utilisateur pr\('ec\('edemment supprim\('e\&. -.RE -.PP -\fB\-m\fR, \fB\-\-create\-home\fR -.RS 4 -Cr\('e\('e le r\('epertoire personnel de l\*(Aqutilisateur s\*(Aqil n\*(Aqexiste pas\&. Les fichiers et les r\('epertoires contenus dans le r\('epertoire squelette (qui peut \(^etre d\('efini avec l\*(Aqoption -\fB\-k\fR) sera copi\('e dans le r\('epertoire personnel\&. -.sp -Par d\('efaut, si cette option n\*(Aqest pas pr\('ecis\('ee et si -\fBCREATE_HOME\fR -n\*(Aqest pas activ\('ee, aucun r\('epertoire personnel ne sera cr\('e\('e\&. -.RE -.PP -\fB\-M\fR -.RS 4 -Ne cr\('ee pas le r\('epertoire personnel de l\*(Aqutilisateur, m\(^eme si la configuration globale au syst\(`eme contenue dans -/etc/login\&.defs -(\fBCREATE_HOME\fR) est configur\('ee \(`a -\fIyes\fR\&. -.RE -.PP -\fB\-N\fR, \fB\-\-no\-user\-group\fR -.RS 4 -Ne cr\('ee pas de groupe avec le m\(^eme nom que celui de l\*(Aqutilisateur, mais ajoute l\*(Aqutilisateur au groupe pr\('ecis\('e par l\*(Aqoption -\fB\-g\fR -ou par la variable -\fBGROUP\fR -dans -/etc/default/useradd\&. -.sp -Le comportement par d\('efaut (si les options -\fB\-g\fR, -\fB\-N\fR, et -\fB\-U\fR -ne sont pas pr\('ecis\('ees) est d\('efini par la variable -\fBUSERGROUPS_ENAB\fR -dans -/etc/login\&.defs\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Permet de cr\('eer un compte d\*(Aqutilisateur avec un identifiant (\(Fo\ \&UID\ \&\(Fc) dupliqu\('e (non unique)\&. -.sp -Cette option n\*(Aqest valable qu\*(Aqavec l\*(Aqoption -\fB\-u\fR\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -Le mot de passe chiffr\('e, comme renvoy\('e par -\fBcrypt\fR(3)\&. Le comportement par d\('efaut est de d\('esactiver le mot de passe\&. -.sp -\fBRemarque\ \&:\fR -l\*(Aqutilisation de cette option est d\('econseill\('ee car le mot de passe (ou le mot de passe chiffr\('e) peut \(^etre visible des utilisateurs qui affichent la liste des processus\&. -.sp -Il est n\('ecessaire de v\('erifier si le mot de passe respecte la politique de mots de passe du syst\(`eme\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Cr\('eer un compte syst\(`eme\&. -.sp -Les utilisateurs syst\(`eme seront cr\('e\('es sans information d\*(Aqexpiration dans -/etc/shadow, et leur identifiant num\('erique est choisi dans l\*(Aqintervalle -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR, d\('efini dans -/etc/login\&.defs, au lieu de -\fBUID_MIN\fR\-\fBUID_MAX\fR -(et leurs \('equivalents -\fBGID\fR -pour la cr\('eation des groupes)\&. -.sp -Notez que -\fBuseradd\fR -ne cr\('eera pas de r\('epertoire personnel pour ces utilisateurs, ind\('ependamment de la configuration par d\('efaut dans -/etc/login\&.defs -(\fBCREATE_HOME\fR)\&. Vous devez pr\('eciser l\*(Aqoption -\fB\-m\fR -si vous voulez qu\*(Aqun r\('epertoire personnel soit cr\('e\('e pour un compte syst\(`eme\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Le nom de l\*(Aqinterpr\('eteur de commandes initial de l\*(Aqutilisateur (\(Fo\ \&login shell\ \&\(Fc)\&. Le comportement par d\('efaut est de laisser ce champ vide\&. Le syst\(`eme s\('electionnera alors l\*(Aqinterpr\('eteur par d\('efaut indiqu\('e par la variable -\fBSHELL\fR -dans -/etc/default/useradd, ou une cha\(^ine vide par d\('efaut\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -La valeur num\('erique de l\*(Aqidentifiant de l\*(Aqutilisateur\&. Cette valeur doit \(^etre unique, sauf si l\*(Aqoption -\fB\-o\fR -est utilis\('ee\&. La valeur ne doit pas \(^etre n\('egative\&. Le comportement par d\('efaut est d\*(Aqutiliser la plus petite valeur d\*(Aqidentifiant \(`a la fois sup\('erieure ou \('egale \(`a -\fBUID_MIN\fR -et sup\('erieure aux identifiants de tous les autres utilisateurs\&. -.sp -Voir aussi aussi l\*(Aqoption -\fB\-r\fR -et la description de -\fBUID_MAX\fR\&. -.RE -.PP -\fB\-U\fR, \fB\-\-user\-group\fR -.RS 4 -Cr\('ee un groupe avec le m\(^eme nom que celui de l\*(Aqutilisateur, et ajoute l\*(Aqutilisateur \(`a ce groupe\&. -.sp -Le comportement par d\('efaut (si les options -\fB\-g\fR, -\fB\-N\fR, et -\fB\-U\fR -ne sont pas pr\('ecis\('ees) est d\('efini par la variable -\fBUSERGROUPS_ENAB\fR -dans -/etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -L\*(Aqutilisateur SELinux utilis\('e pour la connexion de l\*(Aqutilisateur\&. Le comportement par d\('efaut est de laisser ce champ vide\&. Le syst\(`eme s\('electionnera alors l\*(Aqutilisateur SELinux par d\('efaut\&. -.RE -.SS "Modifier les valeurs par d\('efaut" -.PP -Quand il est invoqu\('e avec seulement l\*(Aqoption -\fB\-D\fR, -\fBuseradd\fR -affichera les valeurs actuelles par d\('efaut\&. Quand il est invoqu\('e avec l\*(Aqoption -\fB\-D\fR -et d\*(Aqautres options, -\fBuseradd\fR -mettra \(`a jour les valeurs par d\('efaut des options pr\('ecis\('ees\&. Les options valables sont\ \&: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR -.RS 4 -Pr\('efixe du chemin des r\('epertoires personnels pour les nouveaux utilisateurs\&. Le nom de l\*(Aqutilisateur sera attach\('e \(`a la fin de -\fIR\('EP_PERSO\fR -pour cr\('eer le nom du nouveau r\('epertoire personnel si l\*(Aqoption -\fB\-d\fR -n\*(Aqest pas utilis\('ee pendant la cr\('eation d\*(Aqun nouveau compte\&. -.sp -Cette option configure la variable -\fBHOME\fR -dans -/etc/default/useradd\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -Date \(`a laquelle le compte utilisateur sera d\('esactiv\('e\&. -.sp -Cette option configure la variable -\fBEXPIRE\fR -dans -/etc/default/useradd\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -Nombre de jours apr\(`es la fin de validit\('e d\*(Aqun mot de passe avant que le compte ne soit d\('esactiv\('e\&. -.sp -Cette option configure la variable -\fBINACTIVE\fR -dans -/etc/default/useradd\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -Le nom ou l\*(Aqidentifiant du groupe pour le groupe principal d\*(Aqun nouvel utilisateur (quand l\*(Aqoption -\fB\-N/\-\-no\-user\-group\fR -est utilis\('ee ou quand la variable -\fBUSERGROUPS_ENAB\fR -est configur\('ee \(`a -\fIno\fR -dans -/etc/login\&.defs)\&. Le nom du groupe doit exister, et un identifiant de groupe num\('erique doit avoir une entr\('ee existante\&. -.sp -Cette option configure la variable -\fBGROUP\fR -dans -/etc/default/useradd\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Le nom de l\*(Aqinterpr\('eteur de commandes du nouvel utilisateur\&. -.sp -Cette option configure la variable -\fBSHELL\fR -dans -/etc/default/useradd\&. -.RE -.SH "NOTES" -.PP -L\*(Aqadministrateur syst\(`eme doit se charger de placer les fichiers par d\('efaut dans le r\('epertoire -/etc/skel -(ou tout autre r\('epertoire de mod\(`eles indiqu\('e dans -/etc/default/useradd -ou sur la ligne de commande)\&. -.SH "AVERTISSEMENTS" -.PP -Vous ne pouvez pas ajouter d\*(Aqutilisateur \(`a un groupe NIS ou LDAP\&. Cela doit \(^etre effectu\('e sur le serveur correspondant\&. -.PP -De la m\(^eme fa\(,con, si le nom de l\*(Aqutilisateur existe dans une base de donn\('ees externe, telle que NIS ou LDAP, -\fBuseradd\fR -refusera de cr\('eer le compte d\*(Aqutilisateur\&. -.PP -Les noms d\*(Aqutilisateur doivent commencer par une lettre minuscule ou un tiret bas (\(Fo\ \&underscore\ \&\(Fc), et seuls des lettres minuscules, des chiffres, des \(Fo\ \&underscore\ \&\(Fc, ou des tirets peuvent suivre\&. Ils peuvent se terminer par un signe dollar\&. Soit, sous la forme d\*(Aqune expression rationnelle\ \&: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Les noms d\*(Aqutilisateur sont limit\('es \(`a 16 caract\(`eres\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBCREATE_HOME\fR (boolean) -.RS 4 -Indiquer si un r\('epertoire personnel doit \(^etre cr\('e\('e par d\('efaut pour les nouveaux utilisateurs\&. -.sp -Ce r\('eglage ne s\*(Aqapplique pas pour les utilisateurs syst\(`eme, et peut \(^etre annul\('e sur la ligne de commande\&. -.RE -.PP -\fBGID_MAX\fR (nombre), \fBGID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques de groupes que les commandes -\fBuseradd\fR, -\fBgroupadd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation des groupes normaux\&. -.sp -La valeur par d\('efaut pour -\fBGID_MIN\fR -(respectivement -\fBGID_MAX\fR) est 1000 (respectivement 60000)\&. -.RE -.PP -\fBMAIL_DIR\fR (cha\(^ine de caract\(`eres) -.RS 4 -R\('epertoire d\*(Aqattente des courriels (\(Fo\ \&mail spool directory\ \&\(Fc)\&. Ce param\(`etre est n\('ecessaire pour manipuler les bo\(^ites \(`a lettres lorsque le compte d\*(Aqun utilisateur est modifi\('e ou supprim\('e\&. S\*(Aqil n\*(Aqest pas sp\('ecifi\('e, une valeur par d\('efaut d\('efinie \(`a la compilation est utilis\('ee\&. -.RE -.PP -\fBMAIL_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir l\*(Aqemplacement des bo\(^ites aux lettres des utilisateurs relativement \(`a leur r\('epertoire personnel\&. -.RE -.PP -Les param\(`etres -\fBMAIL_DIR\fR -et -\fBMAIL_FILE\fR -sont utilis\('es par -\fBuseradd\fR, -\fBusermod\fR -et -\fBuserdel\fR -pour cr\('eer, d\('eplacer ou supprimer les bo\(^ites aux lettres des utilisateurs\&. -.PP -Si -\fBMAIL_CHECK_ENAB\fR -est r\('egl\('e sur -\fIyes\fR, ces variables servent \('egalement \(`a d\('efinir la variable d\*(Aqenvironnement -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (nombre) -.RS 4 -Nombre maximum de jours de validit\('e d\*(Aqun mot de passe\&. Apr\(`es cette dur\('ee, une modification du mot de passe est obligatoire\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (nombre) -.RS 4 -Nombre minimum de jours autoris\('e avant la modification d\*(Aqun mot de passe\&. Toute tentative de modification du mot de passe avant cette dur\('ee est rejet\('ee\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, la valeur de \-1 est utilis\('ee (ce qui enl\(`eve toute restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (nombre) -.RS 4 -Nombre de jours durant lesquels l\*(Aqutilisateur recevra un avertissement avant que son mot de passe n\*(Aqarrive en fin de validit\('e\&. Une valeur n\('egative signifie qu\*(Aqaucun avertissement n\*(Aqest donn\('e\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, aucun avertissement n\*(Aqest donn\('e\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (nombre), \fBSYS_GID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques de groupes que les commandes -\fBuseradd\fR, -\fBgroupadd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation de groupes syst\(`eme\&. -.sp -La valeur par d\('efaut pour -\fBSYS_GID_MIN\fR -(respectivement -\fBSYS_GID_MAX\fR) est 101 (respectivement -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (nombre), \fBSYS_UID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques d\*(Aqutilisateurs que les commandes -\fBuseradd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation d\*(Aqutilisateurs syst\(`eme\&. -.sp -La valeur par d\('efaut pour -\fBSYS_UID_MIN\fR -(respectivement -\fBSYS_UID_MAX\fR) est 101 (respectivement -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBUID_MAX\fR (nombre), \fBUID_MIN\fR (nombre) -.RS 4 -Plage d\*(Aqidentifiants num\('eriques d\*(Aqutilisateurs que les commandes -\fBuseradd\fR -ou -\fBnewusers\fR -peuvent utiliser pour la cr\('eation d\*(Aqutilisateurs normaux\&. -.sp -La valeur par d\('efaut de -\fBUID_MIN\fR -(respectivement -\fBUID_MAX\fR) est 1000 (respectivement 60000)\&. -.RE -.PP -\fBUMASK\fR (nombre) -.RS 4 -Valeur d\*(Aqinitialisation du masque de permissions\&. S\*(Aqil n\*(Aqest pas pr\('ecis\('e, le masque des permissions sera initialis\('e \(`a 022\&. -.sp -\fBuseradd\fR -et -\fBnewusers\fR -utilisent ce masque pour d\('efinir les permissions d\*(Aqacc\(`es des r\('epertoires personnels qu\*(Aqils cr\('eent\&. -.sp -Il est \('egalement utilis\('e par -\fBlogin\fR -pour d\('efinir l\*(Aqumask initial de l\*(Aqutilisateur\&. Veuillez noter que cet umask peut \(^etre red\('efini par les GECOS de l\*(Aqutilisateur (si -\fBQUOTAS_ENAB\fR -est activ\('e) ou en pr\('ecisant une limite avec l\*(Aqidentifiant -\fIK\fR -dans -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (bool\('een) -.RS 4 -Activer la mise en place de bits de masque de groupe (\(Fo\ \&umask group bits\ \&\(Fc) identiques \(`a ceux du propri\('etaire (exemple\ \&: 022 \-> 002, 077 \-> 007) pour les utilisateurs non privil\('egi\('es, si l\*(AqUID est identique au GID et que l\*(Aqidentifiant de connexion est identique au groupe principal\&. -.sp -Si cette variable est configur\('ee \(`a -\fIyes\fR, -\fBuserdel\fR -supprimera le groupe de l\*(Aqutilisateur s\*(Aqil ne contient pas d\*(Aqautres membres, et -\fBuseradd\fR -cr\('eera par d\('efaut un groupe portant le nom de l\*(Aqutilisateur\&. -.RE -.SH "FICHIERS" -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.PP -/etc/default/useradd -.RS 4 -Valeurs par d\('efaut pour la cr\('eation de comptes\&. -.RE -.PP -/etc/skel/ -.RS 4 -R\('epertoire contenant les fichiers par d\('efaut\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBuseradd\fR -retourne les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI1\fR -.RS 4 -impossible de mettre \(`a jour le fichier des mots de passe -.RE -.PP -\fI2\fR -.RS 4 -erreur de syntaxe -.RE -.PP -\fI3\fR -.RS 4 -param\(`etre non valable pour l\*(Aqoption -.RE -.PP -\fI4\fR -.RS 4 -UID d\('ej\(`a utilis\('e (et pas d\*(Aqoption -\fB\-o\fR) -.RE -.PP -\fI6\fR -.RS 4 -le groupe sp\('ecifi\('e n\*(Aqexiste pas -.RE -.PP -\fI9\fR -.RS 4 -nom d\*(Aqutilisateur d\('ej\(`a utilis\('e -.RE -.PP -\fI10\fR -.RS 4 -impossible de mettre \(`a jour le fichier des groupes -.RE -.PP -\fI12\fR -.RS 4 -impossible de cr\('eer le r\('epertoire personnel -.RE -.PP -\fI14\fR -.RS 4 -Impossible de mettre \(`a jour la correspondance d\*(Aqutilisateur SELinux -.RE -.SH "VOIR AUSSI" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/fr/man8/userdel.8 b/man/fr/man8/userdel.8 deleted file mode 100644 index d40303a9..00000000 --- a/man/fr/man8/userdel.8 +++ /dev/null @@ -1,295 +0,0 @@ -'\" t -.\" Title: userdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "USERDEL" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -userdel \- supprimer un compte utilisateur et les fichiers associ\('es -.SH "SYNOPSIS" -.HP \w'\fBuserdel\fR\ 'u -\fBuserdel\fR [options] \fILOGIN\fR -.SH "DESCRIPTION" -.PP -La commande -\fBuserdel\fR -modifie les fichiers d\*(Aqadministration des comptes du syst\(`eme, en supprimant les entr\('ees qui se r\('ef\(`erent \(`a -\fILOGIN\fR\&. L\*(Aqutilisateur nomm\('e doit exister\&. -.SH "OPTIONS" -.PP -Les options disponibles de la commande -\fBuserdel\fR -sont\ \&: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Cette option impose la suppression de l\*(Aqutilisateur, m\(^eme s\*(Aqil est encore connect\('e\&. Elle force \('egalement -\fBuserdel\fR -\(`a supprimer son r\('epertoire personnel et sa file d\*(Aqattente des courriels, m\(^eme si un autre utilisateur utilise le m\(^eme r\('epertoire personnel ou si l\*(Aqutilisateur pr\('ecis\('e n\*(Aqest pas le propri\('etaire de la file d\*(Aqattente des courriels\&. Si -\fIUSERGROUPS_ENAB\fR -vaut -\fIyes\fR -dans -/etc/login\&.defs -et si un groupe existe avec le m\(^eme nom que l\*(Aqutilisateur supprim\('e, alors ce groupe sera supprim\('e, m\(^eme s\*(Aqil s\*(Aqagit du groupe primaire d\*(Aqun autre utilisateur\&. -.sp -\fIRemarque\ \&:\fR -Cette option est dangereuse, elle peut laisser votre syst\(`eme dans un \('etat incoh\('erent\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\fR -.RS 4 -Les fichiers pr\('esents dans le r\('epertoire personnel de l\*(Aqutilisateur seront supprim\('es en m\(^eme temps que le r\('epertoire lui\-m\(^eme, ainsi que le r\('epertoire d\*(Aqattente des courriels\&. Vous devrez rechercher et \('eliminer vous\-m\(^eme les fichiers situ\('es dans d\*(Aqautres syst\(`emes de fichiers\&. -.sp -Le r\('epertoire d\*(Aqattente des courriels est d\('efini par la variable -\fBMAIL_DIR\fR -dans -login\&.defs\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR -.RS 4 -\('Elimine toute association avec tout utilisateur SELinux pour la connexion de l\*(Aqutilisateur\&. -.RE -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBMAIL_DIR\fR (cha\(^ine de caract\(`eres) -.RS 4 -R\('epertoire d\*(Aqattente des courriels (\(Fo\ \&mail spool directory\ \&\(Fc)\&. Ce param\(`etre est n\('ecessaire pour manipuler les bo\(^ites \(`a lettres lorsque le compte d\*(Aqun utilisateur est modifi\('e ou supprim\('e\&. S\*(Aqil n\*(Aqest pas sp\('ecifi\('e, une valeur par d\('efaut d\('efinie \(`a la compilation est utilis\('ee\&. -.RE -.PP -\fBMAIL_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir l\*(Aqemplacement des bo\(^ites aux lettres des utilisateurs relativement \(`a leur r\('epertoire personnel\&. -.RE -.PP -Les param\(`etres -\fBMAIL_DIR\fR -et -\fBMAIL_FILE\fR -sont utilis\('es par -\fBuseradd\fR, -\fBusermod\fR -et -\fBuserdel\fR -pour cr\('eer, d\('eplacer ou supprimer les bo\(^ites aux lettres des utilisateurs\&. -.PP -Si -\fBMAIL_CHECK_ENAB\fR -est r\('egl\('e sur -\fIyes\fR, ces variables servent \('egalement \(`a d\('efinir la variable d\*(Aqenvironnement -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -\fBUSERDEL_CMD\fR (cha\(^ine de caract\(`eres) -.RS 4 -Si d\('efinie, la commande est ex\('ecut\('ee lors de la suppression d\*(Aqun utilisateur\&. Elle pourra supprimer toutes les t\(^aches p\('eriodiques cron ou at, tous les travaux d\*(Aqimpression, etc\&. de l\*(Aqutilisateur (qui sera fourni comme premier param\(`etre)\&. -.sp -Le code de retour du script n\*(Aqest pas pris en compte\&. -.sp -Voici un script exemple, qui supprime le fichier d\*(Aqentr\('ee de cron et d\*(Aqat ainsi que les travaux d\*(Aqimpression en attente\ \&; -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Check for the required argument\&. -if [ $# != 1 ]; then - echo "Usage: $0 username" - exit 1 -fi - -# Remove cron jobs\&. -crontab \-r \-u $1 - -# Remove at jobs\&. -# Note that it will remove any jobs owned by the same UID, -# even if it was shared by a different username\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Remove print jobs\&. -lprm $1 - -# All done\&. -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (bool\('een) -.RS 4 -Activer la mise en place de bits de masque de groupe (\(Fo\ \&umask group bits\ \&\(Fc) identiques \(`a ceux du propri\('etaire (exemple\ \&: 022 \-> 002, 077 \-> 007) pour les utilisateurs non privil\('egi\('es, si l\*(AqUID est identique au GID et que l\*(Aqidentifiant de connexion est identique au groupe principal\&. -.sp -Si cette variable est configur\('ee \(`a -\fIyes\fR, -\fBuserdel\fR -supprimera le groupe de l\*(Aqutilisateur s\*(Aqil ne contient pas d\*(Aqautres membres, et -\fBuseradd\fR -cr\('eera par d\('efaut un groupe portant le nom de l\*(Aqutilisateur\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "VALEURS DE RETOUR" -.PP -La commande -\fBuserdel\fR -retourne les valeurs suivantes en quittant\ \&: -.PP -\fI0\fR -.RS 4 -succ\(`es -.RE -.PP -\fI1\fR -.RS 4 -impossible de mettre \(`a jour le fichier des mots de passe -.RE -.PP -\fI2\fR -.RS 4 -erreur de syntaxe -.RE -.PP -\fI6\fR -.RS 4 -l\*(Aqutilisateur indiqu\('e n\*(Aqexiste pas -.RE -.PP -\fI8\fR -.RS 4 -l\*(Aqutilisateur est actuellement connect\('e -.RE -.PP -\fI10\fR -.RS 4 -impossible de mettre \(`a jour le fichier des groupes -.RE -.PP -\fI12\fR -.RS 4 -impossible de supprimer le r\('epertoire personnel -.RE -.SH "AVERTISSEMENTS" -.PP -\fBuserdel\fR -ne permet pas la suppression d\*(Aqun compte si des processus actifs lui appartiennent encore\&. Dans ce cas, il peut \(^etre n\('ecessaire de tuer ces processus ou de simplement verrouiller le mot de passe ou le compte de l\*(Aqutilisateur, afin de supprimer le compte plus tard\&. L\*(Aqoption -\fB\-f\fR -permet de forcer la suppression du compte\&. -.PP -Vous devez v\('erifier vous\-m\(^eme qu\*(Aqaucun fichier poss\('ed\('e par l\*(Aqutilisateur ne subsiste sur tous les syst\(`emes de fichiers\&. -.PP -Vous ne pouvez supprimer aucun attribut NIS d\*(Aqun client NIS\&. Cela doit \(^etre effectu\('e sur le serveur NIS\&. -.PP -Si -\fBUSERGROUPS_ENAB\fR -vaut -\fIyes\fR -(\(Fo\ \&oui\ \&\(Fc) dans -/etc/login\&.defs, -\fBuserdel\fR -supprimera le groupe ayant le m\(^eme nom que l\*(Aqutilisateur\&. Afin d\*(Aq\('eviter des incoh\('erences entre les fichiers passwd et group, -\fBuserdel\fR -v\('erifiera que le groupe n\*(Aqest pas utilis\('e comme groupe primaire d\*(Aqun autre utilisateur\ \&; si c\*(Aqest le cas un avertissement sera affich\('e et le groupe ne sera pas supprim\('e\&. L\*(Aqoption -\fB\-f\fR -permet d\*(Aqimposer la suppression du groupe\&. -.SH "VOIR AUSSI" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBlogin.defs\fR(5), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/fr/man8/usermod.8 b/man/fr/man8/usermod.8 deleted file mode 100644 index f0250795..00000000 --- a/man/fr/man8/usermod.8 +++ /dev/null @@ -1,437 +0,0 @@ -'\" t -.\" Title: usermod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "USERMOD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -usermod \- Modifier un compte utilisateur -.SH "SYNOPSIS" -.HP \w'\fBusermod\fR\ 'u -\fBusermod\fR [\fIoptions\fR] \fILOGIN\fR -.SH "DESCRIPTION" -.PP -La commande -\fBusermod\fR -modifie les fichiers d\*(Aqadministration des comptes du syst\(`eme selon les modifications qui ont \('et\('e indiqu\('ees sur la ligne de commande\&. -.SH "OPTIONS" -.PP -Les options disponibles pour la commande -\fBusermod\fR -sont\ \&: -.PP -\fB\-a\fR, \fB\-\-append\fR -.RS 4 -Ajouter l\*(Aqutilisateur aux groupes suppl\('ementaires\&. N\*(Aqutilisez cette option qu\*(Aqavec l\*(Aqoption -\fB\-G\fR\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR -.RS 4 -La nouvelle valeur du champ de commentaire du fichier de mots de passe pour l\*(Aqutilisateur\&. Il est normalement modifi\('e en utilisant l\*(Aqutilitaire -\fBchfn\fR(1)\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_DIR\fR -.RS 4 -Le nouveau r\('epertoire personnel de l\*(Aqutilisateur\&. -.sp -Si l\*(Aqoption -\fB\-m\fR -est fournie, le contenu du r\('epertoire personnel actuel sera d\('eplac\('e dans le nouveau r\('epertoire personnel, qui sera cr\('e\('e si n\('ecessaire\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -Date \(`a laquelle le compte utilisateur sera d\('esactiv\('e\&. La date est indiqu\('ee dans le format -\fIAAAA\-MM\-JJ\fR\&. -.sp -Un param\(`etre -\fIDATE_FIN_VALIDIT\('E\fR -vide d\('esactivera l\*(Aqexpiration du compte\&. -.sp -Cette option n\('ecessite un fichier -/etc/shadow\&. Une entr\('ee -/etc/shadow -sera cr\('e\('ee si il n\*(Aqy en avait pas\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -Nombre de jours suivant la fin de validit\('e d\*(Aqun mot de passe apr\(`es lequel le compte est d\('efinitivement d\('esactiv\('e\&. -.sp -Une valeur de 0 d\('esactive le compte d\(`es que le mot de passe a d\('epass\('e sa fin de validit\('e, et une valeur de \-1 d\('esactive cette fonctionnalit\('e\&. -.sp -Cette option n\('ecessite un fichier -/etc/shadow\&. Une entr\('ee -/etc/shadow -sera cr\('e\('ee si il n\*(Aqy en avait pas\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -Nom du groupe ou identifiant num\('erique du groupe de connexion initial de l\*(Aqutilisateur\&. Le groupe doit exister\&. -.sp -Tout fichier du r\('epertoire personnel de l\*(Aqutilisateur appartenant au groupe primaire pr\('ec\('edent de l\*(Aqutilisateur appartiendra \(`a ce nouveau groupe\&. -.sp -Le groupe propri\('etaire des fichiers en dehors du r\('epertoire personnel de l\*(Aqutilisateur doit \(^etre modifi\('e manuellement\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] -.RS 4 -Liste de groupes suppl\('ementaires auxquels appartient \('egalement l\*(Aqutilisateur\&. Chaque groupe est s\('epar\('e du suivant par une virgule, sans espace entre eux\&. Les groupes sont soumis aux m\(^emes restrictions que celles de l\*(Aqoption -\fB\-g\fR\&. -.sp -Si l\*(Aqutilisateur fait actuellement partie d\*(Aqun groupe qui n\*(Aqest pas list\('e, l\*(Aqutilisateur sera supprim\('e du groupe\&. Ce comportement peut \(^etre modifi\('e par l\*(Aqoption -\fB\-a\fR, qui permet d\*(Aqajouter l\*(Aqutilisateur \(`a la liste actuelle des groupes suppl\('ementaires\&. -.RE -.PP -\fB\-l\fR, \fB\-\-login\fR\ \&\fINEW_LOGIN\fR -.RS 4 -Le nom de l\*(Aqutilisateur passera de -\fILOGIN\fR -\(`a -\fINOUVEAU_LOGIN\fR\&. Rien d\*(Aqautre ne sera modifi\('e\&. En particulier, le nom du r\('epertoire personnel et l\*(Aqemplacement de la bo\(^ite aux lettres de l\*(Aqutilisateur devrontprobablement \(^etre chang\('es pour refl\('eter le nouveau nom de connexion\&. -.RE -.PP -\fB\-L\fR, \fB\-\-lock\fR -.RS 4 -Verrouiller le mot de passe d\*(Aqun utilisateur\&. Cette option ajoute un \(Fo\ \&!\ \&\(Fc devant le mot de passe chiffr\('e, ce qui d\('esactive le mot de passe\&. Vous ne pouvez pas utiliser cette option avec -\fB\-p\fR -ou -\fB\-U\fR\&. -.sp -Remarque\ \&: pour verrouiller le compte (et pas seulement l\*(Aqacc\(`es au compte par un mot de passe), il est \('egalement n\('ecessaire de placer -\fIDATE_FIN_VALIDIT\('E\fR -\(`a -\fI1\fR\&. -.RE -.PP -\fB\-m\fR, \fB\-\-move\-home\fR -.RS 4 -D\('eplacer le contenu du r\('epertoire personnel de l\*(Aqutilisateur vers un nouvel emplacement\&. -.sp -Cette option ne fonctionne que lorsqu\*(Aqelle est combin\('ee avec l\*(Aqoption -\fB\-d\fR -(ou -\fB\-\-home\fR)\&. -.sp -\fBusermod\fR -essayera d\*(Aqadapter les permissions des fichiers et de copier les modes, ACL et attributs \('etendus\&. Cependant, vous risquez de devoir proc\('eder \(`a des modifications vous\-m\(^eme\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -En combinaison avec l\*(Aqoption -\fB\-u\fR, cette option permet de changer l\*(Aqidentifiant utilisateur vers une valeur d\('ej\(`a utilis\('ee\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -Mot de passe chiffr\('e, comme renvoy\('e par -\fBcrypt\fR(3)\&. -.sp -\fBRemarque\ \&:\fR -l\*(Aqutilisation de cette option est d\('econseill\('ee car le mot de passe (ou le mot de passe chiffr\('e) peut \(^etre visible des utilisateurs qui affichent la liste des processus\&. -.sp -Il est n\('ecessaire de v\('erifier si le mot de passe respecte la politique de mots de passe du syst\(`eme\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Nom du nouvel interpr\('eteur de commandes initial (\(Fo\ \&login shell\ \&\(Fc) de l\*(Aqutilisateur\&. Si ce champ est vide, le syst\(`eme s\('electionnera l\*(Aqinterpr\('eteur de commandes initial par d\('efaut\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -La valeur num\('erique de l\*(Aqidentifiant de l\*(Aqutilisateur\&. -.sp -Cette valeur doit \(^etre unique, \(`a moins que l\*(Aqoption -\fB\-o\fR -ne soit utilis\('ee\&. La valeur ne doit pas \(^etre n\('egative\&. -.sp -La bo\(^ite aux lettres et tous les fichiers poss\('ed\('es par l\*(Aqutilisateur et qui sont situ\('es dans son r\('epertoire personnel verront leur identifiant d\*(Aqutilisateur automatiquement modifi\('e\&. -.sp -Le propri\('etaire des fichiers en dehors du r\('epertoire personnel de l\*(Aqutilisateur doit \(^etre modifi\('e manuellement\&. -.sp -Aucun contr\(^ole ne sera effectu\('e sur les valeurs de -\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBSYS_UID_MIN\fR, ou -\fBSYS_UID_MAX\fR -du fichier -/etc/login\&.defs\&. -.RE -.PP -\fB\-U\fR, \fB\-\-unlock\fR -.RS 4 -D\('everrouiller le mot de passe d\*(Aqun utilisateur\&. Cela supprime le \(Fo\ \&!\ \&\(Fc situ\('e devant le mot de passe chiffr\('e\&. Vous ne pouvez pas utiliser cette option avec -\fB\-p\fR -ou -\fB\-L\fR\&. -.sp -Remarque\ \&: pour d\('everrouiller le compte (et pas seulement l\*(Aqacc\(`es au compte via un mot de passe), vous devriez d\('efinir la valeur -\fIDATE_FIN_VALIDIT\('E\fR -(par exemple \(`a -\fI99999\fR -ou \(`a la valeur -\fBEXPIRE\fR -dans -/etc/default/useradd)\&. -.RE -.PP -\fB\-v\fR, \fB\-\-add\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate uids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-V\fR, \fB\-\-del\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate uids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-uids\fR -and -\fB\-\-add\-sub\-uids\fR -are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-w\fR, \fB\-\-add\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate gids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-W\fR, \fB\-\-del\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate gids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-gids\fR -and -\fB\-\-add\-sub\-gids\fR -are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -Le nouvel utilisateur SELinux utilis\('e pour la connexion de l\*(Aqutilisateur\&. -.sp -Un param\(`etre -\fISEUSER\fR -vide \('eliminera l\*(Aqassociation de l\*(Aqutilisateur SELinux pour l\*(Aqutilisateur -\fILOGIN\fR -(si sp\('ecifi\('ee) -.RE -.SH "AVERTISSEMENTS" -.PP -Il est n\('ecessaire de contr\(^oler que l\*(Aqidentifiant indiqu\('e n\*(Aqa pas de processus en cours d\*(Aqex\('ecution si cette commande est utilis\('ee pour modifier l\*(Aqidentifiant num\('erique de l\*(Aqutilisateur, son identifiant (login) ou son r\('epertoire personnel\&. -\fBusermod\fR -effectue ce contr\(^ole sous Linux mais v\('erifie seulement les informations d\*(Aqutmp sur les autres architectures\&. -.PP -Il est n\('ecessaire de changer manuellement le propri\('etaire des fichiers -\fBcrontab\fR -ou des travaux programm\('es par -\fBat\fR\&. -.PP -Les modifications qui concernent NIS doivent \(^etre effectu\('ees sur le serveur NIS\&. -.SH "CONFIGURATION" -.PP -Les variables de configuration suivantes dans -/etc/login\&.defs -modifient le comportement de cet outil\ \&: -.PP -\fBMAIL_DIR\fR (cha\(^ine de caract\(`eres) -.RS 4 -R\('epertoire d\*(Aqattente des courriels (\(Fo\ \&mail spool directory\ \&\(Fc)\&. Ce param\(`etre est n\('ecessaire pour manipuler les bo\(^ites \(`a lettres lorsque le compte d\*(Aqun utilisateur est modifi\('e ou supprim\('e\&. S\*(Aqil n\*(Aqest pas sp\('ecifi\('e, une valeur par d\('efaut d\('efinie \(`a la compilation est utilis\('ee\&. -.RE -.PP -\fBMAIL_FILE\fR (cha\(^ine de caract\(`eres) -.RS 4 -D\('efinir l\*(Aqemplacement des bo\(^ites aux lettres des utilisateurs relativement \(`a leur r\('epertoire personnel\&. -.RE -.PP -Les param\(`etres -\fBMAIL_DIR\fR -et -\fBMAIL_FILE\fR -sont utilis\('es par -\fBuseradd\fR, -\fBusermod\fR -et -\fBuserdel\fR -pour cr\('eer, d\('eplacer ou supprimer les bo\(^ites aux lettres des utilisateurs\&. -.PP -Si -\fBMAIL_CHECK_ENAB\fR -est r\('egl\('e sur -\fIyes\fR, ces variables servent \('egalement \(`a d\('efinir la variable d\*(Aqenvironnement -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (nombre) -.RS 4 -Nombre maximum de membres par entr\('ee de groupe\&. Lorsque le maximum est atteint, une nouvelle entr\('ee de groupe (ligne) est d\('emarr\('ee dans -/etc/group -(avec le m\(^eme nom, m\(^eme mot de passe, et m\(^eme GID)\&. -.sp -La valeur par d\('efaut est 0, ce qui signifie qu\*(Aqil n\*(Aqy a pas de limites pour le nombre de membres dans un groupe\&. -.sp -Cette fonctionnalit\('e (groupe d\('ecoup\('e) permet de limiter la longueur des lignes dans le fichier de groupes\&. Ceci est utile pour s\*(Aqassurer que les lignes pour les groupes NIS ne sont pas plus grandes que 1024 caract\(`eres\&. -.sp -Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25\&. -.sp -Remarque\ \&: les groupes d\('ecoup\('es ne sont peut\-\(^etre pas pris en charge par tous les outils (m\(^eme dans la suite d\*(Aqoutils Shadow)\&. Vous ne devriez pas utiliser cette variable, sauf si vous en avez vraiment besoin\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configuration de la suite des mots de passe cach\('es \(Fo\ \&shadow password\ \&\(Fc\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/fr/man8/vigr.8 b/man/fr/man8/vigr.8 deleted file mode 100644 index ff72d7ae..00000000 --- a/man/fr/man8/vigr.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/vipw.8 diff --git a/man/fr/man8/vipw.8 b/man/fr/man8/vipw.8 deleted file mode 100644 index 24751e00..00000000 --- a/man/fr/man8/vipw.8 +++ /dev/null @@ -1,134 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Commandes de gestion du syst\(`eme -.\" Source: shadow-utils 4.2 -.\" Language: French -.\" -.TH "VIPW" "8" "09/05/2014" "shadow\-utils 4\&.2" "Commandes de gestion du syst\(`em" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOM" -vipw, vigr \- \('Editer les fichiers passwd, group, shadow ou gshadow -.SH "SYNOPSIS" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fIoptions\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -\fBvipw\fR -et -\fBvigr\fR -permettent de modifier les fichiers -/etc/passwd -et -/etc/group, respectivement\&. Avec l\*(Aqoption -\fB\-s\fR, ils permettent d\*(Aq\('editer les versions cach\('ees de ces fichiers\ \&: -/etc/shadow -et -/etc/gshadow, respectivement\&. Ces programmes placent les verrous n\('ecessaires afin d\*(Aq\('eviter toute corruption des fichiers\&. L\*(Aq\('editeur utilis\('e est choisi d\*(Aqabord en fonction de la variable d\*(Aqenvironnement -\fB$VISUAL\fR, puis de la variable d\*(Aqenvironnement -\fB$EDITOR\fR\&. \(`A d\('efaut, l\*(Aq\('editeur, -\fBvi\fR(1) -est utilis\('e quand ces variables ne sont pas d\('efinies\&. -.SH "OPTIONS" -.PP -Les options applicables aux commandes -\fBvipw\fR -et -\fBvigr\fR -sont\ \&: -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -\('Editer la base de donn\('ees de groupes\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Afficher un message d\*(Aqaide et quitter\&. -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -\('Editer la base de donn\('ees passwd\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Mode silencieux\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Appliquer les changements dans le r\('epertoire -\fIR\('EP_CHROOT\fR -et utiliser les fichiers de configuration du r\('epertoire -\fIR\('EP_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -\('Editer les bases de donn\('ees shadow ou gshadow\&. -.RE -.SH "ENVIRONNEMENT" -.PP -\fBVISUAL\fR -.RS 4 -L\*(Aq\('editeur \(`a utiliser -.RE -.PP -\fBEDITOR\fR -.RS 4 -L\*(Aq\('editeur \(`a utiliser si -\fBVISUAL\fR -n\*(Aqest pas d\('efinie\&. -.RE -.SH "FICHIERS" -.PP -/etc/group -.RS 4 -Informations sur les groupes\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informations s\('ecuris\('ees sur les groupes\&. -.RE -.PP -/etc/passwd -.RS 4 -Informations sur les comptes des utilisateurs\&. -.RE -.PP -/etc/shadow -.RS 4 -Informations s\('ecuris\('ees sur les comptes utilisateurs\&. -.RE -.SH "VOIR AUSSI" -.PP -\fBvi\fR(1), -\fBgroup\fR(5), -\fBgshadow\fR(5), -\fBpasswd\fR(5), , -\fBshadow\fR(5)\&. diff --git a/man/generate_translations.mak b/man/generate_translations.mak index 6fee9c7f..1502422b 100644 --- a/man/generate_translations.mak +++ b/man/generate_translations.mak @@ -11,6 +11,10 @@ config.xml: ../config.xml.in include ../generate_mans.mak +else +$(man_MANS): + @echo you need to run configure with --enable-man to generate man pages + @false endif CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml diff --git a/man/groupmems.8.xml b/man/groupmems.8.xml index 2afdbd84..40d04210 100644 --- a/man/groupmems.8.xml +++ b/man/groupmems.8.xml @@ -106,7 +106,7 @@ ,  user_name - Add an user to the group membership list. + Add a user to the group membership list. If the /etc/gshadow file exist, and the group has no entry in the /etc/gshadow diff --git a/man/gshadow.5.xml b/man/gshadow.5.xml index 200fcefc..6bc1ed94 100644 --- a/man/gshadow.5.xml +++ b/man/gshadow.5.xml @@ -95,7 +95,7 @@ group (but group members do not need the password). - The password is used when an user who is not a member of the + The password is used when a user who is not a member of the group wants to gain the permissions of this group (see newgrp 1). @@ -105,7 +105,7 @@ can gain the group permissions. - A password field which starts with a exclamation mark means + A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked. diff --git a/man/hu/Makefile.in b/man/hu/Makefile.in deleted file mode 100644 index e6346571..00000000 --- a/man/hu/Makefile.in +++ /dev/null @@ -1,637 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/hu -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/hu -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = \ - man1/chsh.1 \ - man1/gpasswd.1 \ - man1/groups.1 \ - man8/lastlog.8 \ - man1/login.1 \ - man1/newgrp.1 \ - man1/passwd.1 \ - man5/passwd.5 \ - man1/sg.1 \ - man1/su.1 - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/hu/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/hu/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man5 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man5 \ - uninstall-man8 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/hu/man1/chfn.1 b/man/hu/man1/chfn.1 new file mode 100644 index 00000000..44826aab --- /dev/null +++ b/man/hu/man1/chfn.1 @@ -0,0 +1,75 @@ +.\" +.\" chfn.1 \-\- change your finger information +.\" (c) 1994 by salvatore valente +.\" +.\" this program is free software. you can redistribute it and +.\" modify it under the terms of the gnu general public license. +.\" there is no warranty. +.\" +.\" $Author: kloczek $ +.\" $Revision: 1.4 $ +.\" $Date: 2005/12/01 20:38:25 $ +.\" +.TH CHFN 1 "October 13 1994" "chfn" "Linux Reference Manual" +.SH NƉV +chfn \- finger informĆ”ciĆ³k mĆ³dosĆ­tĆ”sa +.SH VƁZLAT +.B chfn +[\ \-f\ teljes nĆ©v\ ] [\ \-o\ iroda\ ] [\ \-p\ irodai telefon\ ] +[\ \-h\ otthoni telefon\ ] [\ \-u\ ] [\ \-v\ ] [\ felhasznĆ”lĆ³\ ] +.SH LEƍRƁS +A +.B chfn +segĆ­tsĆ©gĆ©vel megvĆ”ltoztathatĆ³k a finger informĆ”ciĆ³k. Ezeket a +.I /etc/passwd +fĆ”jl tartalmazza, Ć©s a +.B finger +programmal jelenĆ­thetőek meg. A linuxos +.B finger +nĆ©gy adatot Ć­r ki: valĆ³di (polgĆ”ri) nevet, munkahelyi +szoba\- Ć©s telefonszĆ”mot Ć©s otthoni telefonszĆ”mot. +.SS PARANCSSOR +A nĆ©gy Ć©rtĆ©k bĆ”rmelyike megadhatĆ³ parancssorbĆ³l. Ha paramĆ©terek nĆ©lkĆ¼l +indĆ­tjuk, a +.B chfn +interaktĆ­v mĆ³dba lĆ©p. +.SS INTERAKTƍV MƓD +Ilyenkor a +.B chfn +minden mezőt billentyűzetről kĆ©r be. A promptnĆ”l az Ćŗj Ć©rtĆ©keket kell +megadni. Az adatok az Enter lenyomĆ”sĆ”val vĆ”ltozatlanul hagyhatĆ³k, a "none" szĆ³ +beĆ­rĆ”sĆ”val a mező tartalma kiĆ¼rĆ¼l. +.SH OPCIƓK +.TP +.I "\-f, \-\-full\-name" +Teljes valĆ³di nĆ©v megadĆ”sa. +.TP +.I "\-h, \-\-home\-phone" +Otthoni telefonszĆ”m. +.TP +.I "\-o, \-\-office" +Az irodai szobaszĆ”m mĆ³dosĆ­tĆ”sa. +.TP +.I "\-p, \-\-office\-phone" +Irodai telefonszĆ”m megadĆ”sa. +.TP +.I "\-u, \-\-help" +SegĆ­tsĆ©g kiĆ­ratĆ”sa. +.TP +.I "\-v, \-\-version" +VerziĆ³informĆ”ciĆ³ megjelenĆ­tĆ©se. +.SH LƁSD MƉG +.BR finger (1), +.BR passwd (5) +.SH SZERZŐ +Salvatore Valente +.SH MEGJEGYZƉS +Ford. megj.: A hosszĆŗ, valamint az \-u Ć©s \-v paramĆ©terek a +.B chfn +Julianne +Frances Haugh Ć”ltal Ć­rt vĆ”ltozatĆ”ban nem Ć©rvĆ©nyesek (pl. SuSE). +Az irodai telefon itt a \-w, a szobaszĆ”m az \-r opciĆ³val adhatĆ³ meg. +Az \-o egy nem definiĆ”lt tartalmĆŗ mezőt tƶlt ki; ezt egyĆ©bkĆ©nt csak a root +mĆ³dosĆ­thatja. +.SH MAGYAR FORDƍTƁS +GĆ”l Gyuri diff --git a/man/hu/man1/id.1 b/man/hu/man1/id.1 new file mode 100644 index 00000000..cae75b79 --- /dev/null +++ b/man/hu/man1/id.1 @@ -0,0 +1,63 @@ +.TH ID 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\- +.SH NƉV +id \- kiĆ­rja a valĆ³sĆ”gos Ć©s effektĆ­v UID\-eket Ć©s GID\-eket +.SH ƁTTEKINTƉS +.B id +[\-gnruG] [\-\-group] [\-\-name] [\-\-real] [\-\-user] [\-\-groups] +[\-\-help] [\-\-version] [username] +.SH LEƍRƁS +Ezt a dokumentĆ”ciĆ³t a tovĆ”bbiakban nem tartjuk karban, Ć­gy +pontatlan vagy hiĆ”nyos lehet. A Texinfo dokumentĆ”ciĆ³ a hiteles forrĆ”s. +.PP +Ez a kĆ©zikƶnyv lap az +.BR id +GNU vĆ”ltozatĆ”t Ć­rja le. Az +.B id +informĆ”ciĆ³t szolgĆ”ltat az adott felhasznĆ”lĆ³rĆ³l, vagy arrĆ³l aki a +programot futtatja, ha felhasznĆ”lĆ³ nincs megadva. +AlapĆ©rtelmezĆ©sben a valĆ³di felhasznĆ”lĆ³i ID\-t Ć­rja ki, +a valĆ³di csoport ID\-t, az effektĆ­v felhasznĆ”lĆ³i ID\-t, ha az kĆ¼lƶnbƶzik a +valĆ³di felhasznĆ”lĆ³i ID\-től, az effektĆ­v csoport ID\-t, ha az kĆ¼lƶnbƶzik a +valĆ³di csoport ID\-től, Ć©s a kiegĆ©szĆ­tő csoportok ID\-it. +A parancs ezeket a paramĆ©tereket egy sorban, egymĆ”s utĆ”n +irja ki, zĆ”rĆ³jelben megadva a felhasznĆ”lĆ³, illetve a csoport nevĆ©t. +.PP +Az alĆ”bbi opciĆ³kkal az +.B id +kĆ©pes a fenti informĆ”ciĆ³k egy rĆ©szĆ©nek a megjelenĆ­tĆ©sĆ©re is. +.SS OPCIƓK +.TP +.I "\-g, \-\-group" +Csak a csoport ID\-jĆ©t Ć­rja ki. +.TP +.I "\-G, \-\-groups" +Csak a kiegĆ©szĆ­tő csoportok ID\-it Ć­rja ki. +.TP +.I "\-\-help" +HasznĆ”lati ĆŗtmutatĆ³t Ć­r a standard kimenetre Ć©s kilĆ©p. +.TP +.I "\-n, \-\-name" +A nevet jelenĆ­ti meg az ID helyet. +SzĆ¼ksĆ©ges az +.IR \-u , +.IR \-g , +vagy +.IR \-G +paramĆ©ter. +.TP +.I "\-r, \-\-real" +A valĆ³di felhasznĆ”lĆ³i vagy csoport ID\-t jelenĆ­ti meg az effektĆ­v helyett. +SzĆ¼ksĆ©ges +.IR \-u , +.IR \-g , +vagy +.IR \-G +paramĆ©ter. +.TP +.I "\-u, \-\-user" +Csak a felhasznĆ”lĆ³ ID\-jĆ©t jelenĆ­ti meg. +.TP +.I "\-\-version" +A program verziĆ³jĆ”rĆ³l Ć­r ki informĆ”ciĆ³t a standard kimenetre Ć©s kilĆ©p. +.SH MAGYAR FORDƍTƁS +Ɓmon TamĆ”s diff --git a/man/id/Makefile.in b/man/id/Makefile.in deleted file mode 100644 index 3af8b3d3..00000000 --- a/man/id/Makefile.in +++ /dev/null @@ -1,584 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/id -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/id -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = \ - man1/chsh.1 \ - man1/login.1 \ - man8/useradd.8 - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/id/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/id/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man8 install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man8 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/it/Makefile.in b/man/it/Makefile.in deleted file mode 100644 index 2ef35557..00000000 --- a/man/it/Makefile.in +++ /dev/null @@ -1,740 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@USE_PAM_TRUE@am__append_2 = $(man_nopam) -DIST_COMMON = $(srcdir)/../generate_translations.mak \ - $(srcdir)/../generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am -subdir = man/it -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/it -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = man1/chage.1 man1/chfn.1 man8/chgpasswd.8 man8/chpasswd.8 \ - man1/chsh.1 man1/expiry.1 man5/faillog.5 man8/faillog.8 \ - man3/getspnam.3 man1/gpasswd.1 man8/groupadd.8 man8/groupdel.8 \ - man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ - man8/grpconv.8 man8/grpunconv.8 man5/gshadow.5 man8/lastlog.8 \ - man1/login.1 man5/login.defs.5 man8/logoutd.8 man1/newgrp.1 \ - man8/newusers.8 man8/nologin.8 man1/passwd.1 man5/passwd.5 \ - man8/pwck.8 man8/pwconv.8 man8/pwunconv.8 man1/sg.1 \ - man3/shadow.3 man5/shadow.5 man1/su.1 man5/suauth.5 \ - man8/useradd.8 man8/userdel.8 man8/usermod.8 man8/vigr.8 \ - man8/vipw.8 $(am__append_1) -man_nopam = \ - man5/limits.5 \ - man5/login.access.5 \ - man5/porttime.5 - -EXTRA_DIST = $(man_MANS) man1/id.1 man8/sulogin.8 $(am__append_2) -LANG = $(notdir $(CURDIR)) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/it/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/it/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man3: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man3dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.3[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ - done; } - -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man3dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.3[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-am - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man3 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ - uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - clean-local cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man3 install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-man3 uninstall-man5 uninstall-man8 - - -@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in -@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml -@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml ../po/$(LANG).po -@ENABLE_REGENERATE_MAN_TRUE@ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@ -@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^:\1 lang="$(LANG)">:' $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^/%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(/\1 [%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/it/man1/chage.1 b/man/it/man1/chage.1 deleted file mode 100644 index 42282a9f..00000000 --- a/man/it/man1/chage.1 +++ /dev/null @@ -1,177 +0,0 @@ -'\" t -.\" Title: chage -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "CHAGE" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -chage \- cambia le informazioni sulla scadenza della password -.SH "SINOSSI" -.HP \w'\fBchage\fR\ 'u -\fBchage\fR [\fIopzioni\fR] \fILOGIN\fR -.SH "DESCRIZIONE" -.PP -\fBchage\fR -modifica il numero minimo di giorni tra i cambi di password e la data dell\*(Aqultimo cambio\&. Queste informazioni sono usate dal sistema per determinare quando un utente deve cambiare la propria password\&. -.SH "OPZIONI" -.PP -Il comando -\fBchage\fR -accetta le seguenti opzioni: -.PP -\fB\-d\fR, \fB\-\-lastday\fR\ \&\fIULTIMO_GIORNO\fR -.RS 4 -Imposta la data dell\*(Aqultimo cambio della password, espressa come il numero di giorni trascorsi dal 1 gennaio 1970\&. La data pu\(`o anche essere specificata nel formato AAAA\-MM\-GG o nella notazione comunemente usata nel proprio paese\&. -.RE -.PP -\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIDATA_SCADENZA\fR -.RS 4 -Imposta la data o il numero di giorni dal 1 gennaio 1970 dal quale l\*(Aqaccount utente non sar\(`a pi\(`u accessibile\&. La data pu\(`o essere inserita nel formato AAAA\-MM\-GG (o il formato pi\(`u comunemente utilizzato nel proprio paese)\&. Un utente il cui account sia bloccato deve contattare l\*(Aqamministratore di sistema prima di poter accedere nuovamente al sistema\&. -.sp -Se si passa il numero -\fI\-1\fR -come -\fIDATA_SCADENZA\fR, si rimuove la data di scadenza dell\*(Aqaccount\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIINATTIVO\fR -.RS 4 -Imposta il numero di giorni di inattivit\(`a dopo la scadenza della password dopo i quali l\*(Aqaccount viene bloccato\&. L\*(Aqopzione -\fIINATTIVO\fR -indica il numero di giorni di inattivit\(`a\&. Un utente con l\*(Aqaccount bloccato deve contattare l\*(Aqamministratore prima di poter usare ancora il sistema\&. -.sp -Utilizzare il numero -\fI\-1\fR -come -\fIINATTIVO\fR -elimina l\*(Aqintervallo di inattivit\(`a dall\*(Aqaccount\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -Visualizza le informazioni sulla scadenza dell\*(Aqaccount\&. -.RE -.PP -\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_GIORNI\fR -.RS 4 -Imposta il numero minimo di giorni tra i cambi di password a -\fIMIN_GIORNI\fR\&. Un valore pari a zero indica che l\*(Aqutente pu\(`o cambiare la propria password in qualsiasi momento\&. -.RE -.PP -\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_GIORNI\fR -.RS 4 -Imposta il numero massimo di giorni di validit\(`a di una password\&. Quando la somma di -\fIMAX_GIORNI\fR -e -\fIULTIMO_GIORNO\fR -\(`e inferiore alla data odierna, l\*(Aqutente \(`e obbligato a cambiare la password prima di poter usare ancora il proprio account\&. Questo evento pu\(`o essere reso noto in anticipo usando l\*(Aqopzione -\fB\-W\fR, che fornisce un preavviso all\*(Aqutente\&. -.sp -Usare il valore -\fI\-1\fR -come -\fIMAX_GIORNI\fR -rimuove il controllo sulla validit\(`a della password\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIAVVISO_GIORNI\fR -.RS 4 -Imposta il numero di giorni di preavviso prima che sia obbligatorio cambiare la password\&. L\*(Aqopzione -\fIAVVISO_GIORNI\fR -indica il numero di giorni prima della scadenza della password in cui l\*(Aqutente viene avvertito dell\*(Aqimminente scadenza\&. -.RE -.PP -Se non viene specificata nessuna opzione, -\fBchage\fR -opera in modalit\(`a interattiva, chiedendo all\*(Aqutente il nuovo valore per ogni campo\&. Inserire un nuovo valore per modificare il campo, oppure lasciare la riga vuota per continuare a usare il valore attuale\&. I valori attuali vengono mostrati tra parentesi quadre -\fI[ ]\fR\&. -.SH "NOTA" -.PP -\fBchage\fR -richiede che il file delle password shadow sia disponibile\&. -.PP -L\*(Aquso del comando -\fBchage\fR -\(`e permesso solo all\*(Aqutente root, tranne per l\*(Aqopzione -\fB\-l\fR, che pu\(`o essere usata da un utente non privilegiato per conoscere la scadenza della propria password o dell\*(Aqaccount\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBchage\fR -restituisce i seguenti valori: -.PP -\fI0\fR -.RS 4 -successo -.RE -.PP -\fI1\fR -.RS 4 -permesso negato -.RE -.PP -\fI2\fR -.RS 4 -sintassi del comando errata -.RE -.PP -\fI15\fR -.RS 4 -non \(`e possibile trovare il file delle password shadow -.RE -.SH "VEDERE ANCHE" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/it/man1/chfn.1 b/man/it/man1/chfn.1 deleted file mode 100644 index 4635eb86..00000000 --- a/man/it/man1/chfn.1 +++ /dev/null @@ -1,159 +0,0 @@ -'\" t -.\" Title: chfn -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "CHFN" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -chfn \- cambia il nome dell\*(Aqutente e altre informazioni -.SH "SINOSSI" -.HP \w'\fBchfn\fR\ 'u -\fBchfn\fR [\fIopzioni\fR] [\fILOGIN\fR] -.SH "DESCRIZIONE" -.PP -\fBchfn\fR -\(`e usato per cambiare il nome completo dell\*(Aqutilizzatore, il numero di stanza dell\*(Aqufficio, quello di telefono dell\*(Aqufficio e di casa\&. Questi dati sono normalmente stampati dal programma -\fBfinger\fR(1) -o equivalenti\&. Un utente normale pu\(`o cambiare solo i dati relativi al proprio account, con eventuali altre limitazioni specificate in -/etc/login\&.defs\&. (La configurazione predefinita impedisce la modifica del proprio nome completo\&.) Il super utente pu\(`o cambiare tutte le informazioni di ciascun utente\&. Inoltre, solo il super utente pu\(`o usare l\*(Aqopzione -\fB\-o\fR -per la modifica delle parti non definite del campo GECOS\&. -.PP -Questi campi non possono contenere nessun carattere due punti\&. Ad eccezione del campo -\fIother\fR, non dovrebbero contenere nessuna virgola e nessun segno uguale\&. \(`E anche consigliato di evitare caratteri non US\-ACII, ma su questo viene fatto un controllo solo per il numero di telefono\&. Il campo -\fIother\fR -viene utilizzato per memorizzare informazioni sull\*(Aq\(Foaccounting\(Fc da altre applicazioni\&. -.SH "OPZIONI" -.PP -Il comando -\fBchfn\fR -accetta le seguenti opzioni: -.PP -\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fINOME_COMPLETO\fR -.RS 4 -Cambia il nome completo dell\*(Aqutente\&. -.RE -.PP -\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fITELEFONO_CASA\fR -.RS 4 -Cambia il numero di telefono di casa dell\*(Aqutente\&. -.RE -.PP -\fB\-o\fR, \fB\-\-other\fR\ \&\fIALTRO\fR -.RS 4 -Cambia il campo GECOS per le altre informazioni\&. Questo campo viene utilizzato per memorizzare informazioni di \(Foaccounting\(Fc usate da altre applicazioni, e pu\(`o essere modificato solo dal super utente\&. -.RE -.PP -\fB\-r\fR, \fB\-\-room\fR\ \&\fINUMERO_STANZA\fR -.RS 4 -Cambia il numero della stanza dell\*(Aqutente\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fITELEFONO_LAVORO\fR -.RS 4 -Cambia il numero di telefono di lavoro dell\*(Aqutente\&. -.RE -.PP -Se nessuna delle opzioni \(`e selezionata, -\fBchfn\fR -opera in maniera interattiva, chiedendo all\*(Aqutente il valore da impostare per ogni campo\&. Inserire un nuovo valore per sostituire il contenuto attuale, oppure lasciare la riga vuota per non cambiarlo\&. Il valore attuale \(`e mostrato tra le parentesi -\fB[ ]\fR\&. Senza nessuna opzione, -\fBchfn\fR -opera sull\*(Aqaccount corrente\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBCHFN_AUTH\fR (booleano) -.RS 4 -Se -\fIyes\fR, il programma -\fBchfn\fR -richieder\(`a l\*(Aqautenticazione prima di apportare qualsiasi modifica, a meno che non sia eseguito dal super utente\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (testo) -.RS 4 -Questo parametro specifica quali valori del campo -\fIgecos\fR -del file -/etc/passwd -possono essere cambiati da utenti normali usando il programma -\fBchfn\fR\&. Pu\(`o essere una combinazione qualsiasi delle lettere -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR -per \(FoNome completo (f)\(Fc, \(FoNumero stanza (r)\(Fc, \(FoTelefono di lavoro (w)\(Fc e \(FoTelefono di casa (h)\(Fc\&. Per compatibilit\(`a con precedenti versioni, -\fIyes\fR -\(`e quivalente a -\fIrwh\fR -e -\fIno\fR -\(`e equivalente a -\fIfrwh\fR\&. Se non specificato, solo il super utente pu\(`o effettuare modifiche\&. Le impostazioni pi\(`u stringenti si ottengono installando -\fBchfn\fR -non SUID\&. -.RE -.PP -\fBLOGIN_STRING\fR (testo) -.RS 4 -Il testo da utilizzare per richiedere la password\&. Il valore predefinito \(`e \(FoPassword: \(Fc o una sua traduzione\&. Se si imposta questa variabile allora il testo non verr\(`a tradotto\&. -.sp -Se il testo contiene -\fI%s\fR, questo verr\(`a sostituito dal nome dell\*(Aqutente\&. -.RE -.SH "FILE" -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBchsh\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/it/man1/chsh.1 b/man/it/man1/chsh.1 deleted file mode 100644 index e72bcf1a..00000000 --- a/man/it/man1/chsh.1 +++ /dev/null @@ -1,117 +0,0 @@ -'\" t -.\" Title: chsh -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "CHSH" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -chsh \- cambia la shell di login -.SH "SINOSSI" -.HP \w'\fBchsh\fR\ 'u -\fBchsh\fR [\fIopzioni\fR] [\fILOGIN\fR] -.SH "DESCRIZIONE" -.PP -Il comando -\fBchsh\fR -cambia la shell di login dell\*(Aqutente, in altre parole determina il comando iniziale eseguito quando un utente accede al sistema\&. Chiunque pu\(`o cambiare la propria shell di login, mentre l\*(Aqamministratore pu\(`o cambiare la shell di login per ogni account\&. -.SH "OPZIONI" -.PP -Il comando -\fBchsh\fR -accetta le seguenti opzioni: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Il nome della nuova shell di login dell\*(Aqutente\&. Lasciando questo campo vuoto si fa in modo che il sistema selezioni la shell di login predefinita\&. -.RE -.PP -Se non viene usata l\*(Aqopzione -\fB\-s\fR, -\fBchsh\fR -opera in maniera interattiva, mostrando all\*(Aqutente la shell attuale\&. Inserire il nuovo valore oppure lasciare la riga vuota per non modificare il valore attuale\&. La shell attuale \(`e mostrata tra parentesi -\fI[ ]\fR\&. -.SH "NOTA" -.PP -L\*(Aqunica limitazione sulla scelta della shell di login \(`e che il nome del comando deve essere presente in -/etc/shells; fa eccezione l\*(Aqamministratore di sistema, che \(`e libero di scegliere qualsiasi valore\&. Un account con una shell di login limitata non pu\(`o cambiare la propria shell di login\&. Per questo motivo \(`e sconsigliato includere -/bin/rsh -in -/etc/shells: se accidentalmente un utente selezionasse una shell limitata, non potrebbe pi\(`u tornare alla shell di login che usava originariamente\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBCHSH_AUTH\fR (booleano) -.RS 4 -Se -\fIyes\fR, il comando -\fBchsh\fR -richieder\(`a l\*(Aqautenticazione prima di apportare qualsiasi modifica, a meno che sia utilizzato dal super utente\&. -.RE -.PP -\fBLOGIN_STRING\fR (testo) -.RS 4 -Il testo da utilizzare per richiedere la password\&. Il valore predefinito \(`e \(FoPassword: \(Fc o una sua traduzione\&. Se si imposta questa variabile allora il testo non verr\(`a tradotto\&. -.sp -Se il testo contiene -\fI%s\fR, questo verr\(`a sostituito dal nome dell\*(Aqutente\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shells -.RS 4 -Elenco delle shell di login ammesse\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VEDERE ANCHE" -.PP -\fBchfn\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/it/man1/expiry.1 b/man/it/man1/expiry.1 deleted file mode 100644 index 2d05781c..00000000 --- a/man/it/man1/expiry.1 +++ /dev/null @@ -1,73 +0,0 @@ -'\" t -.\" Title: expiry -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "EXPIRY" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -expiry \- controlla e fa rispettare la scadenza della password -.SH "SINOSSI" -.HP \w'\fBexpiry\fR\ 'u -\fBexpiry\fR \fIopzione\fR -.SH "DESCRIZIONE" -.PP -\fBexpiry\fR -controlla (\fB\-c\fR) la scadenza della password in uso e, se necessario, richiede (\fB\-f\fR) che venga cambiata quando necessario\&. Questo comando pu\(`o essere eseguito da un utente qualsiasi\&. -.SH "OPZIONI" -.PP -Il comando -\fBexpiry\fR -accetta le seguenti opzioni: -.PP -\fB\-c\fR, \fB\-\-check\fR -.RS 4 -Controlla la scadenza della password dell\*(Aqutente corrente\&. -.RE -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Forza un cambio di password se l\*(Aqutente corrente ha una password scaduta\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/it/man1/gpasswd.1 b/man/it/man1/gpasswd.1 deleted file mode 100644 index e3e72e3c..00000000 --- a/man/it/man1/gpasswd.1 +++ /dev/null @@ -1,232 +0,0 @@ -'\" t -.\" Title: gpasswd -.\" Author: Rafal Maszkowski -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "GPASSWD" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -gpasswd \- amministra /etc/group e /etc/gshadow -.SH "SINOSSI" -.HP \w'\fBgpasswd\fR\ 'u -\fBgpasswd\fR [\fIopzione\fR] \fIgruppo\fR -.SH "DESCRIZIONE" -.PP -Il comando -\fBgpasswd\fR -\(`e utilizzato per amministrare -/etc/groupe /etc/gshadow\&. Ogni gruppo pu\(`o avereamministratori, -membri e una password\&. -.PP -Gli amministratori di sistema possono usare l\*(Aqopzione -\fB\-A\fR -per definire l\*(Aqamministratore/gli amministratori di gruppo e l\*(Aqopzione -\fB\-M\fR -per definire i membri ed hanno tutti i permessi degli amministratori di gruppo e dei membri\&. -.PP -\fBgpasswd\fR -richiamato da -un amminstatore di gruppo -con un nome di gruppo richiede solo la nuova password del -\fIgruppo\fR\&. -.PP -Se la password \(`e impostata i membri possono ancora usare -\fBnewgrp\fR(1) -senza la password, i non\-membri devono fornire la password\&. -.SS "Note sulle password di gruppo" -.PP -Le password di gruppo rappresentano un intrinseco problema di sicurezza perch\('e pi\(`u di una persona deve conoscerle\&. Ciononostante i gruppi sono uno strumento molto utile per la cooperazione tra vari utenti\&. -.SH "OPZIONI" -.PP -Ad eccezione di -\fB\-A\fR -e -\fB\-M\fR, le altre opzioni non possono essere combinate\&. -.PP -Il comando -\fBgpasswd\fR -accetta le seguenti opzioni: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIutente\fR -.RS 4 -Aggiunge -\fIutente\fR -al -\fIgruppo\fR -indicato\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIutente\fR -.RS 4 -Rimuove -\fIutente\fR -dal -\fIgruppo\fR -indicato\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-Q\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\-password\fR -.RS 4 -Rimuove la password dal -\fIgruppo\fR -indicato\&. La password del gruppo sar\(`a vuota\&. Solo ai membri del gruppo sar\(`a ammesso l\*(Aqaccesso tramite -\fBnewgrp\fR -al -\fIgruppo\fR -indicato\&. -.RE -.PP -\fB\-R\fR, \fB\-\-restrict\fR -.RS 4 -Limita l\*(Aqaccesso al -\fIgruppo\fR -indicato\&. La password del gruppo \(`e cambiata in \(Fo!\(Fc\&. Solo ai membri del gruppo con una password verr\(`a permesso di usare -\fBnewgrp\fR -per accedere al -\fIgruppo\fR -indicato\&. -.RE -.PP -\fB\-A\fR, \fB\-\-administrators\fR\ \&\fIutente\fR,\&.\&.\&. -.RS 4 -Imposta l\*(Aqelenco degli utenti amministratori\&. -.RE -.PP -\fB\-M\fR, \fB\-\-members\fR\ \&\fIutente\fR,\&.\&.\&. -.RS 4 -Definisce l\*(Aqelenco dei membri del gruppo\&. -.RE -.SH "AVVISI/CAVEAT" -.PP -Questo strumento opera solo sul file -/etc/groupe sul file /etc/gshadow\&. Quindi non si possono modificare gruppi NIS o LDAP\&. Questo dovrebbe essere fatto sul corrispondente server\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBENCRYPT_METHOD\fR (testo) -.RS 4 -Definisce l\*(Aqalgoritmo di cifratura predefinito per le password (se non ne viene specificato uno a riga di comando)\&. -.sp -Pu\(`o avere uno dei seguenti valori: -\fIDES\fR -(predefinito), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Nota: questo parametro ha la precedenza sulla variabile -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (booleano) -.RS 4 -Indica se le password vanno cifrate usando l\*(Aqalgoritmo basato su MD5\&. Se impostato a -\fIyes\fR -le nuove password saranno cifrate usando un algoritmo basato su MD5 e compatibile con quello delle versioni pi\(`u recenti di FreeBSD\&. Supporta password di lunghezza qualsiasi e testi \(Fosalt\(Fc pi\(`u lunghi\&. Impostare a -\fIno\fR -se si devono copiare password su altri sistemi che non gestiscono l\*(Aqalgoritmo\&. Il valore predefinito \(`e -\fIno\fR\&. -.sp -Questa variabile ha meno priorit\(`a della variabile -\fBENCRYPT_METHOD\fR -e di qualsiasi opzione a riga di comando che imposta un algoritmo di cifratura\&. -.sp -Questa variabile non \(`e pi\(`u usata\&. Si dovrebbe utilizzare -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (numerico), \fBSHA_CRYPT_MAX_ROUNDS\fR (numerico) -.RS 4 -Quando -\fBENCRYPT_METHOD\fR -vale -\fISHA256\fR -o -\fISHA512\fR, questo definisce il numero di cicli SHA usati per l\*(Aqalgoritmo di cifratura (quando il numero di cicli non \(`e impostato a riga di comando)\&. -.sp -Con molti cicli \(`e pi\(`u difficile trovare una password usando la forza bruta\&. Ma va notato che \(`e richiesta maggiore potenza di calcolo per autenticare gli utenti\&. -.sp -Se non specificato sar\(`a la libc a scegliere il numero di cicli (5000)\&. -.sp -Il valore deve essere compreso tra 1\&.000 e 999\&.999\&.999\&. -.sp -Se viene impostato solo uno tra -\fBSHA_CRYPT_MIN_ROUNDS\fR -e -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora l\*(Aqunico valore viene utilizzato\&. -.sp -Se -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora viene utilizzato il maggiore\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBnewgrp\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBgrpck\fR(8), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/it/man1/groups.1 b/man/it/man1/groups.1 deleted file mode 100644 index da8bfaa1..00000000 --- a/man/it/man1/groups.1 +++ /dev/null @@ -1,62 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "GROUPS" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -groups \- mostra i nomi dei gruppi correnti -.SH "SINOSSI" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIutente\fR] -.SH "DESCRIZIONE" -.PP -Per ciascuno dei gruppi correnti, il comando -\fBgroups\fR -mostra i nomi o i valori ID\&. Se un valore non ha nessuna voce corrispondente in -/etc/group, esso viene mostrato in forma numerica\&. Se viene specificato un -\fIutente\fR, vengono mostrati i gruppi a cui appartiene quel determinato -\fIutente\fR\&. -.SH "NOTA" -.PP -Sui sistemi che non supportano l\*(Aqappartenenza contemporanea a pi\(`u gruppi, vengono riportate le informazioni da -/etc/group\&. L\*(Aqutente deve usare -\fBnewgrp\fR -o -\fBsg\fR -per cambiare gli ID reale ed effettivo del gruppo\&. -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/it/man1/id.1 b/man/it/man1/id.1 deleted file mode 100644 index 5bc5b6ef..00000000 --- a/man/it/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "ID" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -id \- display current user and group ID names -.SH "SINOSSI" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "DESCRIZIONE" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/it/man1/login.1 b/man/it/man1/login.1 deleted file mode 100644 index 77c0cc9c..00000000 --- a/man/it/man1/login.1 +++ /dev/null @@ -1,485 +0,0 @@ -'\" t -.\" Title: login -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "LOGIN" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -login \- apre una sessione sul sistema -.SH "SINOSSI" -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fImacchina\fR] [\fInome\fR] [\fIENV=VAR\fR...] -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fImacchina\fR] \-f \fInome\fR -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] \-r\ \fImacchina\fR -.SH "DESCRIZIONE" -.PP -\fBlogin\fR -viene utilizzato per aprire una sessione sul sistema\&. Normalmente viene invocato automaticamente rispondendo al prompt -\fIlogin:\fR -del terminale\&. -\fBlogin\fR -pu\(`o essere trattato in maniera speciale dalla shell e non pu\(`o essere invocato come sottoprocesso\&. Quando \(`e richiamato dalla shell, -\fBlogin\fR -va invocato come -\fBexec login\fR -che termina la shell utente attuale (il che impedir\(`a al nuovo utente che accede, di poter ritornare alla sessione del chiamante)\&. Il tentativo di esecuzione di -\fBlogin\fR -da una shell che non sia quella di login produce un messaggio d\*(Aqerrore\&. -.PP -Se necessario viene quindi chiesta la password all\*(Aqutente\&. Durante questa operazione l\*(Aqeco sul terminale \(`e disabilitata per non rivelare la password\&. Solo un basso numero di tentativi falliti \(`e permesso prima che -\fBlogin\fR -termini e che la connessione sia interrotta\&. -.PP -Se la scadenza delle password \(`e abilitata per il proprio account, prima di proseguire ci pu\(`o essere la richiesta di una nuova password\&. Il programma chieder\(`a prima la vecchia password e poi la nuova per poter continuare\&. Per maggiori informazioni si faccia riferimento a -\fBpasswd\fR(1)\&. -.PP -Dopo aver completato correttamente l\*(Aqaccesso, vengono mostrati eventuali messaggi di sistema e si viene informati della presenza di nuova posta\&. Si pu\(`o evitare di visualizzare i messaggi in -/etc/motd -creando un file vuoto chiamato -\&.hushlogin -nella propria directory di login\&. Il messaggio relativo alla presenza di posta \(`e \(Fo\fIC\*(Aq\(`e nuova posta\&.\fR\(Fc, \(Fo\fIC\*(Aq\(`e posta\&.\fR\(Fc o \(Fo\fINessun messaggio di posta\&.\fR\(Fc a seconda dello stato della propria casella di posta\&. -.PP -I propri ID di utente e gruppo vengono poi impostati in base ai valori definiti nel file -/etc/passwd\&. I valori di -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$PATH\fR, -\fB$LOGNAME\fR -e -\fB$MAIL\fR -sono impostati in base ai campi appropriati nella voce della password\&. Anche i valori per ulimit, umask e nice possono essere impostati in base al campo GECOS\&. -.PP -In alcune installazioni la variabile d\*(Aqambiente -\fB$TERM\fR -pu\(`o essere impostata in base al tipo di terminale della propria connessione, come specificato in -/etc/ttytype\&. -.PP -Pu\(`o anche essere eseguito uno script di inizializzazione per il proprio interprete dei comandi\&. Fare riferimento alla relativa sezione di manuale per maggiori informazioni su questa funzione\&. -.PP -Un sottosistema di login \(`e indicato dalla presenza del carattere \(Fo*\(Fc all\*(Aqinizio della shell di login\&. La directory home impostata sar\(`a utilizzata come root di un nuovo file system al quale l\*(Aqutente accede\&. -.PP -Il programma -\fBlogin\fR -NON \(`e responsabile di rimuovere gli utenti dal file utmp\&. La correzione del proprietario di una sessione di terminale \(`e responsabilit\(`a di -\fBgetty\fR(8) -e -\fBinit\fR(8)\&. Se si usa -\fBlogin\fR -senza -\fBexec\fR -dal prompt della shell, allora l\*(Aqutente che si sta usando risulter\(`a sempre connesso al sistema anche oltre il termine della \(Fosottosessione\(Fc\&. -.SH "OPZIONI" -.PP -\fB\-f\fR -.RS 4 -Non effettua l\*(Aqautenticazione, l\*(Aqutente \(`e gi\(`a autenticato -.sp -Nota: in questo caso -\fIusername\fR -\(`e obbligatorio\&. -.RE -.PP -\fB\-h\fR -.RS 4 -Nome dell\*(Aqhost remoto per questo login\&. -.RE -.PP -\fB\-p\fR -.RS 4 -Non modifica l\*(Aqambiente\&. -.RE -.PP -\fB\-r\fR -.RS 4 -Attiva il protocollo autologin di rlogin\&. -.RE -.PP -Le opzioni -\fB\-r\fR, -\fB\-h\fR -e -\fB\-f\fR -possono essere utilizzate solo quando -\fBlogin\fR -viene invocato da root\&. -.SH "AVVISI/CAVEAT" -.PP -Questa versione di -\fBlogin\fR -ha molte opzioni di compilazione; in un determinato sistema potrebbe esserne in uso solo una parte\&. -.PP -La posizione dei file \(`e soggetta a differenze in base alla configurazione del sistema\&. -.PP -Il programma -\fBlogin\fR -NON \(`e responsabile di rimuovere gli utenti dal file utmp\&. La correzione del proprietario di una sessione di terminale \(`e responsabilit\(`a di -\fBgetty\fR(8) -e -\fBinit\fR(8)\&. Se si usa -\fBlogin\fR -senza -\fBexec\fR -dal prompt della shell, allora l\*(Aqutente che si sta usando risulter\(`a sempre connesso al sistema anche oltre il termine della \(Fosottosessione\(Fc\&. -.PP -Come per ogni programma, l\*(Aqaspetto di -\fBlogin\fR -pu\(`o essere simulata\&. Se utenti non fidati hanno accesso fisico alla macchina, essi potrebbero sfruttare questa cosa per ottenere la password della prossima persona che si siede davanti al terminale\&. In Linux si pu\(`o utilizzare il meccanismo SAK per iniziare un percorso sicuro che previene questo tipo di attacchi\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBCONSOLE\fR (testo) -.RS 4 -Se definito, o il percorso completo di un file che contiene l\*(Aqelenco di nomi di device (uno per riga) oppure un elenco di nomi di device separati da \(Fo:\(Fc\&. L\*(Aqaccesso come root verr\(`a permesso solo attraverso questi device\&. -.sp -Se non definito, root potr\(`a accedere da qualsiasi device\&. -.sp -Il nome di device deve essere specificato senza il prefisso /dev\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (testo) -.RS 4 -Elenco di gruppi da aggiungere ai gruppi supplementari dell\*(Aqutente quando questi accede dalla console (come determinato dalla impostazione CONSOLE)\&. Il valore predefinito \(`e nullo\&. - -Usare con cautela \- \(`e possibile che gli utenti ottengano l\*(Aqaccesso permanente a questi gruppi anche se non accedono dalla console\&. -.RE -.PP -\fBDEFAULT_HOME\fR (booleano) -.RS 4 -Indica se permettere l\*(Aqaccesso al sistema anche se non si pu\(`o accedere alla directory home\&. Il valore predefinito \(`e no\&. -.sp -Se impostato a -\fIyes\fR, l\*(Aqutente acceder\(`a alla directory root (/) nel caso che non sia possibile accedere alla propria directory home\&. -.RE -.PP -\fBENV_HZ\fR (testo) -.RS 4 -Se impostato viene utilizzato per definire il valore della variabile d\*(Aqambiente HZ al login dell\*(Aqutente\&. Il valore deve essere preceduto da -\fIHZ=\fR\&. Un valore comune per Linux \(`e -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (testo) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (testo) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (testo) -.RS 4 -Se impostato viene usato per definire la variabile d\*(Aqambiente TZ al login dell\*(Aqutente\&. Il valore pu\(`o essere il nome di una \(Fotimezone\(Fc preceduta da -\fITZ=\fR -(ad esempio -\fITZ=CST6CDT\fR), o il percorso completo di un file che contenga la specifica della \(Fotimezone\(Fc (ad esempio -/etc/tzname)\&. -.sp -Se viene specificato il percorso completo di un file che per\(`o non esiste o non pu\(`o essere letto, allora viene utilizzato il valore predefinito -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (testo) -.RS 4 -Se questo file esiste ed \(`e leggibile, l\*(Aqambiente di login viene letto da l\(`i\&. Ogni riga deve essere nella forma nome=valore\&. -.sp -Le righe che iniziano con \(Fo#\(Fc sono trattate come commenti e ignorate\&. -.RE -.PP -\fBERASECHAR\fR (numerico) -.RS 4 -Carattere ERASE del terminale (\fI010\fR -= backspace, -\fI0177\fR -= Canc)\&. -.sp -Il valore deve avere il prefisso \(Fo0\(Fc se in ottale, o \(Fo0x\(Fc se esadecimale\&. -.RE -.PP -\fBFAIL_DELAY\fR (numerico) -.RS 4 -Numero di secondi prima che venga concesso un ulteriore tentativo dopo un accesso fallito\&. -.RE -.PP -\fBFAILLOG_ENAB\fR (booleano) -.RS 4 -Abilita la memorizzazione e mostra le informazioni sugli accessi falliti contenute in -/var/log/faillog\&. -.RE -.PP -\fBFAKE_SHELL\fR (testo) -.RS 4 -Se impostato, -\fBlogin\fR -eseguir\(`a questa shell al posto di quella utente specificata in -/etc/passwd\&. -.RE -.PP -\fBFTMP_FILE\fR (testo) -.RS 4 -Se impostato, gli accessi falliti verranno tracciati in questo file nel formato utmp\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (testo) -.RS 4 -Se definito, questo file inibisce quanto stampato durante l\*(Aqaccesso\&. Se viene specificato un percorso completo, la modalit\(`a silenziosa (hushed) viene attivata se in quel file \(`e presente il nome dell\*(Aqutente o della shell dell\*(Aqutente\&. Se il percorso non \(`e completo, allora la modalit\(`a silenziosa viene attivata se quel file \(`e presente nella directory home dell\*(Aqutente\&. -.RE -.PP -\fBISSUE_FILE\fR (testo) -.RS 4 -Se definito, il file verr\(`a mostrato prima del prompt di login\&. -.RE -.PP -\fBKILLCHAR\fR (numerico) -.RS 4 -Il carattere da usare sul terminale per cancellare l\*(Aqintera riga (\fI025\fR -= CTRL\-U) -.sp -Il valore deve avere il prefisso \(Fo0\(Fc se in ottale, o \(Fo0x\(Fc se esadecimale\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (booleano) -.RS 4 -Abilita la memorizzazione e la stampa delle informazioni sulle date degli ultimi accessi in /var/log/lastlog\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (numerico) -.RS 4 -Massimo numero di tentativi di accesso per password errata\&. -.RE -.PP -\fBLOGIN_STRING\fR (testo) -.RS 4 -Il testo da utilizzare per richiedere la password\&. Il valore predefinito \(`e \(FoPassword: \(Fc o una sua traduzione\&. Se si imposta questa variabile allora il testo non verr\(`a tradotto\&. -.sp -Se il testo contiene -\fI%s\fR, questo verr\(`a sostituito dal nome dell\*(Aqutente\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (numerico) -.RS 4 -Numero massimo di secondi per l\*(Aqaccesso\&. -.RE -.PP -\fBLOG_OK_LOGINS\fR (booleano) -.RS 4 -Abilita la tracciatura degli accessi avvenuti con successo\&. -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqinclusione dei nomi utente sconosciuti quando si registrano gli accessi falliti\&. -.sp -Nota: memorizzare i nomi sconosciuti potrebbe diventare un problema legato alla sicurezza se un utente inserisce la propria password al posto del nome utente\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (testo) -.RS 4 -Abilita la verifica e stampa a video dello stato della casella di posta al momento dell\*(Aqaccesso al sistema\&. -.sp -Andrebbe disabilitato se i file di avvio della shell effettuano gi\(`a questo controllo (\(Fomailx \-e\(Fc o equivalente)\&. -.RE -.PP -\fBMAIL_DIR\fR (testo) -.RS 4 -La directory di spool per la posta\&. Questa \(`e necessaria per manipolare la casella di posta quando il corrispondente account utente viene modificato o cancellato\&. Se non \(`e specificata viene utilizzato un valore impostato al momento della compilazione\&. -.RE -.PP -\fBMAIL_FILE\fR (testo) -.RS 4 -Imposta la posizione delle caselle di posta degli utenti relative alla loro directory home\&. -.RE -.PP -Le variabili -\fBMAIL_DIR\fR -e -\fBMAIL_FILE\fR -vengono utilizzate da -\fBuseradd\fR, -\fBusermod\fR -e -\fBuserdel\fR -per creare, spostare e cancellare le caselle di posta dell\*(Aqutente\&. -.PP -Se -\fBMAIL_CHECK_ENAB\fR -\(`e impostata a -\fIyes\fR -allora sono anche utilizzate per impostare la variabile d\*(Aqambiente -\fBMAIL\fR\&. -.PP -\fBMOTD_FILE\fR (testo) -.RS 4 -Se definito \(`e una lista di nomi di file con \(Fomessaggi del giorno\(Fc separati da \(Fo:\(Fc che vengono mostrati subito dopo l\*(Aqaccesso\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (testo) -.RS 4 -Se definito \(`e il nome di un file che impedisce l\*(Aqaccesso degli utenti non root\&. Il suo contenuto dovrebbe essere un messaggio che indica il motivo per il quale l\*(Aqaccesso \(`e impedito\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (booleano) -.RS 4 -Abilita la verifica delle restrizioni temporali specificate in -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqimpostazione di limiti di risorsa definiti in -/etc/limits -e ulimit, umask e livello di \(Fonice\(Fc in base al campo gecos del passwd dell\*(Aqutente\&. -.RE -.PP -\fBTTYGROUP\fR (testo), \fBTTYPERM\fR (testo) -.RS 4 -I permessi del terminale: il tty usato per l\*(Aqaccesso sar\(`a di propriet\(`a del gruppo -\fBTTYGROUP\fR -e avr\(`a permessi impostati a -\fBTTYPERM\fR\&. -.sp -In maniera predefinita la propriet\(`a del terminale sar\(`a impostata al gruppo primario dell\*(Aqutente, mentre i permessi saranno -\fI0600\fR\&. -.sp -\fBTTYGROUP\fR -pu\(`o essere il nome del gruppo o il suo identificativo numerico\&. -.sp -Se si ha il comando -\fBwrite\fR -che \(`e \(Fosetgid\(Fc e ha un gruppo speciale che possiede i terminali, definire TTYGROUP con lo stesso gruppo e TTYPERM a 0620\&. Altrimenti lasciare TTYGROUP commentato e assegnare TTYPERM a 622 o 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (testo) -.RS 4 -Se definito si tratta di un file che mappa le linee tty nella variabile d\*(Aqambiente TERM\&. Ogni riga del file \(`e in un formato tipo \(Fovt100 tty01\(Fc\&. -.RE -.PP -\fBULIMIT\fR (numerico) -.RS 4 -Valore -\fBulimit\fR -predefinito\&. -.RE -.PP -\fBUMASK\fR (numerico) -.RS 4 -La maschera di permessi alla creazione dei file \(`e inizializzata con questo valore\&. Se non specificato la maschera viene impostata a 022\&. -.sp -\fBuseradd\fR -e -\fBnewusers\fR -usano questa maschera per impostare i permessi della directory home che creano\&. -.sp -Viene anche utilizzata da -\fBlogin\fR -per definire la maschera iniziale dell\*(Aqutente\&. Notare che questa maschera pu\(`o essere modificata dalla riga GECOS dell\*(Aqutente (se -\fBQUOTAS_ENAB\fR -\(`e impostato) o specificando un limite con l\*(Aqidentificativo -\fIK\fR -in -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqimpostazione dei bit di gruppo di umask in modo che siano gli stessi dei bit del proprietario (esempio: 022 \-> 002, 077 \-> 007) per utenti non root a condizione che uid e gid siano identici e che il nome utente sia lo stesso del gruppo primario\&. -.sp -Se impostato a -\fIyes\fR, -\fBuserdel\fR -canceller\(`a il gruppo dell\*(Aqutente se non contiene altri membri, e -\fBuseradd\fR -creer\(`a automaticamente un gruppo con lo stesso nome dell\*(Aqutente\&. -.RE -.SH "FILE" -.PP -/var/run/utmp -.RS 4 -Elenco delle sessioni attive\&. -.RE -.PP -/var/log/wtmp -.RS 4 -Elenco delle precedenti sessioni di login\&. -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/motd -.RS 4 -File di sistema con il messaggio del giorno\&. -.RE -.PP -/etc/nologin -.RS 4 -Impedisce l\*(Aqaccesso al sistema per utenti diversi da root\&. -.RE -.PP -/etc/ttytype -.RS 4 -Elenco di tipi di terminale\&. -.RE -.PP -$HOME/\&.hushlogin -.RS 4 -Impedisce che vengano mostrati i messaggi di sistema\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VEDERE ANCHE" -.PP -\fBmail\fR(1), -\fBpasswd\fR(1), -\fBsh\fR(1), -\fBsu\fR(1), -\fBlogin.defs\fR(5), -\fBnologin\fR(5), -\fBpasswd\fR(5), -\fBsecuretty\fR(5), -\fBgetty\fR(8)\&. diff --git a/man/it/man1/newgrp.1 b/man/it/man1/newgrp.1 deleted file mode 100644 index 512f480a..00000000 --- a/man/it/man1/newgrp.1 +++ /dev/null @@ -1,94 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "NEWGRP" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -newgrp \- effettua l\*(Aqaccesso a un nuovo gruppo -.SH "SINOSSI" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIgruppo\fR] -.SH "DESCRIZIONE" -.PP -\fBnewgrp\fR -permette di cambiare il proprio ID di gruppo durante una sessione di login\&. Se viene specificato -\fB\-\fR, l\*(Aqambiente dell\*(Aqutente viene reinizializzato come se l\*(Aqutente stesse effettuando il login, altrimenti l\*(Aqambiente non viene modificato e la directory corrente non viene cambiata\&. -.PP -\fBnewgrp\fR -cambia l\*(AqID di gruppo attuale reale in base al gruppo passato come argomento oppure, se non si passa nessun argomento, al gruppo predefinito nel file -/etc/passwd\&. -\fBnewgrp\fR -cerca anche di inserire il gruppo tra quelli dell\*(Aqutente\&. Se non si tratta di root, all\*(Aqutente viene chiesta una password nel caso che il gruppo lo richieda e l\*(Aqutente non ne abbia (n\('e in -/etc/shadow -se l\*(Aqutente \(`e definito anche l\(`i, n\('e in -/etc/passwd -altrimenti), oppure se l\*(Aqutente non \(`e elencato tra i membri del gruppo e il gruppo ha una password\&. Viene negato l\*(Aqaccesso all\*(Aqutente nel caso che la password del gruppo sia vuota e l\*(Aqutente non ne faccia parte\&. -.PP -Se c\*(Aq\(`e una voce per questo gruppo nel file -/etc/gshadow, allora l\*(Aqelenco dei membri e la password di questo gruppo sono presi da questo file, altrimenti verr\(`a presa la voce da -/etc/group\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBSYSLOG_SG_ENAB\fR (booleano) -.RS 4 -Abilita il tracciamento dell\*(Aqattivit\(`a di -\fBsg\fR -su \(Fosyslog\(Fc\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/it/man1/passwd.1 b/man/it/man1/passwd.1 deleted file mode 100644 index 70447cf3..00000000 --- a/man/it/man1/passwd.1 +++ /dev/null @@ -1,316 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "PASSWD" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -passwd \- cambia la password utente -.SH "SINOSSI" -.HP \w'\fBpasswd\fR\ 'u -\fBpasswd\fR [\fIopzioni\fR] [\fILOGIN\fR] -.SH "DESCRIZIONE" -.PP -\fBpasswd\fR -cambia la password per account utente\&. Un utente normale pu\(`o solo cambiare la password per il proprio account, mentre il super utente pu\(`o cambiarla per qualsiasi account\&. -\fBpasswd\fR -modifica anche l\*(Aqaccount o il periodo di validit\(`a della password associata\&. -.SS "Modifiche delle password" -.PP -All\*(Aqutente viene prima chiesta la propria password attuale, se presente\&. Questa password viene cifrata e confrontata con quella memorizzata\&. All\*(Aqutente viene data solo una possibilit\(`a di inserire la password corretta\&. Il super utente salta questo passo in modo da poter modificare password dimenticate\&. -.PP -Dopo che la password \(`e stata inserita, vengono controllati i parametri dell\*(Aqinvecchiamento delle password per verificare che l\*(Aqutente possa modificarla in questo momento\&. In caso negativo -\fBpasswd\fR -non fa cambiare la password ed esce\&. -.PP -All\*(Aqutente viene quindi chiesto di inserire la nuova password due volte\&. Le due password sono confrontate e devono essere uguali affinch\('e la password venga accettata\&. -.PP -Quindi viene misurata la complessit\(`a della password\&. In linea di massima le password dovrebbero contenere dai 6 agli 8 caratteri, includendovi uno o pi\(`u caratteri da ciascuno dei seguenti insiemi: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -lettere minuscole -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numeri da 0 a 9 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -segni di punteggiatura -.RE -.PP -Si deve fare attenzione a non inserire il carattere di cancellazione o di kill (azzeramento della riga)\&. -\fBpasswd\fR -non accetta password non sufficientemente complesse\&. -.SS "Suggerimenti per password utente" -.PP -La sicurezza di una password dipende dalla forza dell\*(Aqalgoritmo e dalla dimensione della chiave utilizzata\&. Il metodo originale di cifratura del sistema -\fIUNIX\fR -si basa sull\*(Aqalgoritmo NBS DES\&. Adesso sono da preferisi metodi di cifratura pi\(`u recenti (vedere -\fBENCRYPT_METHOD\fR)\&. La dimensione della chiave dipende dall\*(Aqaleatoriet\(`a della password indicata\&. -.PP -La compromissione di una password avviene normalmente a seguito di incuria nella scelta o nella gestione della password\&. Per questo motivo non si devono utilizzare password che appaiono nei dizionari o che devono essere scritte\&. La password non deve essere uno nome proprio, il numero della patente, la data di nascita o l\*(Aqindirizzo\&. Uno qualunque di questi potrebbe essere indovinato per violare la sicurezza del sistema\&. -.PP -Si possono trovare indicazioni su come scegliere una password forte su http://en\&.wikipedia\&.org/wiki/Password_strength -.SH "OPZIONI" -.PP -Il comando -\fBpasswd\fR -accetta le seguenti opzioni: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Questa opzione pu\(`o essere utilizzata solo con -\fB\-S\fR -e mostra lo stato per ogni utente\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR -.RS 4 -Cancella la password utente (la rende vuota)\&. Questo \(`e un metodo veloce per disabilitare la password per l\*(Aqaccount\&. Imposta l\*(Aqaccount indicato come senza password\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expire\fR -.RS 4 -Fa scadere subito la password dell\*(Aqutente\&. Il che ha l\*(Aqeffetto di forzare un cambio password al successivo accesso da parte dell\*(Aqutente\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINATTIVO\fR -.RS 4 -Questa opzione viene utilizzata per disabilitare un account dopo che la password \(`e scaduta da un certo numero di giorni\&. Dopo che un account ha una password che \(`e scaduta da -\fIINATTIVO\fR -giorni, l\*(Aqutente non pu\(`o pi\(`u accedere con l\*(Aqaccount\&. -.RE -.PP -\fB\-k\fR, \fB\-\-keep\-tokens\fR -.RS 4 -Indica che il cambio password va effettuato solo per i token (password) di autenticazione scaduti\&. L\*(Aqutente vuole mantenere inalterati i token non scaduti\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\fR -.RS 4 -Blocca la password dell\*(Aqaccount indicato\&. Questa opzione disabilita una password modificandola in modo che non corrisponda a nessun valore cifrato (aggiunge un \(Fo!\(Fc all\*(Aqinizio della password)\&. -.sp -Notare che questo non disabilita l\*(Aqaccount\&. L\*(Aqutente pu\(`o sempre accedere al sistema tramite altri token di autenticazione (ad esempio una chiave SSH)\&. Per disabilitare l\*(Aqaccount l\*(Aqamministratore deve usare -\fBusermod \-\-expiredate 1\fR -(che imposta la data di scadenza al 2 gennaio 1970)\&. -.sp -Gli utenti con password bloccata non la possono cambiare\&. -.RE -.PP -\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_GIORNI\fR -.RS 4 -Imposta il numero minimo di giorni tra i cambi di password a -\fIMIN_GIORNI\fR\&. Un valore pari a zero indica che l\*(Aqutente pu\(`o cambiare la propria password in qualsiasi momento\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Modalit\(`a silenziosa\&. -.RE -.PP -\fB\-r\fR, \fB\-\-repository\fR\ \&\fIREPOSITORY\fR -.RS 4 -cambia la password nel repository -\fIREPOSITORY\fR -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-S\fR, \fB\-\-status\fR -.RS 4 -Visualizza le informazioni sullo stato di un account\&. Lo stato consiste di 7 campi\&. Il primo campo \(`e il nome dell\*(Aqutente\&. Il secondo campo indica se l\*(Aqaccount ha una password bloccata (L), non ha password (NP) o ha una password valida (P)\&. Il terzo campo contiene la data di ultima modifica della password\&. I successivi quattro campi sono l\*(Aqet\(`a minima, la massima, il periodo di avviso e quello di inattivit\(`a\&. Queste et\(`a sono espresse in giorni\&. -.RE -.PP -\fB\-u\fR, \fB\-\-unlock\fR -.RS 4 -Sblocca la password dell\*(Aqaccount indicato\&. Questa opzione riabilita la password riportandola al suo valore precedente (il valore che c\*(Aqera prima di usare l\*(Aqopzione -\fB\-l\fR)\&. -.RE -.PP -\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIAVVISO_GIORNI\fR -.RS 4 -Imposta il numero di giorni di preavviso prima che sia obbligatorio cambiare la password\&. L\*(Aqopzione -\fIAVVISO_GIORNI\fR -indica il numero di giorni precedenti alla scadenza della password durante i quali l\*(Aqutente viene avvertito dell\*(Aqimminente scadenza\&. -.RE -.PP -\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_GIORNI\fR -.RS 4 -Imposta il massimo numero di giorni che una password rimane valida\&. Dopo -\fIMAX_GIORNI\fR -viene richiesto di cambiare la password\&. -.RE -.SH "AVVISI/CAVEAT" -.PP -Il controllo della complessit\(`a delle password varia da sistema a sistema\&. All\*(Aqutente \(`e caldamente consigliato si utilizzare una password che ritenga sufficientemente complessa\&. -.PP -Gli utenti possono non essere in grado di cambiare la propria password se NIS \(`e abilitato ed essi non sono collegati al server NIS\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBENCRYPT_METHOD\fR (testo) -.RS 4 -Definisce l\*(Aqalgoritmo di cifratura predefinito per le password (se non ne viene specificato uno a riga di comando)\&. -.sp -Pu\(`o avere uno dei seguenti valori: -\fIDES\fR -(predefinito), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Nota: questo parametro ha la precedenza sulla variabile -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (booleano) -.RS 4 -Indica se le password vanno cifrate usando l\*(Aqalgoritmo basato su MD5\&. Se impostato a -\fIyes\fR -le nuove password saranno cifrate usando un algoritmo basato su MD5 e compatibile con quello delle versioni pi\(`u recenti di FreeBSD\&. Supporta password di lunghezza qualsiasi e testi \(Fosalt\(Fc pi\(`u lunghi\&. Impostare a -\fIno\fR -se si devono copiare password su altri sistemi che non gestiscono l\*(Aqalgoritmo\&. Il valore predefinito \(`e -\fIno\fR\&. -.sp -Questa variabile ha meno priorit\(`a della variabile -\fBENCRYPT_METHOD\fR -e di qualsiasi opzione a riga di comando che imposta un algoritmo di cifratura\&. -.sp -Questa variabile non \(`e pi\(`u usata\&. Si dovrebbe utilizzare -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (booleano) -.RS 4 -Abilita controlli addizionali durante il cambio password\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (booleano) -.RS 4 -Avvisa riguardo password deboli (anche se le permette egualmente) se si \(`e root\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (numerico) -.RS 4 -Massimo numero di tentativi per cambiare una password (troppo facile)\&. -.RE -.PP -\fBPASS_MAX_LEN\fR (numerico), \fBPASS_MIN_LEN\fR (numerico) -.RS 4 -Numero di caratteri significativi della password per crypt()\&. -\fBPASS_MAX_LEN\fR -\(`e normalmente 8\&. Da non cambiare a meno che la propria crypt() sia migliore\&. Questo viene ignorato se -\fBMD5_CRYPT_ENAB\fR -\(`e impostata a -\fIyes\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (numerico), \fBSHA_CRYPT_MAX_ROUNDS\fR (numerico) -.RS 4 -Quando -\fBENCRYPT_METHOD\fR -vale -\fISHA256\fR -o -\fISHA512\fR, questo definisce il numero di cicli SHA usati per l\*(Aqalgoritmo di cifratura (quando il numero di cicli non \(`e impostato a riga di comando)\&. -.sp -Con molti cicli \(`e pi\(`u difficile trovare una password usando la forza bruta\&. Ma va notato che \(`e richiesta maggiore potenza di calcolo per autenticare gli utenti\&. -.sp -Se non specificato sar\(`a la libc a scegliere il numero di cicli (5000)\&. -.sp -Il valore deve essere compreso tra 1\&.000 e 999\&.999\&.999\&. -.sp -Se viene impostato solo uno tra -\fBSHA_CRYPT_MIN_ROUNDS\fR -e -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora l\*(Aqunico valore viene utilizzato\&. -.sp -Se -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora viene utilizzato il maggiore\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBpasswd\fR -restituisce i seguenti valori: -.SH "VEDERE ANCHE" -.PP -\fBchpasswd\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBlogin.defs\fR(5),\fBusermod\fR(8)\&. diff --git a/man/it/man1/sg.1 b/man/it/man1/sg.1 deleted file mode 100644 index 9d182d01..00000000 --- a/man/it/man1/sg.1 +++ /dev/null @@ -1,94 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "SG" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -sg \- esegue un comando con un diverso ID di gruppo -.SH "SINOSSI" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [comando\ [\-c]\ group] -.SH "DESCRIZIONE" -.PP -Il comando -\fBsg\fR -funziona in maniera analoga a -\fBnewgrp\fR, ma accetta un comando che viene eseguito con la shell -/bin/sh\&. La maggior parte delle shell che permettono l\*(Aquso di -\fBsg\fR -richiede che i comandi composti da pi\(`u parole siano inclusi tra apici\&. Un\*(Aqaltra differenza tra -\fBnewgrp\fR -e -\fBsg\fR -\(`e che alcune shell trattano -\fBnewgrp\fR -in maniera speciale, sostituendo se stesse con la shell creata da -\fBnewgrp\fR\&. Questo non accade con -\fBsg\fR, per cui all\*(Aquscita del comando -\fBsg\fR -si ritorna al precedente ID di gruppo\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBSYSLOG_SG_ENAB\fR (booleano) -.RS 4 -Abilita il tracciamento dell\*(Aqattivit\(`a di -\fBsg\fR -su \(Fosyslog\(Fc\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/it/man1/su.1 b/man/it/man1/su.1 deleted file mode 100644 index c777b543..00000000 --- a/man/it/man1/su.1 +++ /dev/null @@ -1,453 +0,0 @@ -'\" t -.\" Title: su -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi utente -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "SU" "1" "09/05/2014" "shadow\-utils 4\&.2" "Comandi utente" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -su \- cambia ID utente o diventa amministratore -.SH "SINOSSI" -.HP \w'\fBsu\fR\ 'u -\fBsu\fR [\fIopzioni\fR] [\fInome\fR] -.SH "DESCRIZIONE" -.PP -\fBsu\fR -permette di diventare un altro utente durante una sessione di login\&. Se nessun -\fBnome\fR -utente viene specificato, -\fBsu\fR -acquisice i privilegi di amministratore\&. L\*(Aqopzione -\fB\-\fR -pu\(`o essere usata per fornire un ambiente simile a quello che l\*(Aqutente troverebbe se effettuasse il login direttamente\&. -.PP -Dopo il nome utente, \(`e possibile specificare argomenti aggiuntivi da passare alla shell di login dell\*(Aqutente\&. In particolare, molti interpreti di comando adottano la convenzione per cui l\*(Aqopzione -\fB\-c\fR -seguita da un argomento fa s\(`i che quest\*(Aqultimo sia considerato un comando\&. Il comando viene eseguito dalla shell specificata in -/etc/passwd -per l\*(Aqutente di destinazione\&. -.PP -Si pu\(`o utilizzare -\fB\-\-\fR -per separare le opzioni di -\fBsu\fR -dagli argomenti passati alla shell\&. -.PP -All\*(Aqutente viene quindi chiesta la password, se necessario\&. Una password errata viene segnalata da un messaggio d\*(Aqerrore\&. Viene effettuato il log di tutti i tentativi, siano essi riusciti o meno, al fine di rilevare ogni abuso del sistema\&. -.PP -Le variabili d\*(Aqambiente in uso vengono passate alla nuova shell, eccetto il valore di -\fB$PATH\fR -che viene impostato a -/bin:/usr/bin -per gli utenti qualsiasi e a -/sbin:/bin:/usr/sbin:/usr/bin -per l\*(Aqamministratore\&. Questa impostazione \(`e controllata dalle definizioni -\fIENV_PATH\fR -ed -\fIENV_SUPATH\fR -in -/etc/login\&.defs\&. -.PP -Un sottosistema di login \(`e indicato dalla presenza del carattere \(Fo*\(Fc all\*(Aqinizio della shell di login\&. La directory home impostata sar\(`a utilizzata come root di un nuovo file system al quale l\*(Aqutente accede\&. -.SH "OPZIONI" -.PP -Il comando -\fBsu\fR -accetta le seguenti opzioni: -.PP -\fB\-c\fR, \fB\-\-command\fR\ \&\fICOMANDO\fR -.RS 4 -Specifica un comando che verr\(`a invocato dalla shell tramite la sua opzione -\fB\-c\fR\&. -.sp -The executed command will have no controlling terminal\&. This option cannot be used to execute interactive programs which need a controlling TTY\&. -.RE -.PP -\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR -.RS 4 -Fornisce un ambiente simile a quello che un utente si attende quando effettua direttamente il login\&. -.sp -When -\fB\-\fR -is used, it must be specified before any -\fBusername\fR\&. For portability it is recommended to use it as last option, before any -\fBusername\fR\&. The other forms (\fB\-l\fR -and -\fB\-\-login\fR) do not have this restriction\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -La shell che verr\(`a invocata\&. -.sp -La shell invocata viene scelta da (in ordine di priorit\(`a): -.PP -.RS 4 -La shell specificata con \-\-shell\&. -.RE -.PP -.RS 4 -Se viene usato -\fB\-\-preserve\-environment\fR, la shell specificata dalla variabile d\*(Aqambiente -\fB$SHELL\fR\&. -.RE -.PP -.RS 4 -La shell indicata nel file -/etc/passwd -per l\*(Aqutente target\&. -.RE -.PP -.RS 4 -/bin/sh -se gli altri metodi falliscono\&. -.RE -.sp -Se l\*(Aqutente target ha una shell con restrizioni (cio\(`e se la sua shell presente in -/etc/passwd -non \(`e presente in -/etc/shells), allora l\*(Aqopzione -\fB\-\-shell\fR -e la variabile d\*(Aqambiente -\fB$SHELL\fR -non vengono prese in considerazione a meno che -\fBsu\fR -sia invocato da root\&. -.RE -.PP -\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR -.RS 4 -Mantiene l\*(Aqambiente attuale, fatta eccezione per: -.PP -\fB$PATH\fR -.RS 4 -reimpostato in accordo alle opzioni -\fBENV_PATH\fR -o -\fBENV_SUPATH\fR -del file -/etc/login\&.defs -(vedi sotto); -.RE -.PP -\fB$IFS\fR -.RS 4 -reimpostato a -\(Fo\(Fc -se era impostato\&. -.RE -.sp -Se l\*(Aqutente target ha una shell con restrizioni, questa opzione non ha effetto (a meno che -\fBsu\fR -sia invocato da root)\&. -.sp -Notare che il comportamento predefinito per l\*(Aqambiente \(`e il seguente: -.PP -.RS 4 -Le variabili d\*(Aqambiente -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$USER\fR, -\fB$LOGNAME\fR, -\fB$PATH\fR -e -\fB$IFS\fR -sono reimpostate\&. -.RE -.PP -.RS 4 -Se l\*(Aqopzione -\fB\-\-login\fR -non \(`e usata, l\*(Aqambiente \(`e copiato con l\*(Aqeccezione delle variabili elencate sopra\&. -.RE -.PP -.RS 4 -Se l\*(Aqopzione -\fB\-\-login\fR -\(`e utilizzata, le variabili -\fB$TERM\fR, -\fB$COLORTERM\fR, -\fB$DISPLAY\fR -e -\fB$XAUTHORITY\fR -sono copiate se risultano impostate\&. -.RE -.PP -.RS 4 -Se l\*(Aqopzione -\fB\-\-login\fR -\(`e utilizzata, le variabili d\*(Aqambiente -\fB$TZ\fR, -\fB$HZ\fR -e -\fB$MAIL\fR -sono impostate in accordo alle opzioni -\fBENV_TZ\fR, -\fBENV_HZ\fR, -\fBMAIL_DIR\fR -e -\fBMAIL_FILE\fR -specificate nel file -/etc/login\&.defs -(vedi sotto)\&. -.RE -.PP -.RS 4 -Se l\*(Aqopzione -\fB\-\-login\fR -\(`e utilizzata, altre variabili d\*(Aqambiente potrebbero essere impostate dal file -\fBENVIRON_FILE\fR -(vedi sotto)\&. -.RE -.RE -.SH "AVVISI/CAVEAT" -.PP -Questa versione di -\fBsu\fR -ha molte opzioni di compilazione; solo una parte di esse potrebbe essere in uso su un determinato sistema\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBCONSOLE\fR (testo) -.RS 4 -Se definito, o il percorso completo di un file che contiene l\*(Aqelenco di nomi di device (uno per riga) oppure un elenco di nomi di device separati da \(Fo:\(Fc\&. L\*(Aqaccesso come root verr\(`a permesso solo attraverso questi device\&. -.sp -Se non definito, root potr\(`a accedere da qualsiasi device\&. -.sp -Il nome di device deve essere specificato senza il prefisso /dev\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (testo) -.RS 4 -Elenco di gruppi da aggiungere ai gruppi supplementari dell\*(Aqutente quando questi accede dalla console (come determinato dalla impostazione CONSOLE)\&. Il valore predefinito \(`e nullo\&. - -Usare con cautela \- \(`e possibile che gli utenti ottengano l\*(Aqaccesso permanente a questi gruppi anche se non accedono dalla console\&. -.RE -.PP -\fBDEFAULT_HOME\fR (booleano) -.RS 4 -Indica se permettere l\*(Aqaccesso al sistema anche se non si pu\(`o accedere alla directory home\&. Il valore predefinito \(`e no\&. -.sp -Se impostato a -\fIyes\fR, l\*(Aqutente acceder\(`a alla directory root (/) nel caso che non sia possibile accedere alla propria directory home\&. -.RE -.PP -\fBENV_HZ\fR (testo) -.RS 4 -Se impostato viene utilizzato per definire il valore della variabile d\*(Aqambiente HZ al login dell\*(Aqutente\&. Il valore deve essere preceduto da -\fIHZ=\fR\&. Un valore comune per Linux \(`e -\fIHZ=100\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (testo) -.RS 4 -Se questo file esiste ed \(`e leggibile, l\*(Aqambiente di login viene letto da l\(`i\&. Ogni riga deve essere nella forma nome=valore\&. -.sp -Le righe che iniziano con \(Fo#\(Fc sono trattate come commenti e ignorate\&. -.RE -.PP -\fBENV_PATH\fR (testo) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (testo) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (testo) -.RS 4 -Se impostato viene usato per definire la variabile d\*(Aqambiente TZ al login dell\*(Aqutente\&. Il valore pu\(`o essere il nome di una \(Fotimezone\(Fc preceduta da -\fITZ=\fR -(ad esempio -\fITZ=CST6CDT\fR), o il percorso completo di un file che contenga la specifica della \(Fotimezone\(Fc (ad esempio -/etc/tzname)\&. -.sp -Se viene specificato il percorso completo di un file che per\(`o non esiste o non pu\(`o essere letto, allora viene utilizzato il valore predefinito -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBLOGIN_STRING\fR (testo) -.RS 4 -Il testo da utilizzare per richiedere la password\&. Il valore predefinito \(`e \(FoPassword: \(Fc o una sua traduzione\&. Se si imposta questa variabile allora il testo non verr\(`a tradotto\&. -.sp -Se il testo contiene -\fI%s\fR, questo verr\(`a sostituito dal nome dell\*(Aqutente\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (testo) -.RS 4 -Abilita la verifica e stampa a video dello stato della casella di posta al momento dell\*(Aqaccesso al sistema\&. -.sp -Andrebbe disabilitato se i file di avvio della shell effettuano gi\(`a questo controllo (\(Fomailx \-e\(Fc o equivalente)\&. -.RE -.PP -\fBMAIL_DIR\fR (testo) -.RS 4 -La directory di spool per la posta\&. Questa \(`e necessaria per manipolare la casella di posta quando il corrispondente account utente viene modificato o cancellato\&. Se non \(`e specificata viene utilizzato un valore impostato al momento della compilazione\&. -.RE -.PP -\fBMAIL_FILE\fR (testo) -.RS 4 -Imposta la posizione delle caselle di posta degli utenti relative alla loro directory home\&. -.RE -.PP -Le variabili -\fBMAIL_DIR\fR -e -\fBMAIL_FILE\fR -vengono utilizzate da -\fBuseradd\fR, -\fBusermod\fR -e -\fBuserdel\fR -per creare, spostare e cancellare le caselle di posta dell\*(Aqutente\&. -.PP -Se -\fBMAIL_CHECK_ENAB\fR -\(`e impostata a -\fIyes\fR -allora sono anche utilizzate per impostare la variabile d\*(Aqambiente -\fBMAIL\fR\&. -.PP -\fBQUOTAS_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqimpostazione di limiti di risorsa definiti in -/etc/limits -e ulimit, umask e livello di \(Fonice\(Fc in base al campo gecos del passwd dell\*(Aqutente\&. -.RE -.PP -\fBSULOG_FILE\fR (testo) -.RS 4 -Se definito, tutta l\*(Aqattivit\(`a di \(Fosu\(Fc viene tracciata in questo file\&. -.RE -.PP -\fBSU_NAME\fR (testo) -.RS 4 -Se definito \(`e il nome del comando da mostrare quando si esegue \(Fosu \-\(Fc\&. Ad esempio, se lo di definisce come \(Fosu\(Fc allora \(Fops\(Fc mostrer\(`a che il comando \(`e \(Fo\-su\(Fc\&. Se non definito, \(Fops\(Fc mostrer\(`a il nome della shell invocata, come \(Fo\-sh\(Fc\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (booleano) -.RS 4 -Se -\fIyes\fR, l\*(Aqutente deve essere elencato come membro del primo gruppo con gid 0 in -/etc/group -(chiamato -\fIroot\fR -in molti sistemi Linux) perch\('e sia possibile usare -\fBsu\fR -verso account con uid 0\&. Se il gruppo non esiste o \(`e vuoto, nessuno potr\(`a utilizzare -\fBsu\fR -verso uid 0\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (booleano) -.RS 4 -Abilita la tracciatura su \(Fosyslog\(Fc dell\*(Aqattivit\(`a di -\fBsu\fR, oltre a quella sul file \(Fosulog\(Fc\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqimpostazione dei bit di gruppo di umask in modo che siano gli stessi dei bit del proprietario (esempio: 022 \-> 002, 077 \-> 007) per utenti non root a condizione che uid e gid siano identici e che il nome utente sia lo stesso del gruppo primario\&. -.sp -Se impostato a -\fIyes\fR, -\fBuserdel\fR -canceller\(`a il gruppo dell\*(Aqutente se non contiene altri membri, e -\fBuseradd\fR -creer\(`a automaticamente un gruppo con lo stesso nome dell\*(Aqutente\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VALORI RESTITUITI" -.PP -In caso di successo, il valore restituito da -\fBsu\fR -\(`e quello del comando da esso eseguito\&. -.PP -Se questo comando \(`e terminato da un segnale, -\fBsu\fR -restituisce il numero del segnale pi\(`u 128\&. -.PP -Se \(Fosu\(Fc deve terminare il comando (perch\('e gli \(`e stato chiesto di terminare ma il comando non \(`e terminato in tempo), -\fBsu\fR -restituisce 255\&. -.PP -Alcuni dei codici d\*(Aquscita di -\fBsu\fR -sono indipendenti dal comando eseguito: -.PP -\fI0\fR -.RS 4 -successo (solo -\fB\-\-help\fR) -.RE -.PP -\fI1\fR -.RS 4 -Errore di sistema o di autenticazione -.RE -.PP -\fI126\fR -.RS 4 -Il comando richiesto non \(`e stato trovato -.RE -.PP -\fI127\fR -.RS 4 -Il comando richiesto non pu\(`o essere eseguito -.RE -" -.SH "VEDERE ANCHE" -.PP -\fBlogin\fR(1), -\fBlogin.defs\fR(5), -\fBsg\fR(1), -\fBsh\fR(1)\&. diff --git a/man/it/man3/getspnam.3 b/man/it/man3/getspnam.3 deleted file mode 100644 index cd473da3..00000000 --- a/man/it/man3/getspnam.3 +++ /dev/null @@ -1 +0,0 @@ -.so man3/shadow.3 diff --git a/man/it/man3/shadow.3 b/man/it/man3/shadow.3 deleted file mode 100644 index 31474213..00000000 --- a/man/it/man3/shadow.3 +++ /dev/null @@ -1,240 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Chiamate di libreria -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "SHADOW" "3" "09/05/2014" "shadow\-utils 4\&.2" "Chiamate di libreria" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -shadow, getspnam \- routine per file delle password cifrate -.SH "SINTASSI" -.PP -\fI#include \fR -.PP -\fIstruct spwd *getspent();\fR -.PP -\fIstruct spwd *getspnam(char\fR\fI*nome\fR\fI);\fR -.PP -\fIvoid setspent();\fR -.PP -\fIvoid endspent();\fR -.PP -\fIstruct spwd *fgetspent(FILE\fR\fI*fp\fR\fI);\fR -.PP -\fIstruct spwd *sgetspent(char\fR\fI*cp\fR\fI);\fR -.PP -\fIint putspent(struct spwd\fR\fI*p,\fR\fIFILE\fR\fI*fp\fR\fI);\fR -.PP -\fIint lckpwdf();\fR -.PP -\fIint ulckpwdf();\fR -.SH "DESCRIZIONE" -.PP -\fIshadow\fR -manipola il contenuto del file delle password shadow, -/etc/shadow\&. La struttura nel file -\fI#include\fR -\(`e la seguente: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct spwd { - char *sp_namp; /* login dell\*(Aqutente */ - char *sp_pwdp; /* password cifrata */ - long int sp_lstchg; /* ultimo cambio della password */ - long int sp_min; /* giorni minimi tra i cambi */ - long int sp_max; /* giorni massimi tra i cambi */ - long int sp_warn; /* giorni di preavviso */ - long int sp_inact; /* giorni di inattivit\(`a */ - long int sp_expire; /* data di scadenza dell\*(Aqaccount */ - unsigned long int sp_flag; /* riservato per uso futuro */ -} - -.fi -.if n \{\ -.RE -.\} -.PP -Ciascun campo significa: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_namp \- puntatore a una stringa null\-terminated che contiene il nome utente\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_pwdp \- puntatore a una stringa null\-terminated che contiene la password\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_lstchg \- giorni trascorsi dal 1 gennaio 1970 al momento in cui la password \(`e stata cambiata l\*(Aqultima volta\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_min \- giorni prima dei quali la password non pu\(`o essere cambiata\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_max \- giorni dopo i quali la password deve essere cambiata\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_warn \- giorni prima della scadenza della password in cui l\*(Aqutente viene avvertito\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_inact \- giorni dopo la scadenza della password dopo i quali l\*(Aqaccount viene considerato inattivo e disabilitato\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_expire \- giorni a partire dal 1 gennaio 1970 dopo i quali l\*(Aqaccount viene disabilitato\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_flag \- riservato per uso futuro\&. -.RE -.SH "DESCRIZIONE" -.PP -\fIgetspent\fR, -\fIgetspname\fR, -\fIfgetspent\fR -e -\fIsgetspent\fR -restituiscono tutte un puntatore a uno -\fIstruct spwd\fR\&. -\fIgetspent\fR -restituisce la voce successiva nel file, -\fIfgetspent\fR -la voce successiva nello stream specificato, che si suppone sia un file nel formato corretto\&. -\fIsgetspent\fR -restituisce un puntatore a uno -\fIstruct spwd\fR -usando come input la stringa fornita\&. -\fIgetspnam\fR -cerca una voce che corrisponde a -\fIname\fR -partendo dalla posizione corrente nel file\&. -.PP -\fIsetspent\fR -e -\fIendspent\fR -sono usate rispettivamente per iniziare e terminare l\*(Aqaccesso al file delle password shadow\&. -.PP -Le funzioni -\fIlckpwdf\fR -e -\fIulckpwdf\fR -si usano per garantire l\*(Aqaccesso esclusivo al file -/etc/shadow\&. -\fIlckpwdf\fR -prova ad acquisire il lock tramite -\fIpw_lock\fR -per un massimo di 15 secondi, dopodich\('e tenta di ottenere un secondo lock usando -\fIspw_lock\fR -per il tempo che rimane dei 15 secondi iniziali\&. Se anche uno solo dei due tentativi fallisce dopo un totale di 15 secondi, -\fIlckpwdf\fR -restituisce \-1, mentre restituisce 0 se riesce ad acquisire entrambi i lock\&. -.SH "DIAGNOSTICA" -.PP -Le funzioni restituiscono NULL se non ci sono altre voci disponibili o se si verifica un errore durante l\*(Aqelaborazione\&. Le funzioni di tipo -\fIint\fR -restituiscono 0 in caso di successo e \-1 in caso di errore\&. -.SH "AVVISI/CAVEAT" -.PP -Queste funzioni possono essere usate solo dall\*(Aqamministratore, perch\('e l\*(Aqaccesso al file delle password shadow \(`e riservato\&. -.SH "FILE" -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBgetpwent\fR(3), -\fBshadow\fR(5)\&. diff --git a/man/it/man5/faillog.5 b/man/it/man5/faillog.5 deleted file mode 100644 index 581c58d0..00000000 --- a/man/it/man5/faillog.5 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "FAILLOG" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -faillog \- file di log degli accessi falliti -.SH "DESCRIZIONE" -.PP -/var/log/faillog -mantiene un contatore di accessi falliti e dei vari limiti per ogni account\&. -.PP -Questo file \(`e composto da record di lunghezza fissa, indicizzati dal valore numerico di UID\&. Ciascun record contiene il conteggio degli accessi falliti a partire dall\*(Aqultimo login corretto, il numero massimo di tentativi permessi prima che l\*(Aqaccount venga disabilitato, il terminale sul quale l\*(Aqultimo tentativo fallito \(`e avvenuto, la data in cui \(`e avvenuto, e infine il periodo (in secondi) durante il quale l\*(Aqaccount verr\(`a bloccato a seguito di un fallimento\&. -.PP -La struttura del file \(`e la seguente: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct faillog { - short fail_cnt; - short fail_max; - char fail_line[12]; - time_t fail_time; - long fail_locktime; -}; -.fi -.if n \{\ -.RE -.\} -.SH "FILE" -.PP -/var/log/faillog -.RS 4 -File per tracciare gli accessi falliti\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBfaillog\fR(8) diff --git a/man/it/man5/gshadow.5 b/man/it/man5/gshadow.5 deleted file mode 100644 index ff4446ec..00000000 --- a/man/it/man5/gshadow.5 +++ /dev/null @@ -1,101 +0,0 @@ -'\" t -.\" Title: gshadow -.\" Author: Nicolas Fran\(,cois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "GSHADOW" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -gshadow \- file shadow per i gruppi -.SH "DESCRIZIONE" -.PP -\fI/etc/gshadow\fR -contiene le informazioni shadow sugli account di gruppo\&. -.PP -Questo file non deve essere leggibile dagli utenti normali se si vuole mantenere la sicurezza sulle password\&. -.PP -Ogni riga di questo file contiene questi campi separati da due punti: -.PP -\fBnome del gruppo\fR -.RS 4 -Deve essere un nome di gruppo valido, che esista nel sistema\&. -.RE -.PP -\fBpassword cifrata\fR -.RS 4 -Fare riferimento a -\fBcrypt\fR(3) -per dettagli sul modo in cui questa stringa viene interpretata\&. -.sp -Se il campo password contiene un testo che non sia un risultato valido di -\fBcrypt\fR(3), ad esempio ! o *, gli utenti non potranno accedere a quel gruppo utilizzando la password unix (ma i membri del gruppo non necessitano di password)\&. -.sp -La password \(`e utilizzata quanto un utente che non \(`e membro del gruppo cerca di ottenerne i permessi (vedere -\fBnewgrp\fR(1))\&. -.sp -Questo campo pu\(`o essere vuoto, nel qual caso solo i membri del gruppo possono ottenere i permessi del gruppo\&. -.sp -Se il campo password inizia con un punto esclamativo vuol dire che la password \(`e bloccata\&. I restanti caratteri del campo sono il contenuto del campo password prima che venisse bloccata\&. -.sp -Questa password ha la precedenza su ogni altra specificata in -/etc/group\&. -.RE -.PP -\fBamministratori\fR -.RS 4 -Deve essere una lista di nomi utente separati da virgole\&. -.sp -Gli amministratori possono cambiare la password o i membri del gruppo\&. -.sp -Gli amministratori hanno anche gli stessi permessi dei membri (vedere sotto), -.RE -.PP -\fBmembri\fR -.RS 4 -Deve essere una lista di nomi utente separati da virgole\&. -.sp -I membri possono accedere al gruppo senza che ne sia richiesta la password\&. -.sp -Si dovrebbe utilizzare la stessa lista di utenti di -/etc/group\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBgpasswd\fR(5), -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBgrpconv\fR(8), -\fBnewgrp\fR(1)\&. diff --git a/man/it/man5/limits.5 b/man/it/man5/limits.5 deleted file mode 100644 index 1e517f11..00000000 --- a/man/it/man5/limits.5 +++ /dev/null @@ -1,275 +0,0 @@ -'\" t -.\" Title: limits -.\" Author: Luca Berra -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "LIMITS" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -limits \- definizione dei limiti di risorsa -.SH "DESCRIZIONE" -.PP -Il file -\fIlimits\fR -(/etc/limits -o quanto definito da LIMITS_FILE in -config\&.h) descrive i limiti di risorsa che si vuole imporre\&. Deve essere di propriet\(`a di root e leggibile solo dall\*(Aqaccount root\&. -.PP -In maniera predefinita non c\*(Aq\(`e nessun limite alla quota di \(Foroot\(Fc\&. In effetti non c\*(Aq\(`e nessun modo per imporre una quota massima tramite questa procedura agli account equivalenti a root (cio\(`e tutti quelli con UID 0)\&. -.PP -Ogni riga descrive un limite per l\*(Aqutente in questo formato: -.PP -\fIutente TESTO_LIMITE\fR -.PP -oppure nel formato: -.PP -\fI@gruppo TESTO_LIMITE\fR -.PP -Dove -\fITESTO_LIMITE\fR -\(`e un testo dato dalla concatenazione di vari limiti di risorsa\&. Ogni limite consiste di una lettera identificativa seguita dal limite numerico\&. -.PP -Gli identificatori validi sono: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -A: spazio massimo di indirizzamento (kB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -C: dimensione massima dei file \(Focore\(Fc (kB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -D: spazio massimo per i dati (kB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -F: dimensione massima di file (kB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -K: maschera dei permessi per i file creati, impostata da -\fBumask\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -I: massimo valore di \(Fonice\(Fc (0\&.\&.39 che viene tradotto in 20\&.\&.\-19) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -L: massimo numero di accessi per questo utente -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -M: massima quantit\(`a di memoria bloccata (della quale non si pu\(`o fare \(Foswap\(Fc) (kB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -N: numero massimo di file aperti -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -O: massima priorit\(`a \(Foreal time\(Fc -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -P: priorit\(`a di processo, impostata con -\fBsetpriority\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -R: massimo \(Foresident set size\(Fc (kB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -S: dimensione massima della pila (kB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -T: quantit\(`a massima di tempo CPU (MIN) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -U: massimo numero di processi -.RE -.PP -Ad esempio, -\fIL2D2048N5\fR -\(`e uno testo valido per -\fITESTO_LIMITE\fR\&. Per sempicit\(`a di lettura le seguenti scritture sono equivalenti: -.sp -.if n \{\ -.RS 4 -.\} -.nf - nomeutente L2D2048N5 - nomeutente L2 D2048 N5 - -.fi -.if n \{\ -.RE -.\} -.PP -Notare che dopo -\fInomeutente\fR -il resto della riga \(`e considerato il testo del limite, quindi non sono ammessi commenti a fine riga\&. Un testo limite non valido verr\(`a ignorato dal programma -\fBlogin\fR\&. -.PP -L\*(Aqimpostazione predefinita \(`e quella che ha come nome utente \(Fo\fI*\fR\(Fc\&. Se si hanno varie righe -\fIpredefinite\fR -nel file -\fILIMITS_FILE\fR -verr\(`a utilizzata solo l\*(Aqultima\&. -.PP -I limiti specificati nella forma \(Fo\fI@gruppo\fR\(Fc si applicano ai membri del -\fIgruppo\fR -specificato\&. -.PP -Se ci sono pi\(`u righe per lo stesso utente nel file limits, allora solo la prima verr\(`a considerata\&. -.PP -Se non ci sono righe specifiche per un utente, verr\(`a presa l\*(Aqultima riga -\fI@group\fR -relativa ad un gruppo del quale l\*(Aqutente \(`e membro, oppure l\*(Aqultima riga con limiti predefiniti se non si trova nessuna riga con gruppi dell\*(Aqutente\&. -.PP -Per eliminare completamente l\*(Aqimpostazione di limiti per un certo utente, si pu\(`o utilizzare \(Fo\fI\-\fR\(Fc\&. -.PP -Per disabilitare i limiti per un utente, un singolo trattino \(Fo\fI\-\fR\(Fc pu\(`o essere utilizzato al posto del valore numerico del limite\&. -.PP -Notare inoltre che tutte queste impostazioni sono effettuate ad ogni accesso\&. Non si tratta di impostazioni globali n\('e permanenti\&. Forse limiti globali saranno possibili in futuro, ma per ora devono bastare questi ;) -.SH "FILE" -.PP -/etc/limits -.RS 4 -.RE -.SH "VEDERE ANCHE" -.PP -\fBlogin\fR(1), -\fBsetpriority\fR(2), -\fBsetrlimit\fR(2)\&. diff --git a/man/it/man5/login.access.5 b/man/it/man5/login.access.5 deleted file mode 100644 index 3288a84e..00000000 --- a/man/it/man5/login.access.5 +++ /dev/null @@ -1,65 +0,0 @@ -'\" t -.\" Title: login.access -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "LOGIN\&.ACCESS" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -login.access \- tabella di controllo accessi -.SH "DESCRIZIONE" -.PP -Il file -\fIlogin\&.access\fR -specifica le combinazioni (utente, macchina) e/o (utente, terminale) per le quali un accesso sia accettato o rifiutato\&. -.PP -Quando avviene un accesso, il file -.PP -Ogni riga della tabella di controllo degli accessi ha tre campi separati dal carattere \(Fo:\(Fc: -.PP -\fIpermesso\fR:\fIutenti\fR:\fIorigini\fR -.PP -Il primo campo dovrebbe essere il carattere \(Fo\fI+\fR\(Fc (accesso concesso) o \(Fo\fI\-\fR\(Fc (accesso negato)\&. Il secondo campo dovrebbe essere un elenco di nomi utente o gruppi oppure -\fIALL\fR -(sempre vero)\&. Il terzo campo dovrebbe essere una lista di uno o pi\(`u nomi di terminale (per accesso locale), nomi di macchina, nomi di dominio (con il carattere \(Fo\&.\(Fc all\*(Aqinizio), indirizzi di macchina, numeri di rete internet (termina con il carattere \(Fo\&.\(Fc), -\fIALL\fR -(sempre vero) oppure -\fILOCAL\fR -(corrisponde a ogni testo che non contenga il carattere \(Fo\&.\(Fc)\&. Se si usa NIS si pu\(`o usare @nomenetgroup come nome macchina o utente\&. -.PP -L\*(Aqoperatore -\fIEXCEPT\fR -permette di scrivere regole molto compatte\&. -.PP -La ricerca nel file dei gruppi avviene solo quando il nome non corrisponde a quello dell\*(Aqutente che accede\&. I gruppi che possono corrispondere sono solo quelli nei quali l\*(Aqutente \(`e esplicitamente elencato: il programma non controlla l\*(Aqid del gruppo primario dell\*(Aqutente\&. -.SH "FILE" -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VEDERE ANCHE" -.PP -\fBlogin\fR(1)\&. diff --git a/man/it/man5/login.defs.5 b/man/it/man5/login.defs.5 deleted file mode 100644 index 902cf824..00000000 --- a/man/it/man5/login.defs.5 +++ /dev/null @@ -1,823 +0,0 @@ -'\" t -.\" Title: login.defs -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "LOGIN\&.DEFS" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -login.defs \- configurazione del pacchetto password shadow -.SH "DESCRIZIONE" -.PP -Il file -/etc/login\&.defs -contiene la configurazione specifica per questo sistema relativa al pacchetto password shadow\&. Questo file \(`e obbligatorio\&. La sua assenza non bloccer\(`a l\*(Aqutilizzo del sistema, ma probabilmente sar\(`a causa di risultati non desiderati\&. -.PP -Questo file \(`e un file di testo leggibile nel quale ogni riga descrive un parametro di configurazione\&. Le righe consistono di una coppia nome valore separati da spazi\&. Le righe vuote e di commento sono ignorate\&. I commenti iniziano con con il simbolo "#" che deve essere il primo carattere diverso da spazio della riga\&. -.PP -I valori dei parametri possono essere di quattro tipi: testo, booleano, numerico e numerico lungo\&. Un testo pu\(`o contenere qualsiasi carattere stampabile\&. Un booleano dovrebbe essere uno tra -\fIyes\fR -e -\fIno\fR\&. Un parametro dal valore booleano non definito oppure uno che ha un valore diverso da quelli permessi verr\(`a equiparato al valore -\fIno\fR\&. I numerici (sia normali che lunghi) possono essere decimali, ottali (preceduti da -\fI0\fR) o esadecimali (preceduti da -\fI0x\fR)\&. Il valore massimo dei numerici normali e lunghi \(`e dipendente dalla macchina\&. -.PP -Sono forniti i seguenti parametri di configurazione: -.PP -\fBCHFN_AUTH\fR (booleano) -.RS 4 -Se -\fIyes\fR, il programma -\fBchfn\fR -richieder\(`a l\*(Aqautenticazione prima di apportare qualsiasi modifica, a meno che non sia eseguito dal super utente\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (testo) -.RS 4 -Questo parametro specifica quali valori del campo -\fIgecos\fR -del file -/etc/passwd -possono essere cambiati da utenti normali usando il programma -\fBchfn\fR\&. Pu\(`o essere una combinazione qualsiasi delle lettere -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR -per \(FoNome completo (f)\(Fc, \(FoNumero stanza (r)\(Fc, \(FoTelefono di lavoro (w)\(Fc e \(FoTelefono di casa (h)\(Fc\&. Per compatibilit\(`a con precedenti versioni, -\fIyes\fR -\(`e quivalente a -\fIrwh\fR -e -\fIno\fR -\(`e equivalente a -\fIfrwh\fR\&. Se non specificato, solo il super utente pu\(`o effettuare modifiche\&. Le impostazioni pi\(`u stringenti si ottengono installando -\fBchfn\fR -non SUID\&. -.RE -.PP -\fBCHSH_AUTH\fR (booleano) -.RS 4 -Se -\fIyes\fR, il comando -\fBchsh\fR -richieder\(`a l\*(Aqautenticazione prima di apportare qualsiasi modifica, a meno che sia utilizzato dal super utente\&. -.RE -.PP -\fBCONSOLE\fR (testo) -.RS 4 -Se definito, o il percorso completo di un file che contiene l\*(Aqelenco di nomi di device (uno per riga) oppure un elenco di nomi di device separati da \(Fo:\(Fc\&. L\*(Aqaccesso come root verr\(`a permesso solo attraverso questi device\&. -.sp -Se non definito, root potr\(`a accedere da qualsiasi device\&. -.sp -Il nome di device deve essere specificato senza il prefisso /dev\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (testo) -.RS 4 -Elenco di gruppi da aggiungere ai gruppi supplementari dell\*(Aqutente quando questi accede dalla console (come determinato dalla impostazione CONSOLE)\&. Il valore predefinito \(`e nullo\&. - -Usare con cautela \- \(`e possibile che gli utenti ottengano l\*(Aqaccesso permanente a questi gruppi anche se non accedono dalla console\&. -.RE -.PP -\fBCREATE_HOME\fR (booleano) -.RS 4 -Indica se per i nuovi utenti va creata la directory home\&. -.sp -Questa impostazione non viene applicata agli utenti di sistema e pu\(`o essere modificata sulla riga di comando\&. -.RE -.PP -\fBDEFAULT_HOME\fR (booleano) -.RS 4 -Indica se permettere l\*(Aqaccesso al sistema anche se non si pu\(`o accedere alla directory home\&. Il valore predefinito \(`e no\&. -.sp -Se impostato a -\fIyes\fR, l\*(Aqutente acceder\(`a alla directory root (/) nel caso che non sia possibile accedere alla propria directory home\&. -.RE -.PP -\fBENCRYPT_METHOD\fR (testo) -.RS 4 -Definisce l\*(Aqalgoritmo di cifratura predefinito per le password (se non ne viene specificato uno a riga di comando)\&. -.sp -Pu\(`o avere uno dei seguenti valori: -\fIDES\fR -(predefinito), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Nota: questo parametro ha la precedenza sulla variabile -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBENV_HZ\fR (testo) -.RS 4 -Se impostato viene utilizzato per definire il valore della variabile d\*(Aqambiente HZ al login dell\*(Aqutente\&. Il valore deve essere preceduto da -\fIHZ=\fR\&. Un valore comune per Linux \(`e -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (testo) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (testo) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (testo) -.RS 4 -Se impostato viene usato per definire la variabile d\*(Aqambiente TZ al login dell\*(Aqutente\&. Il valore pu\(`o essere il nome di una \(Fotimezone\(Fc preceduta da -\fITZ=\fR -(ad esempio -\fITZ=CST6CDT\fR), o il percorso completo di un file che contenga la specifica della \(Fotimezone\(Fc (ad esempio -/etc/tzname)\&. -.sp -Se viene specificato il percorso completo di un file che per\(`o non esiste o non pu\(`o essere letto, allora viene utilizzato il valore predefinito -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (testo) -.RS 4 -Se questo file esiste ed \(`e leggibile, l\*(Aqambiente di login viene letto da l\(`i\&. Ogni riga deve essere nella forma nome=valore\&. -.sp -Le righe che iniziano con \(Fo#\(Fc sono trattate come commenti e ignorate\&. -.RE -.PP -\fBERASECHAR\fR (numerico) -.RS 4 -Carattere ERASE del terminale (\fI010\fR -= backspace, -\fI0177\fR -= Canc)\&. -.sp -Il valore deve avere il prefisso \(Fo0\(Fc se in ottale, o \(Fo0x\(Fc se esadecimale\&. -.RE -.PP -\fBFAIL_DELAY\fR (numerico) -.RS 4 -Numero di secondi prima che venga concesso un ulteriore tentativo dopo un accesso fallito\&. -.RE -.PP -\fBFAILLOG_ENAB\fR (booleano) -.RS 4 -Abilita la memorizzazione e mostra le informazioni sugli accessi falliti contenute in -/var/log/faillog\&. -.RE -.PP -\fBFAKE_SHELL\fR (testo) -.RS 4 -Se impostato, -\fBlogin\fR -eseguir\(`a questa shell al posto di quella utente specificata in -/etc/passwd\&. -.RE -.PP -\fBFTMP_FILE\fR (testo) -.RS 4 -Se impostato, gli accessi falliti verranno tracciati in questo file nel formato utmp\&. -.RE -.PP -\fBGID_MAX\fR (numerico), \fBGID_MIN\fR (numerico) -.RS 4 -Intervallo di ID di gruppo per la creazione di gruppi normali tramite -\fBuseradd\fR, -\fBgroupadd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBGID_MIN\fR -(rispettivamente -\fBGID_MAX\fR) \(`e 1000 (rispettivmente 60000)\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (testo) -.RS 4 -Se definito, questo file inibisce quanto stampato durante l\*(Aqaccesso\&. Se viene specificato un percorso completo, la modalit\(`a silenziosa (hushed) viene attivata se in quel file \(`e presente il nome dell\*(Aqutente o della shell dell\*(Aqutente\&. Se il percorso non \(`e completo, allora la modalit\(`a silenziosa viene attivata se quel file \(`e presente nella directory home dell\*(Aqutente\&. -.RE -.PP -\fBISSUE_FILE\fR (testo) -.RS 4 -Se definito, il file verr\(`a mostrato prima del prompt di login\&. -.RE -.PP -\fBKILLCHAR\fR (numerico) -.RS 4 -Il carattere da usare sul terminale per cancellare l\*(Aqintera riga (\fI025\fR -= CTRL\-U) -.sp -Il valore deve avere il prefisso \(Fo0\(Fc se in ottale, o \(Fo0x\(Fc se esadecimale\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (booleano) -.RS 4 -Abilita la memorizzazione e la stampa delle informazioni sulle date degli ultimi accessi in /var/log/lastlog\&. -.RE -.PP -\fBLOG_OK_LOGINS\fR (booleano) -.RS 4 -Abilita la tracciatura degli accessi avvenuti con successo\&. -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqinclusione dei nomi utente sconosciuti quando si registrano gli accessi falliti\&. -.sp -Nota: memorizzare i nomi sconosciuti potrebbe diventare un problema legato alla sicurezza se un utente inserisce la propria password al posto del nome utente\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (numerico) -.RS 4 -Massimo numero di tentativi di accesso per password errata\&. -.RE -.PP -\fBLOGIN_STRING\fR (testo) -.RS 4 -Il testo da utilizzare per richiedere la password\&. Il valore predefinito \(`e \(FoPassword: \(Fc o una sua traduzione\&. Se si imposta questa variabile allora il testo non verr\(`a tradotto\&. -.sp -Se il testo contiene -\fI%s\fR, questo verr\(`a sostituito dal nome dell\*(Aqutente\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (numerico) -.RS 4 -Numero massimo di secondi per l\*(Aqaccesso\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (testo) -.RS 4 -Abilita la verifica e stampa a video dello stato della casella di posta al momento dell\*(Aqaccesso al sistema\&. -.sp -Andrebbe disabilitato se i file di avvio della shell effettuano gi\(`a questo controllo (\(Fomailx \-e\(Fc o equivalente)\&. -.RE -.PP -\fBMAIL_DIR\fR (testo) -.RS 4 -La directory di spool per la posta\&. Questa \(`e necessaria per manipolare la casella di posta quando il corrispondente account utente viene modificato o cancellato\&. Se non \(`e specificata viene utilizzato un valore impostato al momento della compilazione\&. -.RE -.PP -\fBMAIL_FILE\fR (testo) -.RS 4 -Imposta la posizione delle caselle di posta degli utenti relative alla loro directory home\&. -.RE -.PP -Le variabili -\fBMAIL_DIR\fR -e -\fBMAIL_FILE\fR -vengono utilizzate da -\fBuseradd\fR, -\fBusermod\fR -e -\fBuserdel\fR -per creare, spostare e cancellare le caselle di posta dell\*(Aqutente\&. -.PP -Se -\fBMAIL_CHECK_ENAB\fR -\(`e impostata a -\fIyes\fR -allora sono anche utilizzate per impostare la variabile d\*(Aqambiente -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (booleano) -.RS 4 -Indica se le password vanno cifrate usando l\*(Aqalgoritmo basato su MD5\&. Se impostato a -\fIyes\fR -le nuove password saranno cifrate usando un algoritmo basato su MD5 e compatibile con quello delle versioni pi\(`u recenti di FreeBSD\&. Supporta password di lunghezza qualsiasi e testi \(Fosalt\(Fc pi\(`u lunghi\&. Impostare a -\fIno\fR -se si devono copiare password su altri sistemi che non gestiscono l\*(Aqalgoritmo\&. Il valore predefinito \(`e -\fIno\fR\&. -.sp -Questa variabile ha meno priorit\(`a della variabile -\fBENCRYPT_METHOD\fR -e di qualsiasi opzione a riga di comando che imposta un algoritmo di cifratura\&. -.sp -Questa variabile non \(`e pi\(`u usata\&. Si dovrebbe utilizzare -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBMOTD_FILE\fR (testo) -.RS 4 -Se definito \(`e una lista di nomi di file con \(Fomessaggi del giorno\(Fc separati da \(Fo:\(Fc che vengono mostrati subito dopo l\*(Aqaccesso\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (testo) -.RS 4 -Se definito \(`e il nome di un file che impedisce l\*(Aqaccesso degli utenti non root\&. Il suo contenuto dovrebbe essere un messaggio che indica il motivo per il quale l\*(Aqaccesso \(`e impedito\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (booleano) -.RS 4 -Abilita controlli addizionali durante il cambio password\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (booleano) -.RS 4 -Avvisa riguardo password deboli (anche se le permette egualmente) se si \(`e root\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (numerico) -.RS 4 -Massimo numero di tentativi per cambiare una password (troppo facile)\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (numerico) -.RS 4 -Il numero massimo di giorni che una password pu\(`o essere utilizzata\&. Se la password \(`e pi\(`u vecchia verr\(`a imposto il suo cambiamento\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (numerico) -.RS 4 -Il numero minimo di giorni tra due cambiamenti di password\&. Ogni tentativo di cambiare la password prima di questo periodo verr\(`a rifiutato\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (numerico) -.RS 4 -Il numero di giorni per i quali un utente va avvisato che la sua password sta per scadere\&. Se zero l\*(Aqutente viene avvisato solo alla scadenza\&. Un valore negativo indica che non si deve avvisare mai\&. Se non specificato allora non c\*(Aq\(`e nessun avviso\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR, -\fBPASS_MIN_DAYS\fR -e -\fBPASS_WARN_AGE\fR -sono utilizzate solo al momento della creazione dell\*(Aqaccount\&. Qualsiasi cambiamento di queste impostazioni non modifica gli account preesistenti\&. -.PP -\fBPASS_MAX_LEN\fR (numerico), \fBPASS_MIN_LEN\fR (numerico) -.RS 4 -Numero di caratteri significativi della password per crypt()\&. -\fBPASS_MAX_LEN\fR -\(`e normalmente 8\&. Da non cambiare a meno che la propria crypt() sia migliore\&. Questo viene ignorato se -\fBMD5_CRYPT_ENAB\fR -\(`e impostata a -\fIyes\fR\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (booleano) -.RS 4 -Abilita la verifica delle restrizioni temporali specificate in -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqimpostazione di limiti di risorsa definiti in -/etc/limits -e ulimit, umask e livello di \(Fonice\(Fc in base al campo gecos del passwd dell\*(Aqutente\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (numerico), \fBSHA_CRYPT_MAX_ROUNDS\fR (numerico) -.RS 4 -Quando -\fBENCRYPT_METHOD\fR -vale -\fISHA256\fR -o -\fISHA512\fR, questo definisce il numero di cicli SHA usati per l\*(Aqalgoritmo di cifratura (quando il numero di cicli non \(`e impostato a riga di comando)\&. -.sp -Con molti cicli \(`e pi\(`u difficile trovare una password usando la forza bruta\&. Ma va notato che \(`e richiesta maggiore potenza di calcolo per autenticare gli utenti\&. -.sp -Se non specificato sar\(`a la libc a scegliere il numero di cicli (5000)\&. -.sp -Il valore deve essere compreso tra 1\&.000 e 999\&.999\&.999\&. -.sp -Se viene impostato solo uno tra -\fBSHA_CRYPT_MIN_ROUNDS\fR -e -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora l\*(Aqunico valore viene utilizzato\&. -.sp -Se -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora viene utilizzato il maggiore\&. -.RE -.PP -\fBSULOG_FILE\fR (testo) -.RS 4 -Se definito, tutta l\*(Aqattivit\(`a di \(Fosu\(Fc viene tracciata in questo file\&. -.RE -.PP -\fBSU_NAME\fR (testo) -.RS 4 -Se definito \(`e il nome del comando da mostrare quando si esegue \(Fosu \-\(Fc\&. Ad esempio, se lo di definisce come \(Fosu\(Fc allora \(Fops\(Fc mostrer\(`a che il comando \(`e \(Fo\-su\(Fc\&. Se non definito, \(Fops\(Fc mostrer\(`a il nome della shell invocata, come \(Fo\-sh\(Fc\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (booleano) -.RS 4 -Se -\fIyes\fR, l\*(Aqutente deve essere elencato come membro del primo gruppo con gid 0 in -/etc/group -(chiamato -\fIroot\fR -in molti sistemi Linux) perch\('e sia possibile usare -\fBsu\fR -verso account con uid 0\&. Se il gruppo non esiste o \(`e vuoto, nessuno potr\(`a utilizzare -\fBsu\fR -verso uid 0\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (numerico), \fBSYS_GID_MIN\fR (numerico) -.RS 4 -Intervallo di ID di gruppo utilizzato per la creazione di un gruppo di sistema da -\fBuseradd\fR, -\fBgroupadd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBSYS_GID_MIN\fR -(rispettivamente -\fBSYS_GID_MAX\fR) \(`e 101 (rispettivamente -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (numerico), \fBSYS_UID_MIN\fR (numerico) -.RS 4 -Intervallo di ID utente per la creazione degli utenti di sistema con -\fBuseradd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBSYS_UID_MIN\fR -(rispettivamente -\fBSYS_UID_MAX\fR) \(`e 101 (rispettivamente -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBSYSLOG_SG_ENAB\fR (booleano) -.RS 4 -Abilita il tracciamento dell\*(Aqattivit\(`a di -\fBsg\fR -su \(Fosyslog\(Fc\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (booleano) -.RS 4 -Abilita la tracciatura su \(Fosyslog\(Fc dell\*(Aqattivit\(`a di -\fBsu\fR, oltre a quella sul file \(Fosulog\(Fc\&. -.RE -.PP -\fBTTYGROUP\fR (testo), \fBTTYPERM\fR (testo) -.RS 4 -I permessi del terminale: il tty usato per l\*(Aqaccesso sar\(`a di propriet\(`a del gruppo -\fBTTYGROUP\fR -e avr\(`a permessi impostati a -\fBTTYPERM\fR\&. -.sp -In maniera predefinita la propriet\(`a del terminale sar\(`a impostata al gruppo primario dell\*(Aqutente, mentre i permessi saranno -\fI0600\fR\&. -.sp -\fBTTYGROUP\fR -pu\(`o essere il nome del gruppo o il suo identificativo numerico\&. -.sp -Se si ha il comando -\fBwrite\fR -che \(`e \(Fosetgid\(Fc e ha un gruppo speciale che possiede i terminali, definire TTYGROUP con lo stesso gruppo e TTYPERM a 0620\&. Altrimenti lasciare TTYGROUP commentato e assegnare TTYPERM a 622 o 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (testo) -.RS 4 -Se definito si tratta di un file che mappa le linee tty nella variabile d\*(Aqambiente TERM\&. Ogni riga del file \(`e in un formato tipo \(Fovt100 tty01\(Fc\&. -.RE -.PP -\fBUID_MAX\fR (numerico), \fBUID_MIN\fR (numerico) -.RS 4 -Intervallo di ID utente da utilizzare nella creazione degli utenti normali tramite -\fBuseradd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBUID_MIN\fR -(rispettivamente -\fBUID_MAX\fR) \(`e 1000 (rispettivamente 60000)\&. -.RE -.PP -\fBULIMIT\fR (numerico) -.RS 4 -Valore -\fBulimit\fR -predefinito\&. -.RE -.PP -\fBUMASK\fR (numerico) -.RS 4 -La maschera di permessi alla creazione dei file \(`e inizializzata con questo valore\&. Se non specificato la maschera viene impostata a 022\&. -.sp -\fBuseradd\fR -e -\fBnewusers\fR -usano questa maschera per impostare i permessi della directory home che creano\&. -.sp -Viene anche utilizzata da -\fBlogin\fR -per definire la maschera iniziale dell\*(Aqutente\&. Notare che questa maschera pu\(`o essere modificata dalla riga GECOS dell\*(Aqutente (se -\fBQUOTAS_ENAB\fR -\(`e impostato) o specificando un limite con l\*(Aqidentificativo -\fIK\fR -in -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERDEL_CMD\fR (testo) -.RS 4 -Se definito, questo comando viene eseguito quando si cancella un utente\&. Dovrebbe rimuovere tutti i compiti di stampa/cron/at di propriet\(`a dell\*(Aqutente da cancellare (passato come primo argomento)\&. -.sp -Il codice d\*(Aquscita restituito dallo script non \(`e preso in considerazione\&. -.sp -Ecco uno script di esempio che rimuove i job dell\*(Aqutente, sia di cron che at che di stampa: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Verifica la presenza dell\*(Aqargomento obbligatorio -if [ $# != 1 ]; then - echo "Uso: $0 username" - exit 1 -fi - -# Rimuove i compiti di cron -crontab \-r \-u $1 - -# Rimuove i compiti di at -# Nota che verranno rimossi tutti i compiti di propriet\(`a dello stesso UID, -# anche se condiviso con un altro nome utente\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Rimuove le stampe -lprm $1 - -# Finito\&. -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqimpostazione dei bit di gruppo di umask in modo che siano gli stessi dei bit del proprietario (esempio: 022 \-> 002, 077 \-> 007) per utenti non root a condizione che uid e gid siano identici e che il nome utente sia lo stesso del gruppo primario\&. -.sp -Se impostato a -\fIyes\fR, -\fBuserdel\fR -canceller\(`a il gruppo dell\*(Aqutente se non contiene altri membri, e -\fBuseradd\fR -creer\(`a automaticamente un gruppo con lo stesso nome dell\*(Aqutente\&. -.RE -.SH "RIFERIMENTI INCROCIATI" -.PP -I seguenti riferimenti incrociati mostrano quali programmi del pacchetto shadow password utilizzano quali parametri\&. -.PP -chfn -.RS 4 -CHFN_AUTH -CHFN_RESTRICT -LOGIN_STRING -.RE -.PP -chgpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chpasswd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENABSHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chsh -.RS 4 -CHSH_AUTH LOGIN_STRING -.RE -.PP -gpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -groupadd -.RS 4 -GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN -.RE -.PP -groupdel -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmems -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmod -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpck -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpunconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -login -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE -ERASECHAR FAIL_DELAY -FAILLOG_ENAB -FAKE_SHELL -FTMP_FILE -HUSHLOGIN_FILE -ISSUE_FILE -KILLCHAR -LASTLOG_ENAB -LOGIN_RETRIES -LOGIN_STRING -LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB -MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB -TTYGROUP TTYPERM TTYTYPE_FILE -ULIMIT UMASK -USERGROUPS_ENAB -.RE -.PP -newgrp / sg -.RS 4 -SYSLOG_SG_ENAB -.RE -.PP -newusers -.RS 4 -ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -passwd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -pwck -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -pwconv -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -su -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENVIRON_FILE -ENV_PATH ENV_SUPATH -ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB -SULOG_FILE SU_NAME -SU_WHEEL_ONLY -SYSLOG_SU_ENAB -USERGROUPS_ENAB -.RE -.PP -sulogin -.RS 4 -ENV_HZ -ENV_TZ -.RE -.PP -useradd -.RS 4 -CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -userdel -.RS 4 -"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB -.RE -.PP -usermod -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP -.RE -.SH "VEDERE ANCHE" -.PP -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBsu\fR(1), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBpam\fR(8)\&. diff --git a/man/it/man5/passwd.5 b/man/it/man5/passwd.5 deleted file mode 100644 index 14964f44..00000000 --- a/man/it/man5/passwd.5 +++ /dev/null @@ -1,177 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "PASSWD" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -passwd \- il file delle password -.SH "DESCRIZIONE" -.PP -/etc/passwd -contiene una riga per ogni account, con sette campi delimitati da due punti (\(Fo:\(Fc)\&. Questi campi sono: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -nome di login -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -password cifrata opzionale -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ID utente numerico -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ID gruppo numerico -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -nome utente o commento -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -directory home utente -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -interprete dei comandi utente opzionale -.RE -.PP -Il campo password cifrata pu\(`o essere vuoto, nel qual caso non viene richiesta nessuna password per autenticare lo specifico login\&. Tuttavia alcune applicazioni che leggono il file -/etc/passwd -possono decidere di non permettere -\fInessun\fR -accesso se il campo -\fIpassword\fR -\(`e vuoto\&. Se il campo -\fIpassword\fR -contiene solo una -\(Fox\(Fc -minuscola, la password cifrata \(`e invece memorizzata nel file -\fBshadow\fR(5); ci -\fIdeve\fR -essere una riga corrispondente nel file -/etc/shadow -altrimenti l\*(Aqaccount non sar\(`a valido\&. Se il campo -\fIpassword\fR -ha un qualsiasi altro contenuto allora viene trattato come password cifrata, come specificato da -\fBcrypt\fR(3)\&. -.PP -Il campo di commento \(`e utilizzato da vari strumenti di sistema come ad esempio -\fBfinger\fR(1)\&. -.PP -Il campo directory home fornisce il nome della directory di lavoro iniziale\&. Il programma -\fBlogin\fR -usa questa informazione per impostare il valore della variabile d\*(Aqambiente -\fB$HOME\fR\&. -.PP -Il campo interprete dei comandi fornisce il nome dell\*(Aqinterprete del linguaggio utente, o il nome del programma da invocare inizialmente\&. Il programma -\fBlogin\fR -utilizza questa informazione per impostare il valore della variabile d\*(Aqambiente -\fB$SHELL\fR\&. Se questo campo \(`e vuoto, il valore predefinito \(`e -/bin/sh\&. -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -file opzionale delle password cifrate -.RE -.PP -/etc/passwd\- -.RS 4 -Copia di backup di /etc/passwd\&. -.sp -Notare che questo file viene usato dagli strumenti del pacchetto shadow, ma non da tutti gli strumenti per la gestione di utenti e password\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBcrypt\fR(3), -\fBgetent\fR(1), -\fBgetpwnam\fR(3), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBshadow\fR(5), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/it/man5/porttime.5 b/man/it/man5/porttime.5 deleted file mode 100644 index 38bdb424..00000000 --- a/man/it/man5/porttime.5 +++ /dev/null @@ -1,98 +0,0 @@ -'\" t -.\" Title: porttime -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "PORTTIME" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -porttime \- file delle porte e degli orari d\*(Aqaccesso -.SH "DESCRIZIONE" -.PP -\fIporttime\fR -contiene un elenco di device tty, nomi utente e orari di accesso permessi\&. -.PP -Ciascuna voce \(`e composta da tre campi separati da due punti\&. Il primo \(`e un elenco di device tty, separati da virgole, oppure un asterisco per indicare che la voce corrisponde a qualsiasi device\&. Il secondo campo \(`e un elenco di nomi utente, separati da virgole, oppure un asterisco per indicare che la voce corrisponde ad ogni utente\&. Il terzo campo \(`e un elenco degli orari, separati da virgole, in cui \(`e consentito l\*(Aqaccesso\&. -.PP -Un orario di accesso consiste in zero o pi\(`u giorni della settimana abbreviati in -\fIMo\fR -(luned\(`i), -\fITu\fR, -\fIWe\fR, -\fITh\fR, -\fIFr\fR, -\fISa\fR -e -\fISu\fR -(domenica), seguiti da una coppia di orari, separati da un trattino\&. L\*(Aqabbreviazione -\fIWk\fR -rappresenta tutti i giorni da luned\(`i a venerd\(`i, mentre -\fIAl\fR -indica tutti i giorni della settimana\&. Se non si specifica alcun giorno, viene usato implicitamente -\fIAl\fR\&. -.SH "ESEMPI" -.PP -La voce seguente permette l\*(Aqaccesso all\*(Aqutente -\fBjfh\fR -da qualsiasi porta durante i giorni lavorativi dalle 9 alle 17\&. -.PP -*:jfh:Wk0900\-1700 -.PP -Le voci seguenti permettono l\*(Aqaccesso solo agli utenti -\fIroot\fR -e -\fIoper\fR -da -/dev/console -a qualsiasi ora\&. Qui viene mostrato come il file -/etc/porttime -sia una lista ordinata di orari d\*(Aqaccesso: ogni altro utente corrisponderebbe alla seconda voce, che impedisce l\*(Aqaccesso in qualsiasi orario\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - console:root,oper:Al0000\-2400 - console:*: - -.fi -.if n \{\ -.RE -.\} -.PP -La voce seguente permette l\*(Aqaccesso all\*(Aqutente -\fIgames\fR -da qualsiasi porta durante gli orari non lavorativi\&. -.PP -*:games:Wk1700\-0900,SaSu0000\-2400 -.SH "FILE" -.PP -/etc/porttime -.RS 4 -File contenente gli accessi alle porte\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBlogin\fR(1)\&. diff --git a/man/it/man5/shadow.5 b/man/it/man5/shadow.5 deleted file mode 100644 index 02c398e0..00000000 --- a/man/it/man5/shadow.5 +++ /dev/null @@ -1,148 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "SHADOW" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -shadow \- file delle password shadow -.SH "DESCRIZIONE" -.PP -shadow -\(`e un file che contiene le informazioni sulle password per gli account degli utenti e, opzionalmente, le informazioni sulla durata delle password (\(Foaging\(Fc)\&. -.PP -Questo file non deve essere leggibile dagli utenti normali se si vuole mantenere la sicurezza sulle password\&. -.PP -Ciascuna riga di questo file contiene 9 campi separati da due punti (\(Fo:\(Fc), nel seguente ordine: -.PP -\fBnome di login\fR -.RS 4 -Deve essere un nome valido di un account esistente nel sistema\&. -.RE -.PP -\fBpassword cifrata\fR -.RS 4 -Fare riferimento a -\fBcrypt\fR(3) -per dettagli sul modo in cui questa stringa viene interpretata\&. -.sp -Se il campo password contiene un testo che non \(`e un risultato valido di -\fBcrypt\fR(3), come ad esempio ! o *, l\*(Aqutente non potr\(`a accedere al sistema utilizzando la password unix (ma potr\(`a accedere al sistema in altri modi)\&. -.sp -Questo campo pu\(`o essere vuoto, nel qual caso nessuna password \(`e richiesta per l\*(Aqautenticazione di questo specifico nome di login\&. Tuttavia alcune applicazioni che leggono -/etc/shadow -possono decidere di non permettere nessun accesso se il campo password \(`e vuoto\&. -.sp -Se il campo password inizia con un punto esclamativo vuol dire che la password \(`e bloccata\&. I restanti caratteri del campo sono il contenuto del campo password prima che venisse bloccata\&. -.RE -.PP -\fBdata dell\*(Aqultimo cambio di password\fR -.RS 4 -Data dell\*(Aqultimo cambio di password espressa in numero di giorni a partire dal 1 gennaio 1970\&. -.sp -Il valore 0 ha un significato speciale, vale a dire che l\*(Aqutente deve cambiare la propria password al prossimo accesso al sistema\&. -.sp -Un campo vuoto implica che la scadenza della password \(`e disabilitata\&. -.RE -.PP -\fBet\(`a minima password\fR -.RS 4 -L\*(Aqet\(`a minima password \(`e il numero di giorni che l\*(Aqutente dovr\(`a attendere prima di poter cambiare nuovamente la propria password\&. -.sp -Un campo vuoto o con valore 0 indica che non c\*(Aq\(`e una et\(`a minima della password\&. -.RE -.PP -\fBet\(`a massima password\fR -.RS 4 -L\*(Aqet\(`a massima password \(`e il numero di giorni dopo il quale l\*(Aqutente deve cambiare la propria password\&. -.sp -Quando questo numero di giorni \(`e passato, la password pu\(`o ancora essere valida\&. All\*(Aqutente verr\(`a chiesto di cambiare la password durante il successivo accesso\&. -.sp -Un campo vuoto indica che non ci sono una et\(`a massima password, un periodo di avviso e nessun periodo di inattivit\(`a (vedere oltre)\&. -.sp -Se l\*(Aqet\(`a massima password \(`e minore dell\*(Aqet\(`a minima password, l\*(Aqutente non pu\(`o cambiare la propria password\&. -.RE -.PP -\fBperiodo avviso password\fR -.RS 4 -Il numero di giorni prima della scadenza di una password (vedere et\(`a massima password, sopra) durante il quale l\*(Aqutente riceve un avviso\&. -.sp -Un campo vuoto e il valore 0 indicano che non c\*(Aq\(`e un periodo di avviso password\&. -.RE -.PP -\fBperiodo inattivit\(`a password\fR -.RS 4 -Il numero di giorni dopo la scadenza della password (vedere et\(`a massima password, sopra) durante il quale la password \(`e ancora accettata (e l\*(Aqutente dovrebbe aggiornare la propria password al primo accesso)\&. -.sp -Dopo la scadenza della password e di questo periodo, l\*(Aqutente non potr\(`a accedere usando questa password, ma dovr\(`a contattare l\*(Aqamministratore\&. -.sp -Un campo vuoto implica che non \(`e applicato il periodo di inattivit\(`a\&. -.RE -.PP -\fBdata scadenza account\fR -.RS 4 -La data di scadenza dell\*(Aqaccount, espressa in numero di giorni dal 1 gennaio 1970\&. -.sp -Notare che la scadenza dell\*(Aqaccount differisce da quella della password\&. Nel caso di un account scaduto l\*(Aqutente non deve poter accedere ulteriormente al sistema\&. Nel caso di password scaduta invece l\*(Aqutente non \(`e abilitato ad accedere con la propria password\&. -.sp -Un campo vuoto implica che l\*(Aqaccount non scade mai\&. -.sp -Il valore 0 non andrebbe usato perch\('e potrebbe essere interpretato come account che non scade o come scaduto il 1 gennaio 1970\&. -.RE -.PP -\fBcampo riservato\fR -.RS 4 -Questo campo \(`e riservato per uso futuro\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/shadow\- -.RS 4 -Copia di backup per /etc/shadow\&. -.sp -Notare che questo file viene usato dagli strumenti del pacchetto shadow, ma non da tutti gli strumenti per la gestione di utenti e password\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBchage\fR(1), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBsu\fR(1), -\fBsulogin\fR(8) diff --git a/man/it/man5/suauth.5 b/man/it/man5/suauth.5 deleted file mode 100644 index 6fee5146..00000000 --- a/man/it/man5/suauth.5 +++ /dev/null @@ -1,144 +0,0 @@ -'\" t -.\" Title: suauth -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Formati di file e conversioni -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "SUAUTH" "5" "09/05/2014" "shadow\-utils 4\&.2" "Formati di file e conversioni" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -suauth \- file di controllo dettagliato per \(Fosu\(Fc -.SH "SINOSSI" -.HP \w'\fB/etc/suauth\fR\ 'u -\fB/etc/suauth\fR -.SH "DESCRIZIONE" -.PP -Il file -/etc/suauth -viene utilizzato all\*(Aqinvocazione del comando \(Fosu\(Fc\&. Pu\(`o cambiare il comportamento del comando in base a: -.sp -.if n \{\ -.RS 4 -.\} -.nf - 1) l\*(Aqutente che \(Fosu\(Fc sta usando come target - -.fi -.if n \{\ -.RE -.\} -.PP -2) l\*(Aqutente che sta invocando \(Fosu\(Fc (o qualsiasi gruppo del quale questi faccia parte) -.PP -Il formato del file \(`e il seguente, con le righe che iniziano con \(Fo#\(Fc trattate come commenti e ignorate; -.sp -.if n \{\ -.RS 4 -.\} -.nf - id\-finale:id\-iniziale:AZIONE - -.fi -.if n \{\ -.RE -.\} -.PP -Dove \(Foid\-finale\(Fc \(`e la parola -\fIALL\fR -(tutti), un elenco di nomi utenti separati da \(Fo,\(Fc o le parole -\fIALL EXCEPT\fR -seguite da una lista di nomi utente separati da \(Fo,\(Fc\&. -.PP -\(Foid\-iniziale\(Fc \(`e formattato come \(Foid\-iniziale\(Fc salvo il riconoscimento della parola aggiuntiva -\fIGROUP\fR\&. Anche -\fIALL EXCEPT GROUP\fR -\(`e perfettamente gestito\&. Subito dopo -\fIGROUP\fR -appaiono uno o pi\(`u nomi di gruppo separati da \(Fo,\(Fc\&. Non \(`e sufficiente avere come gruppo primario il gruppo specificato, ma deve anche esserci la relativa riga in -\fB/etc/group\fR(5)\&. -.PP -AZIONE pu\(`o essere una delle seguenti opzioni attualmente supportate\&. -.PP -\fIDENY\fR -.RS 4 -Il tentativo di usare \(Fosu\(Fc viene bloccato prima ancora che la password sia chiesta\&. -.RE -.PP -\fINOPASS\fR -.RS 4 -Il tentativo di usare \(Fosu\(Fc ha successo senza neppure chiedere la password\&. -.RE -.PP -\fIOWNPASS\fR -.RS 4 -Perch\('e \(Fosu\(Fc abbia successo, l\*(Aqutente deve inserire la propria password che verr\(`a espressamente richiesta\&. -.RE -.PP -Notare che ci sono tre campi diversi separati da \(Fo:\(Fc\&. Nessuno spazio deve affiancare i due punti\&. Notare anche che il file viene esaminato in maniera sequenziale una riga alla volta, e la prima regola applicabile viene utilizzata senza procede con la lettura delle successive\&. Questo permette all\*(Aqamministratore di sistema di impostare dei controlli allargati o puntuali, come preferisce\&. -.SH "ESEMPIO" -.sp -.if n \{\ -.RS 4 -.\} -.nf - # Esempio di file /etc/suauth - # - # Due utenti privilegiati possono usare - # su verso root con la propria password\&. - # - root:chris,birddog:OWNPASS - # - # Tutti gli altri non possono farlo a meno di non appartenere - # al groppo wheel\&. Questo \(`e come funziona in BSD\&. - # - root:ALL EXCEPT GROUP wheel:DENY - # - # Nel caso che terry e birddog siano account - # della stessa persona di permettere il passaggio - # tra loro senza richiedere la password\&. - # - terry:birddog:NOPASS - birddog:terry:NOPASS - # - -.fi -.if n \{\ -.RE -.\} -.SH "FILE" -.PP -/etc/suauth -.RS 4 -.RE -.SH "ERRORI" -.PP -Ce ne possono essere molti non visti\&. Il parser dei file \(`e particolarmente rigido sugli errori di sintassi, attendendo l\*(Aqassenza di spazi estranei (ad eccezione di inizio e fine riga) e specifici separatori per delimitare oggetti diversi\&. -.SH "DIAGNOSTICA" -.PP -Qualsiasi errore durante le lettura del file viene riportato tramite -\fBsyslogd\fR(8) -con livello ERR e \(Fofacility\(Fc AUTH\&. -.SH "VEDERE ANCHE" -.PP -\fBsu\fR(1)\&. diff --git a/man/it/man8/chgpasswd.8 b/man/it/man8/chgpasswd.8 deleted file mode 100644 index 0b6239cf..00000000 --- a/man/it/man8/chgpasswd.8 +++ /dev/null @@ -1,206 +0,0 @@ -'\" t -.\" Title: chgpasswd -.\" Author: Thomas K\(/loczko -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "CHGPASSWD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -chgpasswd \- aggiorna le password di gruppo in modalit\(`a non interattiva -.SH "SINOSSI" -.HP \w'\fBchgpasswd\fR\ 'u -\fBchgpasswd\fR [\fIopzioni\fR] -.SH "DESCRIZIONE" -.PP -Il comando -\fBchgpasswd\fR -legge un elenco di coppie di nomi gruppo e password e usa queste informazioni per aggiornare un insieme di gruppi esistenti\&. Ciascuna riga usa il formato: -.PP -\fInome_gruppo\fR:\fIpassword\fR -.PP -Come impostazione predefinita la password deve essere in chiaro ed \(`e cifrata da -\fBchgpasswd\fR\&. -.PP -L\*(Aqalgoritmo di cifratura utilizzato pu\(`o essere definito per tutto il sistema dalla variabile -\fBENCRYPT_METHOD\fR -in -/etc/login\&.defs, e pu\(`o essere modificato con le opzioni -\fB\-e\fR, -\fB\-m\fR -o -\fB\-c\fR\&. -.PP -Questo comando \(`e appositamente pensato per grossi sistemi in cui si abbia la necessit\(`a di creare molti account nello stesso momento\&. -.SH "OPZIONI" -.PP -Il comando -\fBchgpasswd\fR -accetta le seguenti opzioni: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Utilizza il metodo specificato per cifrare le password\&. -.sp -I metodi disponibili sono DES, MD5, NONE e SHA256 o SHA512 se la propria libc lo consente\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -Le password fornite sono in forma cifrata\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -Usa la cifratura MD5 anzich\('e DES quando le password fornite non sono cifrate\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Usa il numero specificato di cicli per cifrare la password\&. -.sp -Il valore 0 indica che il sistema utilizzer\(`a il numero predefinito di cicli per il metodo crypt (5000)\&. -.sp -I valori minimo di 1\&.000 e massimo di 999\&.999\&.999 sono forzati\&. -.sp -Si pu\(`o utilizzare questa opzione solo con i metodi di cifratura SHA256 o SHA512\&. -.sp -Il numero di cicli predefinito \(`e impostato con le variabili SHA_CRYPT_MIN_ROUNDS e SHA_CRYPT_MAX_ROUNDS nel file -/etc/login\&.defs\&. -.RE -.SH "AVVISI/CAVEAT" -.PP -Ricordarsi di impostare i permessi o umask in modo da prevenire la lettura in chiaro da parte di altri utenti\&. -.PP -Ci si deve accertare che le password e il metodo di cifratura rispettino le norme delle password del sistema\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBENCRYPT_METHOD\fR (testo) -.RS 4 -Definisce l\*(Aqalgoritmo di cifratura predefinito per le password (se non ne viene specificato uno a riga di comando)\&. -.sp -Pu\(`o avere uno dei seguenti valori: -\fIDES\fR -(predefinito), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Nota: questo parametro ha la precedenza sulla variabile -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (booleano) -.RS 4 -Indica se le password vanno cifrate usando l\*(Aqalgoritmo basato su MD5\&. Se impostato a -\fIyes\fR -le nuove password saranno cifrate usando un algoritmo basato su MD5 e compatibile con quello delle versioni pi\(`u recenti di FreeBSD\&. Supporta password di lunghezza qualsiasi e testi \(Fosalt\(Fc pi\(`u lunghi\&. Impostare a -\fIno\fR -se si devono copiare password su altri sistemi che non gestiscono l\*(Aqalgoritmo\&. Il valore predefinito \(`e -\fIno\fR\&. -.sp -Questa variabile ha meno priorit\(`a della variabile -\fBENCRYPT_METHOD\fR -e di qualsiasi opzione a riga di comando che imposta un algoritmo di cifratura\&. -.sp -Questa variabile non \(`e pi\(`u usata\&. Si dovrebbe utilizzare -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (numerico), \fBSHA_CRYPT_MAX_ROUNDS\fR (numerico) -.RS 4 -Quando -\fBENCRYPT_METHOD\fR -vale -\fISHA256\fR -o -\fISHA512\fR, questo definisce il numero di cicli SHA usati per l\*(Aqalgoritmo di cifratura (quando il numero di cicli non \(`e impostato a riga di comando)\&. -.sp -Con molti cicli \(`e pi\(`u difficile trovare una password usando la forza bruta\&. Ma va notato che \(`e richiesta maggiore potenza di calcolo per autenticare gli utenti\&. -.sp -Se non specificato sar\(`a la libc a scegliere il numero di cicli (5000)\&. -.sp -Il valore deve essere compreso tra 1\&.000 e 999\&.999\&.999\&. -.sp -Se viene impostato solo uno tra -\fBSHA_CRYPT_MIN_ROUNDS\fR -e -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora l\*(Aqunico valore viene utilizzato\&. -.sp -Se -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora viene utilizzato il maggiore\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VEDERE ANCHE" -.PP -\fBgpasswd\fR(1), -\fBgroupadd\fR(8), -\fBlogin.defs\fR(5)\&. diff --git a/man/it/man8/chpasswd.8 b/man/it/man8/chpasswd.8 deleted file mode 100644 index a29d1d79..00000000 --- a/man/it/man8/chpasswd.8 +++ /dev/null @@ -1,209 +0,0 @@ -'\" t -.\" Title: chpasswd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "CHPASSWD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -chpasswd \- aggiorna le password in modo non interattivo -.SH "SINOSSI" -.HP \w'\fBchpasswd\fR\ 'u -\fBchpasswd\fR [\fIopzioni\fR] -.SH "DESCRIZIONE" -.PP -\fBchpasswd\fR -legge da standard input un elenco di coppie di nomi utente e password e usa queste informazioni per aggiornare un gruppo di utenti esistenti\&. Ciascuna riga usa il formato: -.PP -\fInome_utente\fR:\fIpassword\fR -.PP -Come impostazione predefinita, si devono fornire password in chiaro che vengono poi cifrate da -\fBchpasswd\fR\&. Vengono aggiornate, se presenti, anche le informazioni sulla durata delle password\&. -.PP -L\*(Aqalgoritmo di cifratura predefinito pu\(`o essere impostato con le variabili -\fBENCRYPT_METHOD\fR -e -\fBMD5_CRYPT_ENAB\fR -in -/etc/login\&.defs, e pu\(`o essere ulteriormente modificato con le opzioni -\fB\-e\fR, -\fB\-m\fR -o -\fB\-c\fR\&. -.PP -\fBchpasswd\fR -prima aggiorna tutte le passwor in memoria, e poi scrive tutto su disco se non trova errori per nessun utente\&. -.PP -Questo comando \(`e appositamente pensato per grossi sistemi in cui si abbia la necessit\(`a di creare molti account nello stesso momento\&. -.SH "OPZIONI" -.PP -Il comando -\fBchpasswd\fR -accetta le seguenti opzioni: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR\ \&\fIMETODO\fR -.RS 4 -Utilizza il metodo specificato per cifrare le password\&. -.sp -I metodi disponibili sono DES, MD5, NONE e SHA256 o SHA512 se la propria libc lo consente\&. -.sp -Normalmente (se nessuna delle opzioni -\fB\-c\fR, -\fB\-m\fR -o -\fB\-e\fR -viene specificata), il metodo di cifratura \(`e definito dalle variabili -\fBENCRYPT_METHOD\fR -o -\fBMD5_CRYPT_ENAB\fR -in -/etc/login\&.defs\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -Le password fornite sono in forma cifrata\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -Usa la cifratura MD5 anzich\('e DES quando le password fornite non sono cifrate\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fICICLI\fR -.RS 4 -Usa il numero specificato di cicli per cifrare la password\&. -.sp -Il valore 0 indica che il sistema utilizzer\(`a il numero predefinito di cicli per il metodo crypt (5000)\&. -.sp -I valori minimo di 1\&.000 e massimo di 999\&.999\&.999 sono forzati\&. -.sp -Si pu\(`o utilizzare questa opzione solo con i metodi di cifratura SHA256 o SHA512\&. -.sp -Il numero di cicli \(`e definito dalle variabili -\fBSHA_CRYPT_MIN_ROUNDS\fR -e -\fBSHA_CRYPT_MAX_ROUNDS\fR -in -/etc/login\&.defs\&. -.RE -.SH "AVVISI/CAVEAT" -.PP -Ricordarsi di impostare i permessi o umask in modo da prevenire la lettura in chiaro da parte di altri utenti\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBENCRYPT_METHOD\fR (testo) -.RS 4 -Definisce l\*(Aqalgoritmo di cifratura predefinito per le password (se non ne viene specificato uno a riga di comando)\&. -.sp -Pu\(`o avere uno dei seguenti valori: -\fIDES\fR -(predefinito), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Nota: questo parametro ha la precedenza sulla variabile -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (booleano) -.RS 4 -Indica se le password vanno cifrate usando l\*(Aqalgoritmo basato su MD5\&. Se impostato a -\fIyes\fR -le nuove password saranno cifrate usando un algoritmo basato su MD5 e compatibile con quello delle versioni pi\(`u recenti di FreeBSD\&. Supporta password di lunghezza qualsiasi e testi \(Fosalt\(Fc pi\(`u lunghi\&. Impostare a -\fIno\fR -se si devono copiare password su altri sistemi che non gestiscono l\*(Aqalgoritmo\&. Il valore predefinito \(`e -\fIno\fR\&. -.sp -Questa variabile ha meno priorit\(`a della variabile -\fBENCRYPT_METHOD\fR -e di qualsiasi opzione a riga di comando che imposta un algoritmo di cifratura\&. -.sp -Questa variabile non \(`e pi\(`u usata\&. Si dovrebbe utilizzare -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (numerico), \fBSHA_CRYPT_MAX_ROUNDS\fR (numerico) -.RS 4 -Quando -\fBENCRYPT_METHOD\fR -vale -\fISHA256\fR -o -\fISHA512\fR, questo definisce il numero di cicli SHA usati per l\*(Aqalgoritmo di cifratura (quando il numero di cicli non \(`e impostato a riga di comando)\&. -.sp -Con molti cicli \(`e pi\(`u difficile trovare una password usando la forza bruta\&. Ma va notato che \(`e richiesta maggiore potenza di calcolo per autenticare gli utenti\&. -.sp -Se non specificato sar\(`a la libc a scegliere il numero di cicli (5000)\&. -.sp -Il valore deve essere compreso tra 1\&.000 e 999\&.999\&.999\&. -.sp -Se viene impostato solo uno tra -\fBSHA_CRYPT_MIN_ROUNDS\fR -e -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora l\*(Aqunico valore viene utilizzato\&. -.sp -Se -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora viene utilizzato il maggiore\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VEDERE ANCHE" -.PP -\fBpasswd\fR(1), -\fBnewusers\fR(8), -\fBlogin.defs\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/it/man8/faillog.8 b/man/it/man8/faillog.8 deleted file mode 100644 index 54297756..00000000 --- a/man/it/man8/faillog.8 +++ /dev/null @@ -1,160 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "FAILLOG" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -faillog \- mostra le registrazioni e imposta i limiti degli accessi falliti -.SH "SINOSSI" -.HP \w'\fBfaillog\fR\ 'u -\fBfaillog\fR [\fIopzioni\fR] -.SH "DESCRIZIONE" -.PP -\fBfaillog\fR -mostra il contentuto del database degli accessi falliti (/var/log/faillog); pu\(`o anche essere usato per impostare i conteggi e i limiti dei tentativi falliti\&. Eseguire -\fBfaillog\fR -senza argomenti per ottenere un elenco degli utenti che hanno fallito almeno un tentativo di accesso\&. -.SH "OPZIONI" -.PP -Il comando -\fBfaillog\fR -accetta le seguenti opzioni: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Mostra (o opera su) registrazioni faillog per tutti gli utenti presenti nel database -faillog\&. -.sp -L\*(Aqintervallo di utenti pu\(`o essere ristretto con l\*(Aqopzione -\fB\-u\fR\&. -.sp -Nella modalit\(`a di visualizzazione, questo \(`e gi\(`a ristretto ai soli utenti esistenti, ma vengono mostrate anche eventuali registrazioni vuote\&. -.sp -Con le opzioni -\fB\-l\fR, -\fB\-m\fR, -\fB\-r\fR -e -\fB\-t\fR, le registrazioni degli utenti sono modificate anche se l\*(Aqutente non esiste nel sistema\&. Questo \(`e utile quando si vogliono azzerare le registrazioni degli utenti cancellati, o per definire in anticipo delle norme per intervalli di utenti\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR -.RS 4 -Blocca l\*(Aqaccount per -\fISEC\fR -secondi dopo un tentativo di accesso fallito\&. -.sp -Per questa opzione \(`e necessario l\*(Aqaccesso in scrittura a -/var/log/faillog\&. -.RE -.PP -\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR -.RS 4 -Imposta a -\fIMAX\fR -il massimo numero di accessi falliti prima che l\*(Aqaccount sia disabilitato\&. -.sp -Impostare -\fIMAX\fR -al valore 0 ha l\*(Aqeffetto di non porre nessun limite al numero di accessi falliti\&. -.sp -Il numero massimo di fallimenti dovrebbe sempre essere 0 per -\fIroot\fR -in modo da evitare attacchi al sistema di tipo \(Fodenial of service\(Fc\&. -.sp -Per questa opzione \(`e necessario l\*(Aqaccesso in scrittura a -/var/log/faillog\&. -.RE -.PP -\fB\-r\fR, \fB\-\-reset\fR -.RS 4 -Azzera i contatori degli accessi falliti\&. -.sp -Per questa opzione \(`e necessario l\*(Aqaccesso in scrittura a -/var/log/faillog\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIGIORNI\fR -.RS 4 -Visualizza le registrazioni faillog pi\(`u recenti di -\fIGIORNI\fR -giorni\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIINTERVALLO\fR -.RS 4 -Mostra la registrazione degli accessi falliti o, se sono state usate le opzioni -\fB\-r\fR, -\fB\-m\fR -o -\fB\-l\fR, imposta contatori e limiti solo gli utenti specificati\&. -.sp -Gli utenti possono essere specificati utilizzando il loro nome oppure l\*(AqID numerico o tramite un -\fIINTERVALLO\fR -di utenti\&. Questo -\fIINTERVALLO\fR -di utenti ha tre forme: tra minimo e massimo (\fIUID_MIN\-UID_MAX\fR), fino ad un valore massimo (\fI\-UID_MAX\fR) o da un valore minimo (\fIUID_MIN\-\fR)\&. -.RE -.PP -Quando nessuna tra le opzioni -\fB\-l\fR, -\fB\-m\fR -o -\fB\-r\fR -\(`e utilizzata, -\fBfaillog\fR -mostra le voci dei fallimenti degli utenti specificati\&. -.SH "AVVISI/CAVEAT" -.PP -\fBfaillog\fR -mostra solo gli utenti che non hanno effettuato nessun accesso corretto dopo l\*(Aqultimo tentativo fallito\&. Un utente che abbia completato correttamente un accesso dopo l\*(Aqultimo tentativo fallito \(`e mostrato solo se viene richiesto esplicitamente con l\*(Aqopzione -\fB\-u\fR -o se viene richiesto di mostrare tutti gli utenti con l\*(Aqopzione -\fB\-a\fR\&. -.SH "FILE" -.PP -/var/log/faillog -.RS 4 -File per tracciare gli accessi falliti\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBlogin\fR(1), -\fBfaillog\fR(5)\&. diff --git a/man/it/man8/groupadd.8 b/man/it/man8/groupadd.8 deleted file mode 100644 index 79573d9f..00000000 --- a/man/it/man8/groupadd.8 +++ /dev/null @@ -1,213 +0,0 @@ -'\" t -.\" Title: groupadd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "GROUPADD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -groupadd \- crea un nuovo gruppo -.SH "SINOSSI" -.HP \w'\fBgroupadd\fR\ 'u -\fBgroupadd\fR [\fIopzioni\fR] \fIgruppo\fR -.SH "DESCRIZIONE" -.PP -Il comando -\fBgroupadd\fR -crea un nuovo account di gruppo usando i valori specificati sulla riga di comando ed i valori predefiniti dal sistema\&. Il nuovo gruppo verr\(`a aggiunto ai file di sistema secondo necessit\(`a\&. -.SH "OPZIONI" -.PP -Il comando -\fBgroupadd\fR -accetta le seguenti opzioni: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Questa opzione fa s\(`i che il comando esca con esito positivo nel caso che il gruppo esista gi\(`a\&. Quando utilizzato con l\*(Aqopzione -\fB\-g\fR, e il GID specificato esiste, un altro GID (univoco) viene scelto (cio\(`e -\fB\-g\fR -viene ignorato)\&. -.RE -.PP -"\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -Il valore numerico dell\*(Aqidentificatore (ID) del gruppo\&. Questo valore deve essere univoco, a meno che non venga usata l\*(Aqopzione -\fB\-o\fR\&. Il valore deve essere non\-negativo\&. La scelta predefinita \(`e quella di usare il minimo valore di ID maggiore o eguale a -\fBGID_MIN\fR -e superiore a qualunque altro gruppo\&. -.sp -Vedere anche l\*(Aqopzione -\fB\-r\fR -e la descrizione di -\fBGID_MAX\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR\&. -.RS 4 -Ha la precedenza sui valori predefiniti (GID_MIN, GID_MAX e altri) definiti in -/etc/login\&.defs\&. Pi\(`u opzioni -\fB\-K\fR -possono essere specificate\&. -.sp -Esempio: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \&\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR -.sp -Nota: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR -non funziona ancora\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Questa opzione permette di aggiungere un gruppo con un GID non univoco\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -La password cifrata, come restituita da -\fBcrypt\fR(3)\&. Il comportamento predefinito \(`e di disabilitare la password\&. -.sp -\fBNota:\fR -questa opzione non \(`e consigliata perch\('e la password (o password cifrata) sar\(`a visibile agli utenti che elencano i processi\&. -.sp -Ci si deve accertare che la password rispetti le norme delle password del sistema\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Crea un gruppo di sistema\&. -.sp -L\*(Aqidentificativo numerico del nuovo gruppo di sistema \(`e scelto nell\*(Aqintervallo -\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR -definito in -login\&.defs, al posto di -\fBGID_MIN\fR\-\fBGID_MAX\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBGID_MAX\fR (numerico), \fBGID_MIN\fR (numerico) -.RS 4 -Intervallo di ID di gruppo per la creazione di gruppi normali tramite -\fBuseradd\fR, -\fBgroupadd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBGID_MIN\fR -(rispettivamente -\fBGID_MAX\fR) \(`e 1000 (rispettivmente 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -\fBSYS_GID_MAX\fR (numerico), \fBSYS_GID_MIN\fR (numerico) -.RS 4 -Intervallo di ID di gruppo utilizzato per la creazione di un gruppo di sistema da -\fBuseradd\fR, -\fBgroupadd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBSYS_GID_MIN\fR -(rispettivamente -\fBSYS_GID_MAX\fR) \(`e 101 (rispettivamente -\fBGID_MIN\fR\-1)\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "AVVISI/CAVEAT" -.PP -I nomi di gruppo devono iniziare con una lettera minuscola o l\*(Aqunderscore, seguiti da lettere minuscole, cifre numeriche, underscore o trattini\&. Possono terminare con il simbolo del dollaro\&. In termini di espressioni regolari: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -I nomi di gruppo possono essere al massimo di 16 caratteri\&. -.PP -Non \(`e possibile aggiungere un gruppo NIS o LDAP\&. Questo deve essere fatto sul server corrispondente\&. -.PP -Se il nome di gruppo esiste gi\(`a in un database esterno come quello NIS o LDAP, -\fBgroupadd\fR -negher\(`a la richiesta di creazione del gruppo\&. -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBgroupadd\fR -restituisce i seguenti valori: -.SH "VEDERE ANCHE" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/it/man8/groupdel.8 b/man/it/man8/groupdel.8 deleted file mode 100644 index 4912c092..00000000 --- a/man/it/man8/groupdel.8 +++ /dev/null @@ -1,135 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "GROUPDEL" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -groupdel \- rimuove un gruppo -.SH "SINOSSI" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fIopzioni\fR] \fIGRUPPO\fR -.SH "DESCRIZIONE" -.PP -Il comando -\fBgroupdel\fR -modifica i file di account di sistema rimuovendo tutte le voci che si riferiscono a -\fIGRUPPO\fR\&. Il gruppo indicato deve esistere\&. -.SH "OPZIONI" -.PP -Il comando -\fBgroupdel\fR -accetta le seguenti opzioni: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.SH "AVVISI/CAVEAT" -.PP -Non si pu\(`o rimuovere un gruppo che sia gruppo primario di un utente\&. Occorre rimuovere l\*(Aqutente prima di rimuovere il gruppo\&. -.PP -Occorre controllare manualmente tutti i file system per assicurarsi che non rimanga alcun file avente questo ID di gruppo\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBgroupdel\fR -restituisce i seguenti valori: -.PP -\fI0\fR -.RS 4 -successo -.RE -.PP -\fI2\fR -.RS 4 -sintassi del comando errata -.RE -.PP -\fI6\fR -.RS 4 -il gruppo specificato non esiste -.RE -.PP -\fI8\fR -.RS 4 -operazione impossibile perch\('e il gruppo \(`e primario per un utente -.RE -.PP -\fI10\fR -.RS 4 -non \(`e possibile aggiornare il file group -.RE -.SH "VEDERE ANCHE" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/it/man8/groupmems.8 b/man/it/man8/groupmems.8 deleted file mode 100644 index 79af0202..00000000 --- a/man/it/man8/groupmems.8 +++ /dev/null @@ -1,171 +0,0 @@ -'\" t -.\" Title: groupmems -.\" Author: George Kraft, IV -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "GROUPMEMS" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -groupmems \- membri amministratori del gruppo primario dell\*(Aqutente -.SH "SINOSSI" -.HP \w'\fBgroupmems\fR\ 'u -\fBgroupmems\fR \-a\ \fIuser_name\fR | \-d\ \fIuser_name\fR | [\-g\ \fIgroup_name\fR] | \-l | \-p -.SH "DESCRIZIONE" -.PP -Il comando -\fBgroupmems\fR -permette a utenti di amministrare la lista di membri del proprio gruppo senza richiedere i privilegi di amministratore\&. Il comando -\fBgroupmems\fR -\(`e per sistemi che configurano gli utenti perch\('e siano in un gruppo primario con lo stesso nome dell\*(Aqutente (esempio: guest/guest)\&. -.PP -Solo il super utente, come amministratore, pu\(`o utilizzare -\fBgroupmems\fR -per modificare l\*(Aqelenco di membri di altri gruppi\&. -.SH "OPZIONI" -.PP -Il comando -\fBgroupmems\fR -accetta le seguenti opzioni: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser_name\fR -.RS 4 -Aggiunge un utente all\*(Aqelenco di membri del gruppo\&. -.sp -Se esiste il file -/etc/gshadow -e il gruppo non vi \(`e presente, viene aggiunto\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser_name\fR -.RS 4 -Cancella un utente dall\*(Aqelenco degli utenti del gruppo\&. -.sp -Se esiste il file -/etc/gshadow, l\*(Aqutente verr\(`a rimosso dalle liste di utenti e amministratori del gruppo\&. -.sp -Se esiste il file -/etc/gshadow -e il gruppo non vi \(`e presente, viene aggiunto\&. -.RE -.PP -\fB\-g\fR, \fB\-\-group\fR\ \&\fIgroup_name\fR -.RS 4 -Il super utente pu\(`o specificare quale elenco di membri del gruppo modificare\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -Elenca tutti i membri del gruppo\&. -.RE -.PP -\fB\-p\fR, \fB\-\-purge\fR -.RS 4 -Elimina tutti gli utenti dalla lista dei membri del gruppo\&. -.sp -Se esiste il file -/etc/gshadow -e il gruppo non vi \(`e presente, viene aggiunto\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.SH "CONFIGURAZIONE" -.PP -L\*(Aqeseguibile -\fBgroupmems\fR -dovrebbe avere i permessi -2770 -ed essere di propriet\(`a di -\fIroot\fR -e del gruppo -\fIgroups\fR\&. L\*(Aqamministratore di sistema pu\(`o aggiungere utenti al gruppo -\fIgroups\fR -per permettere loro di poter gestire l\*(Aqelenco di membri del proprio gruppo tramite il comando -\fBgroupmems\fR\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - $ groupadd \-r groups - $ chmod 2770 groupmems - $ chown root\&.groups groupmems - $ groupmems \-g groups \-a gk4 - -.fi -.if n \{\ -.RE -.\} -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -informazioni sicure sugli account di gruppo -.RE -.SH "VEDERE ANCHE" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/it/man8/groupmod.8 b/man/it/man8/groupmod.8 deleted file mode 100644 index 7693e302..00000000 --- a/man/it/man8/groupmod.8 +++ /dev/null @@ -1,171 +0,0 @@ -'\" t -.\" Title: groupmod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "GROUPMOD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -groupmod \- modifica la definizione di un gruppo del sistema -.SH "SINOSSI" -.HP \w'\fBgroupmod\fR\ 'u -\fBgroupmod\fR [\fIopzioni\fR] \fIGRUPPO\fR -.SH "DESCRIZIONE" -.PP -Il comando -\fBgroupmod\fR -cambia la definizione del -\fIGRUPPO\fR -modificando appropriatamente il database dei gruppi\&. -.SH "OPZIONI" -.PP -Il comando -\fBgroupmod\fR -accetta le seguenti opzioni: -.PP -"\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -Verr\(`a modificato l\*(AqID del -\fIGRUPPO\fR -in -\fIGID\fR\&. -.sp -Il valore -\fIGID\fR -deve essere un numero intero decimale non negativo\&. Deve essere univoco, a meno che non venga usata l\*(Aqopzione -\fB\-o\fR\&. -.sp -Gli utenti che hanno il gruppo come gruppo primario verranno aggiornati per mantenere tale gruppo come loro gruppo primario\&. -.sp -Tutti i file che hanno il vecchio ID di gruppo e devono continuare ad appartenere a -\fIGRUPPO\fR, devono essere aggiornati manualmente\&. -.sp -Non verr\(`a effettuato nessun controllo riguardo i limiti -\fBGID_MIN\fR, -\fBGID_MAX\fR, -\fBSYS_GID_MIN\fR -o -\fBSYS_GID_MAX\fR -definiti in -/etc/login\&.defs\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fINUOVO_GRUPPO\fR -.RS 4 -Il nome del gruppo verr\(`a modificato da -\fIGRUPPO\fR -a -\fINUOVO_GRUPPO\fR\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Quando \(`e usato con l\*(Aqopzione -\fB\-g\fR, permette di cambiare il -\fIGID\fR -in un valore non univoco\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -La passwird cifrata, cos\(`i come viene restituita da -\fBcrypt\fR(3)\&. -.sp -\fBNota:\fR -questa opzione non \(`e consigliata perch\('e la password (o password cifrata) sar\(`a visibile agli utenti che elencano i processi\&. -.sp -Ci si deve accertare che la password rispetti le norme delle password del sistema\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBgroupmod\fR -esce con i seguenti valori: -.SH "VEDERE ANCHE" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/it/man8/grpck.8 b/man/it/man8/grpck.8 deleted file mode 100644 index ba87f3d7..00000000 --- a/man/it/man8/grpck.8 +++ /dev/null @@ -1,237 +0,0 @@ -'\" t -.\" Title: grpck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "GRPCK" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -grpck \- verifica l\*(Aqintegrit\(`a dei file dei gruppi -.SH "SINOSSI" -.HP \w'\fBgrpck\fR\ 'u -\fBgrpck\fR [opzioni] [\fIgruppo\fR\ [\ \fIshadow\fR\ ]] -.SH "DESCRIZIONE" -.PP -Il comando -\fBgrpck\fR -verifica l\*(Aqintegrit\(`a delle informazioni sui gruppi\&. Ogni voce in -/etc/groupe in /etc/gshadow -viene controllata per verificare che abbia il formato corretto e dati validi\&. Viene richiesto all\*(Aqutente di rimuovere le voci che non hanno un formato appropriato o che presentano altri errori impossibili da correggere\&. -.PP -Vengono fatti controlli per verificare che ogni voce abbia: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -il corretto numero di campi -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -un nome univoco e valido di gruppo -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -un identificatore valido di gruppo -(solo /etc/group) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -un elenco valido di membrie amministratori -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -una voce corrispondente nel file -/etc/gshadow -(rispettivamente -/etc/group -per i controlli in -gshadow) -.RE -.PP -Gli errori nelle verifiche sul corretto numero di campi e sull\*(Aqunivocit\(`a del nome del gruppo sono irrimediabili\&. Se una voce ha un numero errato di campi, all\*(Aqutente viene chiesto di cancellare l\*(Aqintera riga; se l\*(Aqutente non risponde affermativamente, vengono omessi tutti gli ulteriori controlli\&. Viene richiesta la cancellazione anche per le voci aventi il nome del gruppo duplicato, ma i rimanenti controlli vengono ugualmente effettuati\&. Tutti gli altri errori non sono gravi e l\*(Aqutente \(`e invitato a eseguire il comando -\fBgroupmod\fR -per correggerli\&. -.PP -I comandi che operano -sui file /etc/group e /etc/gshadow -non sono in grado di modificare voci corrotte o duplicate; in tali circostanze va usato -\fBgrpck\fR -per rimuovere le voci scorrette\&. -.SH "OPZIONI" -.PP -Le opzioni -\fB\-r\fR -e -\fB\-s\fR -non possono essere combinate\&. -.PP -Il comando -\fBgrpck\fR -accetta le seguenti opzioni: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Esegue il comando -\fBgrpck\fR -in sola lettura\&. Questo implica che sia risposto -\fIno\fR -automaticamente a tutte le domande relative alle modifiche\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Ordina le voci in -/etc/groupe /etc/gshadowper GID\&. -.RE -.PP -By default, -\fBgrpck\fR -operates on -/etc/groupand /etc/gshadow\&. The user may select alternate files with the -\fIgroup\fRand \fIshadow\fR parameters\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBgrpck\fR -restituisce i seguenti valori: -.PP -\fI0\fR -.RS 4 -successo -.RE -.PP -\fI1\fR -.RS 4 -sintassi del comando errata -.RE -.PP -\fI2\fR -.RS 4 -una o pi\(`u voci di gruppo contengono errori -.RE -.PP -\fI3\fR -.RS 4 -impossibile aprire i file dei gruppi -.RE -.PP -\fI4\fR -.RS 4 -impossibile fare il lock dei file dei gruppi -.RE -.PP -\fI5\fR -.RS 4 -impossibile aggiornare i file dei gruppi -.RE -.SH "VEDERE ANCHE" -.PP -\fBgroup\fR(5), -\fBgroupmod\fR(8), -\fBgshadow\fR(5),\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBshadow\fR(5)\&. diff --git a/man/it/man8/grpconv.8 b/man/it/man8/grpconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/it/man8/grpconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/it/man8/grpunconv.8 b/man/it/man8/grpunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/it/man8/grpunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/it/man8/lastlog.8 b/man/it/man8/lastlog.8 deleted file mode 100644 index a8bb5a9b..00000000 --- a/man/it/man8/lastlog.8 +++ /dev/null @@ -1,106 +0,0 @@ -'\" t -.\" Title: lastlog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "LASTLOG" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -lastlog \- riepiloga gli accessi pi\(`u recenti di tutti gli utenti o dell\*(Aqutente dato -.SH "SINOSSI" -.HP \w'\fBlastlog\fR\ 'u -\fBlastlog\fR [\fIopzioni\fR] -.SH "DESCRIZIONE" -.PP -\fBlastlog\fR -formatta e mostra il log degli ultimi accessi, contenuto nel file -/var/log/lastlog\&. Le informazioni mostrate sono il -\fInome utente\fR, la -\fIporta\fR -e la -\fIdata dell\*(Aqultimo accesso\fR\&. Il comportamento predefinito (nessuna opzione specificata) \(`e di mostrare i record di ultimo accesso per tutti gli utenti, nell\*(Aqordine in cui compaiono in -/etc/passwd\&. -.SH "OPZIONI" -.PP -Il comando -\fBlastlog\fR -accetta le seguenti opzioni: -.PP -\fB\-b\fR, \fB\-\-before\fR\ \&\fIGIORNI\fR -.RS 4 -Mostra solo i record di ultimo accesso pi\(`u vecchi di -\fIGIORNI\fR -giorni\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIGIORNI\fR -.RS 4 -Mostra solo i record di ultimo accesso pi\(`u recenti di -\fIGIORNI\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIINTERVALLO\fR -.RS 4 -Mostra il record di ultimo accesso per l\*(Aqutente o gli utenti specificati da -\fILOGIN\fR\&. -.sp -Gli utenti possono essere specificati utilizzando il loro nome oppure l\*(AqID numerico o tramite un -\fIINTERVALLO\fR -di utenti\&. Questo -\fIINTERVALLO\fR -di utenti ha tre forme: tra minimo e massimo (\fIUID_MIN\-UID_MAX\fR), fino ad un valore massimo (\fI\-UID_MAX\fR) o da un valore minimo (\fIUID_MIN\-\fR)\&. -.RE -.PP -Se l\*(Aqutente non ha mai effettuato accessi al sistema viene mostrato, al posto della porta e della data, il messaggio \(Fo\fI**Nessun accesso effettuato**\fR\(Fc\&. -.PP -Solo le registrazioni degli utenti correnti del sistema verranno mostrate\&. Ci potrebbero essere altre registrazioni per utenti cancellati in precedenza\&. -.SH "NOTA" -.PP -Il file -lastlog -\(`e un database che contiene informazioni sull\*(Aqultimo accesso di ogni utente\&. Non deve essere ruotato\&. Si tratta di un file \(Fosparse\(Fc, quindi la sua dimensione \(`e minore di quanto normalmente mostrato da \(Fo\fBls \-l\fR\(Fc (che potrebbe indicare una dimensione veramente grande se si hanno utenti con grandi UID in -passwd)\&. Si pu\(`o vedere la dimensione effettiva con \(Fo\fBls \-s\fR\(Fc\&. -.SH "FILE" -.PP -/var/log/lastlog -.RS 4 -Database degli orari dei precedenti accessi utente\&. -.RE -.SH "AVVISI/CAVEAT" -.PP -Se ci sono dei grossi scarti tra i valori di UID, il programma lastlog pu\(`o restare in esecuzione per un tempo prolungato senza produrre output sullo schermo (ad es\&. se nel database lastlog non ci sono registrazioni per UID tra 170 e 800, il programma sembrer\(`a bloccato mentre esamina gli UID tra 171 e 799)\&. diff --git a/man/it/man8/logoutd.8 b/man/it/man8/logoutd.8 deleted file mode 100644 index 41438aa3..00000000 --- a/man/it/man8/logoutd.8 +++ /dev/null @@ -1,57 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "LOGOUTD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -logoutd \- impone le limitazioni sugli orari d\*(Aqaccesso -.SH "SINOSSI" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "DESCRIZIONE" -.PP -\fBlogoutd\fR -fa rispettare le limitazioni sugli orari e sulle porte di accesso specificate in -/etc/porttime\&. -\fBlogoutd\fR -andrebbe avviato da -/etc/rc\&. Il file -/var/run/utmp -viene controllato periodicamente per verificare che a ciascun utente sia consentito l\*(Aqaccesso da quella determinata porta e all\*(Aqorario attuale\&. Ogni sessione di login che stia violando le limitazioni in -/etc/porttime -viene terminata\&. -.SH "FILE" -.PP -/etc/porttime -.RS 4 -File contenente gli accessi alle porte\&. -.RE -.PP -/var/run/utmp -.RS 4 -Elenco delle sessioni attive\&. -.RE diff --git a/man/it/man8/newusers.8 b/man/it/man8/newusers.8 deleted file mode 100644 index 8f44b1db..00000000 --- a/man/it/man8/newusers.8 +++ /dev/null @@ -1,430 +0,0 @@ -'\" t -.\" Title: newusers -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "NEWUSERS" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -newusers \- aggiorna e crea nuovi utenti in blocco -.SH "SINOSSI" -.HP \w'\fBnewusers\fR\ 'u -\fBnewusers\fR [\fIopzioni\fR] [\fIfile\fR] -.SH "DESCRIZIONE" -.PP -Il comando -\fBnewusers\fR -legge un -\fIfile\fR -(o il proprio standard input) e utilizza queste informazioni per aggiornare l\*(Aqinsieme di utenti gi\(`a esistenti oppure per crearne di nuovi\&. Ogni riga \(`e nello stesso formato del file standard passwd (vedere -\fBpasswd\fR(5)) con le seguenti eccezioni: -.PP -pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell -.PP -\fIpw_name\fR -.RS 4 -Il nome dell\*(Aqutente\&. -.sp -Pu\(`o essere il nome di un nuovo utente o di uno gi\(`a esistente (o uno creato precedentemente da -\fBnewusers\fR)\&. Nel caso di utente gi\(`a esistente le informazioni sull\*(Aqutente verranno aggiornate, altrimenti verr\(`a creato un nuovo utente\&. -.RE -.PP -\fIpw_passwd\fR -.RS 4 -Questo campo verr\(`a cifrato e utilizzato come nuovo valore per la password cifrata\&. -.RE -.PP -\fIpw_uid\fR -.RS 4 -Definisce l\*(AqUID dell\*(Aqutente\&. -.sp -Se il campo \(`e vuoto, verr\(`a generato automaticamente un nuovo UID (non utilizzato) da parte di -\fBnewusers\fR\&. -.sp -Se questo campo contiene un numero, verr\(`a utilizzato come UID\&. -.sp -Se questo campo contiene il nome di un utente gi\(`a esistente (o il nome di un utente creato precedentemente da -\fBnewusers\fR), verr\(`a utilizzato l\*(AqUID dell\*(Aqutente specificato\&. -.sp -Se viene cambiato l\*(AqUID di un utente esistente, la propriet\(`a dei file di propriet\(`a dell\*(Aqutente stesso andr\(`a cambiata manualmente\&. -.RE -.PP -\fIpw_gid\fR -.RS 4 -Definisce il l\*(AqID del gruppo primario dell\*(Aqutente\&. -.sp -Se questo campo contiene il nome di un gruppo esistente (o un gruppo creato in precedenza da -\fBnewusers\fR), verr\(`a utilizzato come ID del gruppo primario di questo utente il GID del gruppo stesso\&. -.sp -Se questo campo \(`e numerico, questo numero verr\(`a utilizzato come ID del gruppo primario dell\*(Aqutente\&. Se non esiste nessun gruppo con quel GID, ne viene creato uno con il nome dell\*(Aqutente e il GID specificato\&. -.sp -Se questo campo \(`e vuoto verr\(`a creato un nuovo gruppo con lo stesso nome dell\*(Aqutente e con un GID determinato automaticamente da -\fBnewusers\fR -da utilizzare come ID del gruppo primario dell\*(Aqutente e come GID del nuovo gruppo\&. -.sp -Se questo campo contiene il nome di un gruppo che non esiste (e non \(`e stato creato precedentemente da -\fBnewusers\fR), verr\(`a creato un nuovo gruppo con il nome specificato e un GID determinato automaticamente da -\fBnewusers\fR -perch\('e sia utilizzato come ID del gruppo primario dell\*(Aqutente e come GID per il nuovo gruppo\&. -.RE -.PP -\fIpw_gecos\fR -.RS 4 -Questo campo viene copiato nel campo GECOS dell\*(Aqutente\&. -.RE -.PP -\fIpw_dir\fR -.RS 4 -Questo campo \(`e utilizzato per impostare la directory home dell\*(Aqutente\&. -.sp -Se questo campo non contiene il nome di una directory esistente la directory viene creata, assegnandone la propriet\(`a all\*(Aqutente che si sta definendo o aggiornando e al suo gruppo primario\&. -.sp -Se si modifica la directory home di un utente esistente, -\fBnewusers\fR -non sposta o copia il contenuto della vecchia directory nella nuova\&. Questo va fatto manualmente\&. -.RE -.PP -\fIpw_shell\fR -.RS 4 -Questo campo definisce la shell dell\*(Aqutente\&. Su questo campo non viene fatto nessun controllo\&. -.RE -.PP -\fBnewusers\fR -prova prima a creare o modificare tutti gli utenti specificati e poi scrive tutte le modifiche sui database utente e gruppi\&. Se c\*(Aq\(`e un errore (eccetto sulla scrittura finale dei database) nessuna modifica viene scritta sui database\&. -.PP -Questo comando \(`e appositamente pensato per grossi sistemi nei quali molti account sono aggiornati allo stesso tempo\&. -.SH "OPZIONI" -.PP -Il comando -\fBnewusers\fR -accetta le seguenti opzioni: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Utilizza il metodo specificato per cifrare le password\&. -.sp -I metodi disponibili sono DES, MD5, NONE e SHA256 o SHA512 se la propria libc lo consente\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Crea un account di sistema\&. -.sp -Gli utenti di sistema sono creati senza informazioni riguardo la scadenza della password in -/etc/shadow -e il loro identificativo numerico \(`e scelto nell\*(Aqintervallo -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR -definito nel file -login\&.defs, anzich\('e dell\*(Aqintervallo -\fBUID_MIN\fR\-\fBUID_MAX\fR -(e la loro controparte -\fBGID\fR -per la creazione dei gruppi)\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Usa il numero specificato di cicli per cifrare la password\&. -.sp -Il valore 0 indica che il sistema utilizzer\(`a il numero predefinito di cicli per il metodo crypt (5000)\&. -.sp -I valori minimo di 1\&.000 e massimo di 999\&.999\&.999 sono forzati\&. -.sp -Si pu\(`o utilizzare questa opzione solo con i metodi di cifratura SHA256 o SHA512\&. -.sp -Il numero di cicli predefinito \(`e impostato con le variabili SHA_CRYPT_MIN_ROUNDS e SHA_CRYPT_MAX_ROUNDS nel file -/etc/login\&.defs\&. -.RE -.SH "AVVISI/CAVEAT" -.PP -Il file di input deve essere protetto poich\('e contiene password non cifrate\&. -.PP -Ci si deve accertare che le password e il metodo di cifratura rispettino le norme delle password del sistema\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBENCRYPT_METHOD\fR (testo) -.RS 4 -Definisce l\*(Aqalgoritmo di cifratura predefinito per le password (se non ne viene specificato uno a riga di comando)\&. -.sp -Pu\(`o avere uno dei seguenti valori: -\fIDES\fR -(predefinito), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Nota: questo parametro ha la precedenza sulla variabile -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBGID_MAX\fR (numerico), \fBGID_MIN\fR (numerico) -.RS 4 -Intervallo di ID di gruppo per la creazione di gruppi normali tramite -\fBuseradd\fR, -\fBgroupadd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBGID_MIN\fR -(rispettivamente -\fBGID_MAX\fR) \(`e 1000 (rispettivmente 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (booleano) -.RS 4 -Indica se le password vanno cifrate usando l\*(Aqalgoritmo basato su MD5\&. Se impostato a -\fIyes\fR -le nuove password saranno cifrate usando un algoritmo basato su MD5 e compatibile con quello delle versioni pi\(`u recenti di FreeBSD\&. Supporta password di lunghezza qualsiasi e testi \(Fosalt\(Fc pi\(`u lunghi\&. Impostare a -\fIno\fR -se si devono copiare password su altri sistemi che non gestiscono l\*(Aqalgoritmo\&. Il valore predefinito \(`e -\fIno\fR\&. -.sp -Questa variabile ha meno priorit\(`a della variabile -\fBENCRYPT_METHOD\fR -e di qualsiasi opzione a riga di comando che imposta un algoritmo di cifratura\&. -.sp -Questa variabile non \(`e pi\(`u usata\&. Si dovrebbe utilizzare -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (numerico) -.RS 4 -Il numero massimo di giorni che una password pu\(`o essere utilizzata\&. Se la password \(`e pi\(`u vecchia verr\(`a imposto il suo cambiamento\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (numerico) -.RS 4 -Il numero minimo di giorni tra due cambiamenti di password\&. Ogni tentativo di cambiare la password prima di questo periodo verr\(`a rifiutato\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (numerico) -.RS 4 -Il numero di giorni per i quali un utente va avvisato che la sua password sta per scadere\&. Se zero l\*(Aqutente viene avvisato solo alla scadenza\&. Un valore negativo indica che non si deve avvisare mai\&. Se non specificato allora non c\*(Aq\(`e nessun avviso\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (numerico), \fBSHA_CRYPT_MAX_ROUNDS\fR (numerico) -.RS 4 -Quando -\fBENCRYPT_METHOD\fR -vale -\fISHA256\fR -o -\fISHA512\fR, questo definisce il numero di cicli SHA usati per l\*(Aqalgoritmo di cifratura (quando il numero di cicli non \(`e impostato a riga di comando)\&. -.sp -Con molti cicli \(`e pi\(`u difficile trovare una password usando la forza bruta\&. Ma va notato che \(`e richiesta maggiore potenza di calcolo per autenticare gli utenti\&. -.sp -Se non specificato sar\(`a la libc a scegliere il numero di cicli (5000)\&. -.sp -Il valore deve essere compreso tra 1\&.000 e 999\&.999\&.999\&. -.sp -Se viene impostato solo uno tra -\fBSHA_CRYPT_MIN_ROUNDS\fR -e -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora l\*(Aqunico valore viene utilizzato\&. -.sp -Se -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, allora viene utilizzato il maggiore\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (numerico), \fBSYS_GID_MIN\fR (numerico) -.RS 4 -Intervallo di ID di gruppo utilizzato per la creazione di un gruppo di sistema da -\fBuseradd\fR, -\fBgroupadd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBSYS_GID_MIN\fR -(rispettivamente -\fBSYS_GID_MAX\fR) \(`e 101 (rispettivamente -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (numerico), \fBSYS_UID_MIN\fR (numerico) -.RS 4 -Intervallo di ID utente per la creazione degli utenti di sistema con -\fBuseradd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBSYS_UID_MIN\fR -(rispettivamente -\fBSYS_UID_MAX\fR) \(`e 101 (rispettivamente -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBUID_MAX\fR (numerico), \fBUID_MIN\fR (numerico) -.RS 4 -Intervallo di ID utente da utilizzare nella creazione degli utenti normali tramite -\fBuseradd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBUID_MIN\fR -(rispettivamente -\fBUID_MAX\fR) \(`e 1000 (rispettivamente 60000)\&. -.RE -.PP -\fBUMASK\fR (numerico) -.RS 4 -La maschera di permessi alla creazione dei file \(`e inizializzata con questo valore\&. Se non specificato la maschera viene impostata a 022\&. -.sp -\fBuseradd\fR -e -\fBnewusers\fR -usano questa maschera per impostare i permessi della directory home che creano\&. -.sp -Viene anche utilizzata da -\fBlogin\fR -per definire la maschera iniziale dell\*(Aqutente\&. Notare che questa maschera pu\(`o essere modificata dalla riga GECOS dell\*(Aqutente (se -\fBQUOTAS_ENAB\fR -\(`e impostato) o specificando un limite con l\*(Aqidentificativo -\fIK\fR -in -\fBlimits\fR(5)\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBlogin.defs\fR(5), -\fBpasswd\fR(1), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/it/man8/nologin.8 b/man/it/man8/nologin.8 deleted file mode 100644 index 4386917c..00000000 --- a/man/it/man8/nologin.8 +++ /dev/null @@ -1,51 +0,0 @@ -'\" t -.\" Title: nologin -.\" Author: Nicolas Fran\(,cois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "NOLOGIN" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -nologin \- rifiuta gentilmente l\*(Aqaccesso -.SH "SINOSSI" -.HP \w'\fBnologin\fR\ 'u -\fBnologin\fR -.SH "DESCRIZIONE" -.PP -Il comando -\fBnologin\fR -mostra un messaggio che indica che l\*(Aqaccount non \(`e disponibile ed esce con codice d\*(Aqerrore non zero\&. \(`E stato pensato come sostituto del campo shell per account che sono stati disabilitati\&. -.PP -Per diabilitare tutti gli accessi vedere -\fBnologin\fR(5)\&. -.SH "VEDERE ANCHE" -.PP -\fBlogin\fR(1), -\fBnologin\fR(5)\&. -.SH "CRONOLOGIA" -.PP -Il comando -\fBnologin\fR -\(`e apparso in BSD 4\&.4\&. diff --git a/man/it/man8/pwck.8 b/man/it/man8/pwck.8 deleted file mode 100644 index be282349..00000000 --- a/man/it/man8/pwck.8 +++ /dev/null @@ -1,319 +0,0 @@ -'\" t -.\" Title: pwck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "PWCK" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -pwck \- verifica l\*(Aqintegrit\(`a dei file delle password -.SH "SINOSSI" -.HP \w'\fBpwck\fR\ 'u -\fBpwck\fR [opzioni] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] -.SH "DESCRIZIONE" -.PP -\fBpwck\fR -verifica l\*(Aqintegrit\(`a delle informazioni su utenti e autenticazione del sistema\&. Ogni voce in -/etc/passwd -e in -/etc/shadow -.PP -Vengono fatti controlli per verificare che ogni voce abbia: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -il corretto numero di campi -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -un nome utente univoco e valido -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -identificatori validi dell\*(Aqutente e del gruppo -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -un gruppo primario valido -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -una home directory valida -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -una shell di login valida -.RE -.PP -Le verifiche sul file -shadow -sono abilitate ogni volta che si usa un secondo argomento o quanto esiste nel sistema il file -/etc/shadow\&. -.PP -Le verifiche sono le seguenti: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ogni elemento del file passwd deve avere un corrispondente elemento in shadow, e viceversa -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -le password sono specificate nel file shadow -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -gli elementi di shadow hanno il corretto numero di campi -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -gli elementi di shadow sono unici -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -le date di ultima modifica non sono nel futuro -.RE -.PP -Gli errori nelle verifiche sul corretto numero di campi e sull\*(Aqunivocit\(`a del nome utente sono irrimediabili\&. Se una voce ha un numero errato di campi, all\*(Aqutente viene chiesto di cancellare l\*(Aqintera riga; se l\*(Aqutente non risponde affermativamente, vengono omessi tutti gli ulteriori controlli\&. Viene richiesta la cancellazione anche per le voci aventi il nome utente duplicato, ma i rimanenti controlli vengono ugualmente effettuati\&. Tutti gli altri errori non sono gravi e l\*(Aqutente \(`e invitato a eseguire il comando -\fBusermod\fR -per correggerli\&. -.PP -I comandi che operano sul file -/etc/passwd -non sono in grado di modificare voci corrotte o duplicate; in tali circostanze va usato -\fBpwck\fR -per rimuovere la voce scorretta\&. -.SH "OPZIONI" -.PP -Le opzioni -\fB\-r\fR -e -\fB\-s\fR -non possono essere combinate\&. -.PP -Il comando -\fBpwck\fR -accetta le seguenti opzioni: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Riporta solo gli errori\&. Gli avvisi che non richiedono azioni da parte dell\*(Aqutente non sono mostrati\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Esegue il comando -\fBpwck\fR -in sola lettura\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Ordina gli elementi di -/etc/passwd -e -/etc/shadow -per UID\&. -.RE -.PP -Come impostazione predefinita, -\fBpwck\fR -opera sui file -/etc/passwd -e in -/etc/shadow\&. L\*(Aqutente pu\(`o selezionare file alternativi con i parametri -\fIpasswd\fR -e -\fIshadow\fR\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBPASS_MAX_DAYS\fR (numerico) -.RS 4 -Il numero massimo di giorni che una password pu\(`o essere utilizzata\&. Se la password \(`e pi\(`u vecchia verr\(`a imposto il suo cambiamento\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (numerico) -.RS 4 -Il numero minimo di giorni tra due cambiamenti di password\&. Ogni tentativo di cambiare la password prima di questo periodo verr\(`a rifiutato\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (numerico) -.RS 4 -Il numero di giorni per i quali un utente va avvisato che la sua password sta per scadere\&. Se zero l\*(Aqutente viene avvisato solo alla scadenza\&. Un valore negativo indica che non si deve avvisare mai\&. Se non specificato allora non c\*(Aq\(`e nessun avviso\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBpwck\fR -restituisce i seguenti valori: -.PP -\fI0\fR -.RS 4 -successo -.RE -.PP -\fI1\fR -.RS 4 -sintassi del comando errata -.RE -.PP -\fI2\fR -.RS 4 -una o pi\(`u voci di password conengono errori -.RE -.PP -\fI3\fR -.RS 4 -impossibile aprire i file delle password -.RE -.PP -\fI4\fR -.RS 4 -impossibile fare il lock dei file delle password -.RE -.PP -\fI5\fR -.RS 4 -impossibile aggiornare i file delle password -.RE -.PP -\fI6\fR -.RS 4 -impossibile ordinare i file delle password -.RE -.SH "VEDERE ANCHE" -.PP -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBusermod\fR(8)\&. diff --git a/man/it/man8/pwconv.8 b/man/it/man8/pwconv.8 deleted file mode 100644 index 78430c86..00000000 --- a/man/it/man8/pwconv.8 +++ /dev/null @@ -1,191 +0,0 @@ -'\" t -.\" Title: pwconv -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "PWCONV" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -pwconv, pwunconv, grpconv, grpunconv \- convertono a e da password e gruppi shadow\&. -.SH "SINOSSI" -.HP \w'\fBpwconv\fR\ 'u -\fBpwconv\fR [\fIopzioni\fR] -.HP \w'\fBpwunconv\fR\ 'u -\fBpwunconv\fR [\fIopzioni\fR] -.HP \w'\fBgrpconv\fR\ 'u -\fBgrpconv\fR [\fIopzioni\fR] -.HP \w'\fBgrpunconv\fR\ 'u -\fBgrpunconv\fR [\fIopzioni\fR] -.SH "DESCRIZIONE" -.PP -\fBpwconv\fR -crea -\fIshadow\fR -da -\fIpasswd\fR -e da un eventuale preesistente -\fIshadow\fR\&. -.PP -\fBpwunconv\fR -crea -\fIpasswd\fR -da -\fIpasswd\fR -e -\fIshadow\fR -e poi cancella -\fIshadow\fR\&. -.PP -\fBgrpconv\fR -crea -\fIgshadow\fR -da -\fIgroup\fR -e da un eventuale preesistente -\fIgshadow\fR\&. -.PP -\fBgrpunconv\fR -crea -\fIgroup\fR -da -\fIgroup\fR -e -\fIgshadow\fR -e quindi rimuove -\fIgshadow\fR\&. -.PP -Questi quattro programmi agiscono tutti sui file normali e oscurati (shadow) delle password e dei gruppi: -/etc/passwd, -/etc/group, -/etc/shadow -e -/etc/gshadow\&. -.PP -Ciascun programma, prima della conversione, acquisisce i lock necessari\&. -\fBpwconv\fR -e -\fBgrpconv\fR -sono simili\&. Per prima cosa vengono rimosse le voci nel file shadow che non esistono nel file principale\&. Quindi vengono aggiornate le voci oscurate che non hanno \(Fox\(Fc come password nel file principale\&. Vengono aggiunte le eventuali voci oscurate mancanti\&. Infine, le password nel file principale vengono sostituite con \(Fox\(Fc\&. Questi programmi possono essere usati per le conversioni iniziali cos\(`i come per aggiornare il file oscurato se il file principale viene modificato a mano\&. -.PP -\fBpwconv\fR -user\(`a i valori -\fIPASS_MIN_DAYS\fR, -\fIPASS_MAX_DAYS\fR -e -\fIPASS_WARN_AGE\fR -da -/etc/login\&.defs -al momento dell\*(Aqaggiunta di nuove voci a -/etc/shadow\&. -.PP -Analogamente, -\fBpwunconv\fR -e -\fBgrpunconv\fR -sono simili\&. Le password nel file principale vengono aggiornate dal file shadow\&. Voci che esistono nel file principale ma non nel file shadow vengono lasciate stare\&. Infine, viene rimosso il file shadow\&. Alcune informazioni sull\*(Aqinvecchiamento delle password vengono perse da -\fBpwunconv\fR\&. Convertir\(`a solo quello che potr\(`a\&. -.SH "OPZIONI" -.PP -Le opzioni che si possono applicare ai comandi -\fBpwconv\fR, -\fBpwunconv\fR, -\fBgrpconv\fR -e -\fBgrpunconv\fR -sono: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.SH "ERRORI" -.PP -Errori nel file delle password o dei gruppi (come elementi non validi o duplicati) possono causare dei cicli infiniti in questi programmi, oppure degli errori non prevedibili\&. Eseguire -\fBpwck\fR -e -\fBgrpck\fR -per correggere ogni eventuale errore prima di convertire da o verso password o gruppi shadow\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -influenzano il comportamento di -\fBgrpconv\fR -e -\fBgrpunconv\fR: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -influenzano il comportamento di -\fBpwconv\fR: -.PP -\fBPASS_MAX_DAYS\fR (numerico) -.RS 4 -Il numero massimo di giorni che una password pu\(`o essere utilizzata\&. Se la password \(`e pi\(`u vecchia verr\(`a imposto il suo cambiamento\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (numerico) -.RS 4 -Il numero minimo di giorni tra due cambiamenti di password\&. Ogni tentativo di cambiare la password prima di questo periodo verr\(`a rifiutato\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (numerico) -.RS 4 -Il numero di giorni per i quali un utente va avvisato che la sua password sta per scadere\&. Se zero l\*(Aqutente viene avvisato solo alla scadenza\&. Un valore negativo indica che non si deve avvisare mai\&. Se non specificato allora non c\*(Aq\(`e nessun avviso\&. -.RE -.SH "FILE" -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VEDERE ANCHE" -.PP -\fBgrpck\fR(8), -\fBlogin.defs\fR(5), -\fBpwck\fR(8)\&. diff --git a/man/it/man8/pwunconv.8 b/man/it/man8/pwunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/it/man8/pwunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/it/man8/sulogin.8 b/man/it/man8/sulogin.8 deleted file mode 100644 index 2a4ef6fa..00000000 --- a/man/it/man8/sulogin.8 +++ /dev/null @@ -1,115 +0,0 @@ -'\" t -.\" Title: sulogin -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "SULOGIN" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -sulogin \- Single\-user login -.SH "SINTASSI" -.PP -\fBsulogin\fR -[\fItty\-device\fR] -.SH "DESCRIZIONE" -.PP -The -\fBsulogin\fR -command is invoked by -\fBinit\fR -prior to allowing the user access to the system when in single user mode\&. This feature may only be available on certain systems where -\fBinit\fR -has been modified accordingly, or where the -/etc/inittab -has an entry for a single user login\&. -.PP -The user is prompted -.PP -Type control\-d to proceed with normal startup, (or give root password for system maintenance): -.PP -Input and output will be performed with the standard file descriptors unless the optional device name argument is provided\&. -.PP -If the user enters the correct root password, a login session is initiated\&. When -\fIEOF\fR -is pressed instead, the system enters multi\-user mode\&. -.PP -After the user exits the single\-user shell, or presses -\fIEOF\fR, the system begins the initialization process required to enter multi\-user mode\&. -.SH "AVVISI/CAVEAT" -.PP -This command can only be used if -\fBinit\fR -has been modified to call -\fBsulogin\fR -instead of -/bin/sh, or if the user has set the -\fIinittab\fR -to support a single user login\&. For example, the line: -.PP -co:s:respawn:/etc/sulogin /dev/console -.PP -should execute the sulogin command in single user mode\&. -.PP -As complete an environment as possible is created\&. However, various devices may be unmounted or uninitialized and many of the user commands may be unavailable or nonfunctional as a result\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBENV_HZ\fR (testo) -.RS 4 -Se impostato viene utilizzato per definire il valore della variabile d\*(Aqambiente HZ al login dell\*(Aqutente\&. Il valore deve essere preceduto da -\fIHZ=\fR\&. Un valore comune per Linux \(`e -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_TZ\fR (testo) -.RS 4 -Se impostato viene usato per definire la variabile d\*(Aqambiente TZ al login dell\*(Aqutente\&. Il valore pu\(`o essere il nome di una \(Fotimezone\(Fc preceduta da -\fITZ=\fR -(ad esempio -\fITZ=CST6CDT\fR), o il percorso completo di un file che contenga la specifica della \(Fotimezone\(Fc (ad esempio -/etc/tzname)\&. -.sp -Se viene specificato il percorso completo di un file che per\(`o non esiste o non pu\(`o essere letto, allora viene utilizzato il valore predefinito -\fITZ=CST6CDT\fR\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBlogin\fR(1), -\fBsh\fR(1), -\fBinit\fR(8)\&. diff --git a/man/it/man8/useradd.8 b/man/it/man8/useradd.8 deleted file mode 100644 index 3ef58bcf..00000000 --- a/man/it/man8/useradd.8 +++ /dev/null @@ -1,693 +0,0 @@ -'\" t -.\" Title: useradd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "USERADD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -useradd \- crea un nuovo utente o aggiorna le informazioni predefinite per i nuovi utenti -.SH "SINOSSI" -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR [\fIopzioni\fR] \fILOGIN\fR -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D [\fIopzioni\fR] -.SH "DESCRIZIONE" -.PP -Quando viene invocato senza l\*(Aqopzione -\fB\-D\fR, il comando -\fBuseradd\fR -crea un nuovo account di utente usando i valori specificati sulla riga di comando ed i valori predefiniti dal sistema\&. A seconda dalle opzioni nella riga di comando, il comando -\fBuseradd\fR -aggiorner\(`a i file di sistema che lo necessitano, creer\(`a la home directory, e l\(`i verranno copiati i file iniziali\&. -.PP -Normalmente viene anche creato un gruppo per il nuovo utente (vedere -\fB\-g\fR, -\fB\-N\fR, -\fB\-U\fR -e -\fBUSERGROUPS_ENAB\fR)\&." -.SH "OPZIONI" -.PP -Il comando -\fBuseradd\fR -accetta le seguenti opzioni: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR -.RS 4 -La directory base predefinita, nel caso che l\*(Aqopzione -\fB\-d\fR\ \&\fIHOME_DIR\fR -non sia specificata\&. -\fIBASE_DIR\fR -viene concatenata con il nome dell\*(Aqaccount per definire la directory home\&. Se l\*(Aqopzione -\fB\-m\fR -non \(`e usata, -\fIBASE_DIR\fR -deve esistere\&. -.sp -Se questa opzione non \(`e specificata, -\fBuseradd\fR -user\(`a la directory base specificata dalla variabile -\fBHOME\fR -in -/etc/default/useradd -oppure la costante -/home\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENTO\fR -.RS 4 -Un testo qualsiasi\&. Di norma \(`e una breve descrizione del login, ed \(`e attualmente usato come nome completo dell\*(Aqutente\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\-dir\fR\ \&\fIHOME_DIR\fR -.RS 4 -Il nuovo utente verr\(`a creato usando -\fIHOME_DIR\fR -come valore per la directory di login dell\*(Aqutente\&. Il comportamento predefinito \(`e di aggiungere il nome -\fILOGIN\fR -in fondo a -\fIBASE_DIR\fR -ed usare quello come nome di directory di login\&. Non \(`e necessario che la directory -\fIHOME_DIR\fR -esista, ma se non ci fosse non verr\(`a creata\&. -.RE -.PP -\fB\-D\fR, \fB\-\-defaults\fR -.RS 4 -Vedere oltre, la sezione \(FoCambiare i valori predefiniti\(Fc\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIDATA_SCADENZA\fR -.RS 4 -La data in cui l\*(Aqaccount dell\*(Aqutente verr\(`a disabilitato\&. La data \(`e specificata nel formato -\fIAAAA\-MM\-GG\fR\&. -.sp -Se non specificato diversamente, -\fBuseradd\fR -user\(`a la data di scadenza impostata con la variabile -\fBEXPIRE\fR -nel file -/etc/default/useradd -o un campo vuoto (nessuna scadenza)\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINATTIVO\fR -.RS 4 -Il numero di giorni dopo la scadenza della password prima che l\*(Aqaccount venga permanentemente disabilitato\&. Un valore pari a 0 disabilita l\*(Aqaccount non appena la password \(`e scaduta, ed un valore pari a \-1 disabilita questa funzionalit\(`a\&. -.sp -Il comportamento predefinito di -\fBuseradd\fR -\(`e di usare il periodo di inattivit\(`a specificato dalla variabile -\fBINACTIVE\fR -del file -/etc/default/useradd -oppure \-1 (con variabile assente)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGRUPPO\fR -.RS 4 -Il nome o numero del gruppo di connessione iniziale dell\*(Aqutente\&. Il nome del gruppo deve esistere\&. Un numero di gruppo deve riferirsi ad un gruppo gi\(`a esistente\&. -.sp -Se non specificato, il comportamento di -\fBuseradd\fR -varier\(`a in base alla variabile -\fBUSERGROUPS_ENAB\fR -del file -/etc/login\&.defs\&. Se questa variabile \(`e impostata a -\fIyes\fR -(o se \(`e stata usata l\*(Aqopzione -\fB\-U/\-\-user\-group\fR -nella riga di comando) verr\(`a creato un gruppo per l\*(Aqutente con lo stesso nome\&. Se la variabile \(`e impostata a -\fIno\fR -(o se \(`e stata usata l\*(Aqopzione -\fB\-N/\-\-no\-user\-group\fR -nella riga di comando) useradd imposter\(`a il gruppo primario dell\*(Aqutente in base a quello impostato nella variabile -\fBGROUP\fR -del file -/etc/default/useradd -o a 100 se non specificato\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGRUPPO1\fR[\fI,GRUPPO2,\&.\&.\&.\fR[\fI,GRUPPON\fR]]] -.RS 4 -Una lista di gruppi supplementari di cui l\*(Aqutente \(`e altres\(`i membro\&. Ciascun gruppo \(`e separato dal successivo da una virgola, senza spazi bianchi intermedi\&. I gruppi sono soggetti alle stesse restrizioni del gruppo dato con l\*(Aqopzione -\fB\-g\fR\&. Il comportamento predefinito \(`e che l\*(Aqutente appartenga solo al gruppo iniziale\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-k\fR, \fB\-\-skel\fR\ \&\fISKEL_DIR\fR -.RS 4 -La directory \(Foskeleton\(Fc che contiene file e directory da copiare nella directory home dell\*(Aqutente quando viene creata da -\fBuseradd\fR\&. -.sp -Questa opzione \(`e valida solo se anche l\*(Aqopzione -\fB\-m\fR -(o -\fB\-\-create\-home\fR) \(`e stata specificata\&. -.sp -Se questa opzione non \(`e impostata, la directory \(Foskeleton\(Fc \(`e definita dalla variabile -\fBSKEL\fR -nel file -/etc/default/useradd -o, altrimenti, vale -/etc/skel\&. -.sp -Se possibile vengono copiate le ACL e gli attributi estesi\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR\&. -.RS 4 -Forza l\*(Aqimpostazione al di l\(`a di quanto specificato in -/etc/login\&.defs -(\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBUMASK\fR, -\fBPASS_MAX_DAYS\fR -e altri)\&. - -Esempio: -\fB\-K\fR\ \&\fIPASS_MAX_DAYS\fR=\fI\-1\fR -pu\(`o essere usato durante la creazione di account di sistema per disabilitare la scadenza della password anche se l\*(Aqaccount di sistema non ha affatto la password\&. Possono essere specificate pi\(`u opzioni -\fB\-K\fR, come in: -\fB\-K\fR\ \&\fIUID_MIN\fR=\fI100\fR\ \&\fB\-K\fR\ \&\fIUID_MAX\fR=\fI499\fR -.RE -.PP -\fB\-l\fR, \fB\-\-no\-log\-init\fR -.RS 4 -Non aggiunge l\*(Aqutente ai database \(Folastlog\(Fc e \(Fofaillog\(Fc\&. -.sp -Normalmente i dati utente nei database \(Folastlog\(Fc e \(Fofaillog\(Fc vengono azzerati per evitare di riutilizzare dati di un utente cancellato in precedenza\&. -.RE -.PP -\fB\-m\fR, \fB\-\-create\-home\fR -.RS 4 -Crea la directory home dell\*(Aqutente nel caso in cui non esista\&. I file e directory contenuti nella directory \(Foskeleton\(Fc (che pu\(`o essere definita con l\*(Aqopzione -\fB\-k\fR) vengono copiati nella directory home\&. -.sp -Se questa opzione non viene utilizzata e se non \(`e attiva la voce -\fBCREATE_HOME\fR, la directory non viene creata\&. -.RE -.PP -\fB\-M\fR -.RS 4 -Non crea la directory home dell\*(Aqutente nonostante la configurazione di sistema in -/etc/login\&.defs -(\fBCREATE_HOME\fR) sia impostata a -\fIyes\fR\&. -.RE -.PP -\fB\-N\fR, \fB\-\-no\-user\-group\fR -.RS 4 -Non crea un gruppo con lo stesso nome dell\*(Aqutente, ma aggiunge l\*(Aqutente al gruppo specificato con l\*(Aqopzione -\fB\-g\fR -o tramite la variabile -\fBGROUP\fR -nel file -/etc/default/useradd\&. -.sp -Il comportamento predefinito (se le opzioni -\fB\-g\fR, -\fB\-N\fR -e -\fB\-U\fR -non sono specificate) \(`e definito dalla variabile -\fBUSERGROUPS_ENAB\fR -nel file -/etc/login\&.defs\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Permette la creazione di un utente con un UID duplicato (non unico)\&. -.sp -Questa opzione \(`e valida solo congiuntamente all\*(Aqopzione -\fB\-u\fR\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -La password cifrata, come restituita da -\fBcrypt\fR(3)\&. Il comportamento predefinito \(`e di disabilitare la password\&. -.sp -\fBNota:\fR -questa opzione non \(`e consigliata perch\('e la password (o password cifrata) sar\(`a visibile agli utenti che elencano i processi\&. -.sp -Ci si deve accertare che la password rispetti le norme delle password del sistema\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Crea un account di sistema\&. -.sp -Gli utenti di sistema vengono creati senza le informazioni sulla scadenza in -/etc/shadow -e con l\*(AqID numerico scelto nell\*(Aqintervallo -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR, definito nel file -/etc/login\&.defs, anzich\('e -\fBUID_MIN\fR\-\fBUID_MAX\fR -(e le loro controparti -\fBGID\fR -per la creazione dei gruppi)\&. -.sp -Notare che -\fBuseradd\fR -non creer\(`a la directory home per questi utenti indipendentemente da quanto impostato in -/etc/login\&.defs -(\fBCREATE_HOME\fR)\&. Si deve specificare l\*(Aqopzione -\fB\-m\fR -se si vuole creare la directory home per un account di sistema\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Il nome della shell di login dell\*(Aqutente\&. Il comportamento predefinito \(`e di lasciare vuoto questo campo, che fa s\(`i che il sistema selezioni la shell di connessione predefinita tramite la variabile -\fBSHELL\fR -in -/etc/default/useradd, oppure un testo vuoto\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -Il valore numerico dell\*(Aqidentificatore (ID) dell\*(Aqutente\&. Questo valore deve essere univoco, a meno che non venga usata l\*(Aqopzione -\fB\-o\fR\&. Il valore non deve essere negativo\&. La scelta predefinita \(`e quella di usare il minimo valore di ID maggiore o eguale a -\fBUID_MIN\fR -e maggiore a qualunque altro utente\&. -.sp -Vedere anche la descrizione dell\*(Aqopzione -\fB\-r\fR -e -\fBUID_MAX\fR -.RE -.PP -\fB\-U\fR, \fB\-\-user\-group\fR -.RS 4 -Crea un gruppo con lo stesso nome dell\*(Aqutente e aggiunge l\*(Aqutente al gruppo stesso\&. -.sp -Il comportamento predefinito (se le opzioni -\fB\-g\fR, -\fB\-N\fR -e -\fB\-U\fR -non sono specificate) \(`e definito dalla variabile -\fBUSERGROUPS_ENAB\fR -nel file -/etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fIUTENTESE\fR -.RS 4 -L\*(Aqutente SELinux per questo login utente\&. Lasciando questo campo vuoto si fa in modo che il sistema selezioni automaticamente l\*(Aqutente SELinux\&. -.RE -.SS "Cambiare i valori predefiniti" -.PP -Quando invocato con la sola opzione -\fB\-D\fR, -\fBuseradd\fR -mostrer\(`a i valori predefiniti correnti\&. Quando invocato con l\*(Aqopzione -\fB\-D\fR -e altre opzioni, -\fBuseradd\fR -aggiorner\(`a i valori predefiniti per le opzioni specificate\&. Le opzioni valide sono: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR -.RS 4 -Il prefisso del percorso per la directory home del nuovo utente\&. Il nome dell\*(Aqutente verr\(`a aggiunto alla fine di -\fIBASE_DIR\fR -per creare il nome della nuova directory home, a meno che non venga usata l\*(Aqopzione -\fB\-d\fR -quando si crea un nuovo account\&. -.sp -Questa opzione imposta la variabile -\fBHOME\fR -del file -/etc/default/useradd\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIDATA_SCADENZA\fR -.RS 4 -La data in cui l\*(Aqaccount dell\*(Aqutente verr\(`a disabilitato\&. -.sp -Questa opzione imposta la variabile -\fBEXPIRE\fR -del file -/etc/default/useradd\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINATTIVO\fR -.RS 4 -Il numero di giorni dopo la scadenza di una password prima che l\*(Aqaccount venga disabilitato\&. -.sp -Questa opzione imposta la variabile -\fBINACTIVE\fR -del file -/etc/default/useradd\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGRUPPO\fR -.RS 4 -The group name or ID for a new user\*(Aqs initial group (when the -\fB\-N/\-\-no\-user\-group\fR -is used or when the -\fBUSERGROUPS_ENAB\fR -variable is set to -\fIno\fR -in -/etc/login\&.defs)\&. The named group must exist, and a numerical group ID must have an existing entry\&. -.sp -Questa opzione imposta la variabile -\fBGROUP\fR -nel file -/etc/default/useradd\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Il nome della shell di login per il nuovo utente\&. -.sp -Questa opzione imposta la variabile -\fBSHELL\fR -del file -/etc/default/useradd\&. -.RE -.SH "NOTE" -.PP -L\*(Aqamministratore di sistema \(`e responsabile del posizionamento dei file utente predefiniti nella directory -/etc/skel/ -(o qualsiasi altra directory impostata in -/etc/default/useradd -o nella riga di comando)\&. -.SH "AVVISI/CAVEAT" -.PP -Non \(`e possibile aggiungere un utente ad un gruppo NIS o LDAP\&. Questo deve essere fatto sul server corrispondente\&. -.PP -Analogamente, se il nome utente esiste gi\(`a in un database esterno come NIS o LDAP, -\fBuseradd\fR -bloccher\(`a la creazione dell\*(Aqaccount\&. -.PP -I nomi utente devono iniziare con una lettera minuscola o un underscore, seguiti da lettere minuscole, cifre numeriche, underscore o trattini\&. Possono terminare con il simbolo del dollaro\&. In termini di espressioni regolari: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -I nomi utente non possono eccedere i 32 caratteri di lunghezza\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBCREATE_HOME\fR (booleano) -.RS 4 -Indica se per i nuovi utenti va creata la directory home\&. -.sp -Questa impostazione non viene applicata agli utenti di sistema e pu\(`o essere modificata sulla riga di comando\&. -.RE -.PP -\fBGID_MAX\fR (numerico), \fBGID_MIN\fR (numerico) -.RS 4 -Intervallo di ID di gruppo per la creazione di gruppi normali tramite -\fBuseradd\fR, -\fBgroupadd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBGID_MIN\fR -(rispettivamente -\fBGID_MAX\fR) \(`e 1000 (rispettivmente 60000)\&. -.RE -.PP -\fBMAIL_DIR\fR (testo) -.RS 4 -La directory di spool per la posta\&. Questa \(`e necessaria per manipolare la casella di posta quando il corrispondente account utente viene modificato o cancellato\&. Se non \(`e specificata viene utilizzato un valore impostato al momento della compilazione\&. -.RE -.PP -\fBMAIL_FILE\fR (testo) -.RS 4 -Imposta la posizione delle caselle di posta degli utenti relative alla loro directory home\&. -.RE -.PP -Le variabili -\fBMAIL_DIR\fR -e -\fBMAIL_FILE\fR -vengono utilizzate da -\fBuseradd\fR, -\fBusermod\fR -e -\fBuserdel\fR -per creare, spostare e cancellare le caselle di posta dell\*(Aqutente\&. -.PP -Se -\fBMAIL_CHECK_ENAB\fR -\(`e impostata a -\fIyes\fR -allora sono anche utilizzate per impostare la variabile d\*(Aqambiente -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (numerico) -.RS 4 -Il numero massimo di giorni che una password pu\(`o essere utilizzata\&. Se la password \(`e pi\(`u vecchia verr\(`a imposto il suo cambiamento\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (numerico) -.RS 4 -Il numero minimo di giorni tra due cambiamenti di password\&. Ogni tentativo di cambiare la password prima di questo periodo verr\(`a rifiutato\&. Se non specificato viene assunto \-1 (che disabilita questo controllo)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (numerico) -.RS 4 -Il numero di giorni per i quali un utente va avvisato che la sua password sta per scadere\&. Se zero l\*(Aqutente viene avvisato solo alla scadenza\&. Un valore negativo indica che non si deve avvisare mai\&. Se non specificato allora non c\*(Aq\(`e nessun avviso\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (numerico), \fBSYS_GID_MIN\fR (numerico) -.RS 4 -Intervallo di ID di gruppo utilizzato per la creazione di un gruppo di sistema da -\fBuseradd\fR, -\fBgroupadd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBSYS_GID_MIN\fR -(rispettivamente -\fBSYS_GID_MAX\fR) \(`e 101 (rispettivamente -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (numerico), \fBSYS_UID_MIN\fR (numerico) -.RS 4 -Intervallo di ID utente per la creazione degli utenti di sistema con -\fBuseradd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBSYS_UID_MIN\fR -(rispettivamente -\fBSYS_UID_MAX\fR) \(`e 101 (rispettivamente -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBUID_MAX\fR (numerico), \fBUID_MIN\fR (numerico) -.RS 4 -Intervallo di ID utente da utilizzare nella creazione degli utenti normali tramite -\fBuseradd\fR -o -\fBnewusers\fR\&. -.sp -Il valore predefinito per -\fBUID_MIN\fR -(rispettivamente -\fBUID_MAX\fR) \(`e 1000 (rispettivamente 60000)\&. -.RE -.PP -\fBUMASK\fR (numerico) -.RS 4 -La maschera di permessi alla creazione dei file \(`e inizializzata con questo valore\&. Se non specificato la maschera viene impostata a 022\&. -.sp -\fBuseradd\fR -e -\fBnewusers\fR -usano questa maschera per impostare i permessi della directory home che creano\&. -.sp -Viene anche utilizzata da -\fBlogin\fR -per definire la maschera iniziale dell\*(Aqutente\&. Notare che questa maschera pu\(`o essere modificata dalla riga GECOS dell\*(Aqutente (se -\fBQUOTAS_ENAB\fR -\(`e impostato) o specificando un limite con l\*(Aqidentificativo -\fIK\fR -in -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqimpostazione dei bit di gruppo di umask in modo che siano gli stessi dei bit del proprietario (esempio: 022 \-> 002, 077 \-> 007) per utenti non root a condizione che uid e gid siano identici e che il nome utente sia lo stesso del gruppo primario\&. -.sp -Se impostato a -\fIyes\fR, -\fBuserdel\fR -canceller\(`a il gruppo dell\*(Aqutente se non contiene altri membri, e -\fBuseradd\fR -creer\(`a automaticamente un gruppo con lo stesso nome dell\*(Aqutente\&. -.RE -.SH "FILE" -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.PP -/etc/default/useradd -.RS 4 -Valori predefiniti per la creazione dell\*(Aqaccount\&. -.RE -.PP -/etc/skel/ -.RS 4 -Directory contenente i file predefiniti\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBuseradd\fR -restituisce i seguenti valori: -.SH "VEDERE ANCHE" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/it/man8/userdel.8 b/man/it/man8/userdel.8 deleted file mode 100644 index 8d48149c..00000000 --- a/man/it/man8/userdel.8 +++ /dev/null @@ -1,296 +0,0 @@ -'\" t -.\" Title: userdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "USERDEL" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -userdel \- rimuove l\*(Aqaccount di un utente ed i file relativi -.SH "SINOSSI" -.HP \w'\fBuserdel\fR\ 'u -\fBuserdel\fR [opzioni] \fILOGIN\fR -.SH "DESCRIZIONE" -.PP -Il comando -\fBuserdel\fR -modifica i file di account del sistema, rimuovendo tutte le voci che si riferiscono al nome utente -\fILOGIN\fR\&. L\*(Aqutente indicato deve esistere\&. -.SH "OPZIONI" -.PP -Il comando -\fBuserdel\fR -accetta le seguenti opzioni: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Questa opzione forza la cancellazione di un account utente anche se l\*(Aqutente \(`e ancora collegato al sistema\&. Inoltre forza -\fBuserdel\fR -a rimuovere la directory home dell\*(Aqutente e la casella di posta anche se un altro utente usa la stessa directory home o se la casella di posta non \(`e di propriet\(`a dell\*(Aqutente specificato\&. Se -\fBUSERGROUPS_ENAB\fR -\(`e impostato a -\fIyes\fR -in -/etc/login\&.defs -e se esiste un gruppo con lo stesso nome dell\*(Aqutente cancellato, allora il gruppo stesso viene cancellato anche se risulta il gruppo primario di un altro utente\&. -.sp -\fINota:\fR -questa opzione \(`e pericolosa e pu\(`o lasciare il sistema in uno stato incoerente\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\fR -.RS 4 -I file nella home directory dell\*(Aqutente verranno rimossi insieme alla home directory stessa e alla casella di posta dell\*(Aqutente\&. I file collocati in altri file system dovranno essere cercati e rimossi manualmente\&. -.sp -La directory di spool per la posta \(`e definita dalla variabile -\fBMAIL_DIR\fR -nel file -login\&.defs\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR -.RS 4 -Rimuove tutti gli utenti SELinux assegnati al login utente\&. -.RE -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBMAIL_DIR\fR (testo) -.RS 4 -La directory di spool per la posta\&. Questa \(`e necessaria per manipolare la casella di posta quando il corrispondente account utente viene modificato o cancellato\&. Se non \(`e specificata viene utilizzato un valore impostato al momento della compilazione\&. -.RE -.PP -\fBMAIL_FILE\fR (testo) -.RS 4 -Imposta la posizione delle caselle di posta degli utenti relative alla loro directory home\&. -.RE -.PP -Le variabili -\fBMAIL_DIR\fR -e -\fBMAIL_FILE\fR -vengono utilizzate da -\fBuseradd\fR, -\fBusermod\fR -e -\fBuserdel\fR -per creare, spostare e cancellare le caselle di posta dell\*(Aqutente\&. -.PP -Se -\fBMAIL_CHECK_ENAB\fR -\(`e impostata a -\fIyes\fR -allora sono anche utilizzate per impostare la variabile d\*(Aqambiente -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -\fBUSERDEL_CMD\fR (testo) -.RS 4 -Se definito, questo comando viene eseguito quando si cancella un utente\&. Dovrebbe rimuovere tutti i compiti di stampa/cron/at di propriet\(`a dell\*(Aqutente da cancellare (passato come primo argomento)\&. -.sp -Il codice d\*(Aquscita restituito dallo script non \(`e preso in considerazione\&. -.sp -Ecco uno script di esempio che rimuove i job dell\*(Aqutente, sia di cron che at che di stampa: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Verifica la presenza dell\*(Aqargomento obbligatorio -if [ $# != 1 ]; then - echo "Uso: $0 username" - exit 1 -fi - -# Rimuove i compiti di cron -crontab \-r \-u $1 - -# Rimuove i compiti di at -# Nota che verranno rimossi tutti i compiti di propriet\(`a dello stesso UID, -# anche se condiviso con un altro nome utente\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Rimuove le stampe -lprm $1 - -# Finito\&. -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (booleano) -.RS 4 -Abilita l\*(Aqimpostazione dei bit di gruppo di umask in modo che siano gli stessi dei bit del proprietario (esempio: 022 \-> 002, 077 \-> 007) per utenti non root a condizione che uid e gid siano identici e che il nome utente sia lo stesso del gruppo primario\&. -.sp -Se impostato a -\fIyes\fR, -\fBuserdel\fR -canceller\(`a il gruppo dell\*(Aqutente se non contiene altri membri, e -\fBuseradd\fR -creer\(`a automaticamente un gruppo con lo stesso nome dell\*(Aqutente\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "VALORI RESTITUITI" -.PP -Il comando -\fBuserdel\fR -esce con i seguenti valori: -.PP -\fI0\fR -.RS 4 -successo -.RE -.PP -\fI1\fR -.RS 4 -impossibile aggiornare il file delle password -.RE -.PP -\fI2\fR -.RS 4 -sintassi del comando errata -.RE -.PP -\fI6\fR -.RS 4 -l\*(Aqutente specificato non esiste -.RE -.PP -\fI8\fR -.RS 4 -utente attualmente connesso al sistema -.RE -.PP -\fI10\fR -.RS 4 -non \(`e possibile aggiornare il file group -.RE -.PP -\fI12\fR -.RS 4 -non \(`e possibile cancellare la directory home -.RE -.SH "AVVISI/CAVEAT" -.PP -\fBuserdel\fR -non permetter\(`a la cancellazione di un account se ci sono in esecuzione processi dell\*(Aqaccount stesso\&. In quel caso si deve prima terminare quei processi o bloccare la password o l\*(Aqaccount, e cancellare l\*(Aqaccount successivamente\&. L\*(Aqopzione -\fB\-f\fR -forza la cancellazione dell\*(Aqaccount\&. -.PP -Occorre controllare manualmente tutti i file system per assicurarsi che non rimanga nessun file di propriet\(`a di questo utente\&. -.PP -Non \(`e possibile rimuovere nessun attributo NIS su un client NIS\&. Questo deve essere fatto sul server NIS\&. -.PP -Se -\fBUSERGROUPS_ENAB\fR -\(`e impostato a -\fIyes\fR -in -/etc/login\&.defs, -\fBuserdel\fR -canceller\(`a il gruppo che ha lo stesso nome dell\*(Aqutente\&. Per evitare incoerenze tra i database di passwd e group, -\fBuserdel\fR -verificher\(`a che questo gruppo non sia utilizzato come gruppo primario da altri utenti, e nel caso emetter\(`a un avviso senza cancellare il gruppo\&. L\*(Aqopzione -\fB\-f\fR -forza la cancellazione di questo gruppo\&. -.SH "VEDERE ANCHE" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBlogin.defs\fR(5), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/it/man8/usermod.8 b/man/it/man8/usermod.8 deleted file mode 100644 index 70920e58..00000000 --- a/man/it/man8/usermod.8 +++ /dev/null @@ -1,438 +0,0 @@ -'\" t -.\" Title: usermod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "USERMOD" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -usermod \- modifica l\*(Aqaccount di un utente -.SH "SINOSSI" -.HP \w'\fBusermod\fR\ 'u -\fBusermod\fR [\fIopzioni\fR] \fILOGIN\fR -.SH "DESCRIZIONE" -.PP -Il comando -\fBusermod\fR -modifica i file di account del sistema in modo da riflettere i cambiamenti che sono specificati sulla riga di comando\&. -.SH "OPZIONI" -.PP -Il comando -\fBusermod\fR -accetta le seguenti opzioni: -.PP -\fB\-a\fR, \fB\-\-append\fR -.RS 4 -Aggiunge l\*(Aqutente al/i gruppo/i supplmentare/i\&. Usare solo con l\*(Aqopzione -\fB\-G\fR\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENTO\fR -.RS 4 -Il nuovo valore per il campo commento dell\*(Aqutente nel file password\&. Normalmente viene modificato usando l\*(Aqutilit\(`a -\fBchfn\fR(1)\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_DIR\fR -.RS 4 -La nuova directory home dell\*(Aqutente\&. -.sp -Se \(`e data l\*(Aqopzione -\fB\-m\fR -il contenuto della directory home corrente sar\(`a spostato nella nuova directory home, che viene creata se non esiste gi\(`a\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIDATA_SCADENZA\fR -.RS 4 -La data in cui l\*(Aqaccount dell\*(Aqutente verr\(`a disabilitato\&. La data \(`e specificata nel formato -\fIAAAA\-MM\-GG\fR\&. -.sp -Un argomento -\fIDATA_SCADENZA\fR -vuoto disabilita la scadenza dell\*(Aqaccount\&. -.sp -Questa opzione richiede il file -/etc/shadow\&. Se non c\*(Aq\(`e ancora viene creata una voce nel file -/etc/shadow\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINATTIVO\fR -.RS 4 -Il numero di giorni dopo la scadenza di una password prima che l\*(Aqaccount venga disabilitato permanentemente\&. -.sp -Il valore 0 disabilita l\*(Aqaccount non appena la password \(`e scaduta, e il valore \-1 disabilita questa funzionalit\(`a\&. -.sp -Questa opzione richiede il file -/etc/shadow\&. Se non c\*(Aq\(`e ancora viene creata una voce nel file -/etc/shadow\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGRUPPO\fR -.RS 4 -Il nome o numero del gruppo da assegnare alla connessione dell\*(Aqutente\&. Il gruppo deve esistere\&. -.sp -Tutti i file nella directory home dell\*(Aqutente che hanno come gruppo il precedente gruppo primario dell\*(Aqutente stesso verranno modificati perch\('e abbiano questo nuovo gruppo\&. -.sp -Il gruppo dei file che si trovano all\*(Aqesterno della directory home dell\*(Aqutente andr\(`a modificato manualmente\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGRUPPO1\fR[\fI,GRUPPO2,\&.\&.\&.\fR[\fI,GRUPPON\fR]]] -.RS 4 -Una lista di gruppi supplementari di cui l\*(Aqutente \(`e altres\(`i membro\&. Ciascun gruppo \(`e separato dal successivo da una virgola, senza spazi bianchi intermedi\&. I gruppi sono soggetti alle stesse restrizioni del gruppo dato con l\*(Aqopzione -\fB\-g\fR\&. -.sp -Se l\*(Aqutente \(`e attualmente membro di un gruppo che non \(`e elencato, l\*(Aqutente verr\(`a rimosso dal gruppo\&. Questo comportamento pu\(`o essere cambiato con l\*(Aqopzione -\fB\-a\fR -che aggiunge all\*(Aqutente i gruppi supplementari dei quali fa attualmente parte\&. -.RE -.PP -\fB\-l\fR, \fB\-\-login\fR\ \&\fINUOVO_LOGIN\fR -.RS 4 -Il nome dell\*(Aqutente verr\(`a cambiato da -\fILOGIN\fR -a -\fINUOVO_LOGIN\fR\&. Niente altro viene cambiato\&. In particolare, la directory home dell\*(Aqutente e la casella di posta dovrebbero probabilmente essere modificate manualmente in modo da riflettere il nuovo nome di login\&. -.RE -.PP -\fB\-L\fR, \fB\-\-lock\fR -.RS 4 -Blocca la password di un utente\&. Questo inserisce un \(Fo!\(Fc davanti alla password cifrata, disabilitandola\&. Non si pu\(`o utilizzare questa opzione con le opzioni -\fB\-p\fR -e -\fB\-U\fR\&. -.sp -Nota: se si vuole bloccare l\*(Aqaccount (non solo l\*(Aqaccesso tramite password), si deve anche impostare -\fIDATA_SCADENZA\fR -a -\fI1\fR\&. -.RE -.PP -\fB\-m\fR, \fB\-\-move\-home\fR -.RS 4 -Sposta il contenuto della directory home di un utente nella nuova posizione\&. -.sp -Questa opzione \(`e valida solo in combinazioone con l\*(Aqopzione -\fB\-d\fR -(o -\fB\-\-home\fR)\&. -.sp -\fBusermod\fR -cercher\(`a di adattare la propriet\(`a dei file e di copiare i permessi, le ACL e gli attributi estesi, ma successive modifiche manuali potrebbe comunque essere necessarie\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Quando \(`e usata con l\*(Aqopzione -\fB\-u\fR -questa opzione permette di modificare l\*(AqID utente in un valore non univoco\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -La passwird cifrata, cos\(`i come viene restituita da -\fBcrypt\fR(3)\&. -.sp -\fBNota:\fR -questa opzione non \(`e consigliata perch\('e la password (o password cifrata) sar\(`a visibile agli utenti che elencano i processi\&. -.sp -Ci si deve accertare che la password rispetti le norme delle password del sistema\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Il nome della nuova shell di login dell\*(Aqutente\&. Lasciando questo campo vuoto si fa in modo che il sistema selezioni la shell di login predefinita\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -Il nuovo valore numerico dell\*(AqID utente\&. -.sp -Questo valore deve essere univoco, a meno che non sia utilizzata l\*(Aqopzione -\fB\-o\fR\&. Il valore non pu\(`o essere negativo\&. -.sp -La casella di posta dell\*(Aqutente e ogni altro file di propriet\(`a dell\*(Aqutente che si trovi all\*(Aqinterno della directory home avr\(`a l\*(AqID utente cambiato automaticamente\&. -.sp -La propriet\(`a dei file esterni alla directory home dell\*(Aqutente va corretta manualmente\&. -.sp -Non vengono fatti controlli riguardo -\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBSYS_UID_MIN\fR -o -\fBSYS_UID_MAX\fR -dal file -/etc/login\&.defs\&. -.RE -.PP -\fB\-U\fR, \fB\-\-unlock\fR -.RS 4 -Sblocca la password di un utente\&. Questo rimuove il \(Fo!\(Fc davanti alla password cifrata\&. Non si pu\(`o usare questa opzione con l\*(Aqopzione -\fB\-p\fR -o -\fB\-L\fR\&. -.sp -Nota: se si vuole sbloccare l\*(Aqaccount (non solo l\*(Aqaccesso con password) si deve anche impostare -\fIDATA_SCADENZA\fR -(per esempio a -\fI99999\fR -o al valore -\fBEXPIRE\fR -dal file -/etc/default/useradd)\&. -.RE -.PP -\fB\-v\fR, \fB\-\-add\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate uids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-V\fR, \fB\-\-del\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate uids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-uids\fR -and -\fB\-\-add\-sub\-uids\fR -are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-w\fR, \fB\-\-add\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate gids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-W\fR, \fB\-\-del\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate gids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-gids\fR -and -\fB\-\-add\-sub\-gids\fR -are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fIUTENTESE\fR -.RS 4 -Il nuovo utente SELinux per il login dell\*(Aqutente\&. -.sp -Un -\fIUTENTESE\fR -vuoto rimuover\(`a la mappatura per l\*(Aqutente SELinux da -\fILOGIN\fR -(se presente)\&. -.RE -.SH "AVVISI/CAVEAT" -.PP -Se si cambia l\*(AqID numerico, il nome dell\*(Aqutente o la sua directory home, si deve verificare che l\*(Aqutente in questione non stia eseguendo nessun processo al momento dell\*(Aqesecuzione del comando\&. -\fBusermod\fR -effettua questo controllo in Linux, ma su altri sistemi controlla solo che non sia registrato come collegato in utmp\&. -.PP -Si deve cambiare manualmente il proprietario di eventuali file -\fBcrontab\fR -e compiti -\fBat\fR\&. -.PP -Si devono apportare tutte le modifiche che riguardano NIS sul server NIS\&. -.SH "CONFIGURAZIONE" -.PP -Le seguenti variabili di configurazione in -/etc/login\&.defs -cambiano il comportamento di questo strumento: -.PP -\fBMAIL_DIR\fR (testo) -.RS 4 -La directory di spool per la posta\&. Questa \(`e necessaria per manipolare la casella di posta quando il corrispondente account utente viene modificato o cancellato\&. Se non \(`e specificata viene utilizzato un valore impostato al momento della compilazione\&. -.RE -.PP -\fBMAIL_FILE\fR (testo) -.RS 4 -Imposta la posizione delle caselle di posta degli utenti relative alla loro directory home\&. -.RE -.PP -Le variabili -\fBMAIL_DIR\fR -e -\fBMAIL_FILE\fR -vengono utilizzate da -\fBuseradd\fR, -\fBusermod\fR -e -\fBuserdel\fR -per creare, spostare e cancellare le caselle di posta dell\*(Aqutente\&. -.PP -Se -\fBMAIL_CHECK_ENAB\fR -\(`e impostata a -\fIyes\fR -allora sono anche utilizzate per impostare la variabile d\*(Aqambiente -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (numero) -.RS 4 -Numero massimo di membri per gruppo\&. Quando viene raggiunto il massimo, viene creata una nuova riga per il gruppo nel file -/etc/group -(con lo stesso nome, stessa password e stesso GID)\&. -.sp -Il valore predefinito \(`e 0, che non pone nessun limite al numero di membri per gruppo\&. -.sp -Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe nel file \(Fogroup\(Fc\&. Questo \(`e utile per essere certi che le righe per gruppi NIS non eccedano i 1024 caratteri\&. -.sp -Se si deve impostare questo limite, si pu\(`o usare 25\&. -.sp -Nota: la divisione dei gruppi potrebbe non essere supportata da ogni strumento (anche all\*(Aqinterno del pacchetto Shadow)\&. Non si dovrebbe utilizzare questa variabile a meno di esserci forzati\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Configurazione del pacchetto password shadow -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/it/man8/vigr.8 b/man/it/man8/vigr.8 deleted file mode 100644 index ff72d7ae..00000000 --- a/man/it/man8/vigr.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/vipw.8 diff --git a/man/it/man8/vipw.8 b/man/it/man8/vipw.8 deleted file mode 100644 index 70d48a0e..00000000 --- a/man/it/man8/vipw.8 +++ /dev/null @@ -1,135 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 09/05/2014 -.\" Manual: Comandi per la gestione del sistema -.\" Source: shadow-utils 4.2 -.\" Language: Italian -.\" -.TH "VIPW" "8" "09/05/2014" "shadow\-utils 4\&.2" "Comandi per la gestione del si" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NOME" -vipw, vigr \- modifica i file delle password, dei gruppi, delle password shadow o dei gruppi shadow -.SH "SINOSSI" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fIopzioni\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fIopzioni\fR] -.SH "DESCRIZIONE" -.PP -I comandi -\fBvipw\fR -e -\fBvigr\fR -permettono di modificare rispettivamente i file -/etc/passwd -e -/etc/group\&. Con l\*(Aqopzione -\fB\-s\fR, vengono aperte le versioni shadow di quei file, rispettivamente -/etc/shadow -e -/etc/gshadow\&. I programmi si occupano di impostare i lock necessari per evitare la corruzione dei file\&. Per determinare l\*(Aqeditor da usare, i programmi prima provano con la variabile d\*(Aqambiente -\fB$VISUAL\fR, poi con la variabile d\*(Aqambiente -\fB$EDITOR\fR -e infine con l\*(Aqeditor predefinito, -\fBvi\fR(1)\&. -.SH "OPZIONI" -.PP -Le opzioni per i comandi -\fBvipw\fR -e -\fBvigr\fR -sono: -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -Modifica del database \(Fogroup\(Fc\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Mostra un messaggio di aiuto ed esce\&. -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -Modifica del database \(Fopasswd\(Fc\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Modalit\(`a silenziosa\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Effettua le modifiche nella directory -\fICHROOT_DIR\fR -e usa i file di configurazione dalla directory -\fICHROOT_DIR\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -Modifica del database \(Foshadow\(Fc o \(Fogshadow\(Fc -.RE -.SH "VARIABILI D'AMBIENTE" -.PP -\fBVISUAL\fR -.RS 4 -Editor da utilizzare\&. -.RE -.PP -\fBEDITOR\fR -.RS 4 -Editor da utilizzare se -\fBVISUAL\fR -non \(`e impostata\&. -.RE -.SH "FILE" -.PP -/etc/group -.RS 4 -Informazioni sugli account di gruppo\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informazioni sicure sugli account di gruppo\&. -.RE -.PP -/etc/passwd -.RS 4 -Informazioni sugli account utente\&. -.RE -.PP -/etc/shadow -.RS 4 -Informazioni sicure sugli account utente\&. -.RE -.SH "VEDERE ANCHE" -.PP -\fBvi\fR(1), -\fBgroup\fR(5), -\fBgshadow\fR(5), , -\fBpasswd\fR(5), , -\fBshadow\fR(5) diff --git a/man/ja/Makefile.in b/man/ja/Makefile.in deleted file mode 100644 index 1b620638..00000000 --- a/man/ja/Makefile.in +++ /dev/null @@ -1,642 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@USE_PAM_TRUE@am__append_2 = $(man_nopam) -subdir = man/ja -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/ja -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = man1/chage.1 man1/chfn.1 man8/chpasswd.8 man1/chsh.1 \ - man1/expiry.1 man5/faillog.5 man8/faillog.8 man1/gpasswd.1 \ - man8/groupadd.8 man8/groupdel.8 man8/groupmod.8 man1/groups.1 \ - man8/grpck.8 man8/grpconv.8 man8/grpunconv.8 man8/lastlog.8 \ - man1/login.1 man5/login.defs.5 man8/logoutd.8 man1/newgrp.1 \ - man8/newusers.8 man1/passwd.1 man5/passwd.5 man8/pwck.8 \ - man8/pwconv.8 man8/pwunconv.8 man1/sg.1 man5/shadow.5 \ - man1/su.1 man5/suauth.5 man8/useradd.8 man8/userdel.8 \ - man8/usermod.8 man8/vigr.8 man8/vipw.8 $(am__append_1) -man_nopam = \ - man5/limits.5 \ - man5/login.access.5 \ - man5/porttime.5 - -EXTRA_DIST = $(man_MANS) man1/id.1 man3/shadow.3 man8/sulogin.8 \ - $(am__append_2) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/ja/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/ja/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man5 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man5 \ - uninstall-man8 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/ko/Makefile.in b/man/ko/Makefile.in deleted file mode 100644 index db553727..00000000 --- a/man/ko/Makefile.in +++ /dev/null @@ -1,637 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/ko -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/ko -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = \ - man1/chfn.1 \ - man1/chsh.1 \ - man1/groups.1 \ - man1/login.1 \ - man5/passwd.5 \ - man1/su.1 \ - man8/vigr.8 \ - man8/vipw.8 - -# newgrp.1 must be updated -# newgrp.1 -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/ko/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/ko/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man5 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man5 \ - uninstall-man8 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/ko/man1/id.1 b/man/ko/man1/id.1 new file mode 100644 index 00000000..a48aa266 --- /dev/null +++ b/man/ko/man1/id.1 @@ -0,0 +1,52 @@ +.TH ID 1L "GNU ģ‰˜ ģœ ķ‹øė¦¬ķ‹°" "FSF" \" \-*\- nroff \-*\- +.SH ģ“ė¦„ +id \- ģ‹¤ģ œ, ģœ ķšØ UIDģ™€ GIDė„¼ ģ¶œė „ķ•œė‹¤. +.SH ź°œģš” +.B id +[\-gnruG] [\-\-group] [\-\-name] [\-\-real] [\-\-user] [\-\-groups] +[\-\-help] [\-\-version] [username] +.SH ģ„¤ėŖ… +ģ“ ė§ØķŽ˜ģ“ģ§€ėŠ” GNU ė²„ģ „ģ˜ +.BR id +ė„¼ ė‹¤ė£¬ė‹¤. +.B id +ėŠ” ģ£¼ģ–“ģ§„ ģ‚¬ģš©ģž, ė˜ėŠ” ģ‚¬ģš©ģžź°€ ģ£¼ģ–“ģ§€ģ§€ ģ•ŠėŠ” ź²½ģš° ķ”„ė”œģ„øģŠ¤ģ˜ ģ£¼ģøģ— ėŒ€ķ•œ +ģ •ė³“ė„¼ ģ¶œė „ķ•œė‹¤. źø°ė³øģ ģœ¼ė”œ ģ‹¤ģ œ ģ‚¬ģš©ģž ID, ģ‹¤ģ œ ź·øė£¹ ID, ė§Œģ•½ ģ‹¤ģ œ ģ‚¬ģš©ģž +IDģ™€ ė‹¤ė„“ė‹¤ė©“ ģœ ķšØ ģ‚¬ģš©ģž IDė„¼, ė§ˆģ°¬ź°€ģ§€ė”œ ģ‹¤ģ œ ź·øė£¹ IDģ™€ ė‹¤ė„“ė‹¤ė©“ ģœ ķšØ ź·øė£¹ +IDė„¼ ģ¶œė „ķ•˜ź³  ģ¶”ź°€ ź·øė£¹ IDė„¼ ģ¶œė „ķ•œė‹¤. ź° ķ•­ėŖ©ģ€ ģ‹ė³„ ė¬øģž ź·øė¦¬ź³  ź“„ķ˜ø ģ•ˆģ— +ķ•“ė‹¹ķ•˜ėŠ” ģ‚¬ģš©ģž ė˜ėŠ” ź·øė£¹ėŖ…ģœ¼ė”œ ķ‘œķ˜„ėœė‹¤. +.PP +.B id +ģ— ģ˜µģ…˜ģ„ ģ£¼ė©“ ģœ„ģ—ģ„œ ģ—“ź±°ķ•œ ģ •ė³“ģ˜ ģ¼ė¶€ė§Œ ė³“ģ—¬ģ¤€ė‹¤. +.SS ģ˜µģ…˜ +.TP +.I "\-g, \-\-group" +ģ˜¤ė”œģ§€ ź·øė£¹ IDė§Œ ģ¶œė „ķ•œė‹¤. +.TP +.I "\-G, \-\-groups" +ģ¶”ź°€ ź·øė£¹ė§Œ ģ¶œė „ķ•œė‹¤. +.TP +.I "\-\-help" +ķ‘œģ¤€ģ¶œė „ģœ¼ė”œ ģ‚¬ģš©ė²•ģ„ ģ¶œė „ķ•˜ź³  ģ •ģƒģ ģœ¼ė”œ ģ¢…ė£Œķ•œė‹¤. +.TP +.I "\-n, \-\-name" +ID ė²ˆķ˜ø ėŒ€ģ‹  ģ‚¬ģš©ģžėŖ…, ź·øė£¹ėŖ…ģ„ ģ¶œė „ķ•œė‹¤. +.IR \-u , +.IR \-g , +ė˜ėŠ” +.IR \-G +ė„¼ ķ•„ģš”ė”œ ķ•œė‹¤. +.TP +.I "\-r, \-\-real" +ģœ ķšØ ģ‚¬ģš©ģž, ģœ ķšØ ź·øė£¹ IDź°€ ģ•„ė‹ˆė¼ ģ‹¤ģ œ ID ė„¼ ģ¶œė „ķ•œė‹¤. +.IR \-u , +.IR \-g , +ė˜ėŠ” +.IR \-G +ė„¼ ķ•„ģš”ė”œ ķ•œė‹¤. +.TP +.I "\-u, \-\-user" +ģ˜¤ė”œģ§€ ģ‚¬ģš©ģž ID ė§Œ ģ¶œė „ķ•œė‹¤. +.TP +.I "\-\-version" +ķ‘œģ¤€ģ¶œė „ģœ¼ė”œ ė²„ģ „ģ •ė³“ė„¼ ģ¶œė „ķ•˜ź³  ģ •ģƒģ ģœ¼ė”œ ģ¢…ė£Œķ•œė‹¤. diff --git a/man/ko/man1/newgrp.1 b/man/ko/man1/newgrp.1 new file mode 100644 index 00000000..31cc482c --- /dev/null +++ b/man/ko/man1/newgrp.1 @@ -0,0 +1,29 @@ +.\" Original author unknown. This man page is in the public domain. +.\" Modified Sat Oct 9 17:46:48 1993 by faith@cs.unc.edu +.TH NEWGRP 1 "9 October 1993" "Linux 1.2" "Linux Programmer's Manual" +.SH NAME +newgrp \- ģžģ‹ ģ“ ģ†Œģ†ėœ ź·øė£¹ģ„ ģƒˆ ź·øė£¹ģœ¼ė”œ ė°”ź¾¼ė‹¤. +.SH SYNOPSIS +.BI "newgrp [ " group " ]" +.SH DESCRIPTION +.B Newgrp +ėŖ…ė ¹ģ€ +changes the group identification of its caller, analogously to +.BR login (1). +ėŖ…ė ¹ģœ¼ė”œ ė”œź·øģø ķ•  ė•Œ ģ‹ė³„ė˜ėŠ” ź·øė£¹ģ„ ė°”ź¾¼ė‹¤. +\fIgroup\fRģœ¼ė”œ ģ‚¬ģš©ė  ģˆ˜ ģžˆėŠ” ź°’ģ€ /etc/group ķŒŒģ¼ģ•ˆģ— +ģžˆėŠ” ź·øė£¹ģ˜ ģ“ė¦„ģ“ė‚˜, GID ź°’ģ“ģ—¬ģ•¼ ķ•˜ė©°, +ėŖ…ė ¹ķ–‰ ģøģžģ—ģ„œ ģ“ ź°’ģ„ ķŠ¹ė³„ķžˆ ģ§€ģ •ķ•˜ģ§€ ģ•Šģœ¼ė©“, ķ˜„ģž¬ ģžģ‹ ģ˜ +ź·øė£¹ģœ¼ė”œ ė°”ź¾¼ė‹¤. +.LP +.SH FILES +.I /etc/group +.br +.I /etc/passwd + +.SH "SEE ALSO" +.BR login "(1), " group (5) + +.SH AUTHOR +Originally by Michael Haardt. Currently maintained by +Peter Orbaek (poe@daimi.aau.dk). diff --git a/man/lastlog.8.xml b/man/lastlog.8.xml index 191b74ba..3ee1b3a8 100644 --- a/man/lastlog.8.xml +++ b/man/lastlog.8.xml @@ -103,6 +103,17 @@ + + + , + + + + Clear lastlog record of a user. This option can be used only together + with ()). + + + , @@ -123,6 +134,17 @@ + + + , + + + + Set lastlog record of a user to the current time. This option can be + used only together with ()). + + + ,  DAYS diff --git a/man/limits.5.xml b/man/limits.5.xml index 1c8e54d2..1215f13f 100644 --- a/man/limits.5.xml +++ b/man/limits.5.xml @@ -108,7 +108,7 @@ A: max address space (KB) C: max core file size (KB) D: max data size (KB) - F: maximum filesize (KB) + F: maximum file size (KB) K: file creation mask, set by umask2 @@ -145,7 +145,7 @@ Be aware that after username the rest of the line is considered a limit string, thus comments are not - allowed. A invalid limits string will be rejected (not considered) by + allowed. An invalid limits string will be rejected (not considered) by the login program. @@ -163,12 +163,12 @@ - If more than one line with limits for an user exist, only the first line for + If more than one line with limits for a user exist, only the first line for this user will be considered. - If no lines are specified for an user, the last + If no lines are specified for a user, the last @group line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user. diff --git a/man/man1/chage.1 b/man/man1/chage.1 deleted file mode 100644 index aa46a144..00000000 --- a/man/man1/chage.1 +++ /dev/null @@ -1,184 +0,0 @@ -'\" t -.\" Title: chage -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "CHAGE" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chage \- change user password expiry information -.SH "SYNOPSIS" -.HP \w'\fBchage\fR\ 'u -\fBchage\fR [\fIoptions\fR] \fILOGIN\fR -.SH "DESCRIPTION" -.PP -The -\fBchage\fR -command changes the number of days between password changes and the date of the last password change\&. This information is used by the system to determine when a user must change his/her password\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBchage\fR -command are: -.PP -\fB\-d\fR, \fB\-\-lastday\fR\ \&\fILAST_DAY\fR -.RS 4 -Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. -.RE -.PP -\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -Set the date or number of days since January 1, 1970 on which the user\*(Aqs account will no longer be accessible\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. -.sp -Passing the number -\fI\-1\fR -as the -\fIEXPIRE_DATE\fR -will remove an account expiration date\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -Set the number of days of inactivity after a password has expired before the account is locked\&. The -\fIINACTIVE\fR -option is the number of days of inactivity\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. -.sp -Passing the number -\fI\-1\fR -as the -\fIINACTIVE\fR -will remove an account\*(Aqs inactivity\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -Show account aging information\&. -.RE -.PP -\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR -.RS 4 -Set the minimum number of days between password changes to -\fIMIN_DAYS\fR\&. A value of zero for this field indicates that the user may change his/her password at any time\&. -.RE -.PP -\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR -.RS 4 -Set the maximum number of days during which a password is valid\&. When -\fIMAX_DAYS\fR -plus -\fILAST_DAY\fR -is less than the current day, the user will be required to change his/her password before being able to use his/her account\&. This occurrence can be planned for in advance by use of the -\fB\-W\fR -option, which provides the user with advance warning\&. -.sp -Passing the number -\fI\-1\fR -as -\fIMAX_DAYS\fR -will remove checking a password\*(Aqs validity\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR -.RS 4 -Set the number of days of warning before a password change is required\&. The -\fIWARN_DAYS\fR -option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire\&. -.RE -.PP -If none of the options are selected, -\fBchage\fR -operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of -\fI[ ]\fR -marks\&. -.SH "NOTE" -.PP -The -\fBchage\fR -program requires a shadow password file to be available\&. -.PP -The -\fBchage\fR -command is restricted to the root user, except for the -\fB\-l\fR -option, which may be used by an unprivileged user to determine when his/her password or account is due to expire\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.SH "EXIT VALUES" -.PP -The -\fBchage\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI1\fR -.RS 4 -permission denied -.RE -.PP -\fI2\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI15\fR -.RS 4 -can\*(Aqt find the shadow password file -.RE -.SH "SEE ALSO" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/man1/chfn.1 b/man/man1/chfn.1 deleted file mode 100644 index 569d6280..00000000 --- a/man/man1/chfn.1 +++ /dev/null @@ -1,163 +0,0 @@ -'\" t -.\" Title: chfn -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "CHFN" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chfn \- change real user name and information -.SH "SYNOPSIS" -.HP \w'\fBchfn\fR\ 'u -\fBchfn\fR [\fIoptions\fR] [\fILOGIN\fR] -.SH "DESCRIPTION" -.PP -The -\fBchfn\fR -command changes user fullname, office room number, office phone number, and home phone number information for a user\*(Aqs account\&. This information is typically printed by -\fBfinger\fR(1) -and similar programs\&. A normal user may only change the fields for her own account, subject to the restrictions in -/etc/login\&.defs\&. (The default configuration is to prevent users from changing their fullname\&.) The superuser may change any field for any account\&. Additionally, only the superuser may use the -\fB\-o\fR -option to change the undefined portions of the GECOS field\&. -.PP -These fields must not contain any colons\&. Except for the -\fIother\fR -field, they should not contain any comma or equal sign\&. It is also recommended to avoid non\-US\-ASCII characters, but this is only enforced for the phone numbers\&. The -\fIother\fR -field is used to store accounting information used by other applications\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBchfn\fR -command are: -.PP -\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fIFULL_NAME\fR -.RS 4 -Change the user\*(Aqs full name\&. -.RE -.PP -\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fIHOME_PHONE\fR -.RS 4 -Change the user\*(Aqs home phone number\&. -.RE -.PP -\fB\-o\fR, \fB\-\-other\fR\ \&\fIOTHER\fR -.RS 4 -Change the user\*(Aqs other GECOS information\&. This field is used to store accounting information used by other applications, and can be changed only by a superuser\&. -.RE -.PP -\fB\-r\fR, \fB\-\-room\fR\ \&\fIROOM_NUMBER\fR -.RS 4 -Change the user\*(Aqs room number\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-u\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fIWORK_PHONE\fR -.RS 4 -Change the user\*(Aqs office phone number\&. -.RE -.PP -If none of the options are selected, -\fBchfn\fR -operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of -\fB[ ]\fR -marks\&. Without options, -\fBchfn\fR -prompts for the current user account\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBCHFN_AUTH\fR (boolean) -.RS 4 -If -\fIyes\fR, the -\fBchfn\fR -program will require authentication before making any changes, unless run by the superuser\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (string) -.RS 4 -This parameter specifies which values in the -\fIgecos\fR -field of the -/etc/passwd -file may be changed by regular users using the -\fBchfn\fR -program\&. It can be any combination of letters -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR, for Full name, Room number, Work phone, and Home phone, respectively\&. For backward compatibility, -\fIyes\fR -is equivalent to -\fIrwh\fR -and -\fIno\fR -is equivalent to -\fIfrwh\fR\&. If not specified, only the superuser can make any changes\&. The most restrictive setting is better achieved by not installing -\fBchfn\fR -SUID\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will not be translated\&. -.sp -If the string contains -\fI%s\fR, this will be replaced by the user\*(Aqs name\&. -.RE -.SH "FILES" -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBchsh\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/man1/chsh.1 b/man/man1/chsh.1 deleted file mode 100644 index e8f38869..00000000 --- a/man/man1/chsh.1 +++ /dev/null @@ -1,121 +0,0 @@ -'\" t -.\" Title: chsh -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "CHSH" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chsh \- change login shell -.SH "SYNOPSIS" -.HP \w'\fBchsh\fR\ 'u -\fBchsh\fR [\fIoptions\fR] [\fILOGIN\fR] -.SH "DESCRIPTION" -.PP -The -\fBchsh\fR -command changes the user login shell\&. This determines the name of the user\*(Aqs initial login command\&. A normal user may only change the login shell for her own account; the superuser may change the login shell for any account\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBchsh\fR -command are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -The name of the user\*(Aqs new login shell\&. Setting this field to blank causes the system to select the default login shell\&. -.RE -.PP -If the -\fB\-s\fR -option is not selected, -\fBchsh\fR -operates in an interactive fashion, prompting the user with the current login shell\&. Enter the new value to change the shell, or leave the line blank to use the current one\&. The current shell is displayed between a pair of -\fI[ ]\fR -marks\&. -.SH "NOTE" -.PP -The only restriction placed on the login shell is that the command name must be listed in -/etc/shells, unless the invoker is the superuser, and then any value may be added\&. An account with a restricted login shell may not change her login shell\&. For this reason, placing -/bin/rsh -in -/etc/shells -is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell back to its original value\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBCHSH_AUTH\fR (boolean) -.RS 4 -If -\fIyes\fR, the -\fBchsh\fR -program will require authentication before making any changes, unless run by the superuser\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will not be translated\&. -.sp -If the string contains -\fI%s\fR, this will be replaced by the user\*(Aqs name\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shells -.RS 4 -List of valid login shells\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "SEE ALSO" -.PP -\fBchfn\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/man1/expiry.1 b/man/man1/expiry.1 deleted file mode 100644 index 1f55aefa..00000000 --- a/man/man1/expiry.1 +++ /dev/null @@ -1,74 +0,0 @@ -'\" t -.\" Title: expiry -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "EXPIRY" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -expiry \- check and enforce password expiration policy -.SH "SYNOPSIS" -.HP \w'\fBexpiry\fR\ 'u -\fBexpiry\fR \fIoption\fR -.SH "DESCRIPTION" -.PP -The -\fBexpiry\fR -command checks (\fB\-c\fR) the current password expiration and forces (\fB\-f\fR) changes when required\&. It is callable as a normal user command\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBexpiry\fR -command are: -.PP -\fB\-c\fR, \fB\-\-check\fR -.RS 4 -Check the password expiration of the current user\&. -.RE -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Force a password change if the current user has an expired password\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/man1/gpasswd.1 b/man/man1/gpasswd.1 deleted file mode 100644 index 01d76b8e..00000000 --- a/man/man1/gpasswd.1 +++ /dev/null @@ -1,231 +0,0 @@ -'\" t -.\" Title: gpasswd -.\" Author: Rafal Maszkowski -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "GPASSWD" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -gpasswd \- administer /etc/group and /etc/gshadow -.SH "SYNOPSIS" -.HP \w'\fBgpasswd\fR\ 'u -\fBgpasswd\fR [\fIoption\fR] \fIgroup\fR -.SH "DESCRIPTION" -.PP -The -\fBgpasswd\fR -command is used to administer -/etc/group, and /etc/gshadow\&. Every group can have -administrators, -members and a password\&. -.PP -System administrators can use the -\fB\-A\fR -option to define group administrator(s) and the -\fB\-M\fR -option to define members\&. They have all rights of group administrators and members\&. -.PP -\fBgpasswd\fR -called by -a group administrator -with a group name only prompts for the new password of the -\fIgroup\fR\&. -.PP -If a password is set the members can still use -\fBnewgrp\fR(1) -without a password, and non\-members must supply the password\&. -.SS "Notes about group passwords" -.PP -Group passwords are an inherent security problem since more than one person is permitted to know the password\&. However, groups are a useful tool for permitting co\-operation between different users\&. -.SH "OPTIONS" -.PP -Except for the -\fB\-A\fR -and -\fB\-M\fR -options, the options cannot be combined\&. -.PP -The options which apply to the -\fBgpasswd\fR -command are: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser\fR -.RS 4 -Add the -\fIuser\fR -to the named -\fIgroup\fR\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser\fR -.RS 4 -Remove the -\fIuser\fR -from the named -\fIgroup\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-Q\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\-password\fR -.RS 4 -Remove the password from the named -\fIgroup\fR\&. The group password will be empty\&. Only group members will be allowed to use -\fBnewgrp\fR -to join the named -\fIgroup\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-restrict\fR -.RS 4 -Restrict the access to the named -\fIgroup\fR\&. The group password is set to "!"\&. Only group members with a password will be allowed to use -\fBnewgrp\fR -to join the named -\fIgroup\fR\&. -.RE -.PP -\fB\-A\fR, \fB\-\-administrators\fR\ \&\fIuser\fR,\&.\&.\&. -.RS 4 -Set the list of administrative users\&. -.RE -.PP -\fB\-M\fR, \fB\-\-members\fR\ \&\fIuser\fR,\&.\&.\&. -.RS 4 -Set the list of group members\&. -.RE -.SH "CAVEATS" -.PP -This tool only operates on the -/etc/groupand /etc/gshadow files\&. -Thus you cannot change any NIS or LDAP group\&. This must be performed on the corresponding server\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)\&. -.sp -It can take one of these values: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Note: this parameter overrides the -\fBMD5_CRYPT_ENAB\fR -variable\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to -\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to -\fIno\fR -if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is -\fIno\fR\&. -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -This variable is deprecated\&. You should use -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -When -\fBENCRYPT_METHOD\fR -is set to -\fISHA256\fR -or -\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. -.sp -With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&. -.sp -If not specified, the libc will choose the default number of rounds (5000)\&. -.sp -The values must be inside the 1000\-999,999,999 range\&. -.sp -If only one of the -\fBSHA_CRYPT_MIN_ROUNDS\fR -or -\fBSHA_CRYPT_MAX_ROUNDS\fR -values is set, then this value will be used\&. -.sp -If -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBnewgrp\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBgrpck\fR(8), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/man1/groups.1 b/man/man1/groups.1 deleted file mode 100644 index c49a29bf..00000000 --- a/man/man1/groups.1 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "GROUPS" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groups \- display current group names -.SH "SYNOPSIS" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIuser\fR] -.SH "DESCRIPTION" -.PP -The -\fBgroups\fR -command displays the current group names or ID values\&. If the value does not have a corresponding entry in -/etc/group, the value will be displayed as the numerical group value\&. The optional -\fIuser\fR -parameter will display the groups for the named -\fIuser\fR\&. -.SH "NOTE" -.PP -Systems which do not support concurrent group sets will have the information from -/etc/group -reported\&. The user must use -\fBnewgrp\fR -or -\fBsg\fR -to change his current real and effective group ID\&. -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/man1/id.1 b/man/man1/id.1 deleted file mode 100644 index e11afff8..00000000 --- a/man/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "ID" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -id \- display current user and group ID names -.SH "SYNOPSIS" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "DESCRIPTION" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/man1/login.1 b/man/man1/login.1 deleted file mode 100644 index 3acc9b14..00000000 --- a/man/man1/login.1 +++ /dev/null @@ -1,485 +0,0 @@ -'\" t -.\" Title: login -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "LOGIN" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -login \- begin session on the system -.SH "SYNOPSIS" -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIhost\fR] [\fIusername\fR] [\fIENV=VAR\fR...] -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIhost\fR] \-f \fIusername\fR -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] \-r\ \fIhost\fR -.SH "DESCRIPTION" -.PP -The -\fBlogin\fR -program is used to establish a new session with the system\&. It is normally invoked automatically by responding to the -\fIlogin:\fR -prompt on the user\*(Aqs terminal\&. -\fBlogin\fR -may be special to the shell and may not be invoked as a sub\-process\&. When called from a shell, -\fBlogin\fR -should be executed as -\fBexec login\fR -which will cause the user to exit from the current shell (and thus will prevent the new logged in user to return to the session of the caller)\&. Attempting to execute -\fBlogin\fR -from any shell but the login shell will produce an error message\&. -.PP -The user is then prompted for a password, where appropriate\&. Echoing is disabled to prevent revealing the password\&. Only a small number of password failures are permitted before -\fBlogin\fR -exits and the communications link is severed\&. -.PP -If password aging has been enabled for your account, you may be prompted for a new password before proceeding\&. You will be forced to provide your old password and the new password before continuing\&. Please refer to -\fBpasswd\fR(1) -for more information\&. -.PP -After a successful login, you will be informed of any system messages and the presence of mail\&. You may turn off the printing of the system message file, -/etc/motd, by creating a zero\-length file -\&.hushlogin -in your login directory\&. The mail message will be one of "\fIYou have new mail\&.\fR", "\fIYou have mail\&.\fR", or "\fINo Mail\&.\fR" according to the condition of your mailbox\&. -.PP -Your user and group ID will be set according to their values in the -/etc/passwd -file\&. The value for -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$PATH\fR, -\fB$LOGNAME\fR, and -\fB$MAIL\fR -are set according to the appropriate fields in the password entry\&. Ulimit, umask and nice values may also be set according to entries in the GECOS field\&. -.PP -On some installations, the environmental variable -\fB$TERM\fR -will be initialized to the terminal type on your tty line, as specified in -/etc/ttytype\&. -.PP -An initialization script for your command interpreter may also be executed\&. Please see the appropriate manual section for more information on this function\&. -.PP -A subsystem login is indicated by the presence of a "*" as the first character of the login shell\&. The given home directory will be used as the root of a new file system which the user is actually logged into\&. -.PP -The -\fBlogin\fR -program is NOT responsible for removing users from the utmp file\&. It is the responsibility of -\fBgetty\fR(8) -and -\fBinit\fR(8) -to clean up apparent ownership of a terminal session\&. If you use -\fBlogin\fR -from the shell prompt without -\fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&. -.SH "OPTIONS" -.PP -\fB\-f\fR -.RS 4 -Do not perform authentication, user is preauthenticated\&. -.sp -Note: In that case, -\fIusername\fR -is mandatory\&. -.RE -.PP -\fB\-h\fR -.RS 4 -Name of the remote host for this login\&. -.RE -.PP -\fB\-p\fR -.RS 4 -Preserve environment\&. -.RE -.PP -\fB\-r\fR -.RS 4 -Perform autologin protocol for rlogin\&. -.RE -.PP -The -\fB\-r\fR, -\fB\-h\fR -and -\fB\-f\fR -options are only used when -\fBlogin\fR -is invoked by root\&. -.SH "CAVEATS" -.PP -This version of -\fBlogin\fR -has many compilation options, only some of which may be in use at any particular site\&. -.PP -The location of files is subject to differences in system configuration\&. -.PP -The -\fBlogin\fR -program is NOT responsible for removing users from the utmp file\&. It is the responsibility of -\fBgetty\fR(8) -and -\fBinit\fR(8) -to clean up apparent ownership of a terminal session\&. If you use -\fBlogin\fR -from the shell prompt without -\fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&. -.PP -As with any program, -\fBlogin\fR\*(Aqs appearance can be faked\&. If non\-trusted users have physical access to a machine, an attacker could use this to obtain the password of the next person coming to sit in front of the machine\&. Under Linux, the SAK mechanism can be used by users to initiate a trusted path and prevent this kind of attack\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBCONSOLE\fR (string) -.RS 4 -If defined, either full pathname of a file containing device names (one per line) or a ":" delimited list of device names\&. Root logins will be allowed only upon these devices\&. -.sp -If not defined, root will be allowed on any device\&. -.sp -The device should be specified without the /dev/ prefix\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (string) -.RS 4 -List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&. - -Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&. -.RE -.PP -\fBDEFAULT_HOME\fR (boolean) -.RS 4 -Indicate if login is allowed if we can\*(Aqt cd to the home directory\&. Default is no\&. -.sp -If set to -\fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&. -.RE -.PP -\fBENV_HZ\fR (string) -.RS 4 -If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by -\fIHZ=\fR\&. A common value on Linux is -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (string) -.RS 4 -If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by -\fITZ=\fR -(for example -\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example -/etc/tzname)\&. -.sp -If a full path is specified but the file does not exist or cannot be read, the default is to use -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (string) -.RS 4 -If this file exists and is readable, login environment will be read from it\&. Every line should be in the form name=value\&. -.sp -Lines starting with a # are treated as comment lines and ignored\&. -.RE -.PP -\fBERASECHAR\fR (number) -.RS 4 -Terminal ERASE character (\fI010\fR -= backspace, -\fI0177\fR -= DEL)\&. -.sp -The value can be prefixed "0" for an octal value, or "0x" for an hexadecimal value\&. -.RE -.PP -\fBFAIL_DELAY\fR (number) -.RS 4 -Delay in seconds before being allowed another attempt after a login failure\&. -.RE -.PP -\fBFAILLOG_ENAB\fR (boolean) -.RS 4 -Enable logging and display of -/var/log/faillog -login failure info\&. -.RE -.PP -\fBFAKE_SHELL\fR (string) -.RS 4 -If set, -\fBlogin\fR -will execute this shell instead of the users\*(Aq shell specified in -/etc/passwd\&. -.RE -.PP -\fBFTMP_FILE\fR (string) -.RS 4 -If defined, login failures will be logged in this file in a utmp format\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (string) -.RS 4 -If defined, this file can inhibit all the usual chatter during the login sequence\&. If a full pathname is specified, then hushed mode will be enabled if the user\*(Aqs name or shell are found in the file\&. If not a full pathname, then hushed mode will be enabled if the file exists in the user\*(Aqs home directory\&. -.RE -.PP -\fBISSUE_FILE\fR (string) -.RS 4 -If defined, this file will be displayed before each login prompt\&. -.RE -.PP -\fBKILLCHAR\fR (number) -.RS 4 -Terminal KILL character (\fI025\fR -= CTRL/U)\&. -.sp -The value can be prefixed "0" for an octal value, or "0x" for an hexadecimal value\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (boolean) -.RS 4 -Enable logging and display of /var/log/lastlog login time info\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (number) -.RS 4 -Maximum number of login retries in case of bad password\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will not be translated\&. -.sp -If the string contains -\fI%s\fR, this will be replaced by the user\*(Aqs name\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (number) -.RS 4 -Max time in seconds for login\&. -.RE -.PP -\fBLOG_OK_LOGINS\fR (boolean) -.RS 4 -Enable logging of successful logins\&. -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (boolean) -.RS 4 -Enable display of unknown usernames when login failures are recorded\&. -.sp -Note: logging unknown usernames may be a security issue if an user enter her password instead of her login name\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolean) -.RS 4 -Enable checking and display of mailbox status upon login\&. -.sp -You should disable it if the shell startup files already check for mail ("mailx \-e" or equivalent)\&. -.RE -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBMOTD_FILE\fR (string) -.RS 4 -If defined, ":" delimited list of "message of the day" files to be displayed upon login\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (string) -.RS 4 -If defined, name of file whose presence will inhibit non\-root logins\&. The contents of this file should be a message indicating why logins are inhibited\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (boolean) -.RS 4 -Enable checking of time restrictions specified in -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (boolean) -.RS 4 -Enable setting of resource limits from -/etc/limits -and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. -.RE -.PP -\fBTTYGROUP\fR (string), \fBTTYPERM\fR (string) -.RS 4 -The terminal permissions: the login tty will be owned by the -\fBTTYGROUP\fR -group, and the permissions will be set to -\fBTTYPERM\fR\&. -.sp -By default, the ownership of the terminal is set to the user\*(Aqs primary group and the permissions are set to -\fI0600\fR\&. -.sp -\fBTTYGROUP\fR -can be either the name of a group or a numeric group identifier\&. -.sp -If you have a -\fBwrite\fR -program which is "setgid" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620\&. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (string) -.RS 4 -If defined, file which maps tty line to TERM environment parameter\&. Each line of the file is in a format something like "vt100 tty01"\&. -.RE -.PP -\fBULIMIT\fR (number) -.RS 4 -Default -\fBulimit\fR -value\&. -.RE -.PP -\fBUMASK\fR (number) -.RS 4 -The file mode creation mask is initialized to this value\&. If not specified, the mask will be initialized to 022\&. -.sp -\fBuseradd\fR -and -\fBnewusers\fR -use this mask to set the mode of the home directory they create -.sp -It is also used by -\fBlogin\fR -to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if -\fBQUOTAS_ENAB\fR -is set) or by the specification of a limit with the -\fIK\fR -identifier in -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&. -.sp -If set to -\fIyes\fR, -\fBuserdel\fR -will remove the user\*(Aqs group if it contains no more members, and -\fBuseradd\fR -will create by default a group with the name of the user\&. -.RE -.SH "FILES" -.PP -/var/run/utmp -.RS 4 -List of current login sessions\&. -.RE -.PP -/var/log/wtmp -.RS 4 -List of previous login sessions\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/motd -.RS 4 -System message of the day file\&. -.RE -.PP -/etc/nologin -.RS 4 -Prevent non\-root users from logging in\&. -.RE -.PP -/etc/ttytype -.RS 4 -List of terminal types\&. -.RE -.PP -$HOME/\&.hushlogin -.RS 4 -Suppress printing of system messages\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "SEE ALSO" -.PP -\fBmail\fR(1), -\fBpasswd\fR(1), -\fBsh\fR(1), -\fBsu\fR(1), -\fBlogin.defs\fR(5), -\fBnologin\fR(5), -\fBpasswd\fR(5), -\fBsecuretty\fR(5), -\fBgetty\fR(8)\&. diff --git a/man/man1/newgidmap.1 b/man/man1/newgidmap.1 deleted file mode 100644 index 91767b4a..00000000 --- a/man/man1/newgidmap.1 +++ /dev/null @@ -1,95 +0,0 @@ -'\" t -.\" Title: newgidmap -.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "NEWGIDMAP" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -newgidmap \- set the gid mapping of a user namespace -.SH "SYNOPSIS" -.HP \w'\fBnewgidmap\fR\ 'u -\fBnewgidmap\fR \fIpid\fR \fIgid\fR \fIlowergid\fR \fIcount\fR [\fIpid\fR\ \fIgid\fR\ \fIlowergid\fR\ \fIcount\fR\ [\ \fI\&.\&.\&.\fR\ ]] -.SH "DESCRIPTION" -.PP -The -\fBnewgidmap\fR -sets -/proc/[pid]/gid_map -based on it\*(Aqs command line arguments and the gids allowed in -/etc/subgid\&. -.PP -After the pid argument, -\fBnewgidmap\fR -expects sets of 3 integers: -.PP -gid -.RS 4 -Begining of the range of GIDs inside the user namespace\&. -.RE -.PP -lowergid -.RS 4 -Begining of the range of GIDs outside the user namespace\&. -.RE -.PP -count -.RS 4 -Length of the ranges (both inside and outside the user namespace)\&. -.RE -.PP -\fBnewgidmap\fR -verifies that the caller is the owner of the process indicated by -\fBpid\fR -and that for each of the above sets, each of the GIDs in the range [lowergid, lowergid+count] is allowed to the caller according to -/etc/subgid -before setting -/proc/[pid]/gid_map\&. -.PP -Note that newgidmap may be used only once for a given process\&. -.SH "OPTIONS" -.PP -There currently are no options to the -\fBnewgidmap\fR -command\&. -.SH "FILES" -.PP -/etc/subgid -.RS 4 -List of users subordinate group IDs\&. -.RE -.PP -/proc/[pid]/gid_map -.RS 4 -Mapping of gids from one between user namespaces\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubgid\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/man1/newgrp.1 b/man/man1/newgrp.1 deleted file mode 100644 index 9cce9dda..00000000 --- a/man/man1/newgrp.1 +++ /dev/null @@ -1,98 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "NEWGRP" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -newgrp \- log in to a new group -.SH "SYNOPSIS" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIgroup\fR] -.SH "DESCRIPTION" -.PP -The -\fBnewgrp\fR -command is used to change the current group ID during a login session\&. If the optional -\fB\-\fR -flag is given, the user\*(Aqs environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged\&. -.PP -\fBnewgrp\fR -changes the current real group ID to the named group, or to the default group listed in -/etc/passwd -if no group name is given\&. -\fBnewgrp\fR -also tries to add the group to the user groupset\&. If not root, the user will be prompted for a password if she does not have a password (in -/etc/shadow -if this user has an entry in the shadowed password file, or in -/etc/passwd -otherwise) and the group does, or if the user is not listed as a member and the group has a password\&. The user will be denied access if the group password is empty and the user is not listed as a member\&. -.PP -If there is an entry for this group in -/etc/gshadow, then the list of members and the password of this group will be taken from this file, otherwise, the entry in -/etc/group -is considered\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/man1/newuidmap.1 b/man/man1/newuidmap.1 deleted file mode 100644 index 780ddb86..00000000 --- a/man/man1/newuidmap.1 +++ /dev/null @@ -1,95 +0,0 @@ -'\" t -.\" Title: newuidmap -.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "NEWUIDMAP" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -newuidmap \- set the uid mapping of a user namespace -.SH "SYNOPSIS" -.HP \w'\fBnewuidmap\fR\ 'u -\fBnewuidmap\fR \fIpid\fR \fIuid\fR \fIloweruid\fR \fIcount\fR [\fIuid\fR\ \fIloweruid\fR\ \fIcount\fR\ [\ \fI\&.\&.\&.\fR\ ]] -.SH "DESCRIPTION" -.PP -The -\fBnewuidmap\fR -sets -/proc/[pid]/uid_map -based on it\*(Aqs command line arguments and the uids allowed in -/etc/subuid\&. -.PP -After the pid argument, -\fBnewuidmap\fR -expects sets of 3 integers: -.PP -uid -.RS 4 -Begining of the range of UIDs inside the user namespace\&. -.RE -.PP -loweruid -.RS 4 -Begining of the range of UIDs outside the user namespace\&. -.RE -.PP -count -.RS 4 -Length of the ranges (both inside and outside the user namespace)\&. -.RE -.PP -\fBnewuidmap\fR -verifies that the caller is the owner of the process indicated by -\fBpid\fR -and that for each of the above sets, each of the UIDs in the range [loweruid, loweruid+count] is allowed to the caller according to -/etc/subuid -before setting -/proc/[pid]/uid_map\&. -.PP -Note that newuidmap may be used only once for a given process\&. -.SH "OPTIONS" -.PP -There currently are no options to the -\fBnewuidmap\fR -command\&. -.SH "FILES" -.PP -/etc/subuid -.RS 4 -List of users subordinate user IDs\&. -.RE -.PP -/proc/[pid]/uid_map -.RS 4 -Mapping of uids from one between user namespaces\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubuid\fR(5), -\fBuseradd\fR(8), -\fBusermod\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/man1/passwd.1 b/man/man1/passwd.1 deleted file mode 100644 index 76a1a95f..00000000 --- a/man/man1/passwd.1 +++ /dev/null @@ -1,358 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "PASSWD" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -passwd \- change user password -.SH "SYNOPSIS" -.HP \w'\fBpasswd\fR\ 'u -\fBpasswd\fR [\fIoptions\fR] [\fILOGIN\fR] -.SH "DESCRIPTION" -.PP -The -\fBpasswd\fR -command changes passwords for user accounts\&. A normal user may only change the password for his/her own account, while the superuser may change the password for any account\&. -\fBpasswd\fR -also changes the account or associated password validity period\&. -.SS "Password Changes" -.PP -The user is first prompted for his/her old password, if one is present\&. This password is then encrypted and compared against the stored password\&. The user has only one chance to enter the correct password\&. The superuser is permitted to bypass this step so that forgotten passwords may be changed\&. -.PP -After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time\&. If not, -\fBpasswd\fR -refuses to change the password and exits\&. -.PP -The user is then prompted twice for a replacement password\&. The second entry is compared against the first and both are required to match in order for the password to be changed\&. -.PP -Then, the password is tested for complexity\&. As a general guideline, passwords should consist of 6 to 8 characters including one or more characters from each of the following sets: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -lower case alphabetics -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -digits 0 thru 9 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -punctuation marks -.RE -.PP -Care must be taken not to include the system default erase or kill characters\&. -\fBpasswd\fR -will reject any password which is not suitably complex\&. -.SS "Hints for user passwords" -.PP -The security of a password depends upon the strength of the encryption algorithm and the size of the key space\&. The legacy -\fIUNIX\fR -System encryption method is based on the NBS DES algorithm\&. More recent methods are now recommended (see -\fBENCRYPT_METHOD\fR)\&. The size of the key space depends upon the randomness of the password which is selected\&. -.PP -Compromises in password security normally result from careless password selection or handling\&. For this reason, you should not select a password which appears in a dictionary or which must be written down\&. The password should also not be a proper name, your license number, birth date, or street address\&. Any of these may be used as guesses to violate system security\&. -.PP -You can find advices on how to choose a strong password on http://en\&.wikipedia\&.org/wiki/Password_strength -.SH "OPTIONS" -.PP -The options which apply to the -\fBpasswd\fR -command are: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -This option can be used only with -\fB\-S\fR -and causes show status for all users\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR -.RS 4 -Delete a user\*(Aqs password (make it empty)\&. This is a quick way to disable a password for an account\&. It will set the named account passwordless\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expire\fR -.RS 4 -Immediately expire an account\*(Aqs password\&. This in effect can force a user to change his/her password at the user\*(Aqs next login\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -This option is used to disable an account after the password has been expired for a number of days\&. After a user account has had an expired password for -\fIINACTIVE\fR -days, the user may no longer sign on to the account\&. -.RE -.PP -\fB\-k\fR, \fB\-\-keep\-tokens\fR -.RS 4 -Indicate password change should be performed only for expired authentication tokens (passwords)\&. The user wishes to keep their non\-expired tokens as before\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\fR -.RS 4 -Lock the password of the named account\&. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a \(aa!\(aa at the beginning of the password)\&. -.sp -Note that this does not disable the account\&. The user may still be able to login using another authentication token (e\&.g\&. an SSH key)\&. To disable the account, administrators should use -\fBusermod \-\-expiredate 1\fR -(this set the account\*(Aqs expire date to Jan 2, 1970)\&. -.sp -Users with a locked password are not allowed to change their password\&. -.RE -.PP -\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR -.RS 4 -Set the minimum number of days between password changes to -\fIMIN_DAYS\fR\&. A value of zero for this field indicates that the user may change his/her password at any time\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Quiet mode\&. -.RE -.PP -\fB\-r\fR, \fB\-\-repository\fR\ \&\fIREPOSITORY\fR -.RS 4 -change password in -\fIREPOSITORY\fR -repository -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-S\fR, \fB\-\-status\fR -.RS 4 -Display account status information\&. The status information consists of 7 fields\&. The first field is the user\*(Aqs login name\&. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P)\&. The third field gives the date of the last password change\&. The next four fields are the minimum age, maximum age, warning period, and inactivity period for the password\&. These ages are expressed in days\&. -.RE -.PP -\fB\-u\fR, \fB\-\-unlock\fR -.RS 4 -Unlock the password of the named account\&. This option re\-enables a password by changing the password back to its previous value (to the value before using the -\fB\-l\fR -option)\&. -.RE -.PP -\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR -.RS 4 -Set the number of days of warning before a password change is required\&. The -\fIWARN_DAYS\fR -option is the number of days prior to the password expiring that a user will be warned that his/her password is about to expire\&. -.RE -.PP -\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR -.RS 4 -Set the maximum number of days a password remains valid\&. After -\fIMAX_DAYS\fR, the password is required to be changed\&. -.RE -.SH "CAVEATS" -.PP -Password complexity checking may vary from site to site\&. The user is urged to select a password as complex as he or she feels comfortable with\&. -.PP -Users may not be able to change their password on a system if NIS is enabled and they are not logged into the NIS server\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)\&. -.sp -It can take one of these values: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Note: this parameter overrides the -\fBMD5_CRYPT_ENAB\fR -variable\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to -\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to -\fIno\fR -if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is -\fIno\fR\&. -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -This variable is deprecated\&. You should use -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (boolean) -.RS 4 -Enable additional checks upon password changes\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (boolean) -.RS 4 -Warn about weak passwords (but still allow them) if you are root\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (number) -.RS 4 -Maximum number of attempts to change password if rejected (too easy)\&. -.RE -.PP -\fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) -.RS 4 -Number of significant characters in the password for crypt()\&. -\fBPASS_MAX_LEN\fR -is 8 by default\&. Don\*(Aqt change unless your crypt() is better\&. This is ignored if -\fBMD5_CRYPT_ENAB\fR -set to -\fIyes\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -When -\fBENCRYPT_METHOD\fR -is set to -\fISHA256\fR -or -\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. -.sp -With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&. -.sp -If not specified, the libc will choose the default number of rounds (5000)\&. -.sp -The values must be inside the 1000\-999,999,999 range\&. -.sp -If only one of the -\fBSHA_CRYPT_MIN_ROUNDS\fR -or -\fBSHA_CRYPT_MAX_ROUNDS\fR -values is set, then this value will be used\&. -.sp -If -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "EXIT VALUES" -.PP -The -\fBpasswd\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI1\fR -.RS 4 -permission denied -.RE -.PP -\fI2\fR -.RS 4 -invalid combination of options -.RE -.PP -\fI3\fR -.RS 4 -unexpected failure, nothing done -.RE -.PP -\fI4\fR -.RS 4 -unexpected failure, -passwd -file missing -.RE -.PP -\fI5\fR -.RS 4 -passwd -file busy, try again -.RE -.PP -\fI6\fR -.RS 4 -invalid argument to option -.RE -.SH "SEE ALSO" -.PP -\fBchpasswd\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBlogin.defs\fR(5),\fBusermod\fR(8)\&. diff --git a/man/man1/sg.1 b/man/man1/sg.1 deleted file mode 100644 index c05eb57d..00000000 --- a/man/man1/sg.1 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "SG" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -sg \- execute command as different group ID -.SH "SYNOPSIS" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [group\ [\-c\ ]\ command] -.SH "DESCRIPTION" -.PP -The -\fBsg\fR -command works similar to -\fBnewgrp\fR -but accepts a command\&. The command will be executed with the -/bin/sh -shell\&. With most shells you may run -\fBsg\fR -from, you need to enclose multi\-word commands in quotes\&. Another difference between -\fBnewgrp\fR -and -\fBsg\fR -is that some shells treat -\fBnewgrp\fR -specially, replacing themselves with a new instance of a shell that -\fBnewgrp\fR -creates\&. This doesn\*(Aqt happen with -\fBsg\fR, so upon exit from a -\fBsg\fR -command you are returned to your previous group ID\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/man1/su.1 b/man/man1/su.1 deleted file mode 100644 index ed4d27e6..00000000 --- a/man/man1/su.1 +++ /dev/null @@ -1,450 +0,0 @@ -'\" t -.\" Title: su -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: User Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "SU" "1" "05/09/2014" "shadow\-utils 4\&.2\&.1" "User Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -su \- change user ID or become superuser -.SH "SYNOPSIS" -.HP \w'\fBsu\fR\ 'u -\fBsu\fR [\fIoptions\fR] [\fIusername\fR] -.SH "DESCRIPTION" -.PP -The -\fBsu\fR -command is used to become another user during a login session\&. Invoked without a -\fBusername\fR, -\fBsu\fR -defaults to becoming the superuser\&. The optional argument -\fB\-\fR -may be used to provide an environment similar to what the user would expect had the user logged in directly\&. -.PP -Additional arguments may be provided after the username, in which case they are supplied to the user\*(Aqs login shell\&. In particular, an argument of -\fB\-c\fR -will cause the next argument to be treated as a command by most command interpreters\&. The command will be executed by the shell specified in -/etc/passwd -for the target user\&. -.PP -You can use the -\fB\-\-\fR -argument to separate -\fBsu\fR -options from the arguments supplied to the shell\&. -.PP -The user will be prompted for a password, if appropriate\&. Invalid passwords will produce an error message\&. All attempts, both valid and invalid, are logged to detect abuse of the system\&. -.PP -The current environment is passed to the new shell\&. The value of -\fB$PATH\fR -is reset to -/bin:/usr/bin -for normal users, or -/sbin:/bin:/usr/sbin:/usr/bin -for the superuser\&. This may be changed with the -\fBENV_PATH\fR -and -\fBENV_SUPATH\fR -definitions in -/etc/login\&.defs\&. -.PP -A subsystem login is indicated by the presence of a "*" as the first character of the login shell\&. The given home directory will be used as the root of a new file system which the user is actually logged into\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBsu\fR -command are: -.PP -\fB\-c\fR, \fB\-\-command\fR\ \&\fICOMMAND\fR -.RS 4 -Specify a command that will be invoked by the shell using its -\fB\-c\fR\&. -.sp -The executed command will have no controlling terminal\&. This option cannot be used to execute interactive programs which need a controlling TTY\&. -.RE -.PP -\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR -.RS 4 -Provide an environment similar to what the user would expect had the user logged in directly\&. -.sp -When -\fB\-\fR -is used, it must be specified before any -\fBusername\fR\&. For portability it is recommended to use it as last option, before any -\fBusername\fR\&. The other forms (\fB\-l\fR -and -\fB\-\-login\fR) do not have this restriction\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -The shell that will be invoked\&. -.sp -The invoked shell is chosen from (highest priority first): -.PP -.RS 4 -The shell specified with \-\-shell\&. -.RE -.PP -.RS 4 -If -\fB\-\-preserve\-environment\fR -is used, the shell specified by the -\fB$SHELL\fR -environment variable\&. -.RE -.PP -.RS 4 -The shell indicated in the -/etc/passwd -entry for the target user\&. -.RE -.PP -.RS 4 -/bin/sh -if a shell could not be found by any above method\&. -.RE -.sp -If the target user has a restricted shell (i\&.e\&. the shell field of this user\*(Aqs entry in -/etc/passwd -is not listed in -/etc/shells), then the -\fB\-\-shell\fR -option or the -\fB$SHELL\fR -environment variable won\*(Aqt be taken into account, unless -\fBsu\fR -is called by root\&. -.RE -.PP -\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR -.RS 4 -Preserve the current environment, except for: -.PP -\fB$PATH\fR -.RS 4 -reset according to the -/etc/login\&.defs -options -\fBENV_PATH\fR -or -\fBENV_SUPATH\fR -(see below); -.RE -.PP -\fB$IFS\fR -.RS 4 -reset to -\(lq\(rq, if it was set\&. -.RE -.sp -If the target user has a restricted shell, this option has no effect (unless -\fBsu\fR -is called by root)\&. -.sp -Note that the default behavior for the environment is the following: -.PP -.RS 4 -The -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$USER\fR, -\fB$LOGNAME\fR, -\fB$PATH\fR, and -\fB$IFS\fR -environment variables are reset\&. -.RE -.PP -.RS 4 -If -\fB\-\-login\fR -is not used, the environment is copied, except for the variables above\&. -.RE -.PP -.RS 4 -If -\fB\-\-login\fR -is used, the -\fB$TERM\fR, -\fB$COLORTERM\fR, -\fB$DISPLAY\fR, and -\fB$XAUTHORITY\fR -environment variables are copied if they were set\&. -.RE -.PP -.RS 4 -If -\fB\-\-login\fR -is used, the -\fB$TZ\fR, -\fB$HZ\fR, and -\fB$MAIL\fR -environment variables are set according to the -/etc/login\&.defs -options -\fBENV_TZ\fR, -\fBENV_HZ\fR, -\fBMAIL_DIR\fR, and -\fBMAIL_FILE\fR -(see below)\&. -.RE -.PP -.RS 4 -If -\fB\-\-login\fR -is used, other environment variables might be set by the -\fBENVIRON_FILE\fR -file (see below)\&. -.RE -.sp -.RE -.SH "CAVEATS" -.PP -This version of -\fBsu\fR -has many compilation options, only some of which may be in use at any particular site\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBCONSOLE\fR (string) -.RS 4 -If defined, either full pathname of a file containing device names (one per line) or a ":" delimited list of device names\&. Root logins will be allowed only upon these devices\&. -.sp -If not defined, root will be allowed on any device\&. -.sp -The device should be specified without the /dev/ prefix\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (string) -.RS 4 -List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&. - -Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&. -.RE -.PP -\fBDEFAULT_HOME\fR (boolean) -.RS 4 -Indicate if login is allowed if we can\*(Aqt cd to the home directory\&. Default is no\&. -.sp -If set to -\fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&. -.RE -.PP -\fBENV_HZ\fR (string) -.RS 4 -If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by -\fIHZ=\fR\&. A common value on Linux is -\fIHZ=100\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (string) -.RS 4 -If this file exists and is readable, login environment will be read from it\&. Every line should be in the form name=value\&. -.sp -Lines starting with a # are treated as comment lines and ignored\&. -.RE -.PP -\fBENV_PATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (string) -.RS 4 -If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by -\fITZ=\fR -(for example -\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example -/etc/tzname)\&. -.sp -If a full path is specified but the file does not exist or cannot be read, the default is to use -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will not be translated\&. -.sp -If the string contains -\fI%s\fR, this will be replaced by the user\*(Aqs name\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolean) -.RS 4 -Enable checking and display of mailbox status upon login\&. -.sp -You should disable it if the shell startup files already check for mail ("mailx \-e" or equivalent)\&. -.RE -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBQUOTAS_ENAB\fR (boolean) -.RS 4 -Enable setting of resource limits from -/etc/limits -and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. -.RE -.PP -\fBSULOG_FILE\fR (string) -.RS 4 -If defined, all su activity is logged to this file\&. -.RE -.PP -\fBSU_NAME\fR (string) -.RS 4 -If defined, the command name to display when running "su \-"\&. For example, if this is defined as "su" then a "ps" will display the command is "\-su"\&. If not defined, then "ps" would display the name of the shell actually being run, e\&.g\&. something like "\-sh"\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (boolean) -.RS 4 -If -\fIyes\fR, the user must be listed as a member of the first gid 0 group in -/etc/group -(called -\fIroot\fR -on most Linux systems) to be able to -\fBsu\fR -to uid 0 accounts\&. If the group doesn\*(Aqt exist or is empty, no one will be able to -\fBsu\fR -to uid 0\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsu\fR -activity \- in addition to sulog file logging\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&. -.sp -If set to -\fIyes\fR, -\fBuserdel\fR -will remove the user\*(Aqs group if it contains no more members, and -\fBuseradd\fR -will create by default a group with the name of the user\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "EXIT VALUES" -.PP -On success, -\fBsu\fR -returns the exit value of the command it executed\&. -.PP -If this command was terminated by a signal, -\fBsu\fR -returns the number of this signal plus 128\&. -.PP -If su has to kill the command (because it was asked to terminate, and the command did not terminate in time), -\fBsu\fR -returns 255\&. -.PP -Some exit values from -\fBsu\fR -are independent from the executed command: -.PP -\fI0\fR -.RS 4 -success (\fB\-\-help\fR -only) -.RE -.PP -\fI1\fR -.RS 4 -System or authentication failure -.RE -.PP -\fI126\fR -.RS 4 -The requested command was not found -.RE -.PP -\fI127\fR -.RS 4 -The requested command could not be executed -.RE -.SH "SEE ALSO" -.PP -\fBlogin\fR(1), -\fBlogin.defs\fR(5), -\fBsg\fR(1), -\fBsh\fR(1)\&. diff --git a/man/man3/getspnam.3 b/man/man3/getspnam.3 deleted file mode 100644 index cd473da3..00000000 --- a/man/man3/getspnam.3 +++ /dev/null @@ -1 +0,0 @@ -.so man3/shadow.3 diff --git a/man/man3/shadow.3 b/man/man3/shadow.3 deleted file mode 100644 index e28f4284..00000000 --- a/man/man3/shadow.3 +++ /dev/null @@ -1,239 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Library Calls -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "SHADOW" "3" "05/09/2014" "shadow\-utils 4\&.2\&.1" "Library Calls" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -shadow, getspnam \- encrypted password file routines -.SH "SYNTAX" -.PP -\fI#include \fR -.PP -\fIstruct spwd *getspent();\fR -.PP -\fIstruct spwd *getspnam(char\fR\fI*name\fR\fI);\fR -.PP -\fIvoid setspent();\fR -.PP -\fIvoid endspent();\fR -.PP -\fIstruct spwd *fgetspent(FILE\fR\fI*fp\fR\fI);\fR -.PP -\fIstruct spwd *sgetspent(char\fR\fI*cp\fR\fI);\fR -.PP -\fIint putspent(struct spwd\fR\fI*p,\fR\fIFILE\fR\fI*fp\fR\fI);\fR -.PP -\fIint lckpwdf();\fR -.PP -\fIint ulckpwdf();\fR -.SH "DESCRIPTION" -.PP -\fIshadow\fR -manipulates the contents of the shadow password file, -/etc/shadow\&. The structure in the -\fI#include\fR -file is: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct spwd { - char *sp_namp; /* user login name */ - char *sp_pwdp; /* encrypted password */ - long int sp_lstchg; /* last password change */ - long int sp_min; /* days until change allowed\&. */ - long int sp_max; /* days before change required */ - long int sp_warn; /* days warning for expiration */ - long int sp_inact; /* days before account inactive */ - long int sp_expire; /* date when account expires */ - unsigned long int sp_flag; /* reserved for future use */ -} - -.fi -.if n \{\ -.RE -.\} -.PP -The meanings of each field are: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_namp \- pointer to null\-terminated user name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_pwdp \- pointer to null\-terminated password -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_lstchg \- days since Jan 1, 1970 password was last changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_min \- days before which password may not be changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_max \- days after which password must be changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_warn \- days before password is to expire that user is warned of pending password expiration -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_inact \- days after password expires that account is considered inactive and disabled -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_expire \- days since Jan 1, 1970 when account will be disabled -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_flag \- reserved for future use -.RE -.SH "DESCRIPTION" -.PP -\fIgetspent\fR, -\fIgetspname\fR, -\fIfgetspent\fR, and -\fIsgetspent\fR -each return a pointer to a -\fIstruct spwd\fR\&. -\fIgetspent\fR -returns the next entry from the file, and -\fIfgetspent\fR -returns the next entry from the given stream, which is assumed to be a file of the proper format\&. -\fIsgetspent\fR -returns a pointer to a -\fIstruct spwd\fR -using the provided string as input\&. -\fIgetspnam\fR -searches from the current position in the file for an entry matching -\fIname\fR\&. -.PP -\fIsetspent\fR -and -\fIendspent\fR -may be used to begin and end, respectively, access to the shadow password file\&. -.PP -The -\fIlckpwdf\fR -and -\fIulckpwdf\fR -routines should be used to insure exclusive access to the -/etc/shadow -file\&. -\fIlckpwdf\fR -attempts to acquire a lock using -\fIpw_lock\fR -for up to 15 seconds\&. It continues by attempting to acquire a second lock using -\fIspw_lock\fR -for the remainder of the initial 15 seconds\&. Should either attempt fail after a total of 15 seconds, -\fIlckpwdf\fR -returns \-1\&. When both locks are acquired 0 is returned\&. -.SH "DIAGNOSTICS" -.PP -Routines return NULL if no more entries are available or if an error occurs during processing\&. Routines which have -\fIint\fR -as the return value return 0 for success and \-1 for failure\&. -.SH "CAVEATS" -.PP -These routines may only be used by the superuser as access to the shadow password file is restricted\&. -.SH "FILES" -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBgetpwent\fR(3), -\fBshadow\fR(5)\&. diff --git a/man/man5/faillog.5 b/man/man5/faillog.5 deleted file mode 100644 index 9a7c8861..00000000 --- a/man/man5/faillog.5 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "FAILLOG" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -faillog \- login failure logging file -.SH "DESCRIPTION" -.PP -/var/log/faillog -maintains a count of login failures and the limits for each account\&. -.PP -The file contains fixed length records, indexed by numerical UID\&. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on which the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure\&. -.PP -The structure of the file is: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct faillog { - short fail_cnt; - short fail_max; - char fail_line[12]; - time_t fail_time; - long fail_locktime; -}; -.fi -.if n \{\ -.RE -.\} -.SH "FILES" -.PP -/var/log/faillog -.RS 4 -Failure logging file\&. -.RE -.SH "SEE ALSO" -.PP -\fBfaillog\fR(8) diff --git a/man/man5/gshadow.5 b/man/man5/gshadow.5 deleted file mode 100644 index 1681d344..00000000 --- a/man/man5/gshadow.5 +++ /dev/null @@ -1,101 +0,0 @@ -'\" t -.\" Title: gshadow -.\" Author: Nicolas FranƧois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "GSHADOW" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -gshadow \- shadowed group file -.SH "DESCRIPTION" -.PP -/etc/gshadow -contains the shadowed information for group accounts\&. -.PP -This file must not be readable by regular users if password security is to be maintained\&. -.PP -Each line of this file contains the following colon\-separated fields: -.PP -\fBgroup name\fR -.RS 4 -It must be a valid group name, which exist on the system\&. -.RE -.PP -\fBencrypted password\fR -.RS 4 -Refer to -\fBcrypt\fR(3) -for details on how this string is interpreted\&. -.sp -If the password field contains some string that is not a valid result of -\fBcrypt\fR(3), for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password)\&. -.sp -The password is used when an user who is not a member of the group wants to gain the permissions of this group (see -\fBnewgrp\fR(1))\&. -.sp -This field may be empty, in which case only the group members can gain the group permissions\&. -.sp -A password field which starts with a exclamation mark means that the password is locked\&. The remaining characters on the line represent the password field before the password was locked\&. -.sp -This password supersedes any password specified in -/etc/group\&. -.RE -.PP -\fBadministrators\fR -.RS 4 -It must be a comma\-separated list of user names\&. -.sp -Administrators can change the password or the members of the group\&. -.sp -Administrators also have the same permissions as the members (see below)\&. -.RE -.PP -\fBmembers\fR -.RS 4 -It must be a comma\-separated list of user names\&. -.sp -Members can access the group without being prompted for a password\&. -.sp -You should use the same list of users as in -/etc/group\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBgpasswd\fR(5), -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBgrpconv\fR(8), -\fBnewgrp\fR(1)\&. diff --git a/man/man5/limits.5 b/man/man5/limits.5 deleted file mode 100644 index 6b19ee4d..00000000 --- a/man/man5/limits.5 +++ /dev/null @@ -1,274 +0,0 @@ -'\" t -.\" Title: limits -.\" Author: Luca Berra -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "LIMITS" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -limits \- resource limits definition -.SH "DESCRIPTION" -.PP -The -\fIlimits\fR -file (/etc/limits -by default or LIMITS_FILE defined -config\&.h) describes the resource limits you wish to impose\&. It should be owned by root and readable by root account only\&. -.PP -By default no quota is imposed on \*(Aqroot\*(Aq\&. In fact, there is no way to impose limits via this procedure to root\-equiv accounts (accounts with UID 0)\&. -.PP -Each line describes a limit for a user in the form: -.PP -\fIuser LIMITS_STRING\fR -.PP -or in the form: -.PP -\fI@group LIMITS_STRING\fR -.PP -The -\fILIMITS_STRING\fR -is a string of a concatenated list of resource limits\&. Each limit consists of a letter identifier followed by a numerical limit\&. -.PP -The valid identifiers are: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -A: max address space (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -C: max core file size (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -D: max data size (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -F: maximum filesize (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -K: file creation mask, set by -\fBumask\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -I: max nice value (0\&.\&.39 which translates to 20\&.\&.\-19) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -L: max number of logins for this user -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -M: max locked\-in\-memory address space (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -N: max number of open files -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -O: max real time priority -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -P: process priority, set by -\fBsetpriority\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -R: max resident set size (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -S: max stack size (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -T: max CPU time (MIN) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -U: max number of processes -.RE -.PP -For example, -\fIL2D2048N5\fR -is a valid -\fILIMITS_STRING\fR\&. For reading convenience, the following entries are equivalent: -.sp -.if n \{\ -.RS 4 -.\} -.nf - username L2D2048N5 - username L2 D2048 N5 - -.fi -.if n \{\ -.RE -.\} -.PP -Be aware that after -\fIusername\fR -the rest of the line is considered a limit string, thus comments are not allowed\&. A invalid limits string will be rejected (not considered) by the -\fBlogin\fR -program\&. -.PP -The default entry is denoted by username "\fI*\fR"\&. If you have multiple -\fIdefault\fR -entries in your -\fILIMITS_FILE\fR, then the last one will be used as the default entry\&. -.PP -The limits specified in the form "\fI@group\fR" apply to the members of the specified -\fIgroup\fR\&. -.PP -If more than one line with limits for an user exist, only the first line for this user will be considered\&. -.PP -If no lines are specified for an user, the last -\fI@group\fR -line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user\&. -.PP -To completely disable limits for a user, a single dash "\fI\-\fR" will do\&. -.PP -To disable a limit for a user, a single dash "\fI\-\fR" can be used instead of the numerical value for this limit\&. -.PP -Also, please note that all limit settings are set PER LOGIN\&. They are not global, nor are they permanent\&. Perhaps global limits will come, but for now this will have to do ;) -.SH "FILES" -.PP -/etc/limits -.RS 4 -.RE -.SH "SEE ALSO" -.PP -\fBlogin\fR(1), -\fBsetpriority\fR(2), -\fBsetrlimit\fR(2)\&. diff --git a/man/man5/login.access.5 b/man/man5/login.access.5 deleted file mode 100644 index 0dd73ed7..00000000 --- a/man/man5/login.access.5 +++ /dev/null @@ -1,67 +0,0 @@ -'\" t -.\" Title: login.access -.\" Author: Marek Michałkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "LOGIN\&.ACCESS" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -login.access \- login access control table -.SH "DESCRIPTION" -.PP -The -\fIlogin\&.access\fR -file specifies (user, host) combinations and/or (user, tty) combinations for which a login will be either accepted or refused\&. -.PP -When someone logs in, the -\fIlogin\&.access\fR -is scanned for the first entry that matches the (user, host) combination, or, in case of non\-networked logins, the first entry that matches the (user, tty) combination\&. The permissions field of that table entry determines whether the login will be accepted or refused\&. -.PP -Each line of the login access control table has three fields separated by a ":" character: -.PP -\fIpermission\fR:\fIusers\fR:\fIorigins\fR -.PP -The first field should be a "\fI+\fR" (access granted) or "\fI\-\fR" (access denied) character\&. The second field should be a list of one or more login names, group names, or -\fIALL\fR -(always matches)\&. The third field should be a list of one or more tty names (for non\-networked logins), host names, domain names (begin with "\&."), host addresses, internet network numbers (end with "\&."), -\fIALL\fR -(always matches) or -\fILOCAL\fR -(matches any string that does not contain a "\&." character)\&. If you run NIS you can use @netgroupname in host or user patterns\&. -.PP -The -\fIEXCEPT\fR -operator makes it possible to write very compact rules\&. -.PP -The group file is searched only when a name does not match that of the logged\-in user\&. Only groups are matched in which users are explicitly listed: the program does not look at a user\*(Aqs primary group id value\&. -.SH "FILES" -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin\fR(1)\&. diff --git a/man/man5/login.defs.5 b/man/man5/login.defs.5 deleted file mode 100644 index 5e8f3480..00000000 --- a/man/man5/login.defs.5 +++ /dev/null @@ -1,825 +0,0 @@ -'\" t -.\" Title: login.defs -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "LOGIN\&.DEFS" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -login.defs \- shadow password suite configuration -.SH "DESCRIPTION" -.PP -The -/etc/login\&.defs -file defines the site\-specific configuration for the shadow password suite\&. This file is required\&. Absence of this file will not prevent system operation, but will probably result in undesirable operation\&. -.PP -This file is a readable text file, each line of the file describing one configuration parameter\&. The lines consist of a configuration name and value, separated by whitespace\&. Blank lines and comment lines are ignored\&. Comments are introduced with a "#" pound sign and the pound sign must be the first non\-white character of the line\&. -.PP -Parameter values may be of four types: strings, booleans, numbers, and long numbers\&. A string is comprised of any printable characters\&. A boolean should be either the value -\fIyes\fR -or -\fIno\fR\&. An undefined boolean parameter or one with a value other than these will be given a -\fIno\fR -value\&. Numbers (both regular and long) may be either decimal values, octal values (precede the value with -\fI0\fR) or hexadecimal values (precede the value with -\fI0x\fR)\&. The maximum value of the regular and long numeric parameters is machine\-dependent\&. -.PP -The following configuration items are provided: -.PP -\fBCHFN_AUTH\fR (boolean) -.RS 4 -If -\fIyes\fR, the -\fBchfn\fR -program will require authentication before making any changes, unless run by the superuser\&. -.RE -.PP -\fBCHFN_RESTRICT\fR (string) -.RS 4 -This parameter specifies which values in the -\fIgecos\fR -field of the -/etc/passwd -file may be changed by regular users using the -\fBchfn\fR -program\&. It can be any combination of letters -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR, for Full name, Room number, Work phone, and Home phone, respectively\&. For backward compatibility, -\fIyes\fR -is equivalent to -\fIrwh\fR -and -\fIno\fR -is equivalent to -\fIfrwh\fR\&. If not specified, only the superuser can make any changes\&. The most restrictive setting is better achieved by not installing -\fBchfn\fR -SUID\&. -.RE -.PP -\fBCHSH_AUTH\fR (boolean) -.RS 4 -If -\fIyes\fR, the -\fBchsh\fR -program will require authentication before making any changes, unless run by the superuser\&. -.RE -.PP -\fBCONSOLE\fR (string) -.RS 4 -If defined, either full pathname of a file containing device names (one per line) or a ":" delimited list of device names\&. Root logins will be allowed only upon these devices\&. -.sp -If not defined, root will be allowed on any device\&. -.sp -The device should be specified without the /dev/ prefix\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (string) -.RS 4 -List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&. - -Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&. -.RE -.PP -\fBCREATE_HOME\fR (boolean) -.RS 4 -Indicate if a home directory should be created by default for new users\&. -.sp -This setting does not apply to system users, and can be overridden on the command line\&. -.RE -.PP -\fBDEFAULT_HOME\fR (boolean) -.RS 4 -Indicate if login is allowed if we can\*(Aqt cd to the home directory\&. Default is no\&. -.sp -If set to -\fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&. -.RE -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)\&. -.sp -It can take one of these values: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Note: this parameter overrides the -\fBMD5_CRYPT_ENAB\fR -variable\&. -.RE -.PP -\fBENV_HZ\fR (string) -.RS 4 -If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by -\fIHZ=\fR\&. A common value on Linux is -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (string) -.RS 4 -If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by -\fITZ=\fR -(for example -\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example -/etc/tzname)\&. -.sp -If a full path is specified but the file does not exist or cannot be read, the default is to use -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (string) -.RS 4 -If this file exists and is readable, login environment will be read from it\&. Every line should be in the form name=value\&. -.sp -Lines starting with a # are treated as comment lines and ignored\&. -.RE -.PP -\fBERASECHAR\fR (number) -.RS 4 -Terminal ERASE character (\fI010\fR -= backspace, -\fI0177\fR -= DEL)\&. -.sp -The value can be prefixed "0" for an octal value, or "0x" for an hexadecimal value\&. -.RE -.PP -\fBFAIL_DELAY\fR (number) -.RS 4 -Delay in seconds before being allowed another attempt after a login failure\&. -.RE -.PP -\fBFAILLOG_ENAB\fR (boolean) -.RS 4 -Enable logging and display of -/var/log/faillog -login failure info\&. -.RE -.PP -\fBFAKE_SHELL\fR (string) -.RS 4 -If set, -\fBlogin\fR -will execute this shell instead of the users\*(Aq shell specified in -/etc/passwd\&. -.RE -.PP -\fBFTMP_FILE\fR (string) -.RS 4 -If defined, login failures will be logged in this file in a utmp format\&. -.RE -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of regular groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBGID_MIN\fR -(resp\&. -\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (string) -.RS 4 -If defined, this file can inhibit all the usual chatter during the login sequence\&. If a full pathname is specified, then hushed mode will be enabled if the user\*(Aqs name or shell are found in the file\&. If not a full pathname, then hushed mode will be enabled if the file exists in the user\*(Aqs home directory\&. -.RE -.PP -\fBISSUE_FILE\fR (string) -.RS 4 -If defined, this file will be displayed before each login prompt\&. -.RE -.PP -\fBKILLCHAR\fR (number) -.RS 4 -Terminal KILL character (\fI025\fR -= CTRL/U)\&. -.sp -The value can be prefixed "0" for an octal value, or "0x" for an hexadecimal value\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (boolean) -.RS 4 -Enable logging and display of /var/log/lastlog login time info\&. -.RE -.PP -\fBLOG_OK_LOGINS\fR (boolean) -.RS 4 -Enable logging of successful logins\&. -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (boolean) -.RS 4 -Enable display of unknown usernames when login failures are recorded\&. -.sp -Note: logging unknown usernames may be a security issue if an user enter her password instead of her login name\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (number) -.RS 4 -Maximum number of login retries in case of bad password\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will not be translated\&. -.sp -If the string contains -\fI%s\fR, this will be replaced by the user\*(Aqs name\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (number) -.RS 4 -Max time in seconds for login\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolean) -.RS 4 -Enable checking and display of mailbox status upon login\&. -.sp -You should disable it if the shell startup files already check for mail ("mailx \-e" or equivalent)\&. -.RE -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to -\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to -\fIno\fR -if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is -\fIno\fR\&. -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -This variable is deprecated\&. You should use -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBMOTD_FILE\fR (string) -.RS 4 -If defined, ":" delimited list of "message of the day" files to be displayed upon login\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (string) -.RS 4 -If defined, name of file whose presence will inhibit non\-root logins\&. The contents of this file should be a message indicating why logins are inhibited\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (boolean) -.RS 4 -Enable additional checks upon password changes\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (boolean) -.RS 4 -Warn about weak passwords (but still allow them) if you are root\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (number) -.RS 4 -Maximum number of attempts to change password if rejected (too easy)\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -The maximum number of days a password may be used\&. If the password is older than this, a password change will be forced\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -The minimum number of days allowed between password changes\&. Any password changes attempted sooner than this will be rejected\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -The number of days warning given before a password expires\&. A zero means warning is given only upon the day of expiration, a negative value means no warning is given\&. If not specified, no warning will be provided\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR, -\fBPASS_MIN_DAYS\fR -and -\fBPASS_WARN_AGE\fR -are only used at the time of account creation\&. Any changes to these settings won\*(Aqt affect existing accounts\&. -.PP -\fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) -.RS 4 -Number of significant characters in the password for crypt()\&. -\fBPASS_MAX_LEN\fR -is 8 by default\&. Don\*(Aqt change unless your crypt() is better\&. This is ignored if -\fBMD5_CRYPT_ENAB\fR -set to -\fIyes\fR\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (boolean) -.RS 4 -Enable checking of time restrictions specified in -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (boolean) -.RS 4 -Enable setting of resource limits from -/etc/limits -and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -When -\fBENCRYPT_METHOD\fR -is set to -\fISHA256\fR -or -\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. -.sp -With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&. -.sp -If not specified, the libc will choose the default number of rounds (5000)\&. -.sp -The values must be inside the 1000\-999,999,999 range\&. -.sp -If only one of the -\fBSHA_CRYPT_MIN_ROUNDS\fR -or -\fBSHA_CRYPT_MAX_ROUNDS\fR -values is set, then this value will be used\&. -.sp -If -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. -.RE -.PP -\fBSULOG_FILE\fR (string) -.RS 4 -If defined, all su activity is logged to this file\&. -.RE -.PP -\fBSU_NAME\fR (string) -.RS 4 -If defined, the command name to display when running "su \-"\&. For example, if this is defined as "su" then a "ps" will display the command is "\-su"\&. If not defined, then "ps" would display the name of the shell actually being run, e\&.g\&. something like "\-sh"\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (boolean) -.RS 4 -If -\fIyes\fR, the user must be listed as a member of the first gid 0 group in -/etc/group -(called -\fIroot\fR -on most Linux systems) to be able to -\fBsu\fR -to uid 0 accounts\&. If the group doesn\*(Aqt exist or is empty, no one will be able to -\fBsu\fR -to uid 0\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of system groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_GID_MIN\fR -(resp\&. -\fBSYS_GID_MAX\fR) is 101 (resp\&. -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) -.RS 4 -Range of user IDs used for the creation of system users by -\fBuseradd\fR -or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_UID_MIN\fR -(resp\&. -\fBSYS_UID_MAX\fR) is 101 (resp\&. -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsu\fR -activity \- in addition to sulog file logging\&. -.RE -.PP -\fBTTYGROUP\fR (string), \fBTTYPERM\fR (string) -.RS 4 -The terminal permissions: the login tty will be owned by the -\fBTTYGROUP\fR -group, and the permissions will be set to -\fBTTYPERM\fR\&. -.sp -By default, the ownership of the terminal is set to the user\*(Aqs primary group and the permissions are set to -\fI0600\fR\&. -.sp -\fBTTYGROUP\fR -can be either the name of a group or a numeric group identifier\&. -.sp -If you have a -\fBwrite\fR -program which is "setgid" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620\&. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (string) -.RS 4 -If defined, file which maps tty line to TERM environment parameter\&. Each line of the file is in a format something like "vt100 tty01"\&. -.RE -.PP -\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) -.RS 4 -Range of user IDs used for the creation of regular users by -\fBuseradd\fR -or -\fBnewusers\fR\&. -.sp -The default value for -\fBUID_MIN\fR -(resp\&. -\fBUID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBULIMIT\fR (number) -.RS 4 -Default -\fBulimit\fR -value\&. -.RE -.PP -\fBUMASK\fR (number) -.RS 4 -The file mode creation mask is initialized to this value\&. If not specified, the mask will be initialized to 022\&. -.sp -\fBuseradd\fR -and -\fBnewusers\fR -use this mask to set the mode of the home directory they create -.sp -It is also used by -\fBlogin\fR -to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if -\fBQUOTAS_ENAB\fR -is set) or by the specification of a limit with the -\fIK\fR -identifier in -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERDEL_CMD\fR (string) -.RS 4 -If defined, this command is run when removing a user\&. It should remove any at/cron/print jobs etc\&. owned by the user to be removed (passed as the first argument)\&. -.sp -The return code of the script is not taken into account\&. -.sp -Here is an example script, which removes the user\*(Aqs cron, at and print jobs: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Check for the required argument\&. -if [ $# != 1 ]; then - echo "Usage: $0 username" - exit 1 -fi - -# Remove cron jobs\&. -crontab \-r \-u $1 - -# Remove at jobs\&. -# Note that it will remove any jobs owned by the same UID, -# even if it was shared by a different username\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Remove print jobs\&. -lprm $1 - -# All done\&. -exit 0 - -.fi -.if n \{\ -.RE -.\} -.sp -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&. -.sp -If set to -\fIyes\fR, -\fBuserdel\fR -will remove the user\*(Aqs group if it contains no more members, and -\fBuseradd\fR -will create by default a group with the name of the user\&. -.RE -.SH "CROSS REFERENCES" -.PP -The following cross references show which programs in the shadow password suite use which parameters\&. -.PP -chfn -.RS 4 -CHFN_AUTH -CHFN_RESTRICT -LOGIN_STRING -.RE -.PP -chgpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chpasswd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENABSHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chsh -.RS 4 -CHSH_AUTH LOGIN_STRING -.RE -.PP -gpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -groupadd -.RS 4 -GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN -.RE -.PP -groupdel -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmems -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmod -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpck -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpunconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -login -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE -ERASECHAR FAIL_DELAY -FAILLOG_ENAB -FAKE_SHELL -FTMP_FILE -HUSHLOGIN_FILE -ISSUE_FILE -KILLCHAR -LASTLOG_ENAB -LOGIN_RETRIES -LOGIN_STRING -LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB -MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB -TTYGROUP TTYPERM TTYTYPE_FILE -ULIMIT UMASK -USERGROUPS_ENAB -.RE -.PP -newgrp / sg -.RS 4 -SYSLOG_SG_ENAB -.RE -.PP -newusers -.RS 4 -ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -passwd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -pwck -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -pwconv -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -su -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENVIRON_FILE -ENV_PATH ENV_SUPATH -ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB -SULOG_FILE SU_NAME -SU_WHEEL_ONLY -SYSLOG_SU_ENAB -USERGROUPS_ENAB -.RE -.PP -sulogin -.RS 4 -ENV_HZ -ENV_TZ -.RE -.PP -useradd -.RS 4 -CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -userdel -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB -.RE -.PP -usermod -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP -.RE -.SH "SEE ALSO" -.PP -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBsu\fR(1), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBpam\fR(8)\&. diff --git a/man/man5/passwd.5 b/man/man5/passwd.5 deleted file mode 100644 index dd03f248..00000000 --- a/man/man5/passwd.5 +++ /dev/null @@ -1,179 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "PASSWD" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -passwd \- the password file -.SH "DESCRIPTION" -.PP -/etc/passwd -contains one line for each user account, with seven fields delimited by colons (\(lq:\(rq)\&. These fields are: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -login name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -optional encrypted password -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical user ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical group ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -user name or comment field -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -user home directory -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -optional user command interpreter -.RE -.PP -The encrypted password field may be blank, in which case no password is required to authenticate as the specified login name\&. However, some applications which read the -/etc/passwd -file may decide not to permit -\fIany\fR -access at all if the -\fIpassword\fR -field is blank\&. If the -\fIpassword\fR -field is a lower\-case -\(lqx\(rq, then the encrypted password is actually stored in the -\fBshadow\fR(5) -file instead; there -\fImust\fR -be a corresponding line in the -/etc/shadow -file, or else the user account is invalid\&. If the -\fIpassword\fR -field is any other string, then it will be treated as an encrypted password, as specified by -\fBcrypt\fR(3)\&. -.PP -The comment field is used by various system utilities, such as -\fBfinger\fR(1)\&. -.PP -The home directory field provides the name of the initial working directory\&. The -\fBlogin\fR -program uses this information to set the value of the -\fB$HOME\fR -environmental variable\&. -.PP -The command interpreter field provides the name of the user\*(Aqs command language interpreter, or the name of the initial program to execute\&. The -\fBlogin\fR -program uses this information to set the value of the -\fB$SHELL\fR -environmental variable\&. If this field is empty, it defaults to the value -/bin/sh\&. -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -optional encrypted password file -.RE -.PP -/etc/passwd\- -.RS 4 -Backup file for /etc/passwd\&. -.sp -Note that this file is used by the tools of the shadow toolsuite, but not by all user and password management tools\&. -.RE -.SH "SEE ALSO" -.PP -\fBcrypt\fR(3), -\fBgetent\fR(1), -\fBgetpwnam\fR(3), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBshadow\fR(5), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/man5/porttime.5 b/man/man5/porttime.5 deleted file mode 100644 index 388029b7..00000000 --- a/man/man5/porttime.5 +++ /dev/null @@ -1,96 +0,0 @@ -'\" t -.\" Title: porttime -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "PORTTIME" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -porttime \- port access time file -.SH "DESCRIPTION" -.PP -\fIporttime\fR -contains a list of tty devices, user names, and permitted login times\&. -.PP -Each entry consists of three colon separated fields\&. The first field is a comma separated list of tty devices, or an asterisk to indicate that all tty devices are matched by this entry\&. The second field is a comma separated list of user names, or an asterisk to indicated that all user names are matched by this entry\&. The third field is a comma separated list of permitted access times\&. -.PP -Each access time entry consists of zero or more days of the week, abbreviated -\fISu\fR, -\fIMo\fR, -\fITu\fR, -\fIWe\fR, -\fITh\fR, -\fIFr\fR, and -\fISa\fR, followed by a pair of times separated by a hyphen\&. The abbreviation -\fIWk\fR -may be used to represent Monday thru Friday, and -\fIAl\fR -may be used to indicate every day\&. If no days are given, -\fIAl\fR -is assumed\&. -.SH "EXAMPLES" -.PP -The following entry allows access to user -\fBjfh\fR -on every port during weekdays from 9am to 5pm\&. -.PP -*:jfh:Wk0900\-1700 -.PP -The following entries allow access only to the users -\fIroot\fR -and -\fIoper\fR -on -/dev/console -at any time\&. This illustrates how the -/etc/porttime -file is an ordered list of access times\&. Any other user would match the second entry which does not permit access at any time\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - console:root,oper:Al0000\-2400 - console:*: - -.fi -.if n \{\ -.RE -.\} -.PP -The following entry allows access for the user -\fIgames\fR -on any port during non\-working hours\&. -.PP -*:games:Wk1700\-0900,SaSu0000\-2400 -.SH "FILES" -.PP -/etc/porttime -.RS 4 -File containing port access\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin\fR(1)\&. diff --git a/man/man5/shadow.5 b/man/man5/shadow.5 deleted file mode 100644 index cc22533e..00000000 --- a/man/man5/shadow.5 +++ /dev/null @@ -1,148 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "SHADOW" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -shadow \- shadowed password file -.SH "DESCRIPTION" -.PP -shadow -is a file which contains the password information for the system\*(Aqs accounts and optional aging information\&. -.PP -This file must not be readable by regular users if password security is to be maintained\&. -.PP -Each line of this file contains 9 fields, separated by colons (\(lq:\(rq), in the following order: -.PP -\fBlogin name\fR -.RS 4 -It must be a valid account name, which exist on the system\&. -.RE -.PP -\fBencrypted password\fR -.RS 4 -Refer to -\fBcrypt\fR(3) -for details on how this string is interpreted\&. -.sp -If the password field contains some string that is not a valid result of -\fBcrypt\fR(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means)\&. -.sp -This field may be empty, in which case no passwords are required to authenticate as the specified login name\&. However, some applications which read the -/etc/shadow -file may decide not to permit any access at all if the password field is empty\&. -.sp -A password field which starts with a exclamation mark means that the password is locked\&. The remaining characters on the line represent the password field before the password was locked\&. -.RE -.PP -\fBdate of last password change\fR -.RS 4 -The date of the last password change, expressed as the number of days since Jan 1, 1970\&. -.sp -The value 0 has a special meaning, which is that the user should change her pasword the next time she will log in the system\&. -.sp -An empty field means that password aging features are disabled\&. -.RE -.PP -\fBminimum password age\fR -.RS 4 -The minimum password age is the number of days the user will have to wait before she will be allowed to change her password again\&. -.sp -An empty field and value 0 mean that there are no minimum password age\&. -.RE -.PP -\fBmaximum password age\fR -.RS 4 -The maximum password age is the number of days after which the user will have to change her password\&. -.sp -After this number of days is elapsed, the password may still be valid\&. The user should be asked to change her password the next time she will log in\&. -.sp -An empty field means that there are no maximum password age, no password warning period, and no password inactivity period (see below)\&. -.sp -If the maximum password age is lower than the minimum password age, the user cannot change her password\&. -.RE -.PP -\fBpassword warning period\fR -.RS 4 -The number of days before a password is going to expire (see the maximum password age above) during which the user should be warned\&. -.sp -An empty field and value 0 mean that there are no password warning period\&. -.RE -.PP -\fBpassword inactivity period\fR -.RS 4 -The number of days after a password has expired (see the maximum password age above) during which the password should still be accepted (and the user should update her password during the next login)\&. -.sp -After expiration of the password and this expiration period is elapsed, no login is possible using the current user\*(Aqs password\&. The user should contact her administrator\&. -.sp -An empty field means that there are no enforcement of an inactivity period\&. -.RE -.PP -\fBaccount expiration date\fR -.RS 4 -The date of expiration of the account, expressed as the number of days since Jan 1, 1970\&. -.sp -Note that an account expiration differs from a password expiration\&. In case of an acount expiration, the user shall not be allowed to login\&. In case of a password expiration, the user is not allowed to login using her password\&. -.sp -An empty field means that the account will never expire\&. -.sp -The value 0 should not be used as it is interpreted as either an account with no expiration, or as an expiration on Jan 1, 1970\&. -.RE -.PP -\fBreserved field\fR -.RS 4 -This field is reserved for future use\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/shadow\- -.RS 4 -Backup file for /etc/shadow\&. -.sp -Note that this file is used by the tools of the shadow toolsuite, but not by all user and password management tools\&. -.RE -.SH "SEE ALSO" -.PP -\fBchage\fR(1), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/man5/suauth.5 b/man/man5/suauth.5 deleted file mode 100644 index b3c9e97a..00000000 --- a/man/man5/suauth.5 +++ /dev/null @@ -1,146 +0,0 @@ -'\" t -.\" Title: suauth -.\" Author: Marek Michałkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "SUAUTH" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -suauth \- detailed su control file -.SH "SYNOPSIS" -.HP \w'\fB/etc/suauth\fR\ 'u -\fB/etc/suauth\fR -.SH "DESCRIPTION" -.PP -The file -/etc/suauth -is referenced whenever the su command is called\&. It can change the behaviour of the su command, based upon: -.sp -.if n \{\ -.RS 4 -.\} -.nf - 1) the user su is targetting - -.fi -.if n \{\ -.RE -.\} -.PP -2) the user executing the su command (or any groups he might be a member of) -.PP -The file is formatted like this, with lines starting with a # being treated as comment lines and ignored; -.sp -.if n \{\ -.RS 4 -.\} -.nf - to\-id:from\-id:ACTION - -.fi -.if n \{\ -.RE -.\} -.PP -Where to\-id is either the word -\fIALL\fR, a list of usernames delimited by "," or the words -\fIALL EXCEPT\fR -followed by a list of usernames delimited by ","\&. -.PP -from\-id is formatted the same as to\-id except the extra word -\fIGROUP\fR -is recognised\&. -\fIALL EXCEPT GROUP\fR -is perfectly valid too\&. Following -\fIGROUP\fR -appears one or more group names, delimited by ","\&. It is not sufficient to have primary group id of the relevant group, an entry in -\fB/etc/group\fR(5) -is neccessary\&. -.PP -Action can be one only of the following currently supported options\&. -.PP -\fIDENY\fR -.RS 4 -The attempt to su is stopped before a password is even asked for\&. -.RE -.PP -\fINOPASS\fR -.RS 4 -The attempt to su is automatically successful; no password is asked for\&. -.RE -.PP -\fIOWNPASS\fR -.RS 4 -For the su command to be successful, the user must enter his or her own password\&. They are told this\&. -.RE -.PP -Note there are three separate fields delimited by a colon\&. No whitespace must surround this colon\&. Also note that the file is examined sequentially line by line, and the first applicable rule is used without examining the file further\&. This makes it possible for a system administrator to exercise as fine control as he or she wishes\&. -.SH "EXAMPLE" -.sp -.if n \{\ -.RS 4 -.\} -.nf - # sample /etc/suauth file - # - # A couple of privileged usernames may - # su to root with their own password\&. - # - root:chris,birddog:OWNPASS - # - # Anyone else may not su to root unless in - # group wheel\&. This is how BSD does things\&. - # - root:ALL EXCEPT GROUP wheel:DENY - # - # Perhaps terry and birddog are accounts - # owned by the same person\&. - # Access can be arranged between them - # with no password\&. - # - terry:birddog:NOPASS - birddog:terry:NOPASS - # - -.fi -.if n \{\ -.RE -.\} -.SH "FILES" -.PP -/etc/suauth -.RS 4 -.RE -.SH "BUGS" -.PP -There could be plenty lurking\&. The file parser is particularly unforgiving about syntax errors, expecting no spurious whitespace (apart from beginning and end of lines), and a specific token delimiting different things\&. -.SH "DIAGNOSTICS" -.PP -An error parsing the file is reported using -\fBsyslogd\fR(8) -as level ERR on facility AUTH\&. -.SH "SEE ALSO" -.PP -\fBsu\fR(1)\&. diff --git a/man/man5/subgid.5 b/man/man5/subgid.5 deleted file mode 100644 index 1265d345..00000000 --- a/man/man5/subgid.5 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: subgid -.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "SUBGID" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -subgid \- the subordinate gid file -.SH "DESCRIPTION" -.PP -Each line in -/etc/subgid -contains a user name and a range of subordinate group ids that user is allowed to use\&. This is specified with three fields delimited by colons (\(lq:\(rq)\&. These fields are: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -login name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical subordinate group ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical subordinate group ID count -.RE -.PP -This file specifies the group IDs that ordinary users can use, with the -\fBnewgidmap\fR -command, to configure gid mapping in a user namespace\&. -.PP -Multiple ranges may be specified per user\&. -.SH "FILES" -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subgid\- -.RS 4 -Backup file for /etc/subgid\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin.defs\fR(5), -\fBnewgidmap\fR(1), -\fBnewuidmap\fR(1), -\fBnewusers\fR(8), -\fBsubuid\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8), -\fBuser_namespaces\fR(7)\&. diff --git a/man/man5/subuid.5 b/man/man5/subuid.5 deleted file mode 100644 index 1ff13803..00000000 --- a/man/man5/subuid.5 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: subuid -.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "SUBUID" "5" "05/09/2014" "shadow\-utils 4\&.2\&.1" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -subuid \- the subordinate uid file -.SH "DESCRIPTION" -.PP -Each line in -/etc/subuid -contains a user name and a range of subordinate user ids that user is allowed to use\&. This is specified with three fields delimited by colons (\(lq:\(rq)\&. These fields are: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -login name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical subordinate user ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numerical subordinate user ID count -.RE -.PP -This file specifies the user IDs that ordinary users can use, with the -\fBnewuidmap\fR -command, to configure uid mapping in a user namespace\&. -.PP -Multiple ranges may be specified per user\&. -.SH "FILES" -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.PP -/etc/subuid\- -.RS 4 -Backup file for /etc/subuid\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin.defs\fR(5), -\fBnewgidmap\fR(1), -\fBnewuidmap\fR(1), -\fBnewusers\fR(1), -\fBsubgid\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8), -\fBuser_namespaces\fR(7)\&. diff --git a/man/man8/chgpasswd.8 b/man/man8/chgpasswd.8 deleted file mode 100644 index ec76bd62..00000000 --- a/man/man8/chgpasswd.8 +++ /dev/null @@ -1,208 +0,0 @@ -'\" t -.\" Title: chgpasswd -.\" Author: Thomas Kłoczko -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "CHGPASSWD" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chgpasswd \- update group passwords in batch mode -.SH "SYNOPSIS" -.HP \w'\fBchgpasswd\fR\ 'u -\fBchgpasswd\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -The -\fBchgpasswd\fR -command reads a list of group name and password pairs from standard input and uses this information to update a set of existing groups\&. Each line is of the format: -.PP -\fIgroup_name\fR:\fIpassword\fR -.PP -By default the supplied password must be in clear\-text, and is encrypted by -\fBchgpasswd\fR\&. -.PP -The default encryption algorithm can be defined for the system with the -\fBENCRYPT_METHOD\fR -variable of -/etc/login\&.defs, and can be overwiten with the -\fB\-e\fR, -\fB\-m\fR, or -\fB\-c\fR -options\&. -.PP -This command is intended to be used in a large system environment where many accounts are created at a single time\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBchgpasswd\fR -command are: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Use the specified method to encrypt the passwords\&. -.sp -The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -Supplied passwords are in encrypted form\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -Use MD5 encryption instead of DES when the supplied passwords are not encrypted\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Use the specified number of rounds to encrypt the passwords\&. -.sp -The value 0 means that the system will choose the default number of rounds for the crypt method (5000)\&. -.sp -A minimal value of 1000 and a maximal value of 999,999,999 will be enforced\&. -.sp -You can only use this option with the SHA256 or SHA512 crypt method\&. -.sp -By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in -/etc/login\&.defs\&. -.RE -.SH "CAVEATS" -.PP -Remember to set permissions or umask to prevent readability of unencrypted files by other users\&. -.PP -You should make sure the passwords and the encryption method respect the system\*(Aqs password policy\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)\&. -.sp -It can take one of these values: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Note: this parameter overrides the -\fBMD5_CRYPT_ENAB\fR -variable\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to -\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to -\fIno\fR -if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is -\fIno\fR\&. -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -This variable is deprecated\&. You should use -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -When -\fBENCRYPT_METHOD\fR -is set to -\fISHA256\fR -or -\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. -.sp -With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&. -.sp -If not specified, the libc will choose the default number of rounds (5000)\&. -.sp -The values must be inside the 1000\-999,999,999 range\&. -.sp -If only one of the -\fBSHA_CRYPT_MIN_ROUNDS\fR -or -\fBSHA_CRYPT_MAX_ROUNDS\fR -values is set, then this value will be used\&. -.sp -If -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "SEE ALSO" -.PP -\fBgpasswd\fR(1), -\fBgroupadd\fR(8), -\fBlogin.defs\fR(5)\&. diff --git a/man/man8/chpasswd.8 b/man/man8/chpasswd.8 deleted file mode 100644 index 0d983588..00000000 --- a/man/man8/chpasswd.8 +++ /dev/null @@ -1,211 +0,0 @@ -'\" t -.\" Title: chpasswd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "CHPASSWD" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -chpasswd \- update passwords in batch mode -.SH "SYNOPSIS" -.HP \w'\fBchpasswd\fR\ 'u -\fBchpasswd\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -The -\fBchpasswd\fR -command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users\&. Each line is of the format: -.PP -\fIuser_name\fR:\fIpassword\fR -.PP -By default the passwords must be supplied in clear\-text, and are encrypted by -\fBchpasswd\fR\&. Also the password age will be updated, if present\&. -.PP -The default encryption algorithm can be defined for the system with the -\fBENCRYPT_METHOD\fR -or -\fBMD5_CRYPT_ENAB\fR -variables of -/etc/login\&.defs, and can be overwitten with the -\fB\-e\fR, -\fB\-m\fR, or -\fB\-c\fR -options\&. -.PP -\fBchpasswd\fR -first updates all the passwords in memory, and then commits all the changes to disk if no errors occured for any user\&. -.PP -This command is intended to be used in a large system environment where many accounts are created at a single time\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBchpasswd\fR -command are: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR\ \&\fIMETHOD\fR -.RS 4 -Use the specified method to encrypt the passwords\&. -.sp -The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods\&. -.sp -By default (if none of the -\fB\-c\fR, -\fB\-m\fR, or -\fB\-e\fR -options are specified), the encryption method is defined by the -\fBENCRYPT_METHOD\fR -or -\fBMD5_CRYPT_ENAB\fR -variables of -/etc/login\&.defs\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -Supplied passwords are in encrypted form\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -Use MD5 encryption instead of DES when the supplied passwords are not encrypted\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fIROUNDS\fR -.RS 4 -Use the specified number of rounds to encrypt the passwords\&. -.sp -The value 0 means that the system will choose the default number of rounds for the crypt method (5000)\&. -.sp -A minimal value of 1000 and a maximal value of 999,999,999 will be enforced\&. -.sp -You can only use this option with the SHA256 or SHA512 crypt method\&. -.sp -By default, the number of rounds is defined by the -\fBSHA_CRYPT_MIN_ROUNDS\fR -and -\fBSHA_CRYPT_MAX_ROUNDS\fR -variables in -/etc/login\&.defs\&. -.RE -.SH "CAVEATS" -.PP -Remember to set permissions or umask to prevent readability of unencrypted files by other users\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)\&. -.sp -It can take one of these values: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Note: this parameter overrides the -\fBMD5_CRYPT_ENAB\fR -variable\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to -\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to -\fIno\fR -if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is -\fIno\fR\&. -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -This variable is deprecated\&. You should use -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -When -\fBENCRYPT_METHOD\fR -is set to -\fISHA256\fR -or -\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. -.sp -With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&. -.sp -If not specified, the libc will choose the default number of rounds (5000)\&. -.sp -The values must be inside the 1000\-999,999,999 range\&. -.sp -If only one of the -\fBSHA_CRYPT_MIN_ROUNDS\fR -or -\fBSHA_CRYPT_MAX_ROUNDS\fR -values is set, then this value will be used\&. -.sp -If -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "SEE ALSO" -.PP -\fBpasswd\fR(1), -\fBnewusers\fR(8), -\fBlogin.defs\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/man8/faillog.8 b/man/man8/faillog.8 deleted file mode 100644 index beeb27ae..00000000 --- a/man/man8/faillog.8 +++ /dev/null @@ -1,165 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "FAILLOG" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -faillog \- display faillog records or set login failure limits -.SH "SYNOPSIS" -.HP \w'\fBfaillog\fR\ 'u -\fBfaillog\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -\fBfaillog\fR -displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When -\fBfaillog\fR -is run without arguments, it only displays the faillog records of the users who had a login failure\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBfaillog\fR -command are: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Display (or act on) faillog records for all users having an entry in the -faillog -database\&. -.sp -The range of users can be restricted with the -\fB\-u\fR -option\&. -.sp -In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&. -.sp -With the -\fB\-l\fR, -\fB\-m\fR, -\fB\-r\fR, -\fB\-t\fR -options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR -.RS 4 -Lock account for -\fISEC\fR -seconds after failed login\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR -.RS 4 -Set the maximum number of login failures after the account is disabled to -\fIMAX\fR\&. -.sp -Selecting a -\fIMAX\fR -value of 0 has the effect of not placing a limit on the number of failed logins\&. -.sp -The maximum failure count should always be 0 for -\fIroot\fR -to prevent a denial of services attack against the system\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-r\fR, \fB\-\-reset\fR -.RS 4 -Reset the counters of login failures\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR -.RS 4 -Display faillog records more recent than -\fIDAYS\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -Display faillog record or maintains failure counters and limits (if used with -\fB\-l\fR, -\fB\-m\fR -or -\fB\-r\fR -options) only for the specified user(s)\&. -.sp -The users can be specified by a login name, a numerical user ID, or a -\fIRANGE\fR -of users\&. This -\fIRANGE\fR -of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. -.RE -.PP -When none of the -\fB\-l\fR, -\fB\-m\fR, or -\fB\-r\fR -options are used, -\fBfaillog\fR -displays the faillog record of the specified user(s)\&. -.SH "CAVEATS" -.PP -\fBfaillog\fR -only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the -\fB\-u\fR -flag, or print out all users with the -\fB\-a\fR -flag\&. -.SH "FILES" -.PP -/var/log/faillog -.RS 4 -Failure logging file\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin\fR(1), -\fBfaillog\fR(5)\&. diff --git a/man/man8/groupadd.8 b/man/man8/groupadd.8 deleted file mode 100644 index 3dac11b3..00000000 --- a/man/man8/groupadd.8 +++ /dev/null @@ -1,248 +0,0 @@ -'\" t -.\" Title: groupadd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "GROUPADD" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groupadd \- create a new group -.SH "SYNOPSIS" -.HP \w'\fBgroupadd\fR\ 'u -\fBgroupadd\fR [\fIoptions\fR] \fIgroup\fR -.SH "DESCRIPTION" -.PP -The -\fBgroupadd\fR -command creates a new group account using the values specified on the command line plus the default values from the system\&. The new group will be entered into the system files as needed\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBgroupadd\fR -command are: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -This option causes the command to simply exit with success status if the specified group already exists\&. When used with -\fB\-g\fR, and the specified GID already exists, another (unique) GID is chosen (i\&.e\&. -\fB\-g\fR -is turned off)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -The numerical value of the group\*(Aqs ID\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to -\fBGID_MIN\fR -and greater than every other group\&. -.sp -See also the -\fB\-r\fR -option and the -\fBGID_MAX\fR -description\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR -.RS 4 -Overrides -/etc/login\&.defs -defaults (GID_MIN, GID_MAX and others)\&. Multiple -\fB\-K\fR -options can be specified\&. -.sp -Example: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \& -\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR -.sp -Note: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR -doesn\*(Aqt work yet\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -This option permits to add a group with a non\-unique GID\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -The encrypted password, as returned by -\fBcrypt\fR(3)\&. The default is to disable the password\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Create a system group\&. -.sp -The numeric identifiers of new system groups are chosen in the -\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR -range, defined in -login\&.defs, instead of -\fBGID_MIN\fR\-\fBGID_MAX\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of regular groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBGID_MIN\fR -(resp\&. -\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of system groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_GID_MIN\fR -(resp\&. -\fBSYS_GID_MAX\fR) is 101 (resp\&. -\fBGID_MIN\fR\-1)\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "CAVEATS" -.PP -Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Groupnames may only be up to 16 characters long\&. -.PP -You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&. -.PP -If the groupname already exists in an external group database such as NIS or LDAP, -\fBgroupadd\fR -will deny the group creation request\&. -.SH "EXIT VALUES" -.PP -The -\fBgroupadd\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI2\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI3\fR -.RS 4 -invalid argument to option -.RE -.PP -\fI4\fR -.RS 4 -GID not unique (when -\fB\-o\fR -not used) -.RE -.PP -\fI9\fR -.RS 4 -group name not unique -.RE -.PP -\fI10\fR -.RS 4 -can\*(Aqt update group file -.RE -.SH "SEE ALSO" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/man8/groupdel.8 b/man/man8/groupdel.8 deleted file mode 100644 index 72cee82d..00000000 --- a/man/man8/groupdel.8 +++ /dev/null @@ -1,136 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "GROUPDEL" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groupdel \- delete a group -.SH "SYNOPSIS" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fIoptions\fR] \fIGROUP\fR -.SH "DESCRIPTION" -.PP -The -\fBgroupdel\fR -command modifies the system account files, deleting all entries that refer to -\fIGROUP\fR\&. The named group must exist\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBgroupdel\fR -command are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "CAVEATS" -.PP -You may not remove the primary group of any existing user\&. You must remove the user before you remove the group\&. -.PP -You should manually check all file systems to ensure that no files remain owned by this group\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.SH "EXIT VALUES" -.PP -The -\fBgroupdel\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI2\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI6\fR -.RS 4 -specified group doesn\*(Aqt exist -.RE -.PP -\fI8\fR -.RS 4 -can\*(Aqt remove user\*(Aqs primary group -.RE -.PP -\fI10\fR -.RS 4 -can\*(Aqt update group file -.RE -.SH "SEE ALSO" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/man8/groupmems.8 b/man/man8/groupmems.8 deleted file mode 100644 index 47f76e25..00000000 --- a/man/man8/groupmems.8 +++ /dev/null @@ -1,180 +0,0 @@ -'\" t -.\" Title: groupmems -.\" Author: George Kraft, IV -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "GROUPMEMS" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groupmems \- administer members of a user\*(Aqs primary group -.SH "SYNOPSIS" -.HP \w'\fBgroupmems\fR\ 'u -\fBgroupmems\fR \-a\ \fIuser_name\fR | \-d\ \fIuser_name\fR | [\-g\ \fIgroup_name\fR] | \-l | \-p -.SH "DESCRIPTION" -.PP -The -\fBgroupmems\fR -command allows a user to administer his/her own group membership list without the requirement of superuser privileges\&. The -\fBgroupmems\fR -utility is for systems that configure its users to be in their own name sake primary group (i\&.e\&., guest / guest)\&. -.PP -Only the superuser, as administrator, can use -\fBgroupmems\fR -to alter the memberships of other groups\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBgroupmems\fR -command are: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser_name\fR -.RS 4 -Add an user to the group membership list\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser_name\fR -.RS 4 -Delete a user from the group membership list\&. -.sp -If the -/etc/gshadow -file exist, the user will be removed from the list of members and administrators of the group\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-g\fR, \fB\-\-group\fR\ \&\fIgroup_name\fR -.RS 4 -The superuser can specify which group membership list to modify\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -List the group membership list\&. -.RE -.PP -\fB\-p\fR, \fB\-\-purge\fR -.RS 4 -Purge all users from the group membership list\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "SETUP" -.PP -The -\fBgroupmems\fR -executable should be in mode -2770 -as user -\fIroot\fR -and in group -\fIgroups\fR\&. The system administrator can add users to group -\fIgroups\fR -to allow or disallow them using the -\fBgroupmems\fR -utility to manage their own group membership list\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - $ groupadd \-r groups - $ chmod 2770 groupmems - $ chown root\&.groups groupmems - $ groupmems \-g groups \-a gk4 - -.fi -.if n \{\ -.RE -.\} -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -secure group account information -.RE -.SH "SEE ALSO" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/man8/groupmod.8 b/man/man8/groupmod.8 deleted file mode 100644 index de0699c8..00000000 --- a/man/man8/groupmod.8 +++ /dev/null @@ -1,209 +0,0 @@ -'\" t -.\" Title: groupmod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "GROUPMOD" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -groupmod \- modify a group definition on the system -.SH "SYNOPSIS" -.HP \w'\fBgroupmod\fR\ 'u -\fBgroupmod\fR [\fIoptions\fR] \fIGROUP\fR -.SH "DESCRIPTION" -.PP -The -\fBgroupmod\fR -command modifies the definition of the specified -\fIGROUP\fR -by modifying the appropriate entry in the group database\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBgroupmod\fR -command are: -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -The group ID of the given -\fIGROUP\fR -will be changed to -\fIGID\fR\&. -.sp -The value of -\fIGID\fR -must be a non\-negative decimal integer\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. -.sp -Users who use the group as primary group will be updated to keep the group as their primary group\&. -.sp -Any files that have the old group ID and must continue to belong to -\fIGROUP\fR, must have their group ID changed manually\&. -.sp -No checks will be performed with regard to the -\fBGID_MIN\fR, -\fBGID_MAX\fR, -\fBSYS_GID_MIN\fR, or -\fBSYS_GID_MAX\fR -from -/etc/login\&.defs\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fINEW_GROUP\fR -.RS 4 -The name of the group will be changed from -\fIGROUP\fR -to -\fINEW_GROUP\fR -name\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -When used with the -\fB\-g\fR -option, allow to change the group -\fIGID\fR -to a non\-unique value\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -The encrypted password, as returned by -\fBcrypt\fR(3)\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.SH "EXIT VALUES" -.PP -The -\fBgroupmod\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI2\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI3\fR -.RS 4 -invalid argument to option -.RE -.PP -\fI4\fR -.RS 4 -specified group doesn\*(Aqt exist -.RE -.PP -\fI6\fR -.RS 4 -specified group doesn\*(Aqt exist -.RE -.PP -\fI9\fR -.RS 4 -group name already in use -.RE -.PP -\fI10\fR -.RS 4 -can\*(Aqt update group file -.RE -.SH "SEE ALSO" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/man8/grpck.8 b/man/man8/grpck.8 deleted file mode 100644 index acd4a46c..00000000 --- a/man/man8/grpck.8 +++ /dev/null @@ -1,241 +0,0 @@ -'\" t -.\" Title: grpck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "GRPCK" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -grpck \- verify integrity of group files -.SH "SYNOPSIS" -.HP \w'\fBgrpck\fR\ 'u -\fBgrpck\fR [options] [\fIgroup\fR\ [\ \fIshadow\fR\ ]] -.SH "DESCRIPTION" -.PP -The -\fBgrpck\fR -command verifies the integrity of the groups information\&. It checks that all entries in -/etc/groupand /etc/gshadow -have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. -.PP -Checks are made to verify that each entry has: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -the correct number of fields -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a unique and valid group name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid group identifier -(/etc/group only) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid list of members -and administrators -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a corresponding entry in the -/etc/gshadow -file (respectively -/etc/group -for the -gshadow -checks) -.RE -.PP -The checks for correct number of fields and unique group name are fatal\&. If an entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warnings and the user is encouraged to run the -\fBgroupmod\fR -command to correct the error\&. -.PP -The commands which operate on the -/etc/groupand /etc/gshadow files -are not able to alter corrupted or duplicated entries\&. -\fBgrpck\fR -should be used in those circumstances to remove the offending entries\&. -.SH "OPTIONS" -.PP -The -\fB\-r\fR -and -\fB\-s\fR -options cannot be combined\&. -.PP -The options which apply to the -\fBgrpck\fR -command are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Execute the -\fBgrpck\fR -command in read\-only mode\&. This causes all questions regarding changes to be answered -\fIno\fR -without user intervention\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Sort entries in -/etc/groupand /etc/gshadow -by GID\&. -.RE -.PP -By default, -\fBgrpck\fR -operates on -/etc/groupand /etc/gshadow\&. The user may select alternate files with the -\fIgroup\fRand \fIshadow\fR parameters\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.SH "EXIT VALUES" -.PP -The -\fBgrpck\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI1\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI2\fR -.RS 4 -one or more bad group entries -.RE -.PP -\fI3\fR -.RS 4 -can\*(Aqt open group files -.RE -.PP -\fI4\fR -.RS 4 -can\*(Aqt lock group files -.RE -.PP -\fI5\fR -.RS 4 -can\*(Aqt update group files -.RE -.SH "SEE ALSO" -.PP -\fBgroup\fR(5), -\fBgroupmod\fR(8), -\fBgshadow\fR(5),\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBshadow\fR(5)\&. diff --git a/man/man8/grpconv.8 b/man/man8/grpconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/man8/grpconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/man8/grpunconv.8 b/man/man8/grpunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/man8/grpunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/man8/lastlog.8 b/man/man8/lastlog.8 deleted file mode 100644 index e510cbaa..00000000 --- a/man/man8/lastlog.8 +++ /dev/null @@ -1,109 +0,0 @@ -'\" t -.\" Title: lastlog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "LASTLOG" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -lastlog \- reports the most recent login of all users or of a given user -.SH "SYNOPSIS" -.HP \w'\fBlastlog\fR\ 'u -\fBlastlog\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -\fBlastlog\fR -formats and prints the contents of the last login log -/var/log/lastlog -file\&. The -\fIlogin\-name\fR, -\fIport\fR, and -\fIlast login time\fR -will be printed\&. The default (no flags) causes lastlog entries to be printed, sorted by their order in -/etc/passwd\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBlastlog\fR -command are: -.PP -\fB\-b\fR, \fB\-\-before\fR\ \&\fIDAYS\fR -.RS 4 -Print only lastlog records older than -\fIDAYS\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR -.RS 4 -Print the lastlog records more recent than -\fIDAYS\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -Print the lastlog record of the specified user(s)\&. -.sp -The users can be specified by a login name, a numerical user ID, or a -\fIRANGE\fR -of users\&. This -\fIRANGE\fR -of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. -.RE -.PP -If the user has never logged in the message -\fI** Never logged in**\fR -will be displayed instead of the port and time\&. -.PP -Only the entries for the current users of the system will be displayed\&. Other entries may exist for users that were deleted previously\&. -.SH "NOTE" -.PP -The -lastlog -file is a database which contains info on the last login of each user\&. You should not rotate it\&. It is a sparse file, so its size on the disk is usually much smaller than the one shown by "\fBls \-l\fR" (which can indicate a really big file if you have in -passwd -users with a high UID)\&. You can display its real size with "\fBls \-s\fR"\&. -.SH "FILES" -.PP -/var/log/lastlog -.RS 4 -Database times of previous user logins\&. -.RE -.SH "CAVEATS" -.PP -Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i\&.e\&. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171\-799)\&. diff --git a/man/man8/logoutd.8 b/man/man8/logoutd.8 deleted file mode 100644 index 8bbba5ca..00000000 --- a/man/man8/logoutd.8 +++ /dev/null @@ -1,57 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "LOGOUTD" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -logoutd \- enforce login time restrictions -.SH "SYNOPSIS" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "DESCRIPTION" -.PP -\fBlogoutd\fR -enforces the login time and port restrictions specified in -/etc/porttime\&. -\fBlogoutd\fR -should be started from -/etc/rc\&. The -/var/run/utmp -file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time\&. Any login session which is violating the restrictions in -/etc/porttime -is terminated\&. -.SH "FILES" -.PP -/etc/porttime -.RS 4 -File containing port access\&. -.RE -.PP -/var/run/utmp -.RS 4 -List of current login sessions\&. -.RE diff --git a/man/man8/newusers.8 b/man/man8/newusers.8 deleted file mode 100644 index 458f9ef8..00000000 --- a/man/man8/newusers.8 +++ /dev/null @@ -1,429 +0,0 @@ -'\" t -.\" Title: newusers -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "NEWUSERS" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -newusers \- update and create new users in batch -.SH "SYNOPSIS" -.HP \w'\fBnewusers\fR\ 'u -\fBnewusers\fR [\fIoptions\fR] [\fIfile\fR] -.SH "DESCRIPTION" -.PP -The -\fBnewusers\fR -command reads a -\fIfile\fR -(or the standard input by default) and uses this information to update a set of existing users or to create new users\&. Each line is in the same format as the standard password file (see -\fBpasswd\fR(5)) with the exceptions explained below: -.PP -pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell -.PP -\fIpw_name\fR -.RS 4 -This is the name of the user\&. -.sp -It can be the name of a new user or the name of an existing user (or an user created before by -\fBnewusers\fR)\&. In case of an existing user, the user\*(Aqs information will be changed, otherwise a new user will be created\&. -.RE -.PP -\fIpw_passwd\fR -.RS 4 -This field will be encrypted and used as the new value of the encrypted password\&. -.RE -.PP -\fIpw_uid\fR -.RS 4 -This field is used to define the UID of the user\&. -.sp -If the field is empty, an new (unused) UID will be defined automatically by -\fBnewusers\fR\&. -.sp -If this field contains a number, this number will be used as the UID\&. -.sp -If this field contains the name of an existing user (or the name of an user created before by -\fBnewusers\fR), the UID of the specified user will be used\&. -.sp -If the UID of an existing user is changed, the files ownership of the user\*(Aqs file should be fixed manually\&. -.RE -.PP -\fIpw_gid\fR -.RS 4 -This field is used to define the primary group ID for the user\&. -.sp -If this field contains the name of an existing group (or a group created before by -\fBnewusers\fR), the GID of this group will be used as the primary group ID for the user\&. -.sp -If this field is a number, this number will be used as the primary group ID of the user\&. If no groups exist with this GID, a new group will be created with this GID, and the name of the user\&. -.sp -If this field is empty, a new group will be created with the name of the user and a GID will be automatically defined by -\fBnewusers\fR -to be used as the primary group ID for the user and as the GID for the new group\&. -.sp -If this field contains the name of a group which does not exist (and was not created before by -\fBnewusers\fR), a new group will be created with the specified name and a GID will be automatically defined by -\fBnewusers\fR -to be used as the primary group ID for the user and GID for the new group\&. -.RE -.PP -\fIpw_gecos\fR -.RS 4 -This field is copied in the GECOS field of the user\&. -.RE -.PP -\fIpw_dir\fR -.RS 4 -This field is used to define the home directory of the user\&. -.sp -If this field does not specify an existing directory, the specified directory is created, with ownership set to the user being created or updated and its primary group\&. -.sp -If the home directory of an existing user is changed, -\fBnewusers\fR -does not move or copy the content of the old directory to the new location\&. This should be done manually\&. -.RE -.PP -\fIpw_shell\fR -.RS 4 -This field defines the shell of the user\&. No checks are performed on this field\&. -.RE -.PP -\fBnewusers\fR -first tries to create or change all the specified users, and then write these changes to the user or group databases\&. If an error occurs (except in the final writes to the databases), no changes are committed to the databases\&. -.PP -This command is intended to be used in a large system environment where many accounts are updated at a single time\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBnewusers\fR -command are: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Use the specified method to encrypt the passwords\&. -.sp -The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Create a system account\&. -.sp -System users will be created with no aging information in -/etc/shadow, and their numeric identifiers are chosen in the -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR -range, defined in -login\&.defs, instead of -\fBUID_MIN\fR\-\fBUID_MAX\fR -(and their -\fBGID\fR -counterparts for the creation of groups)\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Use the specified number of rounds to encrypt the passwords\&. -.sp -The value 0 means that the system will choose the default number of rounds for the crypt method (5000)\&. -.sp -A minimal value of 1000 and a maximal value of 999,999,999 will be enforced\&. -.sp -You can only use this option with the SHA256 or SHA512 crypt method\&. -.sp -By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in -/etc/login\&.defs\&. -.RE -.SH "CAVEATS" -.PP -The input file must be protected since it contains unencrypted passwords\&. -.PP -You should make sure the passwords and the encryption method respect the system\*(Aqs password policy\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)\&. -.sp -It can take one of these values: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Note: this parameter overrides the -\fBMD5_CRYPT_ENAB\fR -variable\&. -.RE -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of regular groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBGID_MIN\fR -(resp\&. -\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to -\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to -\fIno\fR -if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is -\fIno\fR\&. -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -This variable is deprecated\&. You should use -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -The maximum number of days a password may be used\&. If the password is older than this, a password change will be forced\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -The minimum number of days allowed between password changes\&. Any password changes attempted sooner than this will be rejected\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -The number of days warning given before a password expires\&. A zero means warning is given only upon the day of expiration, a negative value means no warning is given\&. If not specified, no warning will be provided\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -When -\fBENCRYPT_METHOD\fR -is set to -\fISHA256\fR -or -\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. -.sp -With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&. -.sp -If not specified, the libc will choose the default number of rounds (5000)\&. -.sp -The values must be inside the 1000\-999,999,999 range\&. -.sp -If only one of the -\fBSHA_CRYPT_MIN_ROUNDS\fR -or -\fBSHA_CRYPT_MAX_ROUNDS\fR -values is set, then this value will be used\&. -.sp -If -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of system groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_GID_MIN\fR -(resp\&. -\fBSYS_GID_MAX\fR) is 101 (resp\&. -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) -.RS 4 -Range of user IDs used for the creation of system users by -\fBuseradd\fR -or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_UID_MIN\fR -(resp\&. -\fBSYS_UID_MAX\fR) is 101 (resp\&. -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) -.RS 4 -Range of user IDs used for the creation of regular users by -\fBuseradd\fR -or -\fBnewusers\fR\&. -.sp -The default value for -\fBUID_MIN\fR -(resp\&. -\fBUID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBUMASK\fR (number) -.RS 4 -The file mode creation mask is initialized to this value\&. If not specified, the mask will be initialized to 022\&. -.sp -\fBuseradd\fR -and -\fBnewusers\fR -use this mask to set the mode of the home directory they create -.sp -It is also used by -\fBlogin\fR -to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if -\fBQUOTAS_ENAB\fR -is set) or by the specification of a limit with the -\fIK\fR -identifier in -\fBlimits\fR(5)\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin.defs\fR(5), -\fBpasswd\fR(1), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/man8/nologin.8 b/man/man8/nologin.8 deleted file mode 100644 index 103421af..00000000 --- a/man/man8/nologin.8 +++ /dev/null @@ -1,51 +0,0 @@ -'\" t -.\" Title: nologin -.\" Author: Nicolas FranƧois -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "NOLOGIN" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -nologin \- politely refuse a login -.SH "SYNOPSIS" -.HP \w'\fBnologin\fR\ 'u -\fBnologin\fR -.SH "DESCRIPTION" -.PP -The -\fBnologin\fR -command displays a message that an account is not available and exits non\-zero\&. It is intended as a replacement shell field for accounts that have been disabled\&. -.PP -To disable all logins, investigate -\fBnologin\fR(5)\&. -.SH "SEE ALSO" -.PP -\fBlogin\fR(1), -\fBnologin\fR(5)\&. -.SH "HISTORY" -.PP -The -\fBnologin\fR -command appearred in BSD 4\&.4\&. diff --git a/man/man8/pwck.8 b/man/man8/pwck.8 deleted file mode 100644 index 756fb143..00000000 --- a/man/man8/pwck.8 +++ /dev/null @@ -1,323 +0,0 @@ -'\" t -.\" Title: pwck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "PWCK" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -pwck \- verify integrity of password files -.SH "SYNOPSIS" -.HP \w'\fBpwck\fR\ 'u -\fBpwck\fR [options] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] -.SH "DESCRIPTION" -.PP -The -\fBpwck\fR -command verifies the integrity of the users and authentication information\&. It checks that all entries in -/etc/passwd -and -/etc/shadow -have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. -.PP -Checks are made to verify that each entry has: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -the correct number of fields -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a unique and valid user name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid user and group identifier -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid primary group -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid home directory -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid login shell -.RE -.PP -shadow -checks are enabled when a second file parameter is specified or when -/etc/shadow -exists on the system\&. -.PP -These checks are the following: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -every passwd entry has a matching shadow entry, and every shadow entry has a matching passwd entry -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -passwords are specified in the shadowed file -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -shadow entries have the correct number of fields -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -shadow entries are unique in shadow -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -the last password changes are not in the future -.RE -.PP -The checks for correct number of fields and unique user name are fatal\&. If the entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated user name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warning and the user is encouraged to run the -\fBusermod\fR -command to correct the error\&. -.PP -The commands which operate on the -/etc/passwd -file are not able to alter corrupted or duplicated entries\&. -\fBpwck\fR -should be used in those circumstances to remove the offending entry\&. -.SH "OPTIONS" -.PP -The -\fB\-r\fR -and -\fB\-s\fR -options cannot be combined\&. -.PP -The options which apply to the -\fBpwck\fR -command are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Report errors only\&. The warnings which do not require any action from the user won\*(Aqt be displayed\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Execute the -\fBpwck\fR -command in read\-only mode\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Sort entries in -/etc/passwd -and -/etc/shadow -by UID\&. -.RE -.PP -By default, -\fBpwck\fR -operates on the files -/etc/passwd -and -/etc/shadow\&. The user may select alternate files with the -\fIpasswd\fR -and -\fIshadow\fR -parameters\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -The maximum number of days a password may be used\&. If the password is older than this, a password change will be forced\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -The minimum number of days allowed between password changes\&. Any password changes attempted sooner than this will be rejected\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -The number of days warning given before a password expires\&. A zero means warning is given only upon the day of expiration, a negative value means no warning is given\&. If not specified, no warning will be provided\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.SH "EXIT VALUES" -.PP -The -\fBpwck\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI1\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI2\fR -.RS 4 -one or more bad password entries -.RE -.PP -\fI3\fR -.RS 4 -can\*(Aqt open password files -.RE -.PP -\fI4\fR -.RS 4 -can\*(Aqt lock password files -.RE -.PP -\fI5\fR -.RS 4 -can\*(Aqt update password files -.RE -.PP -\fI6\fR -.RS 4 -can\*(Aqt sort password files -.RE -.SH "SEE ALSO" -.PP -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBusermod\fR(8)\&. diff --git a/man/man8/pwconv.8 b/man/man8/pwconv.8 deleted file mode 100644 index 0f771544..00000000 --- a/man/man8/pwconv.8 +++ /dev/null @@ -1,193 +0,0 @@ -'\" t -.\" Title: pwconv -.\" Author: Marek Michałkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "PWCONV" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -pwconv, pwunconv, grpconv, grpunconv \- convert to and from shadow passwords and groups -.SH "SYNOPSIS" -.HP \w'\fBpwconv\fR\ 'u -\fBpwconv\fR [\fIoptions\fR] -.HP \w'\fBpwunconv\fR\ 'u -\fBpwunconv\fR [\fIoptions\fR] -.HP \w'\fBgrpconv\fR\ 'u -\fBgrpconv\fR [\fIoptions\fR] -.HP \w'\fBgrpunconv\fR\ 'u -\fBgrpunconv\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -The -\fBpwconv\fR -command creates -\fIshadow\fR -from -\fIpasswd\fR -and an optionally existing -\fIshadow\fR\&. -.PP -The -\fBpwunconv\fR -command creates -\fIpasswd\fR -from -\fIpasswd\fR -and -\fIshadow\fR -and then removes -\fIshadow\fR\&. -.PP -The -\fBgrpconv\fR -command creates -\fIgshadow\fR -from -\fIgroup\fR -and an optionally existing -\fIgshadow\fR\&. -.PP -The -\fBgrpunconv\fR -command creates -\fIgroup\fR -from -\fIgroup\fR -and -\fIgshadow\fR -and then removes -\fIgshadow\fR\&. -.PP -These four programs all operate on the normal and shadow password and group files: -/etc/passwd, -/etc/group, -/etc/shadow, and -/etc/gshadow\&. -.PP -Each program acquires the necessary locks before conversion\&. -\fBpwconv\fR -and -\fBgrpconv\fR -are similar\&. First, entries in the shadowed file which don\*(Aqt exist in the main file are removed\&. Then, shadowed entries which don\*(Aqt have `x\*(Aq as the password in the main file are updated\&. Any missing shadowed entries are added\&. Finally, passwords in the main file are replaced with `x\*(Aq\&. These programs can be used for initial conversion as well to update the shadowed file if the main file is edited by hand\&. -.PP -\fBpwconv\fR -will use the values of -\fIPASS_MIN_DAYS\fR, -\fIPASS_MAX_DAYS\fR, and -\fIPASS_WARN_AGE\fR -from -/etc/login\&.defs -when adding new entries to -/etc/shadow\&. -.PP -Likewise -\fBpwunconv\fR -and -\fBgrpunconv\fR -are similar\&. Passwords in the main file are updated from the shadowed file\&. Entries which exist in the main file but not in the shadowed file are left alone\&. Finally, the shadowed file is removed\&. Some password aging information is lost by -\fBpwunconv\fR\&. It will convert what it can\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBpwconv\fR, -\fBpwunconv\fR, -\fBgrpconv\fR, and -\fBgrpunconv\fR -commands are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "BUGS" -.PP -Errors in the password or group files (such as invalid or duplicate entries) may cause these programs to loop forever or fail in other strange ways\&. Please run -\fBpwck\fR -and -\fBgrpck\fR -to correct any such errors before converting to or from shadow passwords or groups\&. -.SH "CONFIGURATION" -.PP -The following configuration variable in -/etc/login\&.defs -changes the behavior of -\fBgrpconv\fR -and -\fBgrpunconv\fR: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of -\fBpwconv\fR: -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -The maximum number of days a password may be used\&. If the password is older than this, a password change will be forced\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -The minimum number of days allowed between password changes\&. Any password changes attempted sooner than this will be rejected\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -The number of days warning given before a password expires\&. A zero means warning is given only upon the day of expiration, a negative value means no warning is given\&. If not specified, no warning will be provided\&. -.RE -.SH "FILES" -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "SEE ALSO" -.PP -\fBgrpck\fR(8), -\fBlogin.defs\fR(5), -\fBpwck\fR(8)\&. diff --git a/man/man8/pwunconv.8 b/man/man8/pwunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/man8/pwunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/man8/sulogin.8 b/man/man8/sulogin.8 deleted file mode 100644 index ce3d43a1..00000000 --- a/man/man8/sulogin.8 +++ /dev/null @@ -1,116 +0,0 @@ -'\" t -.\" Title: sulogin -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "SULOGIN" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -sulogin \- Single\-user login -.SH "SYNTAX" -.PP -\fBsulogin\fR -[\fItty\-device\fR] -.SH "DESCRIPTION" -.PP -The -\fBsulogin\fR -command is invoked by -\fBinit\fR -prior to allowing the user access to the system when in single user mode\&. This feature may only be available on certain systems where -\fBinit\fR -has been modified accordingly, or where the -/etc/inittab -has an entry for a single user login\&. -.PP -The user is prompted -.PP -Type control\-d to proceed with normal startup, -(or give root password for system maintenance): -.PP -Input and output will be performed with the standard file descriptors unless the optional device name argument is provided\&. -.PP -If the user enters the correct root password, a login session is initiated\&. When -\fIEOF\fR -is pressed instead, the system enters multi\-user mode\&. -.PP -After the user exits the single\-user shell, or presses -\fIEOF\fR, the system begins the initialization process required to enter multi\-user mode\&. -.SH "CAVEATS" -.PP -This command can only be used if -\fBinit\fR -has been modified to call -\fBsulogin\fR -instead of -/bin/sh, or if the user has set the -\fIinittab\fR -to support a single user login\&. For example, the line: -.PP -co:s:respawn:/etc/sulogin /dev/console -.PP -should execute the sulogin command in single user mode\&. -.PP -As complete an environment as possible is created\&. However, various devices may be unmounted or uninitialized and many of the user commands may be unavailable or nonfunctional as a result\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBENV_HZ\fR (string) -.RS 4 -If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by -\fIHZ=\fR\&. A common value on Linux is -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_TZ\fR (string) -.RS 4 -If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by -\fITZ=\fR -(for example -\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example -/etc/tzname)\&. -.sp -If a full path is specified but the file does not exist or cannot be read, the default is to use -\fITZ=CST6CDT\fR\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBlogin\fR(1), -\fBsh\fR(1), -\fBinit\fR(8)\&. diff --git a/man/man8/useradd.8 b/man/man8/useradd.8 deleted file mode 100644 index e6dab293..00000000 --- a/man/man8/useradd.8 +++ /dev/null @@ -1,746 +0,0 @@ -'\" t -.\" Title: useradd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "USERADD" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -useradd \- create a new user or update default new user information -.SH "SYNOPSIS" -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR [\fIoptions\fR] \fILOGIN\fR -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -When invoked without the -\fB\-D\fR -option, the -\fBuseradd\fR -command creates a new user account using the values specified on the command line plus the default values from the system\&. Depending on command line options, the -\fBuseradd\fR -command will update system files and may also create the new user\*(Aqs home directory and copy initial files\&. -.PP -By default, a group will also be created for the new user (see -\fB\-g\fR, -\fB\-N\fR, -\fB\-U\fR, and -\fBUSERGROUPS_ENAB\fR)\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBuseradd\fR -command are: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR -.RS 4 -The default base directory for the system if -\fB\-d\fR\ \&\fIHOME_DIR\fR -is not specified\&. -\fIBASE_DIR\fR -is concatenated with the account name to define the home directory\&. If the -\fB\-m\fR -option is not used, -\fIBASE_DIR\fR -must exist\&. -.sp -If this option is not specified, -\fBuseradd\fR -will use the base directory specified by the -\fBHOME\fR -variable in -/etc/default/useradd, or -/home -by default\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR -.RS 4 -Any text string\&. It is generally a short description of the login, and is currently used as the field for the user\*(Aqs full name\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\-dir\fR\ \&\fIHOME_DIR\fR -.RS 4 -The new user will be created using -\fIHOME_DIR\fR -as the value for the user\*(Aqs login directory\&. The default is to append the -\fILOGIN\fR -name to -\fIBASE_DIR\fR -and use that as the login directory name\&. The directory -\fIHOME_DIR\fR -does not have to exist but will not be created if it is missing\&. -.RE -.PP -\fB\-D\fR, \fB\-\-defaults\fR -.RS 4 -See below, the subsection "Changing the default values"\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -The date on which the user account will be disabled\&. The date is specified in the format -\fIYYYY\-MM\-DD\fR\&. -.sp -If not specified, -\fBuseradd\fR -will use the default expiry date specified by the -\fBEXPIRE\fR -variable in -/etc/default/useradd, or an empty string (no expiry) by default\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -The number of days after a password expires until the account is permanently disabled\&. A value of 0 disables the account as soon as the password has expired, and a value of \-1 disables the feature\&. -.sp -If not specified, -\fBuseradd\fR -will use the default inactivity period specified by the -\fBINACTIVE\fR -variable in -/etc/default/useradd, or \-1 by default\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -The group name or number of the user\*(Aqs initial login group\&. The group name must exist\&. A group number must refer to an already existing group\&. -.sp -If not specified, the behavior of -\fBuseradd\fR -will depend on the -\fBUSERGROUPS_ENAB\fR -variable in -/etc/login\&.defs\&. If this variable is set to -\fIyes\fR -(or -\fB\-U/\-\-user\-group\fR -is specified on the command line), a group will be created for the user, with the same name as her loginname\&. If the variable is set to -\fIno\fR -(or -\fB\-N/\-\-no\-user\-group\fR -is specified on the command line), useradd will set the primary group of the new user to the value specified by the -\fBGROUP\fR -variable in -/etc/default/useradd, or 100 by default\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] -.RS 4 -A list of supplementary groups which the user is also a member of\&. Each group is separated from the next by a comma, with no intervening whitespace\&. The groups are subject to the same restrictions as the group given with the -\fB\-g\fR -option\&. The default is for the user to belong only to the initial group\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-k\fR, \fB\-\-skel\fR\ \&\fISKEL_DIR\fR -.RS 4 -The skeleton directory, which contains files and directories to be copied in the user\*(Aqs home directory, when the home directory is created by -\fBuseradd\fR\&. -.sp -This option is only valid if the -\fB\-m\fR -(or -\fB\-\-create\-home\fR) option is specified\&. -.sp -If this option is not set, the skeleton directory is defined by the -\fBSKEL\fR -variable in -/etc/default/useradd -or, by default, -/etc/skel\&. -.sp -If possible, the ACLs and extended attributes are copied\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR -.RS 4 -Overrides -/etc/login\&.defs -defaults (\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBUMASK\fR, -\fBPASS_MAX_DAYS\fR -and others)\&. - -Example: -\fB\-K\fR\ \&\fIPASS_MAX_DAYS\fR=\fI\-1\fR -can be used when creating system account to turn off password ageing, even though system account has no password at all\&. Multiple -\fB\-K\fR -options can be specified, e\&.g\&.: -\fB\-K\fR\ \&\fIUID_MIN\fR=\fI100\fR\ \& -\fB\-K\fR\ \&\fIUID_MAX\fR=\fI499\fR -.RE -.PP -\fB\-l\fR, \fB\-\-no\-log\-init\fR -.RS 4 -Do not add the user to the lastlog and faillog databases\&. -.sp -By default, the user\*(Aqs entries in the lastlog and faillog databases are resetted to avoid reusing the entry from a previously deleted user\&. -.RE -.PP -\fB\-m\fR, \fB\-\-create\-home\fR -.RS 4 -Create the user\*(Aqs home directory if it does not exist\&. The files and directories contained in the skeleton directory (which can be defined with the -\fB\-k\fR -option) will be copied to the home directory\&. -.sp -By default, if this option is not specified and -\fBCREATE_HOME\fR -is not enabled, no home directories are created\&. -.RE -.PP -\fB\-M\fR -.RS 4 -Do no create the user\*(Aqs home directory, even if the system wide setting from -/etc/login\&.defs -(\fBCREATE_HOME\fR) is set to -\fIyes\fR\&. -.RE -.PP -\fB\-N\fR, \fB\-\-no\-user\-group\fR -.RS 4 -Do not create a group with the same name as the user, but add the user to the group specified by the -\fB\-g\fR -option or by the -\fBGROUP\fR -variable in -/etc/default/useradd\&. -.sp -The default behavior (if the -\fB\-g\fR, -\fB\-N\fR, and -\fB\-U\fR -options are not specified) is defined by the -\fBUSERGROUPS_ENAB\fR -variable in -/etc/login\&.defs\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Allow the creation of a user account with a duplicate (non\-unique) UID\&. -.sp -This option is only valid in combination with the -\fB\-u\fR -option\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -The encrypted password, as returned by -\fBcrypt\fR(3)\&. The default is to disable the password\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Create a system account\&. -.sp -System users will be created with no aging information in -/etc/shadow, and their numeric identifiers are chosen in the -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR -range, defined in -/etc/login\&.defs, instead of -\fBUID_MIN\fR\-\fBUID_MAX\fR -(and their -\fBGID\fR -counterparts for the creation of groups)\&. -.sp -Note that -\fBuseradd\fR -will not create a home directory for such an user, regardless of the default setting in -/etc/login\&.defs -(\fBCREATE_HOME\fR)\&. You have to specify the -\fB\-m\fR -options if you want a home directory for a system account to be created\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -The name of the user\*(Aqs login shell\&. The default is to leave this field blank, which causes the system to select the default login shell specified by the -\fBSHELL\fR -variable in -/etc/default/useradd, or an empty string by default\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -The numerical value of the user\*(Aqs ID\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to -\fBUID_MIN\fR -and greater than every other user\&. -.sp -See also the -\fB\-r\fR -option and the -\fBUID_MAX\fR -description\&. -.RE -.PP -\fB\-U\fR, \fB\-\-user\-group\fR -.RS 4 -Create a group with the same name as the user, and add the user to this group\&. -.sp -The default behavior (if the -\fB\-g\fR, -\fB\-N\fR, and -\fB\-U\fR -options are not specified) is defined by the -\fBUSERGROUPS_ENAB\fR -variable in -/etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -The SELinux user for the user\*(Aqs login\&. The default is to leave this field blank, which causes the system to select the default SELinux user\&. -.RE -.SS "Changing the default values" -.PP -When invoked with only the -\fB\-D\fR -option, -\fBuseradd\fR -will display the current default values\&. When invoked with -\fB\-D\fR -plus other options, -\fBuseradd\fR -will update the default values for the specified options\&. Valid default\-changing options are: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR -.RS 4 -The path prefix for a new user\*(Aqs home directory\&. The user\*(Aqs name will be affixed to the end of -\fIBASE_DIR\fR -to form the new user\*(Aqs home directory name, if the -\fB\-d\fR -option is not used when creating a new account\&. -.sp -This option sets the -\fBHOME\fR -variable in -/etc/default/useradd\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -The date on which the user account is disabled\&. -.sp -This option sets the -\fBEXPIRE\fR -variable in -/etc/default/useradd\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -The number of days after a password has expired before the account will be disabled\&. -.sp -This option sets the -\fBINACTIVE\fR -variable in -/etc/default/useradd\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -The group name or ID for a new user\*(Aqs initial group (when the -\fB\-N/\-\-no\-user\-group\fR -is used or when the -\fBUSERGROUPS_ENAB\fR -variable is set to -\fIno\fR -in -/etc/login\&.defs)\&. The named group must exist, and a numerical group ID must have an existing entry\&. -.sp -This option sets the -\fBGROUP\fR -variable in -/etc/default/useradd\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -The name of a new user\*(Aqs login shell\&. -.sp -This option sets the -\fBSHELL\fR -variable in -/etc/default/useradd\&. -.RE -.SH "NOTES" -.PP -The system administrator is responsible for placing the default user files in the -/etc/skel/ -directory (or any other skeleton directory specified in -/etc/default/useradd -or on the command line)\&. -.SH "CAVEATS" -.PP -You may not add a user to a NIS or LDAP group\&. This must be performed on the corresponding server\&. -.PP -Similarly, if the username already exists in an external user database such as NIS or LDAP, -\fBuseradd\fR -will deny the user account creation request\&. -.PP -Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Usernames may only be up to 32 characters long\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBCREATE_HOME\fR (boolean) -.RS 4 -Indicate if a home directory should be created by default for new users\&. -.sp -This setting does not apply to system users, and can be overridden on the command line\&. -.RE -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of regular groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBGID_MIN\fR -(resp\&. -\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -The maximum number of days a password may be used\&. If the password is older than this, a password change will be forced\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -The minimum number of days allowed between password changes\&. Any password changes attempted sooner than this will be rejected\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -The number of days warning given before a password expires\&. A zero means warning is given only upon the day of expiration, a negative value means no warning is given\&. If not specified, no warning will be provided\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of system groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_GID_MIN\fR -(resp\&. -\fBSYS_GID_MAX\fR) is 101 (resp\&. -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) -.RS 4 -Range of user IDs used for the creation of system users by -\fBuseradd\fR -or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_UID_MIN\fR -(resp\&. -\fBSYS_UID_MAX\fR) is 101 (resp\&. -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) -.RS 4 -Range of user IDs used for the creation of regular users by -\fBuseradd\fR -or -\fBnewusers\fR\&. -.sp -The default value for -\fBUID_MIN\fR -(resp\&. -\fBUID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBUMASK\fR (number) -.RS 4 -The file mode creation mask is initialized to this value\&. If not specified, the mask will be initialized to 022\&. -.sp -\fBuseradd\fR -and -\fBnewusers\fR -use this mask to set the mode of the home directory they create -.sp -It is also used by -\fBlogin\fR -to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if -\fBQUOTAS_ENAB\fR -is set) or by the specification of a limit with the -\fIK\fR -identifier in -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&. -.sp -If set to -\fIyes\fR, -\fBuserdel\fR -will remove the user\*(Aqs group if it contains no more members, and -\fBuseradd\fR -will create by default a group with the name of the user\&. -.RE -.SH "FILES" -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.PP -/etc/default/useradd -.RS 4 -Default values for account creation\&. -.RE -.PP -/etc/skel/ -.RS 4 -Directory containing default files\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "EXIT VALUES" -.PP -The -\fBuseradd\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI1\fR -.RS 4 -can\*(Aqt update password file -.RE -.PP -\fI2\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI3\fR -.RS 4 -invalid argument to option -.RE -.PP -\fI4\fR -.RS 4 -UID already in use (and no -\fB\-o\fR) -.RE -.PP -\fI6\fR -.RS 4 -specified group doesn\*(Aqt exist -.RE -.PP -\fI9\fR -.RS 4 -username already in use -.RE -.PP -\fI10\fR -.RS 4 -can\*(Aqt update group file -.RE -.PP -\fI12\fR -.RS 4 -can\*(Aqt create home directory -.RE -.PP -\fI14\fR -.RS 4 -can\*(Aqt update SELinux user mapping -.RE -.SH "SEE ALSO" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/man8/userdel.8 b/man/man8/userdel.8 deleted file mode 100644 index ec2ca32f..00000000 --- a/man/man8/userdel.8 +++ /dev/null @@ -1,298 +0,0 @@ -'\" t -.\" Title: userdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "USERDEL" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -userdel \- delete a user account and related files -.SH "SYNOPSIS" -.HP \w'\fBuserdel\fR\ 'u -\fBuserdel\fR [options] \fILOGIN\fR -.SH "DESCRIPTION" -.PP -The -\fBuserdel\fR -command modifies the system account files, deleting all entries that refer to the user name -\fILOGIN\fR\&. The named user must exist\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBuserdel\fR -command are: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -This option forces the removal of the user account, even if the user is still logged in\&. It also forces -\fBuserdel\fR -to remove the user\*(Aqs home directory and mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user\&. If -\fBUSERGROUPS_ENAB\fR -is defined to -\fIyes\fR -in -/etc/login\&.defs -and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user\&. -.sp -\fINote:\fR -This option is dangerous and may leave your system in an inconsistent state\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\fR -.RS 4 -Files in the user\*(Aqs home directory will be removed along with the home directory itself and the user\*(Aqs mail spool\&. Files located in other file systems will have to be searched for and deleted manually\&. -.sp -The mail spool is defined by the -\fBMAIL_DIR\fR -variable in the -login\&.defs -file\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR -.RS 4 -Remove any SELinux user mapping for the user\*(Aqs login\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBUSERDEL_CMD\fR (string) -.RS 4 -If defined, this command is run when removing a user\&. It should remove any at/cron/print jobs etc\&. owned by the user to be removed (passed as the first argument)\&. -.sp -The return code of the script is not taken into account\&. -.sp -Here is an example script, which removes the user\*(Aqs cron, at and print jobs: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Check for the required argument\&. -if [ $# != 1 ]; then - echo "Usage: $0 username" - exit 1 -fi - -# Remove cron jobs\&. -crontab \-r \-u $1 - -# Remove at jobs\&. -# Note that it will remove any jobs owned by the same UID, -# even if it was shared by a different username\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Remove print jobs\&. -lprm $1 - -# All done\&. -exit 0 - -.fi -.if n \{\ -.RE -.\} -.sp -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&. -.sp -If set to -\fIyes\fR, -\fBuserdel\fR -will remove the user\*(Aqs group if it contains no more members, and -\fBuseradd\fR -will create by default a group with the name of the user\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "EXIT VALUES" -.PP -The -\fBuserdel\fR -command exits with the following values: -.PP -\fI0\fR -.RS 4 -success -.RE -.PP -\fI1\fR -.RS 4 -can\*(Aqt update password file -.RE -.PP -\fI2\fR -.RS 4 -invalid command syntax -.RE -.PP -\fI6\fR -.RS 4 -specified user doesn\*(Aqt exist -.RE -.PP -\fI8\fR -.RS 4 -user currently logged in -.RE -.PP -\fI10\fR -.RS 4 -can\*(Aqt update group file -.RE -.PP -\fI12\fR -.RS 4 -can\*(Aqt remove home directory -.RE -.SH "CAVEATS" -.PP -\fBuserdel\fR -will not allow you to remove an account if there are running processes which belong to this account\&. In that case, you may have to kill those processes or lock the user\*(Aqs password or account and remove the account later\&. The -\fB\-f\fR -option can force the deletion of this account\&. -.PP -You should manually check all file systems to ensure that no files remain owned by this user\&. -.PP -You may not remove any NIS attributes on a NIS client\&. This must be performed on the NIS server\&. -.PP -If -\fBUSERGROUPS_ENAB\fR -is defined to -\fIyes\fR -in -/etc/login\&.defs, -\fBuserdel\fR -will delete the group with the same name as the user\&. To avoid inconsistencies in the passwd and group databases, -\fBuserdel\fR -will check that this group is not used as a primary group for another user, and will just warn without deleting the group otherwise\&. The -\fB\-f\fR -option can force the deletion of this group\&. -.SH "SEE ALSO" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBlogin.defs\fR(5), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/man8/usermod.8 b/man/man8/usermod.8 deleted file mode 100644 index c0a4f1ef..00000000 --- a/man/man8/usermod.8 +++ /dev/null @@ -1,445 +0,0 @@ -'\" t -.\" Title: usermod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "USERMOD" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -usermod \- modify a user account -.SH "SYNOPSIS" -.HP \w'\fBusermod\fR\ 'u -\fBusermod\fR [\fIoptions\fR] \fILOGIN\fR -.SH "DESCRIPTION" -.PP -The -\fBusermod\fR -command modifies the system account files to reflect the changes that are specified on the command line\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBusermod\fR -command are: -.PP -\fB\-a\fR, \fB\-\-append\fR -.RS 4 -Add the user to the supplementary group(s)\&. Use only with the -\fB\-G\fR -option\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR -.RS 4 -The new value of the user\*(Aqs password file comment field\&. It is normally modified using the -\fBchfn\fR(1) -utility\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_DIR\fR -.RS 4 -The user\*(Aqs new login directory\&. -.sp -If the -\fB\-m\fR -option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -The date on which the user account will be disabled\&. The date is specified in the format -\fIYYYY\-MM\-DD\fR\&. -.sp -An empty -\fIEXPIRE_DATE\fR -argument will disable the expiration of the account\&. -.sp -This option requires a -/etc/shadow -file\&. A -/etc/shadow -entry will be created if there were none\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -The number of days after a password expires until the account is permanently disabled\&. -.sp -A value of 0 disables the account as soon as the password has expired, and a value of \-1 disables the feature\&. -.sp -This option requires a -/etc/shadow -file\&. A -/etc/shadow -entry will be created if there were none\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -The group name or number of the user\*(Aqs new initial login group\&. The group must exist\&. -.sp -Any file from the user\*(Aqs home directory owned by the previous primary group of the user will be owned by this new group\&. -.sp -The group ownership of files outside of the user\*(Aqs home directory must be fixed manually\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] -.RS 4 -A list of supplementary groups which the user is also a member of\&. Each group is separated from the next by a comma, with no intervening whitespace\&. The groups are subject to the same restrictions as the group given with the -\fB\-g\fR -option\&. -.sp -If the user is currently a member of a group which is not listed, the user will be removed from the group\&. This behaviour can be changed via the -\fB\-a\fR -option, which appends the user to the current supplementary group list\&. -.RE -.PP -\fB\-l\fR, \fB\-\-login\fR\ \&\fINEW_LOGIN\fR -.RS 4 -The name of the user will be changed from -\fILOGIN\fR -to -\fINEW_LOGIN\fR\&. Nothing else is changed\&. In particular, the user\*(Aqs home directory or mail spool should probably be renamed manually to reflect the new login name\&. -.RE -.PP -\fB\-L\fR, \fB\-\-lock\fR -.RS 4 -Lock a user\*(Aqs password\&. This puts a \*(Aq!\*(Aq in front of the encrypted password, effectively disabling the password\&. You can\*(Aqt use this option with -\fB\-p\fR -or -\fB\-U\fR\&. -.sp -Note: if you wish to lock the account (not only access with a password), you should also set the -\fIEXPIRE_DATE\fR -to -\fI1\fR\&. -.RE -.PP -\fB\-m\fR, \fB\-\-move\-home\fR -.RS 4 -Move the content of the user\*(Aqs home directory to the new location\&. -.sp -This option is only valid in combination with the -\fB\-d\fR -(or -\fB\-\-home\fR) option\&. -.sp -\fBusermod\fR -will try to adapt the ownership of the files and to copy the modes, ACL and extended attributes, but manual changes might be needed afterwards\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -When used with the -\fB\-u\fR -option, this option allows to change the user ID to a non\-unique value\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -The encrypted password, as returned by -\fBcrypt\fR(3)\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -The name of the user\*(Aqs new login shell\&. Setting this field to blank causes the system to select the default login shell\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -The new numerical value of the user\*(Aqs ID\&. -.sp -This value must be unique, unless the -\fB\-o\fR -option is used\&. The value must be non\-negative\&. -.sp -The user\*(Aqs mailbox, and any files which the user owns and which are located in the user\*(Aqs home directory will have the file user ID changed automatically\&. -.sp -The ownership of files outside of the user\*(Aqs home directory must be fixed manually\&. -.sp -No checks will be performed with regard to the -\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBSYS_UID_MIN\fR, or -\fBSYS_UID_MAX\fR -from -/etc/login\&.defs\&. -.RE -.PP -\fB\-U\fR, \fB\-\-unlock\fR -.RS 4 -Unlock a user\*(Aqs password\&. This removes the \*(Aq!\*(Aq in front of the encrypted password\&. You can\*(Aqt use this option with -\fB\-p\fR -or -\fB\-L\fR\&. -.sp -Note: if you wish to unlock the account (not only access with a password), you should also set the -\fIEXPIRE_DATE\fR -(for example to -\fI99999\fR, or to the -\fBEXPIRE\fR -value from -/etc/default/useradd)\&. -.RE -.PP -\fB\-v\fR, \fB\-\-add\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate uids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-V\fR, \fB\-\-del\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate uids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-uids\fR -and -\fB\-\-add\-sub\-uids\fR -are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-w\fR, \fB\-\-add\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate gids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-W\fR, \fB\-\-del\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate gids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-gids\fR -and -\fB\-\-add\-sub\-gids\fR -are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -The new SELinux user for the user\*(Aqs login\&. -.sp -A blank -\fISEUSER\fR -will remove the SELinux user mapping for user -\fILOGIN\fR -(if any)\&. -.RE -.SH "CAVEATS" -.PP -You must make certain that the named user is not executing any processes when this command is being executed if the user\*(Aqs numerical user ID, the user\*(Aqs name, or the user\*(Aqs home directory is being changed\&. -\fBusermod\fR -checks this on Linux, but only check if the user is logged in according to utmp on other architectures\&. -.PP -You must change the owner of any -\fBcrontab\fR -files or -\fBat\fR -jobs manually\&. -.PP -You must make any changes involving NIS on the NIS server\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "SEE ALSO" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/man8/vigr.8 b/man/man8/vigr.8 deleted file mode 100644 index ff72d7ae..00000000 --- a/man/man8/vigr.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/vipw.8 diff --git a/man/man8/vipw.8 b/man/man8/vipw.8 deleted file mode 100644 index 7fffae68..00000000 --- a/man/man8/vipw.8 +++ /dev/null @@ -1,137 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Michałkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: System Management Commands -.\" Source: shadow-utils 4.2.1 -.\" Language: English -.\" -.TH "VIPW" "8" "05/09/2014" "shadow\-utils 4\&.2\&.1" "System Management Commands" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -vipw, vigr \- edit the password, group, shadow\-password or shadow\-group file -.SH "SYNOPSIS" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fIoptions\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fIoptions\fR] -.SH "DESCRIPTION" -.PP -The -\fBvipw\fR -and -\fBvigr\fR -commands edits the files -/etc/passwd -and -/etc/group, respectively\&. With the -\fB\-s\fR -flag, they will edit the shadow versions of those files, -/etc/shadow -and -/etc/gshadow, respectively\&. The programs will set the appropriate locks to prevent file corruption\&. When looking for an editor, the programs will first try the environment variable -\fB$VISUAL\fR, then the environment variable -\fB$EDITOR\fR, and finally the default editor, -\fBvi\fR(1)\&. -.SH "OPTIONS" -.PP -The options which apply to the -\fBvipw\fR -and -\fBvigr\fR -commands are: -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -Edit group database\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Display help message and exit\&. -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -Edit passwd database\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Quiet mode\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -Edit shadow or gshadow database\&. -.RE -.SH "ENVIRONMENT" -.PP -\fBVISUAL\fR -.RS 4 -Editor to be used\&. -.RE -.PP -\fBEDITOR\fR -.RS 4 -Editor to be used if -\fBVISUAL\fR -is not set\&. -.RE -.SH "FILES" -.PP -/etc/group -.RS 4 -Group account information\&. -.RE -.PP -/etc/gshadow -.RS 4 -Secure group account information\&. -.RE -.PP -/etc/passwd -.RS 4 -User account information\&. -.RE -.PP -/etc/shadow -.RS 4 -Secure user account information\&. -.RE -.SH "SEE ALSO" -.PP -\fBvi\fR(1), -\fBgroup\fR(5), -\fBgshadow\fR(5) -, -\fBpasswd\fR(5), , -\fBshadow\fR(5)\&. diff --git a/man/newgidmap.1.xml b/man/newgidmap.1.xml index ad7a186e..864bad14 100644 --- a/man/newgidmap.1.xml +++ b/man/newgidmap.1.xml @@ -61,9 +61,6 @@ count - - pid - gid @@ -83,8 +80,10 @@ DESCRIPTION - The newgidmap sets /proc/[pid]/gid_map based on it's + The newgidmap sets /proc/[pid]/gid_map based on its command line arguments and the gids allowed in /etc/subgid. + Note that the root user is not exempted from the requirement for a valid + /etc/subgid entry. @@ -94,7 +93,7 @@ gid - Begining of the range of GIDs inside the user namespace. + Beginning of the range of GIDs inside the user namespace. @@ -102,7 +101,7 @@ lowergid - Begining of the range of GIDs outside the user namespace. + Beginning of the range of GIDs outside the user namespace. @@ -146,7 +145,7 @@ /etc/subgid - List of users subordinate group IDs. + List of user's subordinate group IDs. diff --git a/man/newuidmap.1.xml b/man/newuidmap.1.xml index 04bb14fc..a97b7f94 100644 --- a/man/newuidmap.1.xml +++ b/man/newuidmap.1.xml @@ -80,8 +80,10 @@ DESCRIPTION - The newuidmap sets /proc/[pid]/uid_map based on it's + The newuidmap sets /proc/[pid]/uid_map based on its command line arguments and the uids allowed in /etc/subuid. + Note that the root user is not exempted from the requirement for a valid + /etc/subuid entry. @@ -91,7 +93,7 @@ uid - Begining of the range of UIDs inside the user namespace. + Beginning of the range of UIDs inside the user namespace. @@ -99,7 +101,7 @@ loweruid - Begining of the range of UIDs outside the user namespace. + Beginning of the range of UIDs outside the user namespace. @@ -142,7 +144,7 @@ /etc/subuid - List of users subordinate user IDs. + List of user's subordinate user IDs. diff --git a/man/newusers.8.xml b/man/newusers.8.xml index c906175d..ff6dc1c3 100644 --- a/man/newusers.8.xml +++ b/man/newusers.8.xml @@ -115,7 +115,7 @@ It can be the name of a new user or the name of an existing - user (or an user created before by + user (or a user created before by newusers). In case of an existing user, the user's information will be changed, otherwise a new user will be created. @@ -142,7 +142,7 @@ This field is used to define the UID of the user. - If the field is empty, an new (unused) UID will be defined + If the field is empty, a new (unused) UID will be defined automatically by newusers. @@ -151,7 +151,7 @@ If this field contains the name of an existing user (or the - name of an user created before by + name of a user created before by newusers), the UID of the specified user will be used. diff --git a/man/nologin.8.xml b/man/nologin.8.xml index 0f5cf307..ae355d3a 100644 --- a/man/nologin.8.xml +++ b/man/nologin.8.xml @@ -89,7 +89,7 @@ HISTORY - The nologin command appearred in BSD 4.4. + The nologin command appeared in BSD 4.4. diff --git a/man/passwd.1.xml b/man/passwd.1.xml index eece5e90..e678448c 100644 --- a/man/passwd.1.xml +++ b/man/passwd.1.xml @@ -164,7 +164,7 @@ - You can find advices on how to choose a strong password on + You can find advice on how to choose a strong password on http://en.wikipedia.org/wiki/Password_strength diff --git a/man/pl/Makefile.in b/man/pl/Makefile.in deleted file mode 100644 index ec7d86fa..00000000 --- a/man/pl/Makefile.in +++ /dev/null @@ -1,735 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@USE_PAM_TRUE@am__append_2 = $(man_nopam) -DIST_COMMON = $(srcdir)/../generate_translations.mak \ - $(srcdir)/../generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am -subdir = man/pl -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/pl -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ - -# 2012.01.28 - activate manpages with more than 50% translated messages -man_MANS = man1/chage.1 man1/chsh.1 man1/expiry.1 man5/faillog.5 \ - man8/faillog.8 man3/getspnam.3 man8/groupadd.8 man8/groupdel.8 \ - man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ - man8/lastlog.8 man8/logoutd.8 man1/newgrp.1 man1/sg.1 \ - man3/shadow.3 man8/userdel.8 man8/usermod.8 man8/vigr.8 \ - man8/vipw.8 $(am__append_1) -man_nopam = \ - man5/porttime.5 - -EXTRA_DIST = $(man_MANS) man1/id.1 $(am__append_2) -LANG = $(notdir $(CURDIR)) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/pl/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/pl/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man3: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man3dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.3[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ - done; } - -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man3dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.3[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-am - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man3 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ - uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - clean-local cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man3 install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-man3 uninstall-man5 uninstall-man8 - - -@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in -@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml -@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml ../po/$(LANG).po -@ENABLE_REGENERATE_MAN_TRUE@ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@ -@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^:\1 lang="$(LANG)">:' $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^/%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(/\1 [%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/pl/man1/chage.1 b/man/pl/man1/chage.1 deleted file mode 100644 index db9c5102..00000000 --- a/man/pl/man1/chage.1 +++ /dev/null @@ -1,181 +0,0 @@ -'\" t -.\" Title: chage -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia użytkownik\('ow -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "CHAGE" "1" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia użytkownik\('ow" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -chage \- zmiana informacji o terminie ważności has\(/la użytkownika -.SH "STRESZCZENIE" -.HP \w'\fBchage\fR\ 'u -\fBchage\fR [\fIopcje\fR] \fILOGIN\fR -.SH "OPIS" -.PP -Polecenie -\fBchage\fR -zmienia liczbę dni pomiędzy zmianami has\(/la i datę ostatniej zmiany has\(/la\&. Informację tę system wykorzystuje do ustalenia, kiedy użytkownik musi zmienić has\(/lo\&. -.SH "OPCJE" -.PP -Polecenie -\fBchage\fR -posiada następujące opcje: -.PP -\fB\-d\fR, \fB\-\-lastday\fR\ \&\fIOSTATNI\fR -.RS 4 -Ustawia ilość dni od 1 stycznia 1970 kiedy ha\(/lo by\(/lo ostani raz zmieniane\&. Data ważności może być takze prezekazana w formacie RRRR\-MM\-DD (lub formacie używanym lokalnie)\&. -.RE -.PP -\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIDATA_WAÅ»N\fR -.RS 4 -Ustawia datę, począwszy od kt\('orej konto użytkownika nie będzie już dostępne\&. -\fIDATA_WAÅ»N\fR -jest liczbą dni od 1 stycznia 1970, od kt\('orej konto jest blokowane\&. Data może być też wyrażona w formacie RRRR\-MM\-DD (lub innej, powszechniej używanej w danym regionie)\&. Użytkownik, kt\('orego konto jest zablokowane musi skontaktować się z administratorem systemu zanim będzie m\('og\(/l z niego ponownie skorzystać\&. -.sp -Przekazanie -\fI\-1\fR -jako -\fIDATA_WAÅ»N\fR -usuwa ograniczenie ważności konta użytkownika\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-I\fR, \fB\-\-inactive\fR\ \&\fINIEAKTYWNE\fR -.RS 4 -Opcja ta s\(/luży do ustawiania czasu nieaktywności konta po wygaśnięciu ważności has\(/la, po kt\('orym to czasie konto jest blokowane\&. Parametr -\fINIEAKTYWNE\fR -jest liczbą dni nieaktywności\&. Użytkownik, kt\('orego konto jest zablokowane musi skontaktować się z administratorem systemu zanim będzie m\('og\(/l z niego ponownie skorzystać\&. -.sp -Przekazanie -\fI\-1\fR -jako -\fINIEAKTYWNE\fR -usuwa ograniczenie nieaktywniści konta użytkownika\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -Wyświetlenie informacji o terminach ważności konta i has\(/la\&. -.RE -.PP -\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_DNI\fR -.RS 4 -Utawia minimalną liczbę dni pomiędzy zmianami has\(/la na -\fIMIN_DAYS\fR\&. Wartość zerowa oznacza, że użytkownik może je zmieniać w dowolnym czasie\&. -.RE -.PP -\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DNI\fR -.RS 4 -Ustawia maksymalną liczbę dni, przez jakie has\(/lo jest ważne\&. Gdy -\fIMAX_DNI\fR -plus -\fIOSTATNI\fR -jest mniejsze niż bieżący dzień, użytkownik musi zmienić swoje has\(/la, zanim będzie m\('og\(/l skorzystać z konta\&. Zdarzenie to może być zaplanowane z wyprzedzeniem przez wykorzystanie opcji -\fB\-W\fR, ostrzegającej zawczasu użytkownika o zbliżającym się terminie zmiany\&. -.sp -Przekazanie -\fI\-1\fR -jako -\fIMAX_DAYS\fR -usuwa sprawdzanie wazności has\(/la\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIDNI_OSTRZ\fR -.RS 4 -Ustawia na -\fIDNI_OSTRZ\fR -liczbę dni przed up\(/lywem ważności has\(/la\&. Od tego dnia użytkownik będzie ostrzegany o nadchodzącym terminie zmiany has\(/la\&. -.RE -.PP -Jeśli nie podano żadnej opcji, to -\fBchage\fR -dzia\(/la w trybie interaktywnym, proponując użytkownikowi wartości bieżące dla każdego z p\('ol\&. Wprowadzenie nowej wartości powoduje zmianę wartości pola, a podanie wartości pustej pozostawia wartość bieżącą\&. Bieżąca wartość pola wyświetlana jest w nawiasach -\fI[ ]\fR\&. -.SH "UWAGI" -.PP -Program -\fBchage\fR -wymaga do dzia\(/lania chronionego pliku hase\(/l użytkownik\('ow (shadow)\&. -.PP -Polecenia chage może użyć tylko użytkownik root, za wyjątkiem opcji -\fB\-l\fR\&. Może się nią pos\(/lużyć się użytkownik nieuprzywilejowany do stwierdzenia, kiedy wygasa jego w\(/lasne has\(/lo lub konto\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.SH "PLIKI" -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.PP -/etc/shadow -.RS 4 -Informacje chronione o użytkownikach\&. -.RE -.SH "KOD ZAKOŃCZENIA" -.PP -Polecenie -\fBchage\fR -kończy dzia\(/lanie z następującymi wartościami kod\('ow zakończenia: -.PP -\fI0\fR -.RS 4 -poprawne zakończenie dzia\(/lania programu -.RE -.PP -\fI1\fR -.RS 4 -brak dostępu -.RE -.PP -\fI2\fR -.RS 4 -niepoprawna sk\(/ladnia polecenia -.RE -.PP -\fI15\fR -.RS 4 -nie można znaleÅŗć pliku shadow -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/pl/man1/chsh.1 b/man/pl/man1/chsh.1 deleted file mode 100644 index 20ab2235..00000000 --- a/man/pl/man1/chsh.1 +++ /dev/null @@ -1,118 +0,0 @@ -'\" t -.\" Title: chsh -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia użytkownik\('ow -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "CHSH" "1" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia użytkownik\('ow" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -chsh \- zmiana pow\(/loki zg\(/loszeniowej -.SH "STRESZCZENIE" -.HP \w'\fBchsh\fR\ 'u -\fBchsh\fR [\fIopcje\fR] [\fILOGIN\fR] -.SH "OPIS" -.PP -The -\fBchsh\fR -command changes the user login shell\&. This determines the name of the user\*(Aqs initial login command\&. A normal user may only change the login shell for her own account; the superuser may change the login shell for any account\&. -.SH "OPCJE" -.PP -Polecenie -\fBchsh\fR -posiada następujące opcje: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Nazwa nowej pow\(/loki (shell) użytkownika\&. Ustawienie tego pola na puste powoduje, że system wybierze domyślną pow\(/lokę logowania\&. -.RE -.PP -Jeżeli nie podano opcji -\fB\-s\fR, to polecenie -\fBchsh\fR -dzia\(/la w trybie interaktywnym, proponując użytkownikowi bieżącą pow\(/lokę logowania\&. Wprowadzenie nowej wartości powoduje zmianę pow\(/loki, a podanie wartości pustej pozostawia bieżącą pow\(/lokę\&. Bieżąca pow\(/loka wyświetlana jest w nawiasach -\fI[ ]\fR -.SH "UWAGI" -.PP -Jedynym ograniczeniem na\(/lożonym na pow\(/lokę zg\(/loszeniową jest to, że jej nazwa musi być wymieniona w -/etc/shells, chyba że polecenie chsh zosta\(/lo uruchomione przez superużytkownika w\('owczas może być podana dowolna nazwa\&. Użytkownicy kont z ograniczoną pow\(/loką logowania nie mogą jej zmieniać\&. Odradza się z tego powodu umieszczanie -/bin/rsh -w pliku -/etc/shells, gdyż przypadkowa zmiana na pow\(/lokę ograniczoną uniemożliwi użytkownikowi jakąkolwiek zmianę pow\(/loki logowania, nawet z powrotem na dotychczasową\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBCHSH_AUTH\fR (boolean) -.RS 4 -If -\fIyes\fR, the -\fBchsh\fR -program will require authentication before making any changes, unless run by the superuser\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will not be translated\&. -.sp -If the string contains -\fI%s\fR, this will be replaced by the user\*(Aqs name\&. -.RE -.SH "PLIKI" -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.PP -/etc/shells -.RS 4 -Lista dozwolonych pow\(/lok zg\(/loszeniowych\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguracja pakietu shadow\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBchfn\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/pl/man1/expiry.1 b/man/pl/man1/expiry.1 deleted file mode 100644 index c58d981a..00000000 --- a/man/pl/man1/expiry.1 +++ /dev/null @@ -1,74 +0,0 @@ -'\" t -.\" Title: expiry -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia użytkownik\('ow -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "EXPIRY" "1" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia użytkownik\('ow" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -expiry \- sprawdzenie ważności i wymuszenie zmiany has\(/la -.SH "STRESZCZENIE" -.HP \w'\fBexpiry\fR\ 'u -\fBexpiry\fR \fIoption\fR -.SH "OPIS" -.PP -Polecenie -\fBexpiry\fR -sprawdza (\fB\-c\fR), kiedy wygaśnie aktualne has\(/lo oraz wymusza (\fB\-f\fR) lub wymusza jego zmianę\&.Może ono być wywo\(/lywane jako zwyk\(/le polecenie przez użytkownika\&. -.SH "OPCJE" -.PP -The options which apply to the -\fBexpiry\fR -command are: -.PP -\fB\-c\fR, \fB\-\-check\fR -.RS 4 -Check the password expiration of the current user\&. -.RE -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Force a password change if the current user has an expired password\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.SH "PLIKI" -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.PP -/etc/shadow -.RS 4 -Informacje chronione o użytkownikach\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/pl/man1/groups.1 b/man/pl/man1/groups.1 deleted file mode 100644 index 05167825..00000000 --- a/man/pl/man1/groups.1 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia użytkownik\('ow -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "GROUPS" "1" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia użytkownik\('ow" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -groups \- display current group names -.SH "STRESZCZENIE" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIuser\fR] -.SH "OPIS" -.PP -The -\fBgroups\fR -command displays the current group names or ID values\&. If the value does not have a corresponding entry in -/etc/group, the value will be displayed as the numerical group value\&. The optional -\fIuser\fR -parameter will display the groups for the named -\fIuser\fR\&. -.SH "UWAGI" -.PP -Systems which do not support concurrent group sets will have the information from -/etc/group -reported\&. The user must use -\fBnewgrp\fR -or -\fBsg\fR -to change his current real and effective group ID\&. -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/pl/man1/id.1 b/man/pl/man1/id.1 deleted file mode 100644 index c596f24d..00000000 --- a/man/pl/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia użytkownik\('ow -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "ID" "1" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia użytkownik\('ow" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -id \- display current user and group ID names -.SH "STRESZCZENIE" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "OPIS" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/pl/man1/newgrp.1 b/man/pl/man1/newgrp.1 deleted file mode 100644 index 148768e0..00000000 --- a/man/pl/man1/newgrp.1 +++ /dev/null @@ -1,98 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia użytkownik\('ow -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "NEWGRP" "1" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia użytkownik\('ow" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -newgrp \- log in to a new group -.SH "STRESZCZENIE" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIgroup\fR] -.SH "OPIS" -.PP -The -\fBnewgrp\fR -command is used to change the current group ID during a login session\&. If the optional -\fB\-\fR -flag is given, the user\*(Aqs environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged\&. -.PP -\fBnewgrp\fR -changes the current real group ID to the named group, or to the default group listed in -/etc/passwd -if no group name is given\&. -\fBnewgrp\fR -also tries to add the group to the user groupset\&. If not root, the user will be prompted for a password if she does not have a password (in -/etc/shadow -if this user has an entry in the shadowed password file, or in -/etc/passwd -otherwise) and the group does, or if the user is not listed as a member and the group has a password\&. The user will be denied access if the group password is empty and the user is not listed as a member\&. -.PP -If there is an entry for this group in -/etc/gshadow, then the list of members and the password of this group will be taken from this file, otherwise, the entry in -/etc/group -is considered\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.SH "PLIKI" -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.PP -/etc/shadow -.RS 4 -Informacje chronione o użytkownikach\&. -.RE -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informacje chronione o grupach użytkownik\('ow\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/pl/man1/sg.1 b/man/pl/man1/sg.1 deleted file mode 100644 index ff06a4f7..00000000 --- a/man/pl/man1/sg.1 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia użytkownik\('ow -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "SG" "1" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia użytkownik\('ow" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -sg \- execute command as different group ID -.SH "STRESZCZENIE" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [group\ [\-c]\ command] -.SH "OPIS" -.PP -The -\fBsg\fR -command works similar to -\fBnewgrp\fR -but accepts a command\&. The command will be executed with the -/bin/sh -shell\&. With most shells you may run -\fBsg\fR -from, you need to enclose multi\-word commands in quotes\&. Another difference between -\fBnewgrp\fR -and -\fBsg\fR -is that some shells treat -\fBnewgrp\fR -specially, replacing themselves with a new instance of a shell that -\fBnewgrp\fR -creates\&. This doesn\*(Aqt happen with -\fBsg\fR, so upon exit from a -\fBsg\fR -command you are returned to your previous group ID\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.SH "PLIKI" -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.PP -/etc/shadow -.RS 4 -Informacje chronione o użytkownikach\&. -.RE -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informacje chronione o grupach użytkownik\('ow\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/pl/man3/getspnam.3 b/man/pl/man3/getspnam.3 deleted file mode 100644 index cd473da3..00000000 --- a/man/pl/man3/getspnam.3 +++ /dev/null @@ -1 +0,0 @@ -.so man3/shadow.3 diff --git a/man/pl/man3/shadow.3 b/man/pl/man3/shadow.3 deleted file mode 100644 index 0f639037..00000000 --- a/man/pl/man3/shadow.3 +++ /dev/null @@ -1,239 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Library Calls -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "SHADOW" "3" "05/09/2014" "shadow\-utils 4\&.2" "Library Calls" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -shadow, getspnam \- encrypted password file routines -.SH "SK\(/LADNIA" -.PP -\fI#include \fR -.PP -\fIstruct spwd *getspent();\fR -.PP -\fIstruct spwd *getspnam(char\fR\fI*name\fR\fI);\fR -.PP -\fIvoid setspent()\fR -.PP -\fIvoid endspent();\fR -.PP -\fIstruct spwd *fgetspent(FILE\fR\fI*fp\fR\fI);\fR -.PP -\fIstruct spwd *sgetspent(char\fR\fI*cp\fR\fI);\fR -.PP -\fIint putspent(struct spwd\fR\fI*p,\fR\fIFILE\fR\fI*fp\fR\fI);\fR -.PP -\fIint lckpwdf();\fR -.PP -\fIint ulckpwdf();\fR -.SH "OPIS" -.PP -\fIshadow\fR -manipulates the contents of the shadow password file, -/etc/shadow\&. The structure in the -\fI#include\fR -file is: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct spwd { - char *sp_namp; /* user login name */ - char *sp_pwdp; /* encrypted password */ - long int sp_lstchg; /* last password change */ - long int sp_min; /* days until change allowed\&. */ - long int sp_max; /* days before change required */ - long int sp_warn; /* days warning for expiration */ - long int sp_inact; /* days before account inactive */ - long int sp_expire; /* date when account expires */ - unsigned long int sp_flag; /* reserved for future use */ -} - -.fi -.if n \{\ -.RE -.\} -.PP -The meanings of each field are: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_namp \- pointer to null\-terminated user name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_pwdp \- pointer to null\-terminated password -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_lstchg \- days since Jan 1, 1970 password was last changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_min \- days before which password may not be changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_max \- days after which password must be changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_warn \- days before password is to expire that user is warned of pending password expiration -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_inact \- days after password expires that account is considered inactive and disabled -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_expire \- days since Jan 1, 1970 when account will be disabled -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_flag \- reserved for future use -.RE -.SH "OPIS" -.PP -\fIgetspent\fR, -\fIgetspname\fR, -\fIfgetspent\fR, and -\fIsgetspent\fR -each return a pointer to a -\fIstruct spwd\fR\&. -\fIgetspent\fR -returns the next entry from the file, and -\fIfgetspent\fR -returns the next entry from the given stream, which is assumed to be a file of the proper format\&. -\fIsgetspent\fR -returns a pointer to a -\fIstruct spwd\fR -using the provided string as input\&. -\fIgetspnam\fR -searches from the current position in the file for an entry matching -\fIname\fR\&. -.PP -\fIsetspent\fR -and -\fIendspent\fR -may be used to begin and end, respectively, access to the shadow password file\&. -.PP -The -\fIlckpwdf\fR -and -\fIulckpwdf\fR -routines should be used to insure exclusive access to the -/etc/shadow -file\&. -\fIlckpwdf\fR -attempts to acquire a lock using -\fIpw_lock\fR -for up to 15 seconds\&. It continues by attempting to acquire a second lock using -\fIspw_lock\fR -for the remainder of the initial 15 seconds\&. Should either attempt fail after a total of 15 seconds, -\fIlckpwdf\fR -returns \-1\&. When both locks are acquired 0 is returned\&. -.SH "DIAGNOSTYKA" -.PP -Routines return NULL if no more entries are available or if an error occurs during processing\&. Routines which have -\fIint\fR -as the return value return 0 for success and \-1 for failure\&. -.SH "OSTRZEÅ»ENIA" -.PP -These routines may only be used by the superuser as access to the shadow password file is restricted\&. -.SH "PLIKI" -.PP -/etc/shadow -.RS 4 -Informacje chronione o użytkownikach\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBgetpwent\fR(3), -\fBshadow\fR(5)\&. diff --git a/man/pl/man5/faillog.5 b/man/pl/man5/faillog.5 deleted file mode 100644 index 985183db..00000000 --- a/man/pl/man5/faillog.5 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "FAILLOG" "5" "05/09/2014" "shadow\-utils 4\&.2" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -faillog \- login failure logging file -.SH "OPIS" -.PP -/var/log/faillog -maintains a count of login failures and the limits for each account\&. -.PP -The file contains fixed length records, indexed by numerical UID\&. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on which the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure\&. -.PP -Struktura tego pliku to: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct faillog { - short fail_cnt; - short fail_max; - char fail_line[12]; - time_t fail_time; - long fail_locktime; -}; -.fi -.if n \{\ -.RE -.\} -.SH "PLIKI" -.PP -/var/log/faillog -.RS 4 -Failure logging file\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBfaillog\fR(8) diff --git a/man/pl/man5/porttime.5 b/man/pl/man5/porttime.5 deleted file mode 100644 index 56378d61..00000000 --- a/man/pl/man5/porttime.5 +++ /dev/null @@ -1,96 +0,0 @@ -'\" t -.\" Title: porttime -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: File Formats and Conversions -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "PORTTIME" "5" "05/09/2014" "shadow\-utils 4\&.2" "File Formats and Conversions" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -porttime \- port access time file -.SH "OPIS" -.PP -\fIporttime\fR -contains a list of tty devices, user names, and permitted login times\&. -.PP -Each entry consists of three colon separated fields\&. The first field is a comma separated list of tty devices, or an asterisk to indicate that all tty devices are matched by this entry\&. The second field is a comma separated list of user names, or an asterisk to indicated that all user names are matched by this entry\&. The third field is a comma separated list of permitted access times\&. -.PP -Each access time entry consists of zero or more days of the week, abbreviated -\fISu\fR, -\fIMo\fR, -\fITu\fR, -\fIWe\fR, -\fITh\fR, -\fIFr\fR, and -\fISa\fR, followed by a pair of times separated by a hyphen\&. The abbreviation -\fIWk\fR -may be used to represent Monday thru Friday, and -\fIAl\fR -may be used to indicate every day\&. If no days are given, -\fIAl\fR -is assumed\&. -.SH "PRZYK\(/LADY" -.PP -The following entry allows access to user -\fBjfh\fR -on every port during weekdays from 9am to 5pm\&. -.PP -*:jfh:Wk0900\-1700 -.PP -The following entries allow access only to the users -\fIroot\fR -and -\fIoper\fR -on -/dev/console -at any time\&. This illustrates how the -/etc/porttime -file is an ordered list of access times\&. Any other user would match the second entry which does not permit access at any time\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - console:root,oper:Al0000\-2400 - console:*: - -.fi -.if n \{\ -.RE -.\} -.PP -The following entry allows access for the user -\fIgames\fR -on any port during non\-working hours\&. -.PP -*:games:Wk1700\-0900,SaSu0000\-2400 -.SH "PLIKI" -.PP -/etc/porttime -.RS 4 -Plik zawierający ustawienia dostępu do port\('ow\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBlogin\fR(1)\&. diff --git a/man/pl/man8/faillog.8 b/man/pl/man8/faillog.8 deleted file mode 100644 index 9d2bbf77..00000000 --- a/man/pl/man8/faillog.8 +++ /dev/null @@ -1,165 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "FAILLOG" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -faillog \- display faillog records or set login failure limits -.SH "STRESZCZENIE" -.HP \w'\fBfaillog\fR\ 'u -\fBfaillog\fR [\fIopcje\fR] -.SH "OPIS" -.PP -\fBfaillog\fR -displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When -\fBfaillog\fR -is run without arguments, it only displays the faillog records of the users who had a login failure\&. -.SH "OPCJE" -.PP -Polecenie -\fBfaillog\fR -posiada następujące opcje: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Display (or act on) faillog records for all users having an entry in the -faillog -database\&. -.sp -The range of users can be restricted with the -\fB\-u\fR -option\&. -.sp -In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&. -.sp -With the -\fB\-l\fR, -\fB\-m\fR, -\fB\-r\fR, -\fB\-t\fR -options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR -.RS 4 -Lock account for -\fISEC\fR -seconds after failed login\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR -.RS 4 -Set the maximum number of login failures after the account is disabled to -\fIMAX\fR\&. -.sp -Selecting a -\fIMAX\fR -value of 0 has the effect of not placing a limit on the number of failed logins\&. -.sp -The maximum failure count should always be 0 for -\fIroot\fR -to prevent a denial of services attack against the system\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-r\fR, \fB\-\-reset\fR -.RS 4 -Reset the counters of login failures\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDNI\fR -.RS 4 -Display faillog records more recent than -\fIDAYS\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -Display faillog record or maintains failure counters and limits (if used with -\fB\-l\fR, -\fB\-m\fR -or -\fB\-r\fR -options) only for the specified user(s)\&. -.sp -The users can be specified by a login name, a numerical user ID, or a -\fIRANGE\fR -of users\&. This -\fIRANGE\fR -of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. -.RE -.PP -When none of the -\fB\-l\fR, -\fB\-m\fR, or -\fB\-r\fR -options are used, -\fBfaillog\fR -displays the faillog record of the specified user(s)\&. -.SH "OSTRZEÅ»ENIA" -.PP -\fBfaillog\fR -only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the -\fB\-u\fR -flag, or print out all users with the -\fB\-a\fR -flag\&. -.SH "PLIKI" -.PP -/var/log/faillog -.RS 4 -Failure logging file\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBlogin\fR(1), -\fBfaillog\fR(5)\&. diff --git a/man/pl/man8/groupadd.8 b/man/pl/man8/groupadd.8 deleted file mode 100644 index 9e0eb922..00000000 --- a/man/pl/man8/groupadd.8 +++ /dev/null @@ -1,248 +0,0 @@ -'\" t -.\" Title: groupadd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "GROUPADD" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -groupadd \- utw\('orz nową grupę -.SH "STRESZCZENIE" -.HP \w'\fBgroupadd\fR\ 'u -\fBgroupadd\fR [\fIopcje\fR] \fIgroup\fR -.SH "OPIS" -.PP -The -\fBgroupadd\fR -command creates a new group account using the values specified on the command line plus the default values from the system\&. The new group will be entered into the system files as needed\&. -.SH "OPCJE" -.PP -Polecenie -\fBgroupadd\fR -posiada następujące opcje: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -This option causes the command to simply exit with success status if the specified group already exists\&. When used with -\fB\-g\fR, and the specified GID already exists, another (unique) GID is chosen (i\&.e\&. -\fB\-g\fR -is turned off)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -The numerical value of the group\*(Aqs ID\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to -\fBGID_MIN\fR -and greater than every other group\&. -.sp -See also the -\fB\-r\fR -option and the -\fBGID_MAX\fR -description\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKLUCZ\fR=\fIWARTOŚĆ\fR -.RS 4 -Overrides -/etc/login\&.defs -defaults (GID_MIN, GID_MAX and others)\&. Multiple -\fB\-K\fR -options can be specified\&. -.sp -Example: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \& -\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR -.sp -Note: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR -doesn\*(Aqt work yet\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -This option permits to add a group with a non\-unique GID\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIHAS\(/LO\fR -.RS 4 -The encrypted password, as returned by -\fBcrypt\fR(3)\&. The default is to disable the password\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Create a system group\&. -.sp -The numeric identifiers of new system groups are chosen in the -\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR -range, defined in -login\&.defs, instead of -\fBGID_MIN\fR\-\fBGID_MAX\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of regular groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBGID_MIN\fR -(resp\&. -\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of system groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_GID_MIN\fR -(resp\&. -\fBSYS_GID_MAX\fR) is 101 (resp\&. -\fBGID_MIN\fR\-1)\&. -.RE -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informacje chronione o grupach użytkownik\('ow\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguracja pakietu shadow\&. -.RE -.SH "OSTRZEÅ»ENIA" -.PP -Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Groupnames may only be up to 16 characters long\&. -.PP -You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&. -.PP -If the groupname already exists in an external group database such as NIS or LDAP, -\fBgroupadd\fR -will deny the group creation request\&. -.SH "KOD ZAKOŃCZENIA" -.PP -Polecenie -\fBgroupadd\fR -kończy dzia\(/lanie z następującymi wartościami kod\('ow zakończenia: -.PP -\fI0\fR -.RS 4 -poprawne zakończenie dzia\(/lania programu -.RE -.PP -\fI2\fR -.RS 4 -niepoprawna sk\(/ladnia polecenia -.RE -.PP -\fI3\fR -.RS 4 -nieprawid\(/lowy argument opcji -.RE -.PP -\fI4\fR -.RS 4 -GID not unique (when -\fB\-o\fR -not used) -.RE -.PP -\fI9\fR -.RS 4 -group name not unique -.RE -.PP -\fI10\fR -.RS 4 -nie można zaktualizować pliku z grupami -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/pl/man8/groupdel.8 b/man/pl/man8/groupdel.8 deleted file mode 100644 index 72c82055..00000000 --- a/man/pl/man8/groupdel.8 +++ /dev/null @@ -1,136 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "GROUPDEL" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -groupdel \- delete a group -.SH "STRESZCZENIE" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fIopcje\fR] \fIGRUPA\fR -.SH "OPIS" -.PP -The -\fBgroupdel\fR -command modifies the system account files, deleting all entries that refer to -\fIGROUP\fR\&. The named group must exist\&. -.SH "OPCJE" -.PP -The options which apply to the -\fBgroupdel\fR -command are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "OSTRZEÅ»ENIA" -.PP -You may not remove the primary group of any existing user\&. You must remove the user before you remove the group\&. -.PP -You should manually check all file systems to ensure that no files remain owned by this group\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informacje chronione o grupach użytkownik\('ow\&. -.RE -.SH "KOD ZAKOŃCZENIA" -.PP -Polecenie -\fBgroupdel\fR -kończy dzia\(/lanie z następującymi wartościami kod\('ow zakończenia: -.PP -\fI0\fR -.RS 4 -poprawne zakończenie dzia\(/lania programu -.RE -.PP -\fI2\fR -.RS 4 -niepoprawna sk\(/ladnia polecenia -.RE -.PP -\fI6\fR -.RS 4 -specified group doesn\*(Aqt exist -.RE -.PP -\fI8\fR -.RS 4 -can\*(Aqt remove user\*(Aqs primary group -.RE -.PP -\fI10\fR -.RS 4 -nie można zaktualizować pliku z grupami -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/pl/man8/groupmems.8 b/man/pl/man8/groupmems.8 deleted file mode 100644 index 293b9cce..00000000 --- a/man/pl/man8/groupmems.8 +++ /dev/null @@ -1,180 +0,0 @@ -'\" t -.\" Title: groupmems -.\" Author: George Kraft, IV -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "GROUPMEMS" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -groupmems \- administer members of a user\*(Aqs primary group -.SH "STRESZCZENIE" -.HP \w'\fBgroupmems\fR\ 'u -\fBgroupmems\fR \-a\ \fIuser_name\fR | \-d\ \fIuser_name\fR | [\-g\ \fIgroup_name\fR] | \-l | \-p -.SH "OPIS" -.PP -The -\fBgroupmems\fR -command allows a user to administer his/her own group membership list without the requirement of superuser privileges\&. The -\fBgroupmems\fR -utility is for systems that configure its users to be in their own name sake primary group (i\&.e\&., guest / guest)\&. -.PP -Only the superuser, as administrator, can use -\fBgroupmems\fR -to alter the memberships of other groups\&. -.SH "OPCJE" -.PP -Polecenie -\fBgroupmems\fR -posiada następujące opcje: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser_name\fR -.RS 4 -Add an user to the group membership list\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser_name\fR -.RS 4 -Delete a user from the group membership list\&. -.sp -If the -/etc/gshadow -file exist, the user will be removed from the list of members and administrators of the group\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-g\fR, \fB\-\-group\fR\ \&\fIgroup_name\fR -.RS 4 -The superuser can specify which group membership list to modify\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -List the group membership list\&. -.RE -.PP -\fB\-p\fR, \fB\-\-purge\fR -.RS 4 -Purge all users from the group membership list\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "SETUP" -.PP -The -\fBgroupmems\fR -executable should be in mode -2770 -as user -\fIroot\fR -and in group -\fIgroups\fR\&. The system administrator can add users to group -\fIgroups\fR -to allow or disallow them using the -\fBgroupmems\fR -utility to manage their own group membership list\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - $ groupadd \-r groups - $ chmod 2770 groupmems - $ chown root\&.groups groupmems - $ groupmems \-g groups \-a gk4 - -.fi -.if n \{\ -.RE -.\} -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -secure group account information -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/pl/man8/groupmod.8 b/man/pl/man8/groupmod.8 deleted file mode 100644 index 9d6cbd65..00000000 --- a/man/pl/man8/groupmod.8 +++ /dev/null @@ -1,208 +0,0 @@ -'\" t -.\" Title: groupmod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "GROUPMOD" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -groupmod \- modyfikuj definicję grupy systemowej -.SH "STRESZCZENIE" -.HP \w'\fBgroupmod\fR\ 'u -\fBgroupmod\fR [\fIopcje\fR] \fIGRUPA\fR -.SH "OPIS" -.PP -Polcenie -\fBgroupmod\fR -modifikuje definicję grupy -\fIGRUPA\fR -poprzez modifikację stosownego wpisu w bazie grup\&. -.SH "OPCJE" -.PP -Polecenie -\fBgroupmod\fR -posiada następujące opcje: -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -The group ID of the given -\fIGROUP\fR -will be changed to -\fIGID\fR\&. -.sp -The value of -\fIGID\fR -must be a non\-negative decimal integer\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. -.sp -Users who use the group as primary group will be updated to keep the group as their primary group\&. -.sp -Any files that have the old group ID and must continue to belong to -\fIGROUP\fR, must have their group ID changed manually\&. -.sp -No checks will be performed with regard to the -\fBGID_MIN\fR, -\fBGID_MAX\fR, -\fBSYS_GID_MIN\fR, or -\fBSYS_GID_MAX\fR -from -/etc/login\&.defs\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-a\fR, \fB\-\-append\fR\ \&\fINOWA_GRUPA\fR -.RS 4 -Nazwa grupy zostanie zmieniona z -\fIGRUPA\fR -na nazwę -\fINOWA_GRUPA\fR\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -When used with the -\fB\-g\fR -option, allow to change the group -\fIGID\fR -to a non\-unique value\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIHAS\(/LO\fR -.RS 4 -The encrypted password, as returned by -\fBcrypt\fR(3)\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informacje chronione o grupach użytkownik\('ow\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguracja pakietu shadow\&. -.RE -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.SH "KOD ZAKOŃCZENIA" -.PP -Polecenie -\fBgroupmod\fR -kończy dzia\(/lanie z następującymi wartościami kod\('ow zakończenia: -.PP -\fI0\fR -.RS 4 -poprawne zakończenie dzia\(/lania programu -.RE -.PP -\fI2\fR -.RS 4 -niepoprawna sk\(/ladnia polecenia -.RE -.PP -\fI3\fR -.RS 4 -nieprawid\(/lowy argument opcji -.RE -.PP -\fI4\fR -.RS 4 -specified group doesn\*(Aqt exist -.RE -.PP -\fI6\fR -.RS 4 -specified group doesn\*(Aqt exist -.RE -.PP -\fI9\fR -.RS 4 -nazwa grupy już jest w użyciu -.RE -.PP -\fI10\fR -.RS 4 -nie można zaktualizować pliku z grupami -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/pl/man8/grpck.8 b/man/pl/man8/grpck.8 deleted file mode 100644 index af5c2d22..00000000 --- a/man/pl/man8/grpck.8 +++ /dev/null @@ -1,241 +0,0 @@ -'\" t -.\" Title: grpck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "GRPCK" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -grpck \- verify integrity of group files -.SH "STRESZCZENIE" -.HP \w'\fBgrpck\fR\ 'u -\fBgrpck\fR [opcje] [\fIgroup\fR\ [\ \fIshadow\fR\ ]] -.SH "OPIS" -.PP -The -\fBgrpck\fR -command verifies the integrity of the groups information\&. It checks that all entries in -/etc/groupand /etc/gshadow -have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. -.PP -Checks are made to verify that each entry has: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -the correct number of fields -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a unique and valid group name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid group identifier -(/etc/group only) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid list of members -and administrators -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a corresponding entry in the -/etc/gshadow -file (respectively -/etc/group -for the -gshadow -checks) -.RE -.PP -The checks for correct number of fields and unique group name are fatal\&. If an entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warnings and the user is encouraged to run the -\fBgroupmod\fR -command to correct the error\&. -.PP -The commands which operate on the -/etc/groupand /etc/gshadow files -are not able to alter corrupted or duplicated entries\&. -\fBgrpck\fR -should be used in those circumstances to remove the offending entries\&. -.SH "OPCJE" -.PP -The -\fB\-r\fR -and -\fB\-s\fR -options cannot be combined\&. -.PP -The options which apply to the -\fBgrpck\fR -command are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Execute the -\fBgrpck\fR -command in read\-only mode\&. This causes all questions regarding changes to be answered -\fIno\fR -without user intervention\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Sort entries in -/etc/groupand /etc/gshadow -by GID\&. -.RE -.PP -By default, -\fBgrpck\fR -operates on -/etc/groupand /etc/gshadow\&. The user may select alternate files with the -\fIgroup\fRand \fIshadow\fR parameters\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informacje chronione o grupach użytkownik\('ow\&. -.RE -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.SH "KOD ZAKOŃCZENIA" -.PP -Polecenie -\fBgrpckl\fR -kończy dzia\(/lanie z następującymi wartościami kod\('ow zakończenia: -.PP -\fI0\fR -.RS 4 -poprawne zakończenie dzia\(/lania programu -.RE -.PP -\fI1\fR -.RS 4 -niepoprawna sk\(/ladnia polecenia -.RE -.PP -\fI2\fR -.RS 4 -one or more bad group entries -.RE -.PP -\fI3\fR -.RS 4 -can\*(Aqt open group files -.RE -.PP -\fI4\fR -.RS 4 -can\*(Aqt lock group files -.RE -.PP -\fI5\fR -.RS 4 -can\*(Aqt update group files -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBgroup\fR(5), -\fBgroupmod\fR(8), -\fBgshadow\fR(5),\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBshadow\fR(5)\&. diff --git a/man/pl/man8/lastlog.8 b/man/pl/man8/lastlog.8 deleted file mode 100644 index c84a0371..00000000 --- a/man/pl/man8/lastlog.8 +++ /dev/null @@ -1,110 +0,0 @@ -'\" t -.\" Title: lastlog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "LASTLOG" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -lastlog \- wyświetla informacje o ostanim logowaniu dla wybranego lub wszystkich użytkowanik\('ow -.SH "STRESZCZENIE" -.HP \w'\fBlastlog\fR\ 'u -\fBlastlog\fR [\fIopcje\fR] -.SH "OPIS" -.PP -Polecenie -\fBlastlog\fR -formatuje i wyświetla zawartość bazy ostatnich logowań zapisanych w pliku -/var/log/lastlog\&. Wyświetlone zostaną -\fInazwa użytkownika\fR, -\fIport\fR -i -\fIczas\fR -ostatniego logowania\&. Domyślnie (bez flag) pozycje wyświetlane są w kolejności w jakiej są w pliku -/etc/passwd\&. -.SH "OPCJE" -.PP -Polecenie -\fBlastlog\fR -posiada następujące opcje: -.PP -\fB\-b\fR, \fB\-\-before\fR\ \&\fIDNI\fR -.RS 4 -Wyświetlenie rekord\('ow lastlog starszych niż zadana -\fIDNI\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDNI\fR -.RS 4 -Wyświetlenie rekord\('ow lastlog nie starszych niż zadana ilość -\fIDNI\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -Print the lastlog record of the specified user(s)\&. -.sp -The users can be specified by a login name, a numerical user ID, or a -\fIRANGE\fR -of users\&. This -\fIRANGE\fR -of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. -.RE -.PP -Jeżeli użytkownik nigdy się nie logowa\(/l to zamiast portu i czasu logowania wyświetlany jest komunikat -\fI**Nigdy nie zalogowany**\fR -(użytkownik nigdy się nie logowa\(/l)\&. -.PP -Only the entries for the current users of the system will be displayed\&. Other entries may exist for users that were deleted previously\&. -.SH "UWAGI" -.PP -Baza danych -lastlog -jest plikiem zawierajacym informacje o ostanim logowaniu każdego użytkowanika\&. Pliku tego nie powinnoa się okresowo kasować i zaką\(/ldać od nowa (rotacja)\&. Plik ten jest plikiem z dziurami tak więc jego rozmiar jest zwykle znacznie mniejszy pokazywany przez polecenie "\fBls \-l\fR" (pokazujące że jest on dużych rozmiar\('ow jeżeli masz w -passwd -użytkowanik\('ow z wysokimi wartościami UID)\&. Mozesz wyświetlić rzeczywisty rozmiar tego pliku używając polecenia "\fBls \-s\fR"\&. -.SH "PLIKI" -.PP -/var/log/lastlog -.RS 4 -Baza danych ostatnich logowań użytkownik\('ow\&. -.RE -.SH "OSTRZEÅ»ENIA" -.PP -Duże luki w numeracji UID powodują, że program będzie pracowa\(/l d\(/lużej, nie wyświetlając wynik\('ow (np\&. jeśli w bazie lastlog nie ma wpis\('ow dla o UID pomiedzy 170, a 800, to program będzie sprawia\(/l wrażenie zawieszonego w trakcie przetwarzania wpis\('ow dla użytkowanik\('o\(/l o UID 171\-799)\&. diff --git a/man/pl/man8/logoutd.8 b/man/pl/man8/logoutd.8 deleted file mode 100644 index ca51fe1e..00000000 --- a/man/pl/man8/logoutd.8 +++ /dev/null @@ -1,56 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "LOGOUTD" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -logoutd \- wymuszenie ograniczeń czasu logowania -.SH "STRESZCZENIE" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "OPIS" -.PP -\fBlogoutd\fR -wymusza ograniczenia port\('ow i czas\('ow logowania podane w -/etc/porttime\&. -\fBlogoutd\fR -powinno być uruchamiane z -/etc/rc\&. Okresowo przeglądany jest plik -/var/run/utmp\&. Sprawdzana jest każda nazwa użytkownika, aby stwierdzić, czy użytkownik ma zezwolenie na pracę w bieżącym czasie na danym porcie\&. Każda sesja pracy (logowania) naruszająca ograniczenia zawarte w -/etc/porttime -jest kończona\&. -.SH "PLIKI" -.PP -/etc/porttime -.RS 4 -Plik zawierający ustawienia dostępu do port\('ow\&. -.RE -.PP -/var/run/utmp -.RS 4 -List bieżących sesji pracy\&. -.RE diff --git a/man/pl/man8/userdel.8 b/man/pl/man8/userdel.8 deleted file mode 100644 index 3a911d61..00000000 --- a/man/pl/man8/userdel.8 +++ /dev/null @@ -1,298 +0,0 @@ -'\" t -.\" Title: userdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "USERDEL" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -userdel \- plik chroniony informacji o użytkownikach -.SH "STRESZCZENIE" -.HP \w'\fBuserdel\fR\ 'u -\fBuserdel\fR [opcje] \fILOGIN\fR -.SH "OPIS" -.PP -The -\fBuserdel\fR -command modifies the system account files, deleting all entries that refer to the user name -\fILOGIN\fR\&. The named user must exist\&. -.SH "OPCJE" -.PP -Polecenie -\fBuserdel\fR -posiada następujące opcje: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -This option forces the removal of the user account, even if the user is still logged in\&. It also forces -\fBuserdel\fR -to remove the user\*(Aqs home directory and mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user\&. If -\fBUSERGROUPS_ENAB\fR -is defined to -\fIyes\fR -in -/etc/login\&.defs -and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user\&. -.sp -\fINote:\fR -This option is dangerous and may leave your system in an inconsistent state\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\fR -.RS 4 -Files in the user\*(Aqs home directory will be removed along with the home directory itself and the user\*(Aqs mail spool\&. Files located in other file systems will have to be searched for and deleted manually\&. -.sp -The mail spool is defined by the -\fBMAIL_DIR\fR -variable in the -login\&.defs -file\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR -.RS 4 -Remove any SELinux user mapping for the user\*(Aqs login\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBUSERDEL_CMD\fR (string) -.RS 4 -If defined, this command is run when removing a user\&. It should remove any at/cron/print jobs etc\&. owned by the user to be removed (passed as the first argument)\&. -.sp -The return code of the script is not taken into account\&. -.sp -Here is an example script, which removes the user\*(Aqs cron, at and print jobs: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Check for the required argument\&. -if [ $# != 1 ]; then - echo "Usage: $0 username" - exit 1 -fi - -# Remove cron jobs\&. -crontab \-r \-u $1 - -# Remove at jobs\&. -# Note that it will remove any jobs owned by the same UID, -# even if it was shared by a different username\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Remove print jobs\&. -lprm $1 - -# All done\&. -exit 0 - -.fi -.if n \{\ -.RE -.\} -.sp -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&. -.sp -If set to -\fIyes\fR, -\fBuserdel\fR -will remove the user\*(Aqs group if it contains no more members, and -\fBuseradd\fR -will create by default a group with the name of the user\&. -.RE -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguracja pakietu shadow\&. -.RE -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.PP -/etc/shadow -.RS 4 -Informacje chronione o użytkownikach\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "KOD ZAKOŃCZENIA" -.PP -Polecenie -\fBuserdel\fR -kończy dzia\(/lanie z następującymi wartościami kod\('ow zakończenia: -.PP -\fI0\fR -.RS 4 -poprawne zakończenie dzia\(/lania programu -.RE -.PP -\fI1\fR -.RS 4 -nie można zaktualizować pliku z has\(/lami -.RE -.PP -\fI2\fR -.RS 4 -niepoprawna sk\(/ladnia polecenia -.RE -.PP -\fI6\fR -.RS 4 -specified user doesn\*(Aqt exist -.RE -.PP -\fI8\fR -.RS 4 -user currently logged in -.RE -.PP -\fI10\fR -.RS 4 -nie można zaktualizować pliku z grupami -.RE -.PP -\fI12\fR -.RS 4 -can\*(Aqt remove home directory -.RE -.SH "OSTRZEÅ»ENIA" -.PP -\fBuserdel\fR -will not allow you to remove an account if there are running processes which belong to this account\&. In that case, you may have to kill those processes or lock the user\*(Aqs password or account and remove the account later\&. The -\fB\-f\fR -option can force the deletion of this account\&. -.PP -You should manually check all file systems to ensure that no files remain owned by this user\&. -.PP -You may not remove any NIS attributes on a NIS client\&. This must be performed on the NIS server\&. -.PP -If -\fBUSERGROUPS_ENAB\fR -is defined to -\fIyes\fR -in -/etc/login\&.defs, -\fBuserdel\fR -will delete the group with the same name as the user\&. To avoid inconsistencies in the passwd and group databases, -\fBuserdel\fR -will check that this group is not used as a primary group for another user, and will just warn without deleting the group otherwise\&. The -\fB\-f\fR -option can force the deletion of this group\&. -.SH "ZOBACZ TAKÅ»E" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBlogin.defs\fR(5), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/pl/man8/usermod.8 b/man/pl/man8/usermod.8 deleted file mode 100644 index 7714fbe0..00000000 --- a/man/pl/man8/usermod.8 +++ /dev/null @@ -1,444 +0,0 @@ -'\" t -.\" Title: usermod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "USERMOD" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -usermod \- zmiana danych konta użytkownika -.SH "STRESZCZENIE" -.HP \w'\fBusermod\fR\ 'u -\fBusermod\fR [\fIopcje\fR] \fILOGIN\fR -.SH "OPIS" -.PP -Polecenie -\fBusermod\fR -zmienia systemowe pliki kont, odzwierciedlając zmiany podane w wierszu poleceń\&. -.SH "OPCJE" -.PP -Polecenie -\fBusermod\fR -posiada następujące opcje: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Add the user to the supplementary group(s)\&. Use only with the -\fB\-G\fR -option\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fIKOMENTARZ\fR -.RS 4 -Nowa wartość pola komentarza dla danego użytkownika w pliku hase\(/l\&. Zwykle jest zmieniana przy pomocy polecenia -\fBchfn\fR(1)\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_DIR\fR -.RS 4 -The user\*(Aqs new login directory\&. -.sp -If the -\fB\-m\fR -option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIDATA_WAÅ»N\fR -.RS 4 -Data, od kt\('orej konto danego użytkownika zostanie wy\(/lączone\&. Data podawana jest w formacie -\fIMM/DD/RR\fR\&. -.sp -An empty -\fIEXPIRE_DATE\fR -argument will disable the expiration of the account\&. -.sp -This option requires a -/etc/shadow -file\&. A -/etc/shadow -entry will be created if there were none\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fINIEAKTYWNE\fR -.RS 4 -The number of days after a password expires until the account is permanently disabled\&. -.sp -A value of 0 disables the account as soon as the password has expired, and a value of \-1 disables the feature\&. -.sp -This option requires a -/etc/shadow -file\&. A -/etc/shadow -entry will be created if there were none\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGRUPA\fR -.RS 4 -The group name or number of the user\*(Aqs new initial login group\&. The group must exist\&. -.sp -Any file from the user\*(Aqs home directory owned by the previous primary group of the user will be owned by this new group\&. -.sp -The group ownership of files outside of the user\*(Aqs home directory must be fixed manually\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGRUPA1\fR[\fI,GRUPA2,\&.\&.\&.\fR[\fI,GRUPAN\fR]]] -.RS 4 -A list of supplementary groups which the user is also a member of\&. Each group is separated from the next by a comma, with no intervening whitespace\&. The groups are subject to the same restrictions as the group given with the -\fB\-g\fR -option\&. -.sp -If the user is currently a member of a group which is not listed, the user will be removed from the group\&. This behaviour can be changed via the -\fB\-a\fR -option, which appends the user to the current supplementary group list\&. -.RE -.PP -\fB\-l\fR, \fB\-\-login\fR\ \&\fINOWY_LOGIN\fR -.RS 4 -The name of the user will be changed from -\fILOGIN\fR -to -\fINEW_LOGIN\fR\&. Nothing else is changed\&. In particular, the user\*(Aqs home directory or mail spool should probably be renamed manually to reflect the new login name\&. -.RE -.PP -\fB\-L\fR, \fB\-\-lock\fR -.RS 4 -Zablokuj has\(/lo użytkownika\&. Opcja ta powoduje wstawienie \(cq!\(cq na początku zakodowanego has\(/la\&. Opcji tej nie można używać z opcjami -\fB\-p\fR -or -\fB\-U\fR\&. -.sp -Note: if you wish to lock the account (not only access with a password), you should also set the -\fIEXPIRE_DATE\fR -to -\fI1\fR\&. -.RE -.PP -\fB\-m\fR, \fB\-\-move\-home\fR -.RS 4 -Move the content of the user\*(Aqs home directory to the new location\&. -.sp -This option is only valid in combination with the -\fB\-d\fR -(or -\fB\-\-home\fR) option\&. -.sp -\fBusermod\fR -will try to adapt the ownership of the files and to copy the modes, ACL and extended attributes, but manual changes might be needed afterwards\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -When used with the -\fB\-u\fR -option, this option allows to change the user ID to a non\-unique value\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIHAS\(/LO\fR -.RS 4 -The encrypted password, as returned by -\fBcrypt\fR(3)\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -Nazwa nowej pow\(/loki (shell) użytkownika\&. Ustawienie tego pola na puste powoduje, że system wybierze domyślną pow\(/lokę logowania\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -The new numerical value of the user\*(Aqs ID\&. -.sp -This value must be unique, unless the -\fB\-o\fR -option is used\&. The value must be non\-negative\&. -.sp -The user\*(Aqs mailbox, and any files which the user owns and which are located in the user\*(Aqs home directory will have the file user ID changed automatically\&. -.sp -The ownership of files outside of the user\*(Aqs home directory must be fixed manually\&. -.sp -No checks will be performed with regard to the -\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBSYS_UID_MIN\fR, or -\fBSYS_UID_MAX\fR -from -/etc/login\&.defs\&. -.RE -.PP -\fB\-U\fR, \fB\-\-unlock\fR -.RS 4 -Odblokowuje has\(/lo użytkownika\&. Opcja ta powoduje usuniecie \(cq!\(cq z początku zakodowanego has\(/la\&. Opcji tej nie można używać z opcjami -\fB\-p\fR -lub -\fB\-L\fR\&. -.sp -Note: if you wish to unlock the account (not only access with a password), you should also set the -\fIEXPIRE_DATE\fR -(for example to -\fI99999\fR, or to the -\fBEXPIRE\fR -value from -/etc/default/useradd)\&. -.RE -.PP -\fB\-v\fR, \fB\-\-add\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate uids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-V\fR, \fB\-\-del\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate uids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-uids\fR -and -\fB\-\-add\-sub\-uids\fR -are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-w\fR, \fB\-\-add\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate gids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-W\fR, \fB\-\-del\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate gids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-gids\fR -and -\fB\-\-add\-sub\-gids\fR -are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -The new SELinux user for the user\*(Aqs login\&. -.sp -A blank -\fISEUSER\fR -will remove the SELinux user mapping for user -\fILOGIN\fR -(if any)\&. -.RE -.SH "OSTRZEÅ»ENIA" -.PP -You must make certain that the named user is not executing any processes when this command is being executed if the user\*(Aqs numerical user ID, the user\*(Aqs name, or the user\*(Aqs home directory is being changed\&. -\fBusermod\fR -checks this on Linux, but only check if the user is logged in according to utmp on other architectures\&. -.PP -You must change the owner of any -\fBcrontab\fR -files or -\fBat\fR -jobs manually\&. -.PP -You must make any changes involving NIS on the NIS server\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informacje chronione o grupach użytkownik\('ow\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Konfiguracja pakietu shadow\&. -.RE -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.PP -/etc/shadow -.RS 4 -Informacje chronione o użytkownikach\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/pl/man8/vigr.8 b/man/pl/man8/vigr.8 deleted file mode 100644 index ff72d7ae..00000000 --- a/man/pl/man8/vigr.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/vipw.8 diff --git a/man/pl/man8/vipw.8 b/man/pl/man8/vipw.8 deleted file mode 100644 index 5b481bc4..00000000 --- a/man/pl/man8/vipw.8 +++ /dev/null @@ -1,141 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 -.\" Date: 05/09/2014 -.\" Manual: Polecenia Zarządzania Systemem -.\" Source: shadow-utils 4.2 -.\" Language: Polish -.\" -.TH "VIPW" "8" "05/09/2014" "shadow\-utils 4\&.2" "Polecenia Zarządzania Systemem" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAZWA" -vipw, vigr \- edytuj plik hase\(/l, grup lub ich wersji chronionych -.SH "STRESZCZENIE" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fIopcje\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fIopcje\fR] -.SH "OPIS" -.PP -Polecenia -\fBvipw\fR -i -\fBvigr\fR -umożliwiają modyfikację plik\('ow odpowiednio -/etc/passwd -i -/etc/group\&. Przy zastosowaniu flagi -\fB\-s\fR -modyfikują także dodatkowe wersje chronione tych plik\('ow \- odpowiednio -/etc/shadow -i -/etc/gshadow\&. Dla ochrony przed uszkodzeniem w trakcie modyfikacji tych plik\('ow programy te ustawiają odpowiednie blokady\&. Szukając edytora programy te używają w pierwszej kolejności zmiennej środowiska -\fB$VISUAL\fR, a następnie -\fB$EDITOR\fR, a na końcu a na końcu domyślnego edytora -\fBvi\fR(1)\&. -.SH "OPCJE" -.PP -Polecenia -\fBvipw\fR -i -\fBvigr\fR -posiadają następujące opcje:Polecenia -\fBvipw\fR -i -\fBvigr\fR -posiadają następujące opcje: -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -Edycja bazy grup\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Wyświetlenie komunikatu pomocy i zakończenie dzia\(/lania\&. -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -Edycja bazy passwd\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Cichy tryb pracy\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -Edycja bazy shadow lub gshadow\&. -.RE -.SH "ENVIRONMENT" -.PP -\fBVISUAL\fR -.RS 4 -Editor to be used\&. -.RE -.PP -\fBEDITOR\fR -.RS 4 -Editor to be used if -\fBVISUAL\fR -is not set\&. -.RE -.SH "PLIKI" -.PP -/etc/group -.RS 4 -Informacje o grupach użytkownik\('ow\&. -.RE -.PP -/etc/gshadow -.RS 4 -Informacje chronione o grupach użytkownik\('ow\&. -.RE -.PP -/etc/passwd -.RS 4 -Informacja o kontach użytkownik\('ow\&. -.RE -.PP -/etc/shadow -.RS 4 -Informacje chronione o użytkownikach\&. -.RE -.SH "ZOBACZ TAKÅ»E" -.PP -\fBvi\fR(1), -\fBgroup\fR(5), -\fBgshadow\fR(5) -, -\fBpasswd\fR(5), , -\fBshadow\fR(5)\&. diff --git a/man/po/da.po b/man/po/da.po index 57bcce19..b709fbc6 100644 --- a/man/po/da.po +++ b/man/po/da.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow-man\n" -"POT-Creation-Date: 2014-05-09 12:53+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2013-08-23 01:35+0200\n" "Last-Translator: Joe Hansen \n" "Language-Team: Danish \n" @@ -68,16 +68,15 @@ msgstr "" #: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) #: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) #: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) -#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) -#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname) -#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) -#: login.access.5.xml:46(surname) login.1.xml:78(surname) -#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) -#: groups.1.xml:45(surname) groupmod.8.xml:46(surname) +#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) +#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) +#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname) +#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) +#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) #: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) #: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) -#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) -#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) +#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) +#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) #: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname) msgid "Kłoczko" msgstr "" @@ -102,17 +101,16 @@ msgstr "" #: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) #: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) #: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) -#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) -#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) -#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) -#: login.access.5.xml:48(contrib) login.1.xml:80(contrib) -#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) -#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) +#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) +#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) +#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) +#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) +#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) #: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) #: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) -#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) -#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) -#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib) +#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) +#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) +#: chage.1.xml:48(contrib) msgid "shadow-utils maintainer, 2000 - 2007" msgstr "" @@ -146,14 +144,13 @@ msgstr "" #: newusers.8.xml:66(surname) newgrp.1.xml:52(surname) #: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) #: login.access.5.xml:52(surname) login.1.xml:84(surname) -#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) -#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) -#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) -#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) -#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) -#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) -#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) -#: chfn.1.xml:54(surname) chage.1.xml:52(surname) +#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) +#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) +#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) +#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) +#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) +#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) +#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname) msgid "FranƧois" msgstr "" @@ -182,14 +179,13 @@ msgstr "" #: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) #: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) #: login.access.5.xml:54(contrib) login.1.xml:86(contrib) -#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) -#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) -#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) -#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) -#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) -#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) -#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) -#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib) +#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) +#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) +#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) +#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) +#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) +#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) +#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib) msgid "shadow-utils maintainer, 2007 - now" msgstr "" @@ -261,14 +257,13 @@ msgstr "" #: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) #: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) #: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) -#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) -#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) -#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) -#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) -#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) -#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) -#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) -#: chage.1.xml:72(replaceable) +#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) +#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) +#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) +#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) +#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) +#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) +#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable) msgid "options" msgstr "tilvalg" @@ -317,11 +312,10 @@ msgstr "" #: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) #: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) #: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) -#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) -#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) -#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) -#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) -#: chage.1.xml:91(title) +#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) +#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) +#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) +#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title) msgid "OPTIONS" msgstr "TILVALG" @@ -343,7 +337,7 @@ msgstr "Rediger gruppedatabase." #: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) #: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) -#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term) +#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) #: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) #: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) #: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) @@ -353,7 +347,7 @@ msgstr ", " #: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) #: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) -#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) +#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) #: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) #: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) #: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) @@ -379,7 +373,7 @@ msgstr "Stille tilstand." #: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) #: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) -#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) +#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) #: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) #: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) #: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) @@ -393,7 +387,7 @@ msgstr "" #: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) #: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) -#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) +#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) #: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) #: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) #: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) @@ -422,18 +416,18 @@ msgstr ", " msgid "Indicates which user's tcb shadow file to edit." msgstr "Indikerer hvilken brugers tcb-shadowfil at redigere." -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) #: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) #: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) #: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) #: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) -#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) -#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) -#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) +#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) +#: chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "KONFIGURATION" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) #: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) #: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) #: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) @@ -488,37 +482,35 @@ msgstr "" "Redigeringsprogram der skal bruges hvis ikke er " "angivet." -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) #: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) #: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) #: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) #: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) #: newgrp.1.xml:121(title) logoutd.8.xml:89(title) -#: login.access.5.xml:121(title) login.1.xml:338(title) -#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) -#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) -#: groupmems.8.xml:211(title) groupdel.8.xml:140(title) -#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) -#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) -#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) -#: chage.1.xml:256(title) +#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) +#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) +#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) +#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) +#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) +#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) +#: chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "FILER" -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) #: userdel.8.xml:191(filename) useradd.8.xml:690(filename) -#: sg.1.xml:125(filename) pwck.8.xml:272(filename) -#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename) -#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename) -#: groups.1.xml:103(filename) groupmod.8.xml:208(filename) -#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) -#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) -#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) -#: chgpasswd.8.xml:216(filename) +#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) +#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) +#: grpck.8.xml:224(filename) groups.1.xml:103(filename) +#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) +#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) +#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) +#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "/etc/group" -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) #: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) #: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) #: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) @@ -527,7 +519,7 @@ msgstr "/etc/group" msgid "Group account information." msgstr "Information om gruppekonto." -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) #: useradd.8.xml:696(filename) sg.1.xml:131(filename) #: newusers.8.xml:418(filename) newgrp.1.xml:142(filename) #: gshadow.5.xml:165(filename) grpck.8.xml:230(filename) @@ -538,7 +530,7 @@ msgstr "Information om gruppekonto." msgid "/etc/gshadow" msgstr "/etc/gshadow" -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) #: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) #: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) #: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) @@ -546,7 +538,7 @@ msgstr "/etc/gshadow" msgid "Secure group account information." msgstr "Information om sikret gruppekonto." -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) #: userdel.8.xml:203(filename) useradd.8.xml:678(filename) #: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) #: pwck.8.xml:278(filename) passwd.5.xml:144(filename) @@ -559,7 +551,7 @@ msgstr "Information om sikret gruppekonto." msgid "/etc/passwd" msgstr "/etc/passwd" -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) #: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) #: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) #: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) @@ -569,7 +561,7 @@ msgstr "/etc/passwd" msgid "User account information." msgstr "Information om brugerkonto." -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) #: userdel.8.xml:209(filename) useradd.8.xml:684(filename) #: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) #: shadow.3.xml:229(filename) pwck.8.xml:284(filename) @@ -580,7 +572,7 @@ msgstr "Information om brugerkonto." msgid "/etc/shadow" msgstr "/etc/shadow" -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) #: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) #: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) #: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) @@ -589,7 +581,7 @@ msgstr "/etc/shadow" msgid "Secure user account information." msgstr "Information om sikret brugerkonto." -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) #: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) #: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) #: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) @@ -652,15 +644,15 @@ msgstr "" #: usermod.8.xml:46(surname) userdel.8.xml:46(surname) #: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) #: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) -#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) -#: passwd.1.xml:47(surname) newusers.8.xml:55(surname) -#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) -#: login.defs.5.xml:105(surname) login.1.xml:73(surname) -#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) -#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) -#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname) -#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) -#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname) +#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) +#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname) +#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) +#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) +#: groups.1.xml:40(surname) groupmod.8.xml:41(surname) +#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) +#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) +#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) +#: chage.1.xml:41(surname) msgid "Haugh" msgstr "" @@ -1143,9 +1135,9 @@ msgstr "" #: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) #: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) -#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) -#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) -#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) +#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) +#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) +#: faillog.8.xml:232(title) chpasswd.8.xml:231(title) #: chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "" @@ -1155,17 +1147,17 @@ msgid "" "You must make certain that the named user is not executing any processes " "when this command is being executed if the user's numerical user ID, the " "user's name, or the user's home directory is being changed. " -"usermod checks this on Linux, but only check if the user " -"is logged in according to utmp on other architectures." +"usermod checks this on Linux. On other platforms it only " +"uses utmp to check if the user is logged in." msgstr "" -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "" "You must change the owner of any crontab files or " "at jobs manually." msgstr "" -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "" @@ -1396,7 +1388,7 @@ msgid "" "algorithm: " msgstr "" -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) #: useradd.8.xml:726(filename) su.1.xml:382(filename) #: pwconv.8.xml:253(filename) passwd.1.xml:423(filename) #: newusers.8.xml:424(filename) login.access.5.xml:124(filename) @@ -1407,7 +1399,7 @@ msgstr "" msgid "/etc/login.defs" msgstr "" -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) #: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) #: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) #: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) @@ -1415,31 +1407,31 @@ msgstr "" msgid "Shadow password suite configuration." msgstr "" -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) #: useradd.8.xml:714(filename) newusers.8.xml:436(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subgid" msgstr "/etc/suauth" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) #: newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) #: useradd.8.xml:720(filename) newusers.8.xml:442(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subuid" msgstr "/etc/suauth" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) #: newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) #, fuzzy #| msgid "" #| "vi1PASS_MAX_DAYS and others). Example: " " PASS_MAX_DAYS=-1 can be used when creating system " -"account to turn off password ageing, even though system account has no " +"account to turn off password aging, even though system account has no " "password at all. Multiple options can be specified, e." "g.:  UID_MIN=100  " @@ -1994,7 +1985,7 @@ msgstr "" #: useradd.8.xml:327(para) msgid "" "By default, the user's entries in the lastlog and faillog databases are " -"resetted to avoid reusing the entry from a previously deleted user." +"reset to avoid reusing the entry from a previously deleted user." msgstr "" #: useradd.8.xml:335(term) @@ -2014,9 +2005,11 @@ msgid "" "is not enabled, no home directories are created." msgstr "" -#: useradd.8.xml:354(option) -msgid "-M" -msgstr "" +#: useradd.8.xml:353(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " #: useradd.8.xml:357(para) msgid "" @@ -2081,10 +2074,10 @@ msgstr "" #: useradd.8.xml:434(para) msgid "" "Note that useradd will not create a home directory for " -"such an user, regardless of the default setting in /etc/login." -"defs (). You have to specify the " -" options if you want a home directory for a system " -"account to be created." +"such a user, regardless of the default setting in /etc/login.defs (). You have to specify the options if you want a home directory for a system account to be " +"created." msgstr "" #: useradd.8.xml:461(para) @@ -2602,7 +2595,7 @@ msgstr "" #, no-wrap msgid "" "\n" -" 1) the user su is targetting\n" +" 1) the user su is targeting\n" " " msgstr "" @@ -2636,12 +2629,12 @@ msgstr "" #: suauth.5.xml:107(para) msgid "" "from-id is formatted the same as to-id except the extra word " -"GROUP is recognised. ALL EXCEPT GROUPGROUP is recognized. ALL EXCEPT GROUP is perfectly valid too. Following GROUP " "appears one or more group names, delimited by \",\". It is not sufficient to " "have primary group id of the relevant group, an entry in " "/etc/group5 is neccessary." +"manvolnum> is necessary." msgstr "" #: suauth.5.xml:118(para) @@ -2744,9 +2737,8 @@ msgid "" msgstr "" #: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) -#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) -#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) -#: faillog.5.xml:41(contrib) +#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) +#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib) msgid "Creation, 1989" msgstr "" @@ -3389,7 +3381,7 @@ msgstr "" #: shadow.5.xml:117(para) gshadow.5.xml:107(para) msgid "" -"A password field which starts with a exclamation mark means that the " +"A password field which starts with an exclamation mark means that the " "password is locked. The remaining characters on the line represent the " "password field before the password was locked." msgstr "" @@ -3407,7 +3399,7 @@ msgstr "" #: shadow.5.xml:134(para) msgid "" "The value 0 has a special meaning, which is that the user should change her " -"pasword the next time she will log in the system." +"password the next time she will log in the system." msgstr "" #: shadow.5.xml:139(para) @@ -3507,7 +3499,7 @@ msgstr "" #: shadow.5.xml:229(para) msgid "" "Note that an account expiration differs from a password expiration. In case " -"of an acount expiration, the user shall not be allowed to login. In case of " +"of an account expiration, the user shall not be allowed to login. In case of " "a password expiration, the user is not allowed to login using her password." msgstr "" @@ -3768,18 +3760,15 @@ msgstr "" msgid "pwconv" msgstr "" -#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) -#: login.defs.5.xml:438(term) +#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term) msgid "pwunconv" msgstr "" -#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) -#: login.defs.5.xml:340(term) +#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term) msgid "grpconv" msgstr "" -#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) -#: login.defs.5.xml:346(term) +#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term) msgid "grpunconv" msgstr "" @@ -3927,8 +3916,7 @@ msgstr "" #: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) #: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) -#: passwd.1.xml:71(refname) passwd.1.xml:77(command) -#: login.defs.5.xml:409(term) +#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term) msgid "passwd" msgstr "" @@ -4071,7 +4059,7 @@ msgstr "" msgid "" "Note that when is enabled, you cannot specify an " "alternative shadow file. In future releases, this " -"paramater could be replaced by an alternate TCB directory." +"parameter could be replaced by an alternate TCB directory." msgstr "" #: pwck.8.xml:312(para) @@ -4400,8 +4388,12 @@ msgid "" msgstr "" #: passwd.1.xml:166(para) +#, fuzzy +#| msgid "" +#| "You can find advices on how to choose a strong password on http://en." +#| "wikipedia.org/wiki/Password_strength" msgid "" -"You can find advices on how to choose a strong password on http://en." +"You can find advice on how to choose a strong password on http://en." "wikipedia.org/wiki/Password_strength" msgstr "" "Du kan finde rĆ„d om hvordan du vƦlger en god adgangskode pĆ„ http://en." @@ -4842,7 +4834,9 @@ msgid "HISTORY" msgstr "HISTORIK" #: nologin.8.xml:91(para) -msgid "The nologin command appearred in BSD 4.4." +#, fuzzy +#| msgid "The nologin command appearred in BSD 4.4." +msgid "The nologin command appeared in BSD 4.4." msgstr "Kommandoen nologin fremkom i BSD 4.4." #: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) @@ -4881,11 +4875,19 @@ msgid "This is the name of the user." msgstr "Dette er navnet pĆ„ brugeren." #: newusers.8.xml:116(para) +#, fuzzy +#| msgid "" +#| "If this field contains the name of an existing user (or the name of an " +#| "user created before by newusers), the UID of the " +#| "specified user will be used." msgid "" -"It can be the name of a new user or the name of an existing user (or an user " +"It can be the name of a new user or the name of an existing user (or a user " "created before by newusers). In case of an existing user, " "the user's information will be changed, otherwise a new user will be created." msgstr "" +"Hvis dette felt indeholder navnet pĆ„ en eksisterende bruger (eller navnet pĆ„ " +"en bruger oprettet fĆør af newusers), sĆ„ vil UID'en for " +"den angivne bruger blive brugt." #: newusers.8.xml:127(emphasis) msgid "pw_passwd" @@ -4908,8 +4910,12 @@ msgid "This field is used to define the UID of the user." msgstr "Dette flet bruges til at definere UID for brugeren." #: newusers.8.xml:144(para) +#, fuzzy +#| msgid "" +#| "If the field is empty, an new (unused) UID will be defined automatically " +#| "by newusers." msgid "" -"If the field is empty, an new (unused) UID will be defined automatically by " +"If the field is empty, a new (unused) UID will be defined automatically by " "newusers." msgstr "" "Hvis feltet er tomt, vil en ny (ubrugt) UID blive defineret automatisk af " @@ -4921,8 +4927,13 @@ msgstr "" "Hvis dette felt indeholer et tal, sĆ„ vil dette tal blive brugt som UID'en." #: newusers.8.xml:152(para) +#, fuzzy +#| msgid "" +#| "If this field contains the name of an existing user (or the name of an " +#| "user created before by newusers), the UID of the " +#| "specified user will be used." msgid "" -"If this field contains the name of an existing user (or the name of an user " +"If this field contains the name of an existing user (or the name of a user " "created before by newusers), the UID of the specified " "user will be used." msgstr "" @@ -6181,7 +6192,9 @@ msgid "D: max data size (KB)" msgstr "D: Maks. datastĆørrelse (KB)" #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +#, fuzzy +#| msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "F: Maks filstĆørrelse (KB)" #: limits.5.xml:112(para) @@ -6251,7 +6264,7 @@ msgstr "" #: limits.5.xml:145(para) msgid "" "Be aware that after username the rest of " -"the line is considered a limit string, thus comments are not allowed. A " +"the line is considered a limit string, thus comments are not allowed. An " "invalid limits string will be rejected (not considered) by the " "login program." msgstr "" @@ -6271,8 +6284,12 @@ msgid "" msgstr "" #: limits.5.xml:165(para) +#, fuzzy +#| msgid "" +#| "If more than one line with limits for an user exist, only the first line " +#| "for this user will be considered." msgid "" -"If more than one line with limits for an user exist, only the first line for " +"If more than one line with limits for a user exist, only the first line for " "this user will be considered." msgstr "" "Hvis mere end en linje med begrƦnsninger for en bruger findes, sĆ„ vil kun " @@ -6280,7 +6297,7 @@ msgstr "" #: limits.5.xml:170(para) msgid "" -"If no lines are specified for an user, the last @group@group line matching a group whose the user is a member of will be " "considered, or the last line with default limits if no groups contain the " "user." @@ -6351,29 +6368,53 @@ msgid "" "Print only lastlog records older than DAYS." msgstr "" -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) +#: lastlog.8.xml:107(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:111(para) +msgid "" +"Clear lastlog record of a user. This option can be used only together with " +" ())." +msgstr "" + +#: lastlog.8.xml:138(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:142(para) +msgid "" +"Set lastlog record of a user to the current time. This option can be used " +"only together with ())." +msgstr "" + +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) msgid "" ",  DAYS" msgstr "" -#: lastlog.8.xml:131(para) +#: lastlog.8.xml:153(para) msgid "" "Print the lastlog records more recent than DAYS." msgstr "" -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) msgid "" ",  LOGIN|RANGE" msgstr "" -#: lastlog.8.xml:142(para) +#: lastlog.8.xml:164(para) msgid "Print the lastlog record of the specified user(s)." msgstr "" -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "" "The users can be specified by a login name, a numerical user ID, or a " "RANGE of users. This RANGE), or a min value (UID_MIN-)." msgstr "" -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "" "If the user has never logged in the message ** Never logged in** will be displayed instead of the port and time." msgstr "" -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "" "Only the entries for the current users of the system will be displayed. " "Other entries may exist for users that were deleted previously." msgstr "" -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) #: chage.1.xml:231(title) msgid "NOTE" msgstr "" -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "" "The lastlog file is a database which contains info on " "the last login of each user. You should not rotate it. It is a sparse file, " @@ -6409,15 +6450,15 @@ msgid "" "its real size with \"ls -s\"." msgstr "" -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "/var/log/lastlog" -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "Databasetider for tidligere brugerlogind." -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "" "Large gaps in UID numbers will cause the lastlog program to run longer with " "no output to the screen (i.e. if in lastlog database there is no entries for " @@ -6464,11 +6505,19 @@ msgid "" msgstr "" #: gshadow.5.xml:97(para) +#, fuzzy +#| msgid "" +#| "The new value of the user's password file comment field. It is normally " +#| "modified using the chfn1 utility." msgid "" -"The password is used when an user who is not a member of the group wants to " +"The password is used when a user who is not a member of the group wants to " "gain the permissions of this group (see newgrp1)." msgstr "" +"Den nye vƦrdi for brugerens kommentar kommentarfelt i adgangskodefilen. Den " +"Ʀndres normalt med redskabet chfn1." #: gshadow.5.xml:103(para) msgid "" @@ -6867,7 +6916,9 @@ msgid "" msgstr "" #: groupmems.8.xml:109(para) -msgid "Add an user to the group membership list." +#, fuzzy +#| msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "TilfĆøj en bruger til listen over gruppemedlemmer." #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) @@ -7633,7 +7684,7 @@ msgstr "" msgid "" "The default encryption algorithm can be defined for the system with the " " or variables " -"of /etc/login.defs, and can be overwitten with the " +"of /etc/login.defs, and can be overwritten with the " ", , or options." msgstr "" @@ -7648,7 +7699,7 @@ msgstr "" msgid "" "Except when PAM is used to encrypt the passwords,chpasswd first updates all the passwords in " -"memory, and then commits all the changes to disk if no errors occured for " +"memory, and then commits all the changes to disk if no errors occurred for " "any user." msgstr "" @@ -7778,7 +7829,7 @@ msgstr "" msgid "" "The default encryption algorithm can be defined for the system with the " " variable of /etc/login.defs, and can be overwiten with the , , options." msgstr "" diff --git a/man/po/de.po b/man/po/de.po index 937f9e5a..6e013069 100644 --- a/man/po/de.po +++ b/man/po/de.po @@ -5,7 +5,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow-man-pages\n" -"POT-Creation-Date: 2014-05-09 12:53+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2013-08-23 01:36+0200\n" "Last-Translator: Simon Brandmair \n" "Language-Team: debian-l10n-german -h, " #: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) #: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) -#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) +#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) #: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) #: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) #: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) @@ -366,7 +360,7 @@ msgstr "stiller Modus" #: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) #: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) -#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) +#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) #: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) #: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) #: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) @@ -380,7 +374,7 @@ msgstr "" #: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) #: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) -#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) +#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) #: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) #: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) #: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) @@ -410,18 +404,18 @@ msgstr ", " msgid "Indicates which user's tcb shadow file to edit." msgstr "bestimmt, welche Tcb-Shadow-Datei des Benutzers bearbeitet werden soll" -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) #: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) #: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) #: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) #: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) -#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) -#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) -#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) +#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) +#: chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "KONFIGURATION" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) #: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) #: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) #: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) @@ -474,37 +468,35 @@ msgstr "EDITOR" msgid "Editor to be used if is not set." msgstr "der verwendete Editor, wenn nicht gesetzt ist" -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) #: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) #: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) #: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) #: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) #: newgrp.1.xml:121(title) logoutd.8.xml:89(title) -#: login.access.5.xml:121(title) login.1.xml:338(title) -#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) -#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) -#: groupmems.8.xml:211(title) groupdel.8.xml:140(title) -#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) -#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) -#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) -#: chage.1.xml:256(title) +#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) +#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) +#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) +#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) +#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) +#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) +#: chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "DATEIEN" -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) #: userdel.8.xml:191(filename) useradd.8.xml:690(filename) -#: sg.1.xml:125(filename) pwck.8.xml:272(filename) -#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename) -#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename) -#: groups.1.xml:103(filename) groupmod.8.xml:208(filename) -#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) -#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) -#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) -#: chgpasswd.8.xml:216(filename) +#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) +#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) +#: grpck.8.xml:224(filename) groups.1.xml:103(filename) +#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) +#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) +#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) +#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "/etc/group" -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) #: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) #: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) #: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) @@ -513,7 +505,7 @@ msgstr "/etc/group" msgid "Group account information." msgstr "Informationen zu den Gruppenkonten" -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) #: useradd.8.xml:696(filename) sg.1.xml:131(filename) #: newusers.8.xml:418(filename) newgrp.1.xml:142(filename) #: gshadow.5.xml:165(filename) grpck.8.xml:230(filename) @@ -525,7 +517,7 @@ msgid "/etc/gshadow" msgstr "/etc/gshadow" # type: Plain text -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) #: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) #: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) #: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) @@ -533,7 +525,7 @@ msgstr "/etc/gshadow" msgid "Secure group account information." msgstr "sichere Informationen zu den Gruppenkonten" -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) #: userdel.8.xml:203(filename) useradd.8.xml:678(filename) #: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) #: pwck.8.xml:278(filename) passwd.5.xml:144(filename) @@ -546,7 +538,7 @@ msgstr "sichere Informationen zu den Gruppenkonten" msgid "/etc/passwd" msgstr "/etc/passwd" -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) #: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) #: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) #: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) @@ -556,7 +548,7 @@ msgstr "/etc/passwd" msgid "User account information." msgstr "Informationen zu den Benutzerkonten" -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) #: userdel.8.xml:209(filename) useradd.8.xml:684(filename) #: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) #: shadow.3.xml:229(filename) pwck.8.xml:284(filename) @@ -568,7 +560,7 @@ msgid "/etc/shadow" msgstr "/etc/shadow" # type: Plain text -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) #: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) #: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) #: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) @@ -577,7 +569,7 @@ msgstr "/etc/shadow" msgid "Secure user account information." msgstr "verschlĆ¼sselte Informationen zu den Benutzerkonten" -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) #: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) #: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) #: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) @@ -640,15 +632,15 @@ msgstr "Julianne Frances" #: usermod.8.xml:46(surname) userdel.8.xml:46(surname) #: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) #: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) -#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) -#: passwd.1.xml:47(surname) newusers.8.xml:55(surname) -#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) -#: login.defs.5.xml:105(surname) login.1.xml:73(surname) -#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) -#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) -#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname) -#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) -#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname) +#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) +#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname) +#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) +#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) +#: groups.1.xml:40(surname) groupmod.8.xml:41(surname) +#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) +#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) +#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) +#: chage.1.xml:41(surname) msgid "Haugh" msgstr "Haugh" @@ -1237,20 +1229,27 @@ msgstr "" #: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) #: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) -#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) -#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) -#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) +#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) +#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) +#: faillog.8.xml:232(title) chpasswd.8.xml:231(title) #: chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "WARNUNGEN" #: usermod.8.xml:479(para) +#, fuzzy +#| msgid "" +#| "You must make certain that the named user is not executing any processes " +#| "when this command is being executed if the user's numerical user ID, the " +#| "user's name, or the user's home directory is being changed. " +#| "usermod checks this on Linux, but only check if the " +#| "user is logged in according to utmp on other architectures." msgid "" "You must make certain that the named user is not executing any processes " "when this command is being executed if the user's numerical user ID, the " "user's name, or the user's home directory is being changed. " -"usermod checks this on Linux, but only check if the user " -"is logged in according to utmp on other architectures." +"usermod checks this on Linux. On other platforms it only " +"uses utmp to check if the user is logged in." msgstr "" "Wenn Sie mit diesem Befehl die numerische UID, den Namen oder das Home-" "Verzeichnis eines Benutzers verƤndern wollen, mĆ¼ssen Sie sicherstellen, dass " @@ -1258,7 +1257,7 @@ msgstr "" "usermod sicher, auf anderen Architekturen Ć¼berprĆ¼ft es " "nur, ob der Benutzer laut utmp eingeloggt ist." -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "" "You must change the owner of any crontab files or " "at jobs manually." @@ -1266,7 +1265,7 @@ msgstr "" "Sie mĆ¼ssen den EigentĆ¼mer von crontab-Dateien oder " "at-AuftrƤgen per Hand Ƥndern." -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "" "Sie mĆ¼ssen alle Ƅnderung in Bezug auf NIS auf dem NIS-Server vornehmen." @@ -1540,7 +1539,7 @@ msgstr "" "nach dem folgenden Algorithmus aus der UID des Benutzers errechnet: " "" -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) #: useradd.8.xml:726(filename) su.1.xml:382(filename) #: pwconv.8.xml:253(filename) passwd.1.xml:423(filename) #: newusers.8.xml:424(filename) login.access.5.xml:124(filename) @@ -1551,7 +1550,7 @@ msgstr "" msgid "/etc/login.defs" msgstr "/etc/login.defs" -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) #: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) #: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) #: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) @@ -1559,31 +1558,31 @@ msgstr "/etc/login.defs" msgid "Shadow password suite configuration." msgstr "Konfiguration der Shadow-Passwort-Werkzeugsammlung" -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) #: useradd.8.xml:714(filename) newusers.8.xml:436(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subgid" msgstr "/etc/suauth" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) #: newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) #: useradd.8.xml:720(filename) newusers.8.xml:442(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subuid" msgstr "/etc/suauth" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) #: newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) #, fuzzy #| msgid "" #| "chfn1useradd " -"von der Variable in /etc/default/" -"useradd ab. Wenn diese Variable auf yes gesetzt ist (oder auf der Befehlszeile in /etc/login." +"defs ab. Wenn diese Variable auf yes " +"gesetzt ist (oder auf der Befehlszeile " +"angegeben wurde), wird fĆ¼r den Benutzer eine Gruppe, die auf seinen Namen " +"lautet, erstellt. Wenn die Variable auf no " "gesetzt ist (oder auf der Befehlszeile " "angegeben wurde), legt useradd als Hauptgruppe des neuen Benutzers diejenige " "fest, die mit der Variable in /etc/default/" @@ -2299,13 +2297,25 @@ msgstr "" "replaceable>=WERT" #: useradd.8.xml:301(para) +#, fuzzy +#| msgid "" +#| "Overrides /etc/login.defs defaults (, , " +#| " and others). Example: " +#| " PASS_MAX_DAYS=-1 can be used when creating " +#| "system account to turn off password ageing, even though system account " +#| "has no password at all. Multiple options can be " +#| "specified, e.g.:  UID_MIN=100  " +#| "UID_MAX=499" msgid "" "Overrides /etc/login.defs defaults (, , " " and others). Example: " " PASS_MAX_DAYS=-1 can be used when creating system " -"account to turn off password ageing, even though system account has no " +"account to turn off password aging, even though system account has no " "password at all. Multiple options can be specified, e." "g.:  UID_MIN=100  " @@ -2332,9 +2342,13 @@ msgid "Do not add the user to the lastlog and faillog databases." msgstr "FĆ¼gt den Benutzer nicht zu den Datenbanken lastlog und faillog hinzu." #: useradd.8.xml:327(para) +#, fuzzy +#| msgid "" +#| "By default, the user's entries in the lastlog and faillog databases are " +#| "resetted to avoid reusing the entry from a previously deleted user." msgid "" "By default, the user's entries in the lastlog and faillog databases are " -"resetted to avoid reusing the entry from a previously deleted user." +"reset to avoid reusing the entry from a previously deleted user." msgstr "" "StandardmƤƟig werden die BenutzereintrƤge in den Datenbanken lastlog und " "faillog zurĆ¼ckgesetzt, um zu vermeiden, dass der Eintrag eines frĆ¼her " @@ -2363,9 +2377,11 @@ msgstr "" "Wenn diese Option nicht angegeben wird und " "nicht aktiviert wurde, wird standardmƤƟig kein Home-Verzeichnis erstellt." -#: useradd.8.xml:354(option) -msgid "-M" -msgstr "-M" +#: useradd.8.xml:353(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " #: useradd.8.xml:357(para) msgid "" @@ -2451,12 +2467,19 @@ msgstr "" "fĆ¼r die GID bei der Erstellung von Gruppen)." #: useradd.8.xml:434(para) +#, fuzzy +#| msgid "" +#| "Note that useradd will not create a home directory for " +#| "such an user, regardless of the default setting in /etc/login." +#| "defs (). You have to specify the " +#| " options if you want a home directory for a system " +#| "account to be created." msgid "" "Note that useradd will not create a home directory for " -"such an user, regardless of the default setting in /etc/login." -"defs (). You have to specify the " -" options if you want a home directory for a system " -"account to be created." +"such a user, regardless of the default setting in /etc/login.defs (). You have to specify the options if you want a home directory for a system account to be " +"created." msgstr "" "Beachten Sie, dass useradd fĆ¼r einen solchen Benutzer " "unabhƤngig von der Einstellung in /etc/login.defs " @@ -3064,7 +3087,7 @@ msgstr "5" #: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo) #: faillog.5.xml:59(refmiscinfo) msgid "File Formats and Conversions" -msgstr "Dateiformate und konvertierung" +msgstr "Dateiformate und -konvertierung" #: suauth.5.xml:65(refpurpose) msgid "detailed su control file" @@ -3085,10 +3108,14 @@ msgstr "" #. .RS #: suauth.5.xml:83(literallayout) -#, no-wrap +#, fuzzy, no-wrap +#| msgid "" +#| "\n" +#| " 1) the user su is targetting\n" +#| " " msgid "" "\n" -" 1) the user su is targetting\n" +" 1) the user su is targeting\n" " " msgstr "" "\n" @@ -3135,14 +3162,23 @@ msgstr "" # SB: What is the meaning of the last sentence? #: suauth.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "from-id is formatted the same as to-id except the extra word " +#| "GROUP is recognised. ALL EXCEPT GROUP is perfectly valid too. Following GROUP " +#| "appears one or more group names, delimited by \",\". It is not sufficient " +#| "to have primary group id of the relevant group, an entry in " +#| "/etc/group5 is neccessary." msgid "" "from-id is formatted the same as to-id except the extra word " -"GROUP is recognised. ALL EXCEPT GROUPGROUP is recognized. ALL EXCEPT GROUP is perfectly valid too. Following GROUP " "appears one or more group names, delimited by \",\". It is not sufficient to " "have primary group id of the relevant group, an entry in " "/etc/group5 is neccessary." +"manvolnum> is necessary." msgstr "" "from-id hat das gleiche Format wie to-id mit der Ausnahme, dass zusƤtzlich " "GROUP zulƤssig ist. Auch ALL EXCEPT GROUP." #: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) -#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) -#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) -#: faillog.5.xml:41(contrib) +#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) +#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib) msgid "Creation, 1989" msgstr "ursprĆ¼nglicher Autor, 1989" @@ -4157,8 +4192,13 @@ msgstr "" "Zugang, wenn das Passwortfeld leer ist." #: shadow.5.xml:117(para) gshadow.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "A password field which starts with a exclamation mark means that the " +#| "password is locked. The remaining characters on the line represent the " +#| "password field before the password was locked." msgid "" -"A password field which starts with a exclamation mark means that the " +"A password field which starts with an exclamation mark means that the " "password is locked. The remaining characters on the line represent the " "password field before the password was locked." msgstr "" @@ -4179,9 +4219,13 @@ msgstr "" "der Tage seit dem 1. Januar 1970 ausgedrĆ¼ckt." #: shadow.5.xml:134(para) +#, fuzzy +#| msgid "" +#| "The value 0 has a special meaning, which is that the user should change " +#| "her pasword the next time she will log in the system." msgid "" "The value 0 has a special meaning, which is that the user should change her " -"pasword the next time she will log in the system." +"password the next time she will log in the system." msgstr "" "Dem Wert 0 kommt eine besondere Bedeutung zu: Der Benutzer sollte sein " "Passwort bei der nƤchsten Anmeldung Ƥndern." @@ -4308,9 +4352,15 @@ msgstr "" "Januar 1970 ausgedrĆ¼ckt." #: shadow.5.xml:229(para) +#, fuzzy +#| msgid "" +#| "Note that an account expiration differs from a password expiration. In " +#| "case of an acount expiration, the user shall not be allowed to login. In " +#| "case of a password expiration, the user is not allowed to login using her " +#| "password." msgid "" "Note that an account expiration differs from a password expiration. In case " -"of an acount expiration, the user shall not be allowed to login. In case of " +"of an account expiration, the user shall not be allowed to login. In case of " "a password expiration, the user is not allowed to login using her password." msgstr "" "Beachten Sie, dass der Verfall eines Kontos sich von dem Ablaufen eines " @@ -4320,7 +4370,7 @@ msgstr "" #: shadow.5.xml:235(para) msgid "An empty field means that the account will never expire." -msgstr "Ein leeres Feld bedeutet, dass das Konto nicht verfallen wird." +msgstr "Ein leeren Feld bedeutet, dass das Konto nicht verfallen wird." #: shadow.5.xml:238(para) msgid "" @@ -4650,18 +4700,15 @@ msgstr "" msgid "pwconv" msgstr "pwconv" -#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) -#: login.defs.5.xml:438(term) +#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term) msgid "pwunconv" msgstr "pwunconv" -#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) -#: login.defs.5.xml:340(term) +#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term) msgid "grpconv" msgstr "grpconv" -#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) -#: login.defs.5.xml:346(term) +#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term) msgid "grpunconv" msgstr "grpunconv" @@ -4885,8 +4932,7 @@ msgstr "Ć¼berprĆ¼ft die Stimmigkeit der Passwortdateien" #: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) #: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) -#: passwd.1.xml:71(refname) passwd.1.xml:77(command) -#: login.defs.5.xml:409(term) +#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term) msgid "passwd" msgstr "passwd" @@ -5065,10 +5111,15 @@ msgstr "" "replaceable> und shadow auswƤhlen." #: pwck.8.xml:243(para) +#, fuzzy +#| msgid "" +#| "Note that when is enabled, you cannot specify an " +#| "alternative shadow file. In future releases, " +#| "this paramater could be replaced by an alternate TCB directory." msgid "" "Note that when is enabled, you cannot specify an " "alternative shadow file. In future releases, this " -"paramater could be replaced by an alternate TCB directory." +"parameter could be replaced by an alternate TCB directory." msgstr "" "Hinweis: Wenn aktiviert ist, kƶnnen Sie keine " "andere shadow-Datei angeben. In zukĆ¼nftigen " @@ -5525,8 +5576,12 @@ msgstr "" "erraten, und stellt daher eine Gefahr fĆ¼r die Sicherheit Ihres Systems dar." #: passwd.1.xml:166(para) +#, fuzzy +#| msgid "" +#| "You can find advices on how to choose a strong password on http://en." +#| "wikipedia.org/wiki/Password_strength" msgid "" -"You can find advices on how to choose a strong password on http://en." +"You can find advice on how to choose a strong password on http://en." "wikipedia.org/wiki/Password_strength" msgstr "" "RatschlƤge, wie Sie ein sicheres Passwort wƤhlen, finden Sie unter http://de." @@ -6082,7 +6137,9 @@ msgid "HISTORY" msgstr "GESCHICHTE" #: nologin.8.xml:91(para) -msgid "The nologin command appearred in BSD 4.4." +#, fuzzy +#| msgid "The nologin command appearred in BSD 4.4." +msgid "The nologin command appeared in BSD 4.4." msgstr "Der Befehl nologin tauchte erstmals in BSD 4.4 auf." #: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) @@ -6127,8 +6184,14 @@ msgid "This is the name of the user." msgstr "Dies ist der Name des Benutzers." #: newusers.8.xml:116(para) +#, fuzzy +#| msgid "" +#| "It can be the name of a new user or the name of an existing user (or an " +#| "user created before by newusers). In case of an " +#| "existing user, the user's information will be changed, otherwise a new " +#| "user will be created." msgid "" -"It can be the name of a new user or the name of an existing user (or an user " +"It can be the name of a new user or the name of an existing user (or a user " "created before by newusers). In case of an existing user, " "the user's information will be changed, otherwise a new user will be created." msgstr "" @@ -6158,8 +6221,12 @@ msgid "This field is used to define the UID of the user." msgstr "Mit diesem Feld wird die UID des Benutzers bestimmt." #: newusers.8.xml:144(para) +#, fuzzy +#| msgid "" +#| "If the field is empty, an new (unused) UID will be defined automatically " +#| "by newusers." msgid "" -"If the field is empty, an new (unused) UID will be defined automatically by " +"If the field is empty, a new (unused) UID will be defined automatically by " "newusers." msgstr "" "Wenn dieses Feld leer ist, wird von newusers automatisch " @@ -6170,8 +6237,13 @@ msgid "If this field contains a number, this number will be used as the UID." msgstr "Wenn dieses Feld eine Zahl enthƤlt, wird sie als UID verwendet." #: newusers.8.xml:152(para) +#, fuzzy +#| msgid "" +#| "If this field contains the name of an existing user (or the name of an " +#| "user created before by newusers), the UID of the " +#| "specified user will be used." msgid "" -"If this field contains the name of an existing user (or the name of an user " +"If this field contains the name of an existing user (or the name of a user " "created before by newusers), the UID of the specified " "user will be used." msgstr "" @@ -6889,7 +6961,7 @@ msgid "" "contents of this file should be a message indicating why logins are " "inhibited." msgstr "" -"Falls angegeben, der Name einer Datei, deren Existenz Anmeldungen auƟer von " +"Falls angegeben, der Name einer Datei, dessen Existenz Anmeldungen auƟer von " "Root verhindert. Der Inhalt der Datei sollte die GrĆ¼nde enthalten, weshalb " "Anmeldungen untersagt sind." @@ -7755,7 +7827,9 @@ msgid "D: max data size (KB)" msgstr "D: maximale DatengrĆ¶ĆŸe (KB)" #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +#, fuzzy +#| msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "F: maximale DateigrĆ¶ĆŸe (KB)" #: limits.5.xml:112(para) @@ -7836,9 +7910,15 @@ msgstr "" " " #: limits.5.xml:145(para) +#, fuzzy +#| msgid "" +#| "Be aware that after username the rest of " +#| "the line is considered a limit string, thus comments are not allowed. A " +#| "invalid limits string will be rejected (not considered) by the " +#| "login program." msgid "" "Be aware that after username the rest of " -"the line is considered a limit string, thus comments are not allowed. A " +"the line is considered a limit string, thus comments are not allowed. An " "invalid limits string will be rejected (not considered) by the " "login program." msgstr "" @@ -7869,16 +7949,26 @@ msgstr "" "group." #: limits.5.xml:165(para) +#, fuzzy +#| msgid "" +#| "If more than one line with limits for an user exist, only the first line " +#| "for this user will be considered." msgid "" -"If more than one line with limits for an user exist, only the first line for " +"If more than one line with limits for a user exist, only the first line for " "this user will be considered." msgstr "" "Wenn mehr als eine Zeile mit BeschrƤnkungen fĆ¼r einen Benutzer vorhanden " "ist, wird fĆ¼r ihn nur die erste Zeile berĆ¼cksichtigt." #: limits.5.xml:170(para) +#, fuzzy +#| msgid "" +#| "If no lines are specified for an user, the last @group line matching a group whose the user is a member of will be " +#| "considered, or the last line with default limits if no groups contain the " +#| "user." msgid "" -"If no lines are specified for an user, the last @group@group line matching a group whose the user is a member of will be " "considered, or the last line with default limits if no groups contain the " "user." @@ -7981,7 +8071,37 @@ msgstr "" "gibt nur Lastlog-EintrƤge aus, die Ƥlter als TAGE sind" -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) +#: lastlog.8.xml:107(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:111(para) +#, fuzzy +#| msgid "" +#| "This option is only valid in combination with the (or " +#| ") option." +msgid "" +"Clear lastlog record of a user. This option can be used only together with " +" ())." +msgstr "" +"Diese Option ist nur in Verbindung mit der Option (oder " +") zulƤssig." + +#: lastlog.8.xml:138(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:142(para) +msgid "" +"Set lastlog record of a user to the current time. This option can be used " +"only together with ())." +msgstr "" + +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) msgid "" ",  DAYS" @@ -7989,7 +8109,7 @@ msgstr "" ",  TAGE" -#: lastlog.8.xml:131(para) +#: lastlog.8.xml:153(para) msgid "" "Print the lastlog records more recent than DAYS." @@ -7997,7 +8117,7 @@ msgstr "" "gibt nur Lastlog-EintrƤge aus, die neuer als TAGE sind" -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) msgid "" ",  LOGIN|RANGE" @@ -8005,11 +8125,11 @@ msgstr "" ",  LOGIN|MENGE" -#: lastlog.8.xml:142(para) +#: lastlog.8.xml:164(para) msgid "Print the lastlog record of the specified user(s)." msgstr "gibt nur die Lastlog-EintrƤge fĆ¼r die angegebenen Benutzer aus" -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "" "The users can be specified by a login name, a numerical user ID, or a " "RANGE of users. This RANGEUID_MIN-UID_MAX) oder nur einem " "Minimumwert (UID_MIN-) bestimmt werden." -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "" "If the user has never logged in the message ** Never logged in** will be displayed instead of the port and time." @@ -8033,7 +8153,7 @@ msgstr "" "** Never logged in** anstatt von Port und Zeit " "angezeigt." -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "" "Only the entries for the current users of the system will be displayed. " "Other entries may exist for users that were deleted previously." @@ -8041,12 +8161,12 @@ msgstr "" "Es werden nur EintrƤge fĆ¼r auf dem System vorhandene Benutzer angezeigt, " "selbst wenn EintrƤge Ć¼ber gelƶschte Benutzer noch vorhanden sind." -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) #: chage.1.xml:231(title) msgid "NOTE" msgstr "ANMERKUNGEN" -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "" "The lastlog file is a database which contains info on " "the last login of each user. You should not rotate it. It is a sparse file, " @@ -8064,15 +8184,15 @@ msgstr "" "filename> befinden). Die wirkliche DateigrĆ¶ĆŸe lƤsst sich mit Ā»ls -" "sĀ« anzeigen." -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "/var/log/lastlog" -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "Datenbank mit Zeiten der letzten Anmeldung der Benutzer" -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "" "Large gaps in UID numbers will cause the lastlog program to run longer with " "no output to the screen (i.e. if in lastlog database there is no entries for " @@ -8135,8 +8255,14 @@ msgstr "" "kein Passwort benƶtigen." #: gshadow.5.xml:97(para) +#, fuzzy +#| msgid "" +#| "The password is used when an user who is not a member of the group wants " +#| "to gain the permissions of this group (see " +#| "newgrp1)." msgid "" -"The password is used when an user who is not a member of the group wants to " +"The password is used when a user who is not a member of the group wants to " "gain the permissions of this group (see newgrp1)." msgstr "" @@ -8682,7 +8808,9 @@ msgstr "" "replaceable>" #: groupmems.8.xml:109(para) -msgid "Add an user to the group membership list." +#, fuzzy +#| msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "FĆ¼gt einen Benutzer der Mitgliederliste der Gruppe hinzu." #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) @@ -9731,10 +9859,17 @@ msgstr "" "Alter des Passworts aktualisiert." #: chpasswd.8.xml:97(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| " or " +#| "variables of /etc/login.defs, and can be overwitten " +#| "with the , , or " +#| "options." msgid "" "The default encryption algorithm can be defined for the system with the " " or variables " -"of /etc/login.defs, and can be overwitten with the " +"of /etc/login.defs, and can be overwritten with the " ", , or options." msgstr "" "Der standardmƤƟige VerschlĆ¼sselungsalgorithmus kann systemweit mit den " @@ -9755,10 +9890,16 @@ msgstr "" "nicht angeraten)." #: chpasswd.8.xml:111(para) +#, fuzzy +#| msgid "" +#| "Except when PAM is used to encrypt the " +#| "passwords,chpasswd first updates all the " +#| "passwords in memory, and then commits all the changes to disk if no " +#| "errors occured for any user." msgid "" "Except when PAM is used to encrypt the passwords,chpasswd first updates all the passwords in " -"memory, and then commits all the changes to disk if no errors occured for " +"memory, and then commits all the changes to disk if no errors occurred for " "any user." msgstr "" "PAM wird nicht zur VerschlĆ¼sselung der Passwƶrter " @@ -9926,10 +10067,16 @@ msgstr "" "Standardalgorithmus zur VerschlĆ¼sselung ist DES." #: chgpasswd.8.xml:92(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| " variable of /etc/login.defs, and can be overwiten with the , options." msgid "" "The default encryption algorithm can be defined for the system with the " " variable of /etc/login.defs, and can be overwiten with the , , options." msgstr "" "Der standardmƤƟige VerschlĆ¼sselungsalgorithmus wird systemweit mit der " @@ -10334,6 +10481,9 @@ msgstr "" msgid "translator-credits" msgstr "Simon Brandmair (sbrandmair@gmx.net), 2005, 2007, 2011." +#~ msgid "-M" +#~ msgstr "-M" + #~ msgid "KƅĀ‚oczko" #~ msgstr "KƅĀ‚oczko" diff --git a/man/po/fr.po b/man/po/fr.po index 27b8f992..754bf683 100644 --- a/man/po/fr.po +++ b/man/po/fr.po @@ -1,7 +1,7 @@ # translation of shadow-man.po to French # French translation of the shadow's man pages # Traduction des pages de manuel livrĆ©es avec shadow -# Copyright (C) 2011-2013 Debian French l10n team +# Copyright (C) 2011, 2012 Debian French l10n team # # Certaines pages Ć©taient dĆ©jĆ  traduites: # chpasswd: Amand Tihon @@ -16,19 +16,19 @@ # shadow(5): Thierry Vignaud , 1999. # useradd: FrĆ©dĆ©ric Delanoy, 2000. # Christian Perrier , 2009, 2012. -# Thomas Blein , 2011, 2012, 2013. +# Thomas Blein , 2011, 2012. msgid "" msgstr "" "Project-Id-Version: shadow-man-pages 4.0.18\n" -"POT-Creation-Date: 2014-05-09 12:53+0200\n" -"PO-Revision-Date: 2013-07-10 19:08+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" +"PO-Revision-Date: 2013-08-23 01:37+0200\n" "Last-Translator: Thomas Blein \n" "Language-Team: French \n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Lokalize 1.4\n" +"X-Generator: Lokalize 1.2\n" "X-Poedit-Language: French\n" "X-Poedit-Country: FRANCE\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" @@ -36,16 +36,16 @@ msgstr "" #: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname) #: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname) msgid "Marek" -msgstr "Marek" +msgstr "" #: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname) #: login.access.5.xml:41(surname) msgid "Michałkiewicz" -msgstr "Michałkiewicz" +msgstr "" #: vipw.8.xml:43(contrib) limits.5.xml:43(contrib) msgid "Creation, 1997" -msgstr "CrĆ©ation, 1997" +msgstr "" #: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname) #: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname) @@ -66,25 +66,24 @@ msgstr "CrĆ©ation, 1997" #: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname) #: chfn.1.xml:47(firstname) chage.1.xml:45(firstname) msgid "Thomas" -msgstr "Thomas" +msgstr "" #: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname) #: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) #: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) #: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) -#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) -#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname) -#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) -#: login.access.5.xml:46(surname) login.1.xml:78(surname) -#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) -#: groups.1.xml:45(surname) groupmod.8.xml:46(surname) +#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) +#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) +#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname) +#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) +#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) #: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) #: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) -#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) -#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) +#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) +#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) #: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname) msgid "Kłoczko" -msgstr "Kłoczko" +msgstr "" #: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email) #: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email) @@ -100,25 +99,24 @@ msgstr "Kłoczko" #: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email) #: chage.1.xml:47(email) msgid "kloczek@pld.org.pl" -msgstr "kloczek@pld.org.pl" +msgstr "" #: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib) #: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) #: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) #: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) -#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) -#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) -#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) -#: login.access.5.xml:48(contrib) login.1.xml:80(contrib) -#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) -#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) +#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) +#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) +#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) +#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) +#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) #: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) #: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) -#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) -#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) -#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib) +#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) +#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) +#: chage.1.xml:48(contrib) msgid "shadow-utils maintainer, 2000 - 2007" -msgstr "Mainteneur de shadow-utils, 2000 - 2007" +msgstr "" #: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname) #: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname) @@ -140,7 +138,7 @@ msgstr "Mainteneur de shadow-utils, 2000 - 2007" #: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname) #: chfn.1.xml:53(firstname) chage.1.xml:51(firstname) msgid "Nicolas" -msgstr "Nicolas" +msgstr "" #: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname) #: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname) @@ -150,16 +148,15 @@ msgstr "Nicolas" #: newusers.8.xml:66(surname) newgrp.1.xml:52(surname) #: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) #: login.access.5.xml:52(surname) login.1.xml:84(surname) -#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) -#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) -#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) -#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) -#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) -#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) -#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) -#: chfn.1.xml:54(surname) chage.1.xml:52(surname) +#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) +#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) +#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) +#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) +#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) +#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) +#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname) msgid "FranƧois" -msgstr "FranƧois" +msgstr "" #: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email) #: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email) @@ -176,7 +173,7 @@ msgstr "FranƧois" #: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email) #: chage.1.xml:53(email) msgid "nicolas.francois@centraliens.net" -msgstr "nicolas.francois@centraliens.net" +msgstr "" #: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib) #: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib) @@ -186,16 +183,15 @@ msgstr "nicolas.francois@centraliens.net" #: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) #: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) #: login.access.5.xml:54(contrib) login.1.xml:86(contrib) -#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) -#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) -#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) -#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) -#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) -#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) -#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) -#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib) +#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) +#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) +#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) +#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) +#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) +#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) +#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib) msgid "shadow-utils maintainer, 2007 - now" -msgstr "Mainteneur de shadow-utils, 2007 - maintenant" +msgstr "" #: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command) #: login.defs.5.xml:507(term) @@ -264,14 +260,13 @@ msgstr "Ɖditer les fichiers passwd, group, shadow ou gshadow" #: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) #: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) #: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) -#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) -#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) -#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) -#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) -#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) -#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) -#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) -#: chage.1.xml:72(replaceable) +#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) +#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) +#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) +#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) +#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) +#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) +#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable) msgid "options" msgstr "options" @@ -321,11 +316,10 @@ msgstr "" #: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) #: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) #: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) -#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) -#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) -#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) -#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) -#: chage.1.xml:91(title) +#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) +#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) +#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) +#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title) msgid "OPTIONS" msgstr "OPTIONS" @@ -347,7 +341,7 @@ msgstr "Ɖditer la base de donnĆ©es de groupes." #: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) #: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) -#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term) +#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) #: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) #: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) #: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) @@ -357,7 +351,7 @@ msgstr ", " #: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) #: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) -#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) +#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) #: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) #: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) #: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) @@ -383,25 +377,21 @@ msgstr "Mode silencieux." #: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) #: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) -#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) +#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) #: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) #: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) #: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) #: chfn.1.xml:153(term) chage.1.xml:197(term) -#, fuzzy -#| msgid "" -#| ", CHROOT_DIR" msgid "" ",  CHROOT_DIR" msgstr "" -", RƉP_CHROOT-R,  RƉP_CHROOT" #: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) #: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) -#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) +#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) #: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) #: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) #: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) @@ -431,18 +421,18 @@ msgstr ", " msgid "Indicates which user's tcb shadow file to edit." msgstr "Indique l'utilisateur dont le fichier shadow de tcb doit ĆŖtre Ć©ditĆ©." -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) #: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) #: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) #: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) #: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) -#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) -#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) -#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) +#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) +#: chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "CONFIGURATION" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) #: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) #: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) #: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) @@ -495,37 +485,35 @@ msgstr "EDITOR" msgid "Editor to be used if is not set." msgstr "L'Ć©diteur Ć  utiliser si n'est pas dĆ©finie." -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) #: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) #: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) #: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) #: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) #: newgrp.1.xml:121(title) logoutd.8.xml:89(title) -#: login.access.5.xml:121(title) login.1.xml:338(title) -#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) -#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) -#: groupmems.8.xml:211(title) groupdel.8.xml:140(title) -#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) -#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) -#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) -#: chage.1.xml:256(title) +#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) +#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) +#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) +#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) +#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) +#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) +#: chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "FICHIERS" -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) #: userdel.8.xml:191(filename) useradd.8.xml:690(filename) -#: sg.1.xml:125(filename) pwck.8.xml:272(filename) -#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename) -#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename) -#: groups.1.xml:103(filename) groupmod.8.xml:208(filename) -#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) -#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) -#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) -#: chgpasswd.8.xml:216(filename) +#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) +#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) +#: grpck.8.xml:224(filename) groups.1.xml:103(filename) +#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) +#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) +#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) +#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "/etc/group" -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) #: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) #: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) #: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) @@ -534,7 +522,7 @@ msgstr "/etc/group" msgid "Group account information." msgstr "Informations sur les groupes." -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) #: useradd.8.xml:696(filename) sg.1.xml:131(filename) #: newusers.8.xml:418(filename) newgrp.1.xml:142(filename) #: gshadow.5.xml:165(filename) grpck.8.xml:230(filename) @@ -545,7 +533,7 @@ msgstr "Informations sur les groupes." msgid "/etc/gshadow" msgstr "/etc/gshadow" -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) #: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) #: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) #: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) @@ -553,7 +541,7 @@ msgstr "/etc/gshadow" msgid "Secure group account information." msgstr "Informations sĆ©curisĆ©es sur les groupes." -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) #: userdel.8.xml:203(filename) useradd.8.xml:678(filename) #: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) #: pwck.8.xml:278(filename) passwd.5.xml:144(filename) @@ -566,7 +554,7 @@ msgstr "Informations sĆ©curisĆ©es sur les groupes." msgid "/etc/passwd" msgstr "/etc/passwd" -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) #: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) #: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) #: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) @@ -576,7 +564,7 @@ msgstr "/etc/passwd" msgid "User account information." msgstr "Informations sur les comptes des utilisateurs." -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) #: userdel.8.xml:209(filename) useradd.8.xml:684(filename) #: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) #: shadow.3.xml:229(filename) pwck.8.xml:284(filename) @@ -587,7 +575,7 @@ msgstr "Informations sur les comptes des utilisateurs." msgid "/etc/shadow" msgstr "/etc/shadow" -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) #: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) #: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) #: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) @@ -596,7 +584,7 @@ msgstr "/etc/shadow" msgid "Secure user account information." msgstr "Informations sĆ©curisĆ©es sur les comptes utilisateurs." -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) #: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) #: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) #: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) @@ -654,22 +642,22 @@ msgstr "" #: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname) #: chfn.1.xml:42(firstname) chage.1.xml:40(firstname) msgid "Julianne Frances" -msgstr "Julianne Frances" +msgstr "" #: usermod.8.xml:46(surname) userdel.8.xml:46(surname) #: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) #: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) -#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) -#: passwd.1.xml:47(surname) newusers.8.xml:55(surname) -#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) -#: login.defs.5.xml:105(surname) login.1.xml:73(surname) -#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) -#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) -#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname) -#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) -#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname) +#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) +#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname) +#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) +#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) +#: groups.1.xml:40(surname) groupmod.8.xml:41(surname) +#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) +#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) +#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) +#: chage.1.xml:41(surname) msgid "Haugh" -msgstr "Haugh" +msgstr "" #: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib) #: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib) @@ -678,7 +666,7 @@ msgstr "Haugh" #: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib) #: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib) msgid "Creation, 1991" -msgstr "CrĆ©ation, 1991" +msgstr "" #: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname) #: usermod.8.xml:76(command) login.defs.5.xml:498(term) @@ -723,16 +711,12 @@ msgstr "" "qu'avec l'option ." #: usermod.8.xml:111(term) useradd.8.xml:150(term) -#, fuzzy -#| msgid "" -#| ", COMMENT" msgid "" ",  COMMENT" msgstr "" -", COMMENTAIRE" +",  " +"COMMENTAIRE" #: usermod.8.xml:115(para) msgid "" @@ -748,14 +732,14 @@ msgstr "" #: usermod.8.xml:124(term) #, fuzzy #| msgid "" -#| ", HOME_DIR" +#| ",  " +#| "HOME_DIR" msgid "" ",  HOME_DIR" msgstr "" -", RƉP_PERSO" +",  " +"RƉP_PERSO" #: usermod.8.xml:128(para) msgid "The user's new login directory." @@ -772,15 +756,11 @@ msgstr "" "crĆ©Ć© si nĆ©cessaire." #: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term) -#, fuzzy -#| msgid "" -#| ", ,  " "EXPIRE_DATE" msgstr "" -", " +",  " "DATE_FIN_VALIDITƉ" #: usermod.8.xml:144(para) useradd.8.xml:192(para) @@ -808,15 +788,11 @@ msgstr "" "entrĆ©e /etc/shadow sera crĆ©Ć©e si il n'y en avait pas." #: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term) -#, fuzzy -#| msgid "" -#| ", INACTIVE" msgid "" ",  INACTIVE" msgstr "" -", " +",  " "DURƉE_INACTIVITƉ" #: usermod.8.xml:164(para) @@ -836,15 +812,12 @@ msgstr "" "de validitĆ©, et une valeur de -1 dĆ©sactive cette fonctionnalitĆ©." #: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term) -#, fuzzy -#| msgid "" -#| ", GROUP" msgid "" ",  GROUP" msgstr "" -", GROUPE" +",  GROUPE" #: usermod.8.xml:185(para) msgid "" @@ -871,17 +844,12 @@ msgstr "" "l'utilisateur doit ĆŖtre modifiĆ© manuellement." #: usermod.8.xml:200(term) useradd.8.xml:251(term) -#, fuzzy -#| msgid "" -#| ", GROUP1[,GROUP2,...[,GROUPN]]]" msgid "" ",  GROUP1[,GROUP2,...[,GROUPN]]]" msgstr "" -", GROUPE1-G,  GROUPE1[,GROUPE2,...[,GROUPEN]]]" @@ -910,16 +878,12 @@ msgstr "" "actuelle des groupes supplĆ©mentaires." #: usermod.8.xml:220(term) -#, fuzzy -#| msgid "" -#| ", NEW_LOGIN" msgid "" ",  NEW_LOGIN" msgstr "" -", NOUVEAU_LOGIN" +",  " +"NOUVEAU_LOGIN" #: usermod.8.xml:224(para) msgid "" @@ -1002,16 +966,12 @@ msgstr "" #: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term) #: groupadd.8.xml:167(term) -#, fuzzy -#| msgid "" -#| ", PASSWORD" msgid "" ",  PASSWORD" msgstr "" -", MOT_DE_PASSE" +",  " +"MOT_DE_PASSE" #: usermod.8.xml:288(para) groupmod.8.xml:161(para) msgid "" @@ -1053,16 +1013,12 @@ msgstr "" #: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term) #: su.1.xml:187(term) chsh.1.xml:119(term) -#, fuzzy -#| msgid "" -#| ", SHELL" msgid "" ",  SHELL" msgstr "" -", INTERPRƉTEUR" +",  " +"INTERPRƉTEUR" #: usermod.8.xml:327(para) chsh.1.xml:123(para) msgid "" @@ -1074,14 +1030,12 @@ msgstr "" "de commandes initial par dĆ©faut." #: usermod.8.xml:334(term) useradd.8.xml:471(term) -#, fuzzy -#| msgid "" -#| ", UID" msgid "" ",  UID" msgstr "" -", UID" +",  UID" #: usermod.8.xml:338(para) msgid "The new numerical value of the user's ID." @@ -1153,13 +1107,13 @@ msgstr "" #: usermod.8.xml:384(term) #, fuzzy #| msgid "" -#| ", LOGIN-u,  LOGIN|RANGE" msgid "" ",  " "FIRST-LAST" msgstr "" -", LOGIN-u,  LOGIN|INTERVALLE" #: usermod.8.xml:388(para) @@ -1190,13 +1144,13 @@ msgstr "" #: usermod.8.xml:402(term) #, fuzzy #| msgid "" -#| ", LOGIN-u,  LOGIN|RANGE" msgid "" ",  " "FIRST-LAST" msgstr "" -", LOGIN-u,  LOGIN|INTERVALLE" #: usermod.8.xml:406(para) @@ -1214,13 +1168,13 @@ msgstr "" #: usermod.8.xml:422(term) #, fuzzy #| msgid "" -#| ", LOGIN-u,  LOGIN|RANGE" msgid "" ",  " "FIRST-LAST" msgstr "" -", LOGIN-u,  LOGIN|INTERVALLE" #: usermod.8.xml:426(para) @@ -1245,13 +1199,13 @@ msgstr "" #: usermod.8.xml:440(term) #, fuzzy #| msgid "" -#| ", LOGIN-u,  LOGIN|RANGE" msgid "" ",  " "FIRST-LAST" msgstr "" -", LOGIN-u,  LOGIN|INTERVALLE" #: usermod.8.xml:444(para) @@ -1271,15 +1225,11 @@ msgid "" msgstr "" #: usermod.8.xml:460(term) useradd.8.xml:506(term) -#, fuzzy -#| msgid "" -#| ", SEUSER" msgid "" ",  " "SEUSER" msgstr "" -", " +",  " "UTILISATEUR_SELINUX" #: usermod.8.xml:464(para) @@ -1298,20 +1248,27 @@ msgstr "" #: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) #: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) -#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) -#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) -#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) +#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) +#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) +#: faillog.8.xml:232(title) chpasswd.8.xml:231(title) #: chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "AVERTISSEMENTS" #: usermod.8.xml:479(para) +#, fuzzy +#| msgid "" +#| "You must make certain that the named user is not executing any processes " +#| "when this command is being executed if the user's numerical user ID, the " +#| "user's name, or the user's home directory is being changed. " +#| "usermod checks this on Linux, but only check if the " +#| "user is logged in according to utmp on other architectures." msgid "" "You must make certain that the named user is not executing any processes " "when this command is being executed if the user's numerical user ID, the " "user's name, or the user's home directory is being changed. " -"usermod checks this on Linux, but only check if the user " -"is logged in according to utmp on other architectures." +"usermod checks this on Linux. On other platforms it only " +"uses utmp to check if the user is logged in." msgstr "" "Il est nĆ©cessaire de contrĆ“ler que l'identifiant indiquĆ© n'a pas de " "processus en cours d'exĆ©cution si cette commande est utilisĆ©e pour modifier " @@ -1320,7 +1277,7 @@ msgstr "" "Linux mais vĆ©rifie seulement les informations d'utmp sur les autres " "architectures." -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "" "You must change the owner of any crontab files or " "at jobs manually." @@ -1329,7 +1286,7 @@ msgstr "" "crontab ou des travaux programmĆ©s par at." -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "" "Les modifications qui concernent NIS doivent ĆŖtre effectuĆ©es sur le serveur " @@ -1607,7 +1564,7 @@ msgstr "" "user, mais sera calculĆ© en fonction de l'UID de l'utilisateur, Ć  l'aide de " "l'algorithme suivantĀ : " -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) #: useradd.8.xml:726(filename) su.1.xml:382(filename) #: pwconv.8.xml:253(filename) passwd.1.xml:423(filename) #: newusers.8.xml:424(filename) login.access.5.xml:124(filename) @@ -1618,7 +1575,7 @@ msgstr "" msgid "/etc/login.defs" msgstr "/etc/login.defs" -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) #: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) #: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) #: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) @@ -1627,31 +1584,31 @@ msgid "Shadow password suite configuration." msgstr "" "Configuration de la suite des mots de passe cachĆ©s Ā«Ā shadow passwordĀ Ā»." -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) #: useradd.8.xml:714(filename) newusers.8.xml:436(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subgid" msgstr "/etc/suauth" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) #: newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) #: useradd.8.xml:720(filename) newusers.8.xml:442(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subuid" msgstr "/etc/suauth" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) #: newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) #, fuzzy #| msgid "" #| "chfn1useradd sontĀ :" #: useradd.8.xml:129(term) useradd.8.xml:530(term) -#, fuzzy -#| msgid "" -#| ", BASE_DIR" msgid "" ",  BASE_DIR" msgstr "" -", RƉP_BASE-b,  RƉP_BASE" #: useradd.8.xml:133(para) -#, fuzzy -#| msgid "" -#| "The default base directory for the system if option is not " -#| "used, BASE_DIR must exist." msgid "" "The default base directory for the system if  " "HOME_DIR is not specified. BASE_DIR-m option is not used, " "BASE_DIR must exist." msgstr "" -"RĆ©pertoire de base par dĆ©faut du systĆØme si l'option " -"RƉP_PERSO n'est pas spĆ©cifiĆ©e. " +"RĆ©pertoire de base par dĆ©faut du systĆØme si l'option n'est " "pas utilisĆ©e, RƉP_BASE doit exister." @@ -2211,16 +2156,12 @@ msgstr "" "l'utilisateur." #: useradd.8.xml:162(term) -#, fuzzy -#| msgid "" -#| ", HOME_DIR" msgid "" ",  HOME_DIR" msgstr "" -", RƉP_PERSO" +",  " +"RƉP_PERSO" #: useradd.8.xml:166(para) msgid "" @@ -2328,16 +2269,12 @@ msgstr "" "l'utilisateur est de n'appartenir qu'au groupe initial." #: useradd.8.xml:272(term) -#, fuzzy -#| msgid "" -#| ", SKEL_DIR" msgid "" ",  SKEL_DIR" msgstr "" -", RƉP_SQUELETTE" +",  " +"RƉP_SQUELETTE" #: useradd.8.xml:276(para) msgid "" @@ -2372,15 +2309,11 @@ msgid "If possible, the ACLs and extended attributes are copied." msgstr "Si possible, les ACL et les attributs Ć©tendus seront copiĆ©s." #: useradd.8.xml:297(term) groupadd.8.xml:137(term) -#, fuzzy -#| msgid "" -#| ", KEY=VALUE" msgid "" ",  KEY=VALUE" msgstr "" -", CLƉ-K,  CLƉ=VALEUR" #: useradd.8.xml:301(para) @@ -2389,20 +2322,20 @@ msgstr "" #| "Overrides /etc/login.defs defaults (, , " #| " and others). Example: " -#| "PASS_MAX_DAYS-K PASS_MAX_DAYS=-1 can be used when creating " #| "system account to turn off password ageing, even though system account " #| "has no password at all. Multiple options can be " -#| "specified, e.g.: UID_MIN=100 UID_MIN=100  " +#| "UID_MAX=499" msgid "" "Overrides /etc/login.defs defaults (, , " " and others). Example: " " PASS_MAX_DAYS=-1 can be used when creating system " -"account to turn off password ageing, even though system account has no " +"account to turn off password aging, even though system account has no " "password at all. Multiple options can be specified, e." "g.:  UID_MIN=100  " @@ -2411,13 +2344,13 @@ msgstr "" "Surcharge les valeurs par dĆ©faut de /etc/login.defs " "(, , , " " et autres). Par exempleĀ : " -" PASS_MAX_DAYS-K PASS_MAX_DAYS=-1 peut ĆŖtre utilisĆ© pour la " "crĆ©ation de comptes systĆØme pour dĆ©sactiver la gestion de la durĆ©e de " "validitĆ© des mots de passe, mĆŖme si les comptes systĆØme n'ont pas de mot de " "passe. Plusieurs options peuvent ĆŖtre prĆ©cisĆ©es, comme " -"par exempleĀ : UID_MIN=100 " +"par exempleĀ :  UID_MIN=100  " "UID_MAX=499" #: useradd.8.xml:322(term) @@ -2429,9 +2362,13 @@ msgid "Do not add the user to the lastlog and faillog databases." msgstr "N'ajoute pas l'utilisateur aux bases de donnĆ©es lastlog et faillog." #: useradd.8.xml:327(para) +#, fuzzy +#| msgid "" +#| "By default, the user's entries in the lastlog and faillog databases are " +#| "resetted to avoid reusing the entry from a previously deleted user." msgid "" "By default, the user's entries in the lastlog and faillog databases are " -"resetted to avoid reusing the entry from a previously deleted user." +"reset to avoid reusing the entry from a previously deleted user." msgstr "" "Par dĆ©faut, les entrĆ©es de l'utilisateur dans les bases de donnĆ©es lastlog " "et faillog sont remises Ć  zĆ©ro pour Ć©viter de rĆ©utiliser les entrĆ©es d'un " @@ -2460,9 +2397,11 @@ msgstr "" "Par dĆ©faut, si cette option n'est pas prĆ©cisĆ©e et si , " +msgid ", " +msgstr ", " #: useradd.8.xml:357(para) msgid "" @@ -2548,12 +2487,19 @@ msgstr "" " pour la crĆ©ation des groupes)." #: useradd.8.xml:434(para) +#, fuzzy +#| msgid "" +#| "Note that useradd will not create a home directory for " +#| "such an user, regardless of the default setting in /etc/login." +#| "defs (). You have to specify the " +#| " options if you want a home directory for a system " +#| "account to be created." msgid "" "Note that useradd will not create a home directory for " -"such an user, regardless of the default setting in /etc/login." -"defs (). You have to specify the " -" options if you want a home directory for a system " -"account to be created." +"such a user, regardless of the default setting in /etc/login.defs (). You have to specify the options if you want a home directory for a system account to be " +"created." msgstr "" "Notez que useradd ne crĆ©era pas de rĆ©pertoire personnel " "pour ces utilisateurs, indĆ©pendamment de la configuration par dĆ©faut dans " @@ -3068,12 +3014,14 @@ msgid "can't create home directory" msgstr "impossible de crĆ©er le rĆ©pertoire personnel" #: useradd.8.xml:794(replaceable) +#, fuzzy +#| msgid "1" msgid "14" -msgstr "14" +msgstr "1" #: useradd.8.xml:796(para) msgid "can't update SELinux user mapping" -msgstr "Impossible de mettre Ć  jour la correspondance d'utilisateur SELinux" +msgstr "" #: useradd.8.xml:736(para) msgid "" @@ -3146,7 +3094,7 @@ msgstr "" #: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib) #: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib) msgid "Creation, 1996" -msgstr "CrĆ©ation, 1996" +msgstr "" #: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname) msgid "suauth" @@ -3188,10 +3136,14 @@ msgstr "" #. .RS #: suauth.5.xml:83(literallayout) -#, no-wrap +#, fuzzy, no-wrap +#| msgid "" +#| "\n" +#| " 1) the user su is targetting\n" +#| " " msgid "" "\n" -" 1) the user su is targetting\n" +" 1) the user su is targeting\n" " " msgstr "" "\n" @@ -3235,14 +3187,23 @@ msgstr "" "suivi d'une liste d'utilisateurs sĆ©parĆ©s par une virgule." #: suauth.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "from-id is formatted the same as to-id except the extra word " +#| "GROUP is recognised. ALL EXCEPT GROUP is perfectly valid too. Following GROUP " +#| "appears one or more group names, delimited by \",\". It is not sufficient " +#| "to have primary group id of the relevant group, an entry in " +#| "/etc/group5 is neccessary." msgid "" "from-id is formatted the same as to-id except the extra word " -"GROUP is recognised. ALL EXCEPT GROUPGROUP is recognized. ALL EXCEPT GROUP is perfectly valid too. Following GROUP " "appears one or more group names, delimited by \",\". It is not sufficient to " "have primary group id of the relevant group, an entry in " "/etc/group5 is neccessary." +"manvolnum> is necessary." msgstr "" "par-id utilise le mĆŖme format que vers-id, mais accepte Ć©galement le mot-clĆ© " "GROUP. ALL EXCEPT GROUP est " @@ -3393,11 +3354,10 @@ msgstr "" "citerefentry>." #: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) -#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) -#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) -#: faillog.5.xml:41(contrib) +#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) +#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib) msgid "Creation, 1989" -msgstr "CrĆ©ation, 1989" +msgstr "" #: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command) #: login.defs.5.xml:446(term) @@ -3504,15 +3464,11 @@ msgid "The options which apply to the su command are:" msgstr "Les options applicables Ć  la commande su sontĀ :" #: su.1.xml:150(term) -#, fuzzy -#| msgid "" -#| ", COMMAND" msgid "" ",  COMMAND" msgstr "" -", COMMANDE-c,  COMMANDE" #: su.1.xml:154(para) @@ -4261,8 +4217,13 @@ msgstr "" "filename> peuvent n'autoriser aucun accĆØs si le mot de passe est vide." #: shadow.5.xml:117(para) gshadow.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "A password field which starts with a exclamation mark means that the " +#| "password is locked. The remaining characters on the line represent the " +#| "password field before the password was locked." msgid "" -"A password field which starts with a exclamation mark means that the " +"A password field which starts with an exclamation mark means that the " "password is locked. The remaining characters on the line represent the " "password field before the password was locked." msgstr "" @@ -4284,9 +4245,13 @@ msgstr "" "depuis le 1erĀ janvierĀ 1970." #: shadow.5.xml:134(para) +#, fuzzy +#| msgid "" +#| "The value 0 has a special meaning, which is that the user should change " +#| "her pasword the next time she will log in the system." msgid "" "The value 0 has a special meaning, which is that the user should change her " -"pasword the next time she will log in the system." +"password the next time she will log in the system." msgstr "" "La valeur 0 a une signification particuliĆØreĀ : l'utilisateur devra changer " "son mot de passe la prochaine fois qu'il se connectera au systĆØme." @@ -4413,9 +4378,15 @@ msgstr "" "1erĀ janvierĀ 1970." #: shadow.5.xml:229(para) +#, fuzzy +#| msgid "" +#| "Note that an account expiration differs from a password expiration. In " +#| "case of an acount expiration, the user shall not be allowed to login. In " +#| "case of a password expiration, the user is not allowed to login using her " +#| "password." msgid "" "Note that an account expiration differs from a password expiration. In case " -"of an acount expiration, the user shall not be allowed to login. In case of " +"of an account expiration, the user shall not be allowed to login. In case of " "a password expiration, the user is not allowed to login using her password." msgstr "" "Veuillez noter que l'expiration d'un compte diffĆØre de l'expiration d'un mot " @@ -4759,18 +4730,15 @@ msgstr "" msgid "pwconv" msgstr "pwconv" -#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) -#: login.defs.5.xml:438(term) +#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term) msgid "pwunconv" msgstr "pwunconv" -#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) -#: login.defs.5.xml:340(term) +#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term) msgid "grpconv" msgstr "grpconv" -#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) -#: login.defs.5.xml:346(term) +#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term) msgid "grpunconv" msgstr "grpunconv" @@ -4981,7 +4949,7 @@ msgstr "" #: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib) msgid "Creation, 1992" -msgstr "CrĆ©ation, 1992" +msgstr "" #: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command) #: login.defs.5.xml:420(term) @@ -4994,8 +4962,7 @@ msgstr "VĆ©rifier l'intĆ©gritĆ© des fichiers de mots de passe" #: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) #: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) -#: passwd.1.xml:71(refname) passwd.1.xml:77(command) -#: login.defs.5.xml:409(term) +#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term) msgid "passwd" msgstr "passwd" @@ -5173,10 +5140,15 @@ msgstr "" "passwd et shadow." #: pwck.8.xml:243(para) +#, fuzzy +#| msgid "" +#| "Note that when is enabled, you cannot specify an " +#| "alternative shadow file. In future releases, " +#| "this paramater could be replaced by an alternate TCB directory." msgid "" "Note that when is enabled, you cannot specify an " "alternative shadow file. In future releases, this " -"paramater could be replaced by an alternate TCB directory." +"parameter could be replaced by an alternate TCB directory." msgstr "" "Veuillez noter que quand est activĆ©e, vous ne " "pouvez pas indiquer de fichier shadow alternatif. " @@ -5635,8 +5607,12 @@ msgstr "" "pour violer la sĆ©curitĆ© du systĆØme." #: passwd.1.xml:166(para) +#, fuzzy +#| msgid "" +#| "You can find advices on how to choose a strong password on http://en." +#| "wikipedia.org/wiki/Password_strength" msgid "" -"You can find advices on how to choose a strong password on http://en." +"You can find advice on how to choose a strong password on http://en." "wikipedia.org/wiki/Password_strength" msgstr "" "Vous pouvez trouver des conseils sur la faƧon choisir un mot de passe " @@ -5687,15 +5663,11 @@ msgstr "" "connexion." #: passwd.1.xml:220(term) -#, fuzzy -#| msgid "" -#| ", INACTIVE" msgid "" ",  INACTIVE" msgstr "" -", " +",  " "DURƉE_INACTIVITƉ" # NOTE: Only this user account @@ -5761,15 +5733,11 @@ msgstr "" "changer." #: passwd.1.xml:269(term) -#, fuzzy -#| msgid "" -#| ", MIN_DAYS" msgid "" ",  MIN_DAYS" msgstr "" -", JOURS_MIN-n,  JOURS_MIN" #: passwd.1.xml:273(para) chage.1.xml:168(para) @@ -5783,16 +5751,12 @@ msgstr "" "indique que l'utilisateur peut changer son mot de passe quand il le souhaite." #: passwd.1.xml:291(term) -#, fuzzy -#| msgid "" -#| ", ,  " "REPOSITORY" msgstr "" -", REPOSITORY" +",  " +"REPOSITORY" #: passwd.1.xml:295(para) msgid "change password in REPOSITORY repository" @@ -5837,15 +5801,11 @@ msgstr "" "prĆ©sente avant l'utilisation de l'option )." #: passwd.1.xml:344(term) -#, fuzzy -#| msgid "" -#| ", WARN_DAYS" msgid "" ",  " "WARN_DAYS" msgstr "" -", " +",  " "DURƉE_AVERTISSEMENT" #: passwd.1.xml:348(para) @@ -5862,15 +5822,11 @@ msgstr "" "d'arriver en fin de validitĆ©." #: passwd.1.xml:357(term) -#, fuzzy -#| msgid "" -#| ", MAX_DAYS" msgid "" ",  MAX_DAYS" msgstr "" -", JOURS_MAX-x,  JOURS_MAX" #: passwd.1.xml:361(para) @@ -6222,7 +6178,9 @@ msgid "HISTORY" msgstr "HISTORIQUE" #: nologin.8.xml:91(para) -msgid "The nologin command appearred in BSD 4.4." +#, fuzzy +#| msgid "The nologin command appearred in BSD 4.4." +msgid "The nologin command appeared in BSD 4.4." msgstr "La commande nologin est apparue avec BSD 4.4." #: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) @@ -6268,8 +6226,14 @@ msgid "This is the name of the user." msgstr "C'est le nom de l'utilisateur." #: newusers.8.xml:116(para) +#, fuzzy +#| msgid "" +#| "It can be the name of a new user or the name of an existing user (or an " +#| "user created before by newusers). In case of an " +#| "existing user, the user's information will be changed, otherwise a new " +#| "user will be created." msgid "" -"It can be the name of a new user or the name of an existing user (or an user " +"It can be the name of a new user or the name of an existing user (or a user " "created before by newusers). In case of an existing user, " "the user's information will be changed, otherwise a new user will be created." msgstr "" @@ -6299,8 +6263,12 @@ msgid "This field is used to define the UID of the user." msgstr "Ce champ est utilisĆ© pour dĆ©finir l'UID de l'utilisateur." #: newusers.8.xml:144(para) +#, fuzzy +#| msgid "" +#| "If the field is empty, an new (unused) UID will be defined automatically " +#| "by newusers." msgid "" -"If the field is empty, an new (unused) UID will be defined automatically by " +"If the field is empty, a new (unused) UID will be defined automatically by " "newusers." msgstr "" "Si ce champ est vide, un nouvel UID (non utilisĆ©) sera dĆ©fini " @@ -6311,8 +6279,13 @@ msgid "If this field contains a number, this number will be used as the UID." msgstr "Si ce champ contient un nombre, ce nombre sera utilisĆ© comme UID." #: newusers.8.xml:152(para) +#, fuzzy +#| msgid "" +#| "If this field contains the name of an existing user (or the name of an " +#| "user created before by newusers), the UID of the " +#| "specified user will be used." msgid "" -"If this field contains the name of an existing user (or the name of an user " +"If this field contains the name of an existing user (or the name of a user " "created before by newusers), the UID of the specified " "user will be used." msgstr "" @@ -7827,11 +7800,11 @@ msgstr "" #: limits.5.xml:41(firstname) msgid "Luca" -msgstr "Luca" +msgstr "" #: limits.5.xml:42(surname) msgid "Berra" -msgstr "Berra" +msgstr "" #: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname) msgid "limits" @@ -7910,7 +7883,9 @@ msgstr "" "DĀ : taille maximale du segment de donnĆ©es d'un programme (en kilo octets)" #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +#, fuzzy +#| msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "FĀ : taille maximale des fichiers (en kilo octets)" #: limits.5.xml:112(para) @@ -7996,9 +7971,15 @@ msgstr "" " " #: limits.5.xml:145(para) +#, fuzzy +#| msgid "" +#| "Be aware that after username the rest of " +#| "the line is considered a limit string, thus comments are not allowed. A " +#| "invalid limits string will be rejected (not considered) by the " +#| "login program." msgid "" "Be aware that after username the rest of " -"the line is considered a limit string, thus comments are not allowed. A " +"the line is considered a limit string, thus comments are not allowed. An " "invalid limits string will be rejected (not considered) by the " "login program." msgstr "" @@ -8027,16 +8008,26 @@ msgstr "" "s'appliquent aux membres du groupe prĆ©cisĆ©." #: limits.5.xml:165(para) +#, fuzzy +#| msgid "" +#| "If more than one line with limits for an user exist, only the first line " +#| "for this user will be considered." msgid "" -"If more than one line with limits for an user exist, only the first line for " +"If more than one line with limits for a user exist, only the first line for " "this user will be considered." msgstr "" "Si plusieurs lignes avec des limites pour un utilisateur existent, seule la " "premiĆØre ligne pour cet utilisateur sera prise en compte." #: limits.5.xml:170(para) +#, fuzzy +#| msgid "" +#| "If no lines are specified for an user, the last @group line matching a group whose the user is a member of will be " +#| "considered, or the last line with default limits if no groups contain the " +#| "user." msgid "" -"If no lines are specified for an user, the last @group@group line matching a group whose the user is a member of will be " "considered, or the last line with default limits if no groups contain the " "user." @@ -8123,15 +8114,11 @@ msgstr "" "Les options disponibles pour la commande lastlog sontĀ :" #: lastlog.8.xml:97(term) -#, fuzzy -#| msgid "" -#| ", DAYS" msgid "" ",  DAYS" msgstr "" -", JOURS-b,  JOURS" #: lastlog.8.xml:101(para) @@ -8141,18 +8128,45 @@ msgstr "" "N'afficher que les entrĆ©es du fichier lastlog plus anciennes que JOURS." -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) +#: lastlog.8.xml:107(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:111(para) #, fuzzy #| msgid "" -#| ", DAYS" +#| "This option is only valid in combination with the (or " +#| ") option." +msgid "" +"Clear lastlog record of a user. This option can be used only together with " +" ())." +msgstr "" +"Cette option ne fonctionne que lorsqu'elle est combinĆ©e avec l'option " +" (ou )." + +#: lastlog.8.xml:138(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:142(para) +msgid "" +"Set lastlog record of a user to the current time. This option can be used " +"only together with ())." +msgstr "" + +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) msgid "" ",  DAYS" msgstr "" -", JOURS" +",  JOURS" -#: lastlog.8.xml:131(para) +#: lastlog.8.xml:153(para) msgid "" "Print the lastlog records more recent than DAYS." @@ -8160,23 +8174,19 @@ msgstr "" "Afficher les entrĆ©es du fichier lastlog plus rĆ©centes que JOURS." -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) -#, fuzzy -#| msgid "" -#| ", LOGIN|RANGE" +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) msgid "" ",  LOGIN|RANGE" msgstr "" -", LOGIN-u,  LOGIN|INTERVALLE" -#: lastlog.8.xml:142(para) +#: lastlog.8.xml:164(para) msgid "Print the lastlog record of the specified user(s)." msgstr "N'afficher que les entrĆ©es correspondant aux utilisateurs indiquĆ©s." -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "" "The users can be specified by a login name, a numerical user ID, or a " "RANGE of users. This RANGE-UID_MAX) ou une valeur minimale " "(UID_MIN-)." -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "" "If the user has never logged in the message ** Never logged in** will be displayed instead of the port and time." @@ -8202,7 +8212,7 @@ msgstr "" "connectĆ©**Ā Ā») est affichĆ© Ć  la place des champs Port et date de DerniĆØre connexion." -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "" "Only the entries for the current users of the system will be displayed. " "Other entries may exist for users that were deleted previously." @@ -8211,12 +8221,12 @@ msgstr "" "affichĆ©es. D'autres entrĆ©es peuvent exister pour les utilisateurs supprimĆ©s " "prĆ©cĆ©demment." -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) #: chage.1.xml:231(title) msgid "NOTE" msgstr "NOTE" -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "" "The lastlog file is a database which contains info on " "the last login of each user. You should not rotate it. It is a sparse file, " @@ -8234,16 +8244,16 @@ msgstr "" "UID Ć©levĆ©s). Vous pouvez afficher sa taille rĆ©elle avec Ā«Ā ls -sĀ Ā»." -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "/var/log/lastlog" -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "" "Base de donnĆ©es de l'heure des connexions prĆ©cĆ©dentes des utilisateurs." -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "" "Large gaps in UID numbers will cause the lastlog program to run longer with " "no output to the screen (i.e. if in lastlog database there is no entries for " @@ -8258,7 +8268,7 @@ msgstr "" #: gshadow.5.xml:41(contrib) msgid "Creation, 2005" -msgstr "CrĆ©ation, 2005" +msgstr "" #: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname) msgid "gshadow" @@ -8305,8 +8315,14 @@ msgstr "" "groupe n'ont pas besoin de mot de passe)." #: gshadow.5.xml:97(para) +#, fuzzy +#| msgid "" +#| "The password is used when an user who is not a member of the group wants " +#| "to gain the permissions of this group (see " +#| "newgrp1)." msgid "" -"The password is used when an user who is not a member of the group wants to " +"The password is used when a user who is not a member of the group wants to " "gain the permissions of this group (see newgrp1)." msgstr "" @@ -8498,6 +8514,14 @@ msgstr "" "\"gshadow\">et /etc/gshadow par GID." #: grpck.8.xml:196(para) +#, fuzzy +#| msgid "" +#| "By default, grpck operates on /etc/group and /etc/gshadow. The user may select alternate files with the " +#| "groupparameter.and shadow parameters." msgid "" "By default, grpck operates on /etc/groupand /etc/gshadowgroupmod sontĀ :" #: groupmod.8.xml:96(term) groupadd.8.xml:114(term) -#, fuzzy -#| msgid "" -#| ", GID" msgid "" ",  GID" msgstr "" -", GID" +",  GID" #: groupmod.8.xml:100(para) msgid "" @@ -8697,15 +8719,11 @@ msgstr "" " du fichier /etc/login.defs." #: groupmod.8.xml:135(term) -#, fuzzy -#| msgid "" -#| ", NEW_GROUP" msgid "" ",  " "NEW_GROUP" msgstr "" -", " +",  " "NOUVEAU_NOM_GROUPE" #: groupmod.8.xml:139(para) @@ -8773,19 +8791,19 @@ msgstr "" #: groupmems.8.xml:42(firstname) msgid "George" -msgstr "George" +msgstr "" #: groupmems.8.xml:43(surname) msgid "Kraft" -msgstr "Kraft" +msgstr "" #: groupmems.8.xml:44(lineage) msgid "IV" -msgstr "IV" +msgstr "" #: groupmems.8.xml:45(contrib) msgid "Creation, 2000" -msgstr "CrĆ©ation, 2000" +msgstr "" #: groupmems.8.xml:69(refpurpose) msgid "administer members of a user's primary group" @@ -8845,19 +8863,17 @@ msgstr "" "Les options disponibles pour la commande groupmems sontĀ :" #: groupmems.8.xml:107(term) -#, fuzzy -#| msgid "" -#| ", user_name" msgid "" ",  user_name" msgstr "" -", nom_utilisateur" +",  " +"nom_utilisateur" #: groupmems.8.xml:109(para) -msgid "Add an user to the group membership list." +#, fuzzy +#| msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "Ajouter un utilisateur Ć  la liste des membres du groupe." #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) @@ -8871,16 +8887,12 @@ msgstr "" "a pas d'entrĆ©e, une nouvelle entrĆ©e sera crĆ©Ć©e." #: groupmems.8.xml:118(term) -#, fuzzy -#| msgid "" -#| ", user_name" msgid "" ",  user_name" msgstr "" -", nom_utilisateur" +",  " +"nom_utilisateur" #: groupmems.8.xml:120(para) msgid "Delete a user from the group membership list." @@ -8895,15 +8907,11 @@ msgstr "" "retirĆ© de la liste des membres et des administrateurs du groupe." #: groupmems.8.xml:134(term) -#, fuzzy -#| msgid "" -#| ", group_name" msgid "" ",  group_name" msgstr "" -", nom_groupe-g,  nom_groupe" #: groupmems.8.xml:136(para) @@ -9138,32 +9146,22 @@ msgstr "" "ĆŖtre indiquĆ©e plusieurs fois." #: groupadd.8.xml:146(para) -#, fuzzy -#| msgid "" -#| "Example: GID_MIN=100 GID_MIN=100  " "GID_MAX=499" msgstr "" -"ExempleĀ : GID_MIN=10 " +"ExempleĀ :  GID_MIN=10  " "GID_MAX=499" #: groupadd.8.xml:150(para) -#, fuzzy -#| msgid "" -#| "Note: GID_MIN=10,GID_MAX=499 doesn't work yet." msgid "" "Note:  GID_MIN=10,GID_MAX=499 doesn't work yet." msgstr "" -"RemarqueĀ : GID_MIN-K GID_MIN=10,GID_MAX=499 ne fonctionne pas pour l'instant." @@ -9273,11 +9271,11 @@ msgstr "" #: gpasswd.1.xml:44(firstname) msgid "Rafal" -msgstr "Rafal" +msgstr "" #: gpasswd.1.xml:45(surname) msgid "Maszkowski" -msgstr "Maszkowski" +msgstr "" #: gpasswd.1.xml:71(phrase) msgid "administer " @@ -9370,14 +9368,11 @@ msgstr "" "Les options disponibles pour la commande gpasswd sontĀ :" #: gpasswd.1.xml:147(term) -#, fuzzy -#| msgid "" -#| ", user" msgid "" ",  user" msgstr "" -", utilisateur-a,  utilisateur" #: gpasswd.1.xml:151(para) @@ -9389,16 +9384,12 @@ msgstr "" "replaceable>." #: gpasswd.1.xml:160(term) -#, fuzzy -#| msgid "" -#| ", user" msgid "" ",  user" msgstr "" -", utilisateur" +",  " +"utilisateur" #: gpasswd.1.xml:164(para) msgid "" @@ -9409,15 +9400,11 @@ msgstr "" "replaceable>." #: gpasswd.1.xml:181(term) -#, fuzzy -#| msgid "" -#| ", CHROOT_DIR" msgid "" ",  CHROOT_DIR" msgstr "" -", RƉP_CHROOT-Q,  RƉP_CHROOT" #: gpasswd.1.xml:195(term) @@ -9452,15 +9439,11 @@ msgstr "" "replaceable>." #: gpasswd.1.xml:227(term) -#, fuzzy -#| msgid "" -#| ", user,..." msgid "" ",  " "user,..." msgstr "" -", " +",  " "utilisateur,..." #: gpasswd.1.xml:231(para) @@ -9468,16 +9451,12 @@ msgid "Set the list of administrative users." msgstr "Configurer la liste des administrateurs." #: gpasswd.1.xml:239(term) -#, fuzzy -#| msgid "" -#| ", user,..." msgid "" ",  user,..." msgstr "" -", utilisateur,..." +",  " +"utilisateur,..." #: gpasswd.1.xml:243(para) msgid "Set the list of group members." @@ -9593,15 +9572,11 @@ msgstr "" "d'utilisateurs." #: faillog.8.xml:128(term) -#, fuzzy -#| msgid "" -#| ", SEC" msgid "" ",  SEC" msgstr "" -", SEC-l,  SEC" # NOTE: s/to/during/ @@ -9621,15 +9596,11 @@ msgstr "" "pour cette option." #: faillog.8.xml:143(term) -#, fuzzy -#| msgid "" -#| ", MAX" msgid "" ",  MAX" msgstr "" -", MAX-m,  MAX" #: faillog.8.xml:147(para) @@ -9780,7 +9751,7 @@ msgstr "" #: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib) #: chage.1.xml:42(contrib) msgid "Creation, 1990" -msgstr "CrĆ©ation, 1990" +msgstr "" #: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname) #: expiry.1.xml:74(command) @@ -9945,10 +9916,17 @@ msgstr "" "Ć©galement mis Ć  jour, s'il est prĆ©sent." #: chpasswd.8.xml:97(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| " or " +#| "variables of /etc/login.defs, and can be overwitten " +#| "with the , , or " +#| "options." msgid "" "The default encryption algorithm can be defined for the system with the " " or variables " -"of /etc/login.defs, and can be overwitten with the " +"of /etc/login.defs, and can be overwritten with the " ", , or options." msgstr "" "L'algorithme de chiffrement par dĆ©faut peut ĆŖtre dĆ©fini pour le systĆØme Ć  " @@ -9969,10 +9947,16 @@ msgstr "" "option>." #: chpasswd.8.xml:111(para) +#, fuzzy +#| msgid "" +#| "Except when PAM is used to encrypt the " +#| "passwords,chpasswd first updates all the " +#| "passwords in memory, and then commits all the changes to disk if no " +#| "errors occured for any user." msgid "" "Except when PAM is used to encrypt the passwords,chpasswd first updates all the passwords in " -"memory, and then commits all the changes to disk if no errors occured for " +"memory, and then commits all the changes to disk if no errors occurred for " "any user." msgstr "" "Sauf quand PAM est utilisĆ© pour chiffrer les mots " @@ -10007,16 +9991,12 @@ msgstr "" "Les options disponibles pour la commande chpasswd sontĀ :" #: chpasswd.8.xml:137(term) -#, fuzzy -#| msgid "" -#| ", METHOD" msgid "" ",  " "METHOD" msgstr "" -", MƉTHODE" +",  " +"MƉTHODE" #: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para) msgid "The available methods are DES, MD5, and NONE." @@ -10059,15 +10039,11 @@ msgstr "" "passe fournis ne sont pas chiffrĆ©s." #: chpasswd.8.xml:200(term) -#, fuzzy -#| msgid "" -#| ", ROUNDS" msgid "" ",  ROUNDS" msgstr "" -", ROUNDS-s,  ROUNDS" #: chpasswd.8.xml:219(para) @@ -10114,7 +10090,7 @@ msgstr "" #: chgpasswd.8.xml:47(contrib) msgid "Creation, 2006" -msgstr "CrĆ©ation, 2006" +msgstr "" #: chgpasswd.8.xml:65(refpurpose) msgid "update group passwords in batch mode" @@ -10148,10 +10124,16 @@ msgstr "" "chgpasswd." #: chgpasswd.8.xml:92(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| " variable of /etc/login.defs, and can be overwiten with the , options." msgid "" "The default encryption algorithm can be defined for the system with the " " variable of /etc/login.defs, and can be overwiten with the , , options." msgstr "" "L'algorithme de chiffrement peut ĆŖtre dĆ©fini pour le systĆØme avec la " @@ -10229,47 +10211,36 @@ msgid "The options which apply to the chfn command are:" msgstr "Les options applicables Ć  la commande chfn sontĀ :" #: chfn.1.xml:117(term) -#, fuzzy -#| msgid "" -#| ", FULL_NAME" msgid "" ",  " "FULL_NAME" msgstr "" -", NOM_COMPLET" +",  " +"NOM_COMPLET" #: chfn.1.xml:121(para) msgid "Change the user's full name." msgstr "Modifier le nom complet de l'utilisateur." #: chfn.1.xml:125(term) -#, fuzzy -#| msgid "" -#| ", ,  " "HOME_PHONE" msgstr "" -", TEL_PERSO" +",  " +"TEL_PERSO" #: chfn.1.xml:129(para) msgid "Change the user's home phone number." msgstr "Modifier le numĆ©ro de tĆ©lĆ©phone personnel de l'utilisateur." #: chfn.1.xml:133(term) -#, fuzzy -#| msgid "" -#| ", OTHER" msgid "" ",  OTHER" msgstr "" -", AUTRE" +",  AUTRE" #: chfn.1.xml:137(para) msgid "" @@ -10282,16 +10253,12 @@ msgstr "" "applications et peut ĆŖtre changĆ© seulement par un superutilisateur." #: chfn.1.xml:145(term) -#, fuzzy -#| msgid "" -#| ", ROOM_NUMBER" msgid "" ",  ROOM_NUMBER" msgstr "" -", NUMƉRO_DE_BUREAU" +",  " +"NUMƉRO_DE_BUREAU" #: chfn.1.xml:149(para) msgid "Change the user's room number." @@ -10302,16 +10269,12 @@ msgid ", " msgstr ", " #: chfn.1.xml:173(term) -#, fuzzy -#| msgid "" -#| ", ,  " "WORK_PHONE" msgstr "" -", TEL_PRO" +",  " +"TEL_PRO" #: chfn.1.xml:177(para) msgid "Change the user's office phone number." @@ -10369,16 +10332,12 @@ msgstr "" "Les options disponibles pour la commande chage sontĀ :" #: chage.1.xml:97(term) -#, fuzzy -#| msgid "" -#| ", LAST_DAY" msgid "" ",  LAST_DAY" msgstr "" -", DERNIER_JOUR" +",  " +"DERNIER_JOUR" #: chage.1.xml:101(para) msgid "" @@ -10392,15 +10351,11 @@ msgstr "" "rĆ©gion)." #: chage.1.xml:109(term) -#, fuzzy -#| msgid "" -#| ", ,  " "EXPIRE_DATE" msgstr "" -", " +",  " "DATE_FIN_VALIDITƉ" # NOTE: s/date// @@ -10430,15 +10385,11 @@ msgstr "" "date de fin de validitĆ©." #: chage.1.xml:135(term) -#, fuzzy -#| msgid "" -#| ", INACTIVE" msgid "" ",  INACTIVE" msgstr "" -", " +",  " "DURƉE_INACTIVITƉ" #: chage.1.xml:139(para) @@ -10468,27 +10419,19 @@ msgid "Show account aging information." msgstr "Afficher les informations sur l'Ć¢ge des comptes." #: chage.1.xml:164(term) -#, fuzzy -#| msgid "" -#| ", MIN_DAYS" msgid "" ",  MIN_DAYS" msgstr "" -", JOURS_MIN-m,  JOURS_MIN" #: chage.1.xml:176(term) -#, fuzzy -#| msgid "" -#| ", MAX_DAYS" msgid "" ",  MAX_DAYS" msgstr "" -", JOURS_MAX-M,  JOURS_MAX" #: chage.1.xml:180(para) @@ -10518,15 +10461,11 @@ msgstr "" "JOURS_MAX supprime la vĆ©rification de validitĆ©." #: chage.1.xml:209(term) -#, fuzzy -#| msgid "" -#| ", WARN_DAYS" msgid "" ",  " "WARN_DAYS" msgstr "" -", " +",  " "DURƉE_AVERTISSEMENT" #: chage.1.xml:213(para) @@ -10599,6 +10538,9 @@ msgstr "" ", 2011-2012Debian French l10n team , 2011-2012" +#~ msgid "-M" +#~ msgstr "-M" + #~ msgid "" #~ "chfn1, chsh, usermod8." -#~ msgid "KƅĀ‚oczko" -#~ msgstr "Kłoczko" - -#~ msgid "FranƃĀ§ois" -#~ msgstr "FranƧois" - #~ msgid "" #~ "login.defs5, passwd" #~ msgid "" -#~ "Note: UID_MIN-K UID_MIN=10,UID_MAX=499 doesn't work yet." #~ msgstr "" -#~ "NoteĀ : UID_MIN-K UID_MIN=10,UID_MAX=499 ne fonctionne pas pour " #~ "l'instant." diff --git a/man/po/it.po b/man/po/it.po index c80be414..f9dfbe9b 100644 --- a/man/po/it.po +++ b/man/po/it.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.1.5\n" -"POT-Creation-Date: 2014-05-09 12:53+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2013-08-23 01:38+0200\n" "Last-Translator: Giuseppe Sacco \n" "Language-Team: Italian \n" @@ -56,16 +56,15 @@ msgstr "" #: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) #: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) #: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) -#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) -#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname) -#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) -#: login.access.5.xml:46(surname) login.1.xml:78(surname) -#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) -#: groups.1.xml:45(surname) groupmod.8.xml:46(surname) +#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) +#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) +#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname) +#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) +#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) #: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) #: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) -#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) -#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) +#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) +#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) #: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname) msgid "Kłoczko" msgstr "" @@ -90,17 +89,16 @@ msgstr "" #: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) #: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) #: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) -#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) -#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) -#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) -#: login.access.5.xml:48(contrib) login.1.xml:80(contrib) -#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) -#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) +#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) +#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) +#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) +#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) +#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) #: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) #: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) -#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) -#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) -#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib) +#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) +#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) +#: chage.1.xml:48(contrib) msgid "shadow-utils maintainer, 2000 - 2007" msgstr "" @@ -134,14 +132,13 @@ msgstr "" #: newusers.8.xml:66(surname) newgrp.1.xml:52(surname) #: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) #: login.access.5.xml:52(surname) login.1.xml:84(surname) -#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) -#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) -#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) -#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) -#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) -#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) -#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) -#: chfn.1.xml:54(surname) chage.1.xml:52(surname) +#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) +#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) +#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) +#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) +#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) +#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) +#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname) msgid "FranƧois" msgstr "" @@ -170,14 +167,13 @@ msgstr "" #: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) #: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) #: login.access.5.xml:54(contrib) login.1.xml:86(contrib) -#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) -#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) -#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) -#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) -#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) -#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) -#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) -#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib) +#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) +#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) +#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) +#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) +#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) +#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) +#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib) msgid "shadow-utils maintainer, 2007 - now" msgstr "" @@ -251,14 +247,13 @@ msgstr "" #: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) #: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) #: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) -#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) -#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) -#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) -#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) -#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) -#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) -#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) -#: chage.1.xml:72(replaceable) +#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) +#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) +#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) +#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) +#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) +#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) +#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable) msgid "options" msgstr "opzioni" @@ -311,11 +306,10 @@ msgstr "" #: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) #: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) #: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) -#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) -#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) -#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) -#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) -#: chage.1.xml:91(title) +#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) +#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) +#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) +#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title) msgid "OPTIONS" msgstr "OPZIONI" @@ -340,7 +334,7 @@ msgstr "Modifica del database Ā«groupĀ»." # type: TP #: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) #: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) -#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term) +#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) #: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) #: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) #: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) @@ -351,7 +345,7 @@ msgstr ", " # type: Plain text #: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) #: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) -#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) +#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) #: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) #: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) #: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) @@ -380,7 +374,7 @@ msgstr "ModalitĆ  silenziosa." # type: IP #: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) #: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) -#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) +#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) #: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) #: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) #: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) @@ -395,7 +389,7 @@ msgstr "" # type: Plain text #: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) #: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) -#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) +#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) #: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) #: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) #: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) @@ -427,18 +421,18 @@ msgstr ", " msgid "Indicates which user's tcb shadow file to edit." msgstr "Indica di quale utente modificare il file Ā«shadow tcbĀ»." -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) #: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) #: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) #: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) #: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) -#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) -#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) -#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) +#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) +#: chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "CONFIGURAZIONE" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) #: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) #: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) #: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) @@ -494,38 +488,36 @@ msgid "Editor to be used if is not set." msgstr "Editor da utilizzare se non ĆØ impostata." # type: SH -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) #: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) #: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) #: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) #: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) #: newgrp.1.xml:121(title) logoutd.8.xml:89(title) -#: login.access.5.xml:121(title) login.1.xml:338(title) -#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) -#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) -#: groupmems.8.xml:211(title) groupdel.8.xml:140(title) -#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) -#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) -#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) -#: chage.1.xml:256(title) +#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) +#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) +#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) +#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) +#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) +#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) +#: chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "FILE" -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) #: userdel.8.xml:191(filename) useradd.8.xml:690(filename) -#: sg.1.xml:125(filename) pwck.8.xml:272(filename) -#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename) -#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename) -#: groups.1.xml:103(filename) groupmod.8.xml:208(filename) -#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) -#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) -#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) -#: chgpasswd.8.xml:216(filename) +#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) +#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) +#: grpck.8.xml:224(filename) groups.1.xml:103(filename) +#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) +#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) +#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) +#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "/etc/group" # type: Plain text -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) #: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) #: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) #: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) @@ -534,7 +526,7 @@ msgstr "/etc/group" msgid "Group account information." msgstr "Informazioni sugli account di gruppo." -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) #: useradd.8.xml:696(filename) sg.1.xml:131(filename) #: newusers.8.xml:418(filename) newgrp.1.xml:142(filename) #: gshadow.5.xml:165(filename) grpck.8.xml:230(filename) @@ -546,7 +538,7 @@ msgid "/etc/gshadow" msgstr "/etc/gshadow" # type: Plain text -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) #: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) #: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) #: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) @@ -554,7 +546,7 @@ msgstr "/etc/gshadow" msgid "Secure group account information." msgstr "Informazioni sicure sugli account di gruppo." -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) #: userdel.8.xml:203(filename) useradd.8.xml:678(filename) #: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) #: pwck.8.xml:278(filename) passwd.5.xml:144(filename) @@ -568,7 +560,7 @@ msgid "/etc/passwd" msgstr "/etc/passwd" # type: Plain text -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) #: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) #: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) #: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) @@ -578,7 +570,7 @@ msgstr "/etc/passwd" msgid "User account information." msgstr "Informazioni sugli account utente." -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) #: userdel.8.xml:209(filename) useradd.8.xml:684(filename) #: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) #: shadow.3.xml:229(filename) pwck.8.xml:284(filename) @@ -590,7 +582,7 @@ msgid "/etc/shadow" msgstr "/etc/shadow" # type: Plain text -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) #: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) #: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) #: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) @@ -600,7 +592,7 @@ msgid "Secure user account information." msgstr "Informazioni sicure sugli account utente." # type: SH -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) #: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) #: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) #: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) @@ -664,15 +656,15 @@ msgstr "" #: usermod.8.xml:46(surname) userdel.8.xml:46(surname) #: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) #: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) -#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) -#: passwd.1.xml:47(surname) newusers.8.xml:55(surname) -#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) -#: login.defs.5.xml:105(surname) login.1.xml:73(surname) -#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) -#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) -#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname) -#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) -#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname) +#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) +#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname) +#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) +#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) +#: groups.1.xml:40(surname) groupmod.8.xml:41(surname) +#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) +#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) +#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) +#: chage.1.xml:41(surname) msgid "Haugh" msgstr "" @@ -1300,20 +1292,27 @@ msgstr "" # type: SH #: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) #: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) -#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) -#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) -#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) +#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) +#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) +#: faillog.8.xml:232(title) chpasswd.8.xml:231(title) #: chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "AVVISI/CAVEAT" #: usermod.8.xml:479(para) +#, fuzzy +#| msgid "" +#| "You must make certain that the named user is not executing any processes " +#| "when this command is being executed if the user's numerical user ID, the " +#| "user's name, or the user's home directory is being changed. " +#| "usermod checks this on Linux, but only check if the " +#| "user is logged in according to utmp on other architectures." msgid "" "You must make certain that the named user is not executing any processes " "when this command is being executed if the user's numerical user ID, the " "user's name, or the user's home directory is being changed. " -"usermod checks this on Linux, but only check if the user " -"is logged in according to utmp on other architectures." +"usermod checks this on Linux. On other platforms it only " +"uses utmp to check if the user is logged in." msgstr "" "Se si cambia l'ID numerico, il nome dell'utente o la sua directory home, si " "deve verificare che l'utente in questione non stia eseguendo nessun processo " @@ -1321,7 +1320,7 @@ msgstr "" "usermod effettua questo controllo in Linux, ma su altri " "sistemi controlla solo che non sia registrato come collegato in utmp." -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "" "You must change the owner of any crontab files or " "at jobs manually." @@ -1329,7 +1328,7 @@ msgstr "" "Si deve cambiare manualmente il proprietario di eventuali file " "crontab e compiti at." -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "" "Si devono apportare tutte le modifiche che riguardano NIS sul server NIS." @@ -1613,7 +1612,7 @@ msgstr "" "non verrĆ  creata automaticamente come /etc/tcb/user, ma verrĆ  determinato in " "base all'UID dell'utente secondo questo algoritmo: " -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) #: useradd.8.xml:726(filename) su.1.xml:382(filename) #: pwconv.8.xml:253(filename) passwd.1.xml:423(filename) #: newusers.8.xml:424(filename) login.access.5.xml:124(filename) @@ -1624,7 +1623,7 @@ msgstr "" msgid "/etc/login.defs" msgstr "/etc/login.defs" -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) #: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) #: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) #: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) @@ -1632,32 +1631,32 @@ msgstr "/etc/login.defs" msgid "Shadow password suite configuration." msgstr "Configurazione del pacchetto password shadow" -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) #: useradd.8.xml:714(filename) newusers.8.xml:436(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subgid" msgstr "/etc/suauth" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) #: newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) #: useradd.8.xml:720(filename) newusers.8.xml:442(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subuid" msgstr "/etc/suauth" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) #: newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" # type: Plain text -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) #, fuzzy #| msgid "" #| "chfn1=VALUE." #: useradd.8.xml:301(para) +#, fuzzy +#| msgid "" +#| "Overrides /etc/login.defs defaults (, , " +#| " and others). Example: " +#| " PASS_MAX_DAYS=-1 can be used when creating " +#| "system account to turn off password ageing, even though system account " +#| "has no password at all. Multiple options can be " +#| "specified, e.g.:  UID_MIN=100  " +#| "UID_MAX=499" msgid "" "Overrides /etc/login.defs defaults (, , " " and others). Example: " " PASS_MAX_DAYS=-1 can be used when creating system " -"account to turn off password ageing, even though system account has no " +"account to turn off password aging, even though system account has no " "password at all. Multiple options can be specified, e." "g.:  UID_MIN=100  " @@ -2431,9 +2441,13 @@ msgid "Do not add the user to the lastlog and faillog databases." msgstr "Non aggiunge l'utente ai database Ā«lastlogĀ» e Ā«faillogĀ»." #: useradd.8.xml:327(para) +#, fuzzy +#| msgid "" +#| "By default, the user's entries in the lastlog and faillog databases are " +#| "resetted to avoid reusing the entry from a previously deleted user." msgid "" "By default, the user's entries in the lastlog and faillog databases are " -"resetted to avoid reusing the entry from a previously deleted user." +"reset to avoid reusing the entry from a previously deleted user." msgstr "" "Normalmente i dati utente nei database Ā«lastlogĀ» e Ā«faillogĀ» vengono " "azzerati per evitare di riutilizzare dati di un utente cancellato in " @@ -2462,9 +2476,12 @@ msgstr "" "Se questa opzione non viene utilizzata e se non ĆØ attiva la voce " ", la directory non viene creata." -#: useradd.8.xml:354(option) -msgid "-M" -msgstr "-M" +# type: IP +#: useradd.8.xml:353(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " #: useradd.8.xml:357(para) msgid "" @@ -2551,12 +2568,19 @@ msgstr "" "creazione dei gruppi)." #: useradd.8.xml:434(para) +#, fuzzy +#| msgid "" +#| "Note that useradd will not create a home directory for " +#| "such an user, regardless of the default setting in /etc/login." +#| "defs (). You have to specify the " +#| " options if you want a home directory for a system " +#| "account to be created." msgid "" "Note that useradd will not create a home directory for " -"such an user, regardless of the default setting in /etc/login." -"defs (). You have to specify the " -" options if you want a home directory for a system " -"account to be created." +"such a user, regardless of the default setting in /etc/login.defs (). You have to specify the options if you want a home directory for a system account to be " +"created." msgstr "" "Notare che useradd non creerĆ  la directory home per " "questi utenti indipendentemente da quanto impostato in /etc/login." @@ -3220,10 +3244,14 @@ msgstr "" #. .RS #: suauth.5.xml:83(literallayout) -#, no-wrap +#, fuzzy, no-wrap +#| msgid "" +#| "\n" +#| " 1) the user su is targetting\n" +#| " " msgid "" "\n" -" 1) the user su is targetting\n" +" 1) the user su is targeting\n" " " msgstr "" "\n" @@ -3268,14 +3296,23 @@ msgstr "" "seguite da una lista di nomi utente separati da Ā«,Ā»." #: suauth.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "from-id is formatted the same as to-id except the extra word " +#| "GROUP is recognised. ALL EXCEPT GROUP is perfectly valid too. Following GROUP " +#| "appears one or more group names, delimited by \",\". It is not sufficient " +#| "to have primary group id of the relevant group, an entry in " +#| "/etc/group5 is neccessary." msgid "" "from-id is formatted the same as to-id except the extra word " -"GROUP is recognised. ALL EXCEPT GROUPGROUP is recognized. ALL EXCEPT GROUP is perfectly valid too. Following GROUP " "appears one or more group names, delimited by \",\". It is not sufficient to " "have primary group id of the relevant group, an entry in " "/etc/group5 is neccessary." +"manvolnum> is necessary." msgstr "" "Ā«id-inizialeĀ» ĆØ formattato come Ā«id-inizialeĀ» salvo il riconoscimento della " "parola aggiuntiva GROUP. Anche ALL EXCEPT " @@ -3433,9 +3470,8 @@ msgstr "" "citerefentry>." #: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) -#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) -#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) -#: faillog.5.xml:41(contrib) +#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) +#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib) msgid "Creation, 1989" msgstr "" @@ -4341,8 +4377,13 @@ msgstr "" "di non permettere nessun accesso se il campo password ĆØ vuoto." #: shadow.5.xml:117(para) gshadow.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "A password field which starts with a exclamation mark means that the " +#| "password is locked. The remaining characters on the line represent the " +#| "password field before the password was locked." msgid "" -"A password field which starts with a exclamation mark means that the " +"A password field which starts with an exclamation mark means that the " "password is locked. The remaining characters on the line represent the " "password field before the password was locked." msgstr "" @@ -4364,9 +4405,13 @@ msgstr "" "dal 1 gennaio 1970." #: shadow.5.xml:134(para) +#, fuzzy +#| msgid "" +#| "The value 0 has a special meaning, which is that the user should change " +#| "her pasword the next time she will log in the system." msgid "" "The value 0 has a special meaning, which is that the user should change her " -"pasword the next time she will log in the system." +"password the next time she will log in the system." msgstr "" "Il valore 0 ha un significato speciale, vale a dire che l'utente deve " "cambiare la propria password al prossimo accesso al sistema." @@ -4495,9 +4540,15 @@ msgstr "" "1970." #: shadow.5.xml:229(para) +#, fuzzy +#| msgid "" +#| "Note that an account expiration differs from a password expiration. In " +#| "case of an acount expiration, the user shall not be allowed to login. In " +#| "case of a password expiration, the user is not allowed to login using her " +#| "password." msgid "" "Note that an account expiration differs from a password expiration. In case " -"of an acount expiration, the user shall not be allowed to login. In case of " +"of an account expiration, the user shall not be allowed to login. In case of " "a password expiration, the user is not allowed to login using her password." msgstr "" "Notare che la scadenza dell'account differisce da quella della password. Nel " @@ -4864,18 +4915,15 @@ msgstr "" msgid "pwconv" msgstr "pwconv" -#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) -#: login.defs.5.xml:438(term) +#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term) msgid "pwunconv" msgstr "pwunconv" -#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) -#: login.defs.5.xml:340(term) +#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term) msgid "grpconv" msgstr "grpconv" -#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) -#: login.defs.5.xml:346(term) +#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term) msgid "grpunconv" msgstr "grpunconv" @@ -5099,8 +5147,7 @@ msgstr "verifica l'integritĆ  dei file delle password" #: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) #: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) -#: passwd.1.xml:71(refname) passwd.1.xml:77(command) -#: login.defs.5.xml:409(term) +#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term) msgid "passwd" msgstr "passwd" @@ -5295,10 +5342,15 @@ msgstr "" "replaceable>." #: pwck.8.xml:243(para) +#, fuzzy +#| msgid "" +#| "Note that when is enabled, you cannot specify an " +#| "alternative shadow file. In future releases, " +#| "this paramater could be replaced by an alternate TCB directory." msgid "" "Note that when is enabled, you cannot specify an " "alternative shadow file. In future releases, this " -"paramater could be replaced by an alternate TCB directory." +"parameter could be replaced by an alternate TCB directory." msgstr "" "Notare che quando ĆØ abilitata, non si puĆ² " "specificare un file shadow alternativo. In future " @@ -5789,8 +5841,12 @@ msgstr "" "essere indovinato per violare la sicurezza del sistema." #: passwd.1.xml:166(para) +#, fuzzy +#| msgid "" +#| "You can find advices on how to choose a strong password on http://en." +#| "wikipedia.org/wiki/Password_strength" msgid "" -"You can find advices on how to choose a strong password on http://en." +"You can find advice on how to choose a strong password on http://en." "wikipedia.org/wiki/Password_strength" msgstr "" "Si possono trovare indicazioni su come scegliere una password forte su " @@ -6361,7 +6417,9 @@ msgstr "CRONOLOGIA" # type: TP #: nologin.8.xml:91(para) -msgid "The nologin command appearred in BSD 4.4." +#, fuzzy +#| msgid "The nologin command appearred in BSD 4.4." +msgid "The nologin command appeared in BSD 4.4." msgstr "Il comando nologin ĆØ apparso in BSD 4.4." #: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) @@ -6406,8 +6464,14 @@ msgid "This is the name of the user." msgstr "Il nome dell'utente." #: newusers.8.xml:116(para) +#, fuzzy +#| msgid "" +#| "It can be the name of a new user or the name of an existing user (or an " +#| "user created before by newusers). In case of an " +#| "existing user, the user's information will be changed, otherwise a new " +#| "user will be created." msgid "" -"It can be the name of a new user or the name of an existing user (or an user " +"It can be the name of a new user or the name of an existing user (or a user " "created before by newusers). In case of an existing user, " "the user's information will be changed, otherwise a new user will be created." msgstr "" @@ -6437,8 +6501,12 @@ msgid "This field is used to define the UID of the user." msgstr "Definisce l'UID dell'utente." #: newusers.8.xml:144(para) +#, fuzzy +#| msgid "" +#| "If the field is empty, an new (unused) UID will be defined automatically " +#| "by newusers." msgid "" -"If the field is empty, an new (unused) UID will be defined automatically by " +"If the field is empty, a new (unused) UID will be defined automatically by " "newusers." msgstr "" "Se il campo ĆØ vuoto, verrĆ  generato automaticamente un nuovo UID (non " @@ -6449,8 +6517,13 @@ msgid "If this field contains a number, this number will be used as the UID." msgstr "Se questo campo contiene un numero, verrĆ  utilizzato come UID." #: newusers.8.xml:152(para) +#, fuzzy +#| msgid "" +#| "If this field contains the name of an existing user (or the name of an " +#| "user created before by newusers), the UID of the " +#| "specified user will be used." msgid "" -"If this field contains the name of an existing user (or the name of an user " +"If this field contains the name of an existing user (or the name of a user " "created before by newusers), the UID of the specified " "user will be used." msgstr "" @@ -8082,7 +8155,9 @@ msgid "D: max data size (KB)" msgstr "D: spazio massimo per i dati (kB)" #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +#, fuzzy +#| msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "F: dimensione massima di file (kB)" # type: Plain text @@ -8167,9 +8242,15 @@ msgstr "" " " #: limits.5.xml:145(para) +#, fuzzy +#| msgid "" +#| "Be aware that after username the rest of " +#| "the line is considered a limit string, thus comments are not allowed. A " +#| "invalid limits string will be rejected (not considered) by the " +#| "login program." msgid "" "Be aware that after username the rest of " -"the line is considered a limit string, thus comments are not allowed. A " +"the line is considered a limit string, thus comments are not allowed. An " "invalid limits string will be rejected (not considered) by the " "login program." msgstr "" @@ -8200,16 +8281,26 @@ msgstr "" "applicano ai membri del gruppo specificato." #: limits.5.xml:165(para) +#, fuzzy +#| msgid "" +#| "If more than one line with limits for an user exist, only the first line " +#| "for this user will be considered." msgid "" -"If more than one line with limits for an user exist, only the first line for " +"If more than one line with limits for a user exist, only the first line for " "this user will be considered." msgstr "" "Se ci sono piĆ¹ righe per lo stesso utente nel file limits, allora solo la " "prima verrĆ  considerata." #: limits.5.xml:170(para) +#, fuzzy +#| msgid "" +#| "If no lines are specified for an user, the last @group line matching a group whose the user is a member of will be " +#| "considered, or the last line with default limits if no groups contain the " +#| "user." msgid "" -"If no lines are specified for an user, the last @group@group line matching a group whose the user is a member of will be " "considered, or the last line with default limits if no groups contain the " "user." @@ -8315,7 +8406,40 @@ msgstr "" "\">GIORNI giorni." # type: IP -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) +#: lastlog.8.xml:107(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +# type: IP +#: lastlog.8.xml:111(para) +#, fuzzy +#| msgid "" +#| "This option is only valid in combination with the (or " +#| ") option." +msgid "" +"Clear lastlog record of a user. This option can be used only together with " +" ())." +msgstr "" +"Questa opzione ĆØ valida solo in combinazioone con l'opzione )." + +# type: IP +#: lastlog.8.xml:138(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:142(para) +msgid "" +"Set lastlog record of a user to the current time. This option can be used " +"only together with ())." +msgstr "" + +# type: IP +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) msgid "" ",  DAYS" @@ -8324,7 +8448,7 @@ msgstr "" "replaceable>" # type: Plain text -#: lastlog.8.xml:131(para) +#: lastlog.8.xml:153(para) msgid "" "Print the lastlog records more recent than DAYS." @@ -8333,7 +8457,7 @@ msgstr "" "\">GIORNI." # type: IP -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) msgid "" ",  LOGIN|RANGE" @@ -8342,13 +8466,13 @@ msgstr "" "replaceable>|INTERVALLO" # type: Plain text -#: lastlog.8.xml:142(para) +#: lastlog.8.xml:164(para) msgid "Print the lastlog record of the specified user(s)." msgstr "" "Mostra il record di ultimo accesso per l'utente o gli utenti specificati da " "LOGIN." -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "" "The users can be specified by a login name, a numerical user ID, or a " "RANGE of users. This RANGEUID_MIN-)." # type: Plain text -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "" "If the user has never logged in the message ** Never logged in** will be displayed instead of the port and time." @@ -8373,7 +8497,7 @@ msgstr "" "posto della porta e della data, il messaggio Ā«**Nessun accesso " "effettuato**Ā»." -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "" "Only the entries for the current users of the system will be displayed. " "Other entries may exist for users that were deleted previously." @@ -8382,12 +8506,12 @@ msgstr "" "Ci potrebbero essere altre registrazioni per utenti cancellati in precedenza." # type: SH -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) #: chage.1.xml:231(title) msgid "NOTE" msgstr "NOTA" -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "" "The lastlog file is a database which contains info on " "the last login of each user. You should not rotate it. It is a sparse file, " @@ -8404,16 +8528,16 @@ msgstr "" "filename>). Si puĆ² vedere la dimensione effettiva con Ā«ls -sĀ»." -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "/var/log/lastlog" -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "Database degli orari dei precedenti accessi utente." # type: Plain text -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "" "Large gaps in UID numbers will cause the lastlog program to run longer with " "no output to the screen (i.e. if in lastlog database there is no entries for " @@ -8477,8 +8601,14 @@ msgstr "" # type: Plain text #: gshadow.5.xml:97(para) +#, fuzzy +#| msgid "" +#| "The password is used when an user who is not a member of the group wants " +#| "to gain the permissions of this group (see " +#| "newgrp1)." msgid "" -"The password is used when an user who is not a member of the group wants to " +"The password is used when a user who is not a member of the group wants to " "gain the permissions of this group (see newgrp1)." msgstr "" @@ -9050,7 +9180,9 @@ msgstr "" "replaceable>" #: groupmems.8.xml:109(para) -msgid "Add an user to the group membership list." +#, fuzzy +#| msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "Aggiunge un utente all'elenco di membri del gruppo." #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) @@ -10149,10 +10281,17 @@ msgstr "" "presenti, anche le informazioni sulla durata delle password." #: chpasswd.8.xml:97(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| " or " +#| "variables of /etc/login.defs, and can be overwitten " +#| "with the , , or " +#| "options." msgid "" "The default encryption algorithm can be defined for the system with the " " or variables " -"of /etc/login.defs, and can be overwitten with the " +"of /etc/login.defs, and can be overwritten with the " ", , or options." msgstr "" "L'algoritmo di cifratura predefinito puĆ² essere impostato con le variabili " @@ -10172,10 +10311,16 @@ msgstr "" "le opzioni , e ." #: chpasswd.8.xml:111(para) +#, fuzzy +#| msgid "" +#| "Except when PAM is used to encrypt the " +#| "passwords,chpasswd first updates all the " +#| "passwords in memory, and then commits all the changes to disk if no " +#| "errors occured for any user." msgid "" "Except when PAM is used to encrypt the passwords,chpasswd first updates all the passwords in " -"memory, and then commits all the changes to disk if no errors occured for " +"memory, and then commits all the changes to disk if no errors occurred for " "any user." msgstr "" "Escluso quando PAM viene utilizzato per cifrare le " @@ -10353,10 +10498,16 @@ msgstr "" "da chgpasswd." #: chgpasswd.8.xml:92(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| " variable of /etc/login.defs, and can be overwiten with the , options." msgid "" "The default encryption algorithm can be defined for the system with the " " variable of /etc/login.defs, and can be overwiten with the , , options." msgstr "" "L'algoritmo di cifratura utilizzato puĆ² essere definito per tutto il sistema " @@ -10787,6 +10938,9 @@ msgstr "" "Giuseppe Sacco , 2005, 2012.\n" "Danilo Piazzalunga , 2005." +#~ msgid "-M" +#~ msgstr "-M" + # type: Plain text #~ msgid "" #~ "chfn1\n" "Language-Team: Polish \n" @@ -51,16 +51,15 @@ msgstr "" #: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) #: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) #: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) -#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) -#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname) -#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) -#: login.access.5.xml:46(surname) login.1.xml:78(surname) -#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) -#: groups.1.xml:45(surname) groupmod.8.xml:46(surname) +#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) +#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) +#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname) +#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) +#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) #: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) #: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) -#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) -#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) +#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) +#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) #: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname) msgid "Kłoczko" msgstr "" @@ -85,17 +84,16 @@ msgstr "" #: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) #: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) #: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) -#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) -#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) -#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) -#: login.access.5.xml:48(contrib) login.1.xml:80(contrib) -#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) -#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) +#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) +#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) +#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) +#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) +#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) #: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) #: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) -#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) -#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) -#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib) +#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) +#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) +#: chage.1.xml:48(contrib) msgid "shadow-utils maintainer, 2000 - 2007" msgstr "" @@ -129,14 +127,13 @@ msgstr "" #: newusers.8.xml:66(surname) newgrp.1.xml:52(surname) #: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) #: login.access.5.xml:52(surname) login.1.xml:84(surname) -#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) -#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) -#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) -#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) -#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) -#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) -#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) -#: chfn.1.xml:54(surname) chage.1.xml:52(surname) +#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) +#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) +#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) +#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) +#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) +#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) +#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname) msgid "FranƧois" msgstr "" @@ -165,14 +162,13 @@ msgstr "" #: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) #: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) #: login.access.5.xml:54(contrib) login.1.xml:86(contrib) -#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) -#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) -#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) -#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) -#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) -#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) -#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) -#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib) +#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) +#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) +#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) +#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) +#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) +#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) +#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib) msgid "shadow-utils maintainer, 2007 - now" msgstr "" @@ -245,14 +241,13 @@ msgstr "edytuj plik haseł, grup lub ich wersji chronionych" #: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) #: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) #: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) -#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) -#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) -#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) -#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) -#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) -#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) -#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) -#: chage.1.xml:72(replaceable) +#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) +#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) +#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) +#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) +#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) +#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) +#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable) msgid "options" msgstr "opcje" @@ -302,11 +297,10 @@ msgstr "" #: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) #: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) #: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) -#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) -#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) -#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) -#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) -#: chage.1.xml:91(title) +#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) +#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) +#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) +#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title) msgid "OPTIONS" msgstr "OPCJE" @@ -329,7 +323,7 @@ msgstr "Edycja bazy grup." #: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) #: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) -#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term) +#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) #: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) #: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) #: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) @@ -339,7 +333,7 @@ msgstr ", " #: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) #: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) -#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) +#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) #: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) #: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) #: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) @@ -365,7 +359,7 @@ msgstr "Cichy tryb pracy." #: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) #: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) -#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) +#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) #: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) #: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) #: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) @@ -383,7 +377,7 @@ msgstr "" #: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) #: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) -#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) +#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) #: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) #: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) #: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) @@ -415,18 +409,18 @@ msgstr ", " msgid "Indicates which user's tcb shadow file to edit." msgstr "" -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) #: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) #: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) #: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) #: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) -#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) -#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) -#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) +#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) +#: chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) #: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) #: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) #: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) @@ -479,37 +473,35 @@ msgstr "" msgid "Editor to be used if is not set." msgstr "" -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) #: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) #: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) #: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) #: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) #: newgrp.1.xml:121(title) logoutd.8.xml:89(title) -#: login.access.5.xml:121(title) login.1.xml:338(title) -#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) -#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) -#: groupmems.8.xml:211(title) groupdel.8.xml:140(title) -#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) -#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) -#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) -#: chage.1.xml:256(title) +#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) +#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) +#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) +#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) +#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) +#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) +#: chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "PLIKI" -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) #: userdel.8.xml:191(filename) useradd.8.xml:690(filename) -#: sg.1.xml:125(filename) pwck.8.xml:272(filename) -#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename) -#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename) -#: groups.1.xml:103(filename) groupmod.8.xml:208(filename) -#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) -#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) -#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) -#: chgpasswd.8.xml:216(filename) +#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) +#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) +#: grpck.8.xml:224(filename) groups.1.xml:103(filename) +#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) +#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) +#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) +#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "/etc/group" -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) #: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) #: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) #: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) @@ -518,7 +510,7 @@ msgstr "/etc/group" msgid "Group account information." msgstr "Informacje o grupach użytkownikĆ³w." -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) #: useradd.8.xml:696(filename) sg.1.xml:131(filename) #: newusers.8.xml:418(filename) newgrp.1.xml:142(filename) #: gshadow.5.xml:165(filename) grpck.8.xml:230(filename) @@ -529,7 +521,7 @@ msgstr "Informacje o grupach użytkownikĆ³w." msgid "/etc/gshadow" msgstr "/etc/gshadow" -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) #: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) #: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) #: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) @@ -537,7 +529,7 @@ msgstr "/etc/gshadow" msgid "Secure group account information." msgstr "Informacje chronione o grupach użytkownikĆ³w." -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) #: userdel.8.xml:203(filename) useradd.8.xml:678(filename) #: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) #: pwck.8.xml:278(filename) passwd.5.xml:144(filename) @@ -550,7 +542,7 @@ msgstr "Informacje chronione o grupach użytkownikĆ³w." msgid "/etc/passwd" msgstr "/etc/passwd" -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) #: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) #: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) #: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) @@ -560,7 +552,7 @@ msgstr "/etc/passwd" msgid "User account information." msgstr "Informacja o kontach użytkownikĆ³w." -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) #: userdel.8.xml:209(filename) useradd.8.xml:684(filename) #: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) #: shadow.3.xml:229(filename) pwck.8.xml:284(filename) @@ -571,7 +563,7 @@ msgstr "Informacja o kontach użytkownikĆ³w." msgid "/etc/shadow" msgstr "/etc/shadow" -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) #: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) #: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) #: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) @@ -580,7 +572,7 @@ msgstr "/etc/shadow" msgid "Secure user account information." msgstr "Informacje chronione o użytkownikach." -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) #: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) #: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) #: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) @@ -655,15 +647,15 @@ msgstr "" #: usermod.8.xml:46(surname) userdel.8.xml:46(surname) #: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) #: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) -#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) -#: passwd.1.xml:47(surname) newusers.8.xml:55(surname) -#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) -#: login.defs.5.xml:105(surname) login.1.xml:73(surname) -#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) -#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) -#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname) -#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) -#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname) +#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) +#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname) +#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) +#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) +#: groups.1.xml:40(surname) groupmod.8.xml:41(surname) +#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) +#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) +#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) +#: chage.1.xml:41(surname) msgid "Haugh" msgstr "" @@ -1217,9 +1209,9 @@ msgstr "" #: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) #: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) -#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) -#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) -#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) +#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) +#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) +#: faillog.8.xml:232(title) chpasswd.8.xml:231(title) #: chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "OSTRZEÅ»ENIA" @@ -1229,17 +1221,17 @@ msgid "" "You must make certain that the named user is not executing any processes " "when this command is being executed if the user's numerical user ID, the " "user's name, or the user's home directory is being changed. " -"usermod checks this on Linux, but only check if the user " -"is logged in according to utmp on other architectures." +"usermod checks this on Linux. On other platforms it only " +"uses utmp to check if the user is logged in." msgstr "" -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "" "You must change the owner of any crontab files or " "at jobs manually." msgstr "" -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "" @@ -1455,7 +1447,7 @@ msgid "" "algorithm: " msgstr "" -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) #: useradd.8.xml:726(filename) su.1.xml:382(filename) #: pwconv.8.xml:253(filename) passwd.1.xml:423(filename) #: newusers.8.xml:424(filename) login.access.5.xml:124(filename) @@ -1466,7 +1458,7 @@ msgstr "" msgid "/etc/login.defs" msgstr "/etc/login.defs" -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) #: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) #: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) #: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) @@ -1474,31 +1466,31 @@ msgstr "/etc/login.defs" msgid "Shadow password suite configuration." msgstr "Konfiguracja pakietu shadow." -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) #: useradd.8.xml:714(filename) newusers.8.xml:436(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subgid" msgstr "/etc/suauth" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) #: newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) #: useradd.8.xml:720(filename) newusers.8.xml:442(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subuid" msgstr "/etc/suauth" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) #: newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) #, fuzzy #| msgid "" #| "chfn1PASS_MAX_DAYS and others). Example: " " PASS_MAX_DAYS=-1 can be used when creating system " -"account to turn off password ageing, even though system account has no " +"account to turn off password aging, even though system account has no " "password at all. Multiple options can be specified, e." "g.:  UID_MIN=100  " @@ -2119,7 +2110,7 @@ msgstr "" #: useradd.8.xml:327(para) msgid "" "By default, the user's entries in the lastlog and faillog databases are " -"resetted to avoid reusing the entry from a previously deleted user." +"reset to avoid reusing the entry from a previously deleted user." msgstr "" #: useradd.8.xml:335(term) @@ -2139,11 +2130,11 @@ msgid "" "is not enabled, no home directories are created." msgstr "" -#: useradd.8.xml:354(option) +#: useradd.8.xml:353(term) #, fuzzy -#| msgid "-" -msgid "-M" -msgstr "-" +#| msgid ", " +msgid ", " +msgstr ", " #: useradd.8.xml:357(para) msgid "" @@ -2218,10 +2209,10 @@ msgstr "" #: useradd.8.xml:434(para) msgid "" "Note that useradd will not create a home directory for " -"such an user, regardless of the default setting in /etc/login." -"defs (). You have to specify the " -" options if you want a home directory for a system " -"account to be created." +"such a user, regardless of the default setting in /etc/login.defs (). You have to specify the options if you want a home directory for a system account to be " +"created." msgstr "" #: useradd.8.xml:461(para) @@ -2766,7 +2757,7 @@ msgstr "" #, no-wrap msgid "" "\n" -" 1) the user su is targetting\n" +" 1) the user su is targeting\n" " " msgstr "" @@ -2800,12 +2791,12 @@ msgstr "" #: suauth.5.xml:107(para) msgid "" "from-id is formatted the same as to-id except the extra word " -"GROUP is recognised. ALL EXCEPT GROUPGROUP is recognized. ALL EXCEPT GROUP is perfectly valid too. Following GROUP " "appears one or more group names, delimited by \",\". It is not sufficient to " "have primary group id of the relevant group, an entry in " "/etc/group5 is neccessary." +"manvolnum> is necessary." msgstr "" #: suauth.5.xml:118(para) @@ -2910,9 +2901,8 @@ msgstr "" "citerefentry>." #: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) -#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) -#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) -#: faillog.5.xml:41(contrib) +#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) +#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib) msgid "Creation, 1989" msgstr "" @@ -3612,7 +3602,7 @@ msgstr "" #: shadow.5.xml:117(para) gshadow.5.xml:107(para) msgid "" -"A password field which starts with a exclamation mark means that the " +"A password field which starts with an exclamation mark means that the " "password is locked. The remaining characters on the line represent the " "password field before the password was locked." msgstr "" @@ -3630,7 +3620,7 @@ msgstr "" #: shadow.5.xml:134(para) msgid "" "The value 0 has a special meaning, which is that the user should change her " -"pasword the next time she will log in the system." +"password the next time she will log in the system." msgstr "" #: shadow.5.xml:139(para) @@ -3732,7 +3722,7 @@ msgstr "" #: shadow.5.xml:229(para) msgid "" "Note that an account expiration differs from a password expiration. In case " -"of an acount expiration, the user shall not be allowed to login. In case of " +"of an account expiration, the user shall not be allowed to login. In case of " "a password expiration, the user is not allowed to login using her password." msgstr "" @@ -4026,18 +4016,15 @@ msgstr "" msgid "pwconv" msgstr "pwconv" -#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) -#: login.defs.5.xml:438(term) +#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term) msgid "pwunconv" msgstr "pwunconv" -#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) -#: login.defs.5.xml:340(term) +#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term) msgid "grpconv" msgstr "grpconv" -#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) -#: login.defs.5.xml:346(term) +#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term) msgid "grpunconv" msgstr "grpunconv" @@ -4210,8 +4197,7 @@ msgstr "" #: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) #: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) -#: passwd.1.xml:71(refname) passwd.1.xml:77(command) -#: login.defs.5.xml:409(term) +#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term) msgid "passwd" msgstr "passwd" @@ -4361,7 +4347,7 @@ msgstr "" msgid "" "Note that when is enabled, you cannot specify an " "alternative shadow file. In future releases, this " -"paramater could be replaced by an alternate TCB directory." +"parameter could be replaced by an alternate TCB directory." msgstr "" #: pwck.8.xml:312(para) @@ -4755,7 +4741,7 @@ msgstr "" #: passwd.1.xml:166(para) msgid "" -"You can find advices on how to choose a strong password on http://en." +"You can find advice on how to choose a strong password on http://en." "wikipedia.org/wiki/Password_strength" msgstr "" @@ -5226,7 +5212,7 @@ msgid "HISTORY" msgstr "" #: nologin.8.xml:91(para) -msgid "The nologin command appearred in BSD 4.4." +msgid "The nologin command appeared in BSD 4.4." msgstr "" #: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) @@ -5282,7 +5268,7 @@ msgstr "" #: newusers.8.xml:116(para) msgid "" -"It can be the name of a new user or the name of an existing user (or an user " +"It can be the name of a new user or the name of an existing user (or a user " "created before by newusers). In case of an existing user, " "the user's information will be changed, otherwise a new user will be created." msgstr "" @@ -5310,7 +5296,7 @@ msgstr "" #: newusers.8.xml:144(para) msgid "" -"If the field is empty, an new (unused) UID will be defined automatically by " +"If the field is empty, a new (unused) UID will be defined automatically by " "newusers." msgstr "" @@ -5320,7 +5306,7 @@ msgstr "" #: newusers.8.xml:152(para) msgid "" -"If this field contains the name of an existing user (or the name of an user " +"If this field contains the name of an existing user (or the name of a user " "created before by newusers), the UID of the specified " "user will be used." msgstr "" @@ -6618,7 +6604,7 @@ msgid "D: max data size (KB)" msgstr "" #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "" #: limits.5.xml:112(para) @@ -6692,7 +6678,7 @@ msgstr "" #: limits.5.xml:145(para) msgid "" "Be aware that after username the rest of " -"the line is considered a limit string, thus comments are not allowed. A " +"the line is considered a limit string, thus comments are not allowed. An " "invalid limits string will be rejected (not considered) by the " "login program." msgstr "" @@ -6716,13 +6702,13 @@ msgstr "" #: limits.5.xml:165(para) msgid "" -"If more than one line with limits for an user exist, only the first line for " +"If more than one line with limits for a user exist, only the first line for " "this user will be considered." msgstr "" #: limits.5.xml:170(para) msgid "" -"If no lines are specified for an user, the last @group@group line matching a group whose the user is a member of will be " "considered, or the last line with default limits if no groups contain the " "user." @@ -6810,7 +6796,33 @@ msgstr "" "Wyświetlenie rekordĆ³w lastlog starszych niż zadana DNI." -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) +#: lastlog.8.xml:107(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:111(para) +#, fuzzy +#| msgid ", " +msgid "" +"Clear lastlog record of a user. This option can be used only together with " +" ())." +msgstr ", " + +#: lastlog.8.xml:138(term) +#, fuzzy +#| msgid ", " +msgid ", " +msgstr ", " + +#: lastlog.8.xml:142(para) +msgid "" +"Set lastlog record of a user to the current time. This option can be used " +"only together with ())." +msgstr "" + +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) msgid "" ",  DAYS" @@ -6818,7 +6830,7 @@ msgstr "" ",  DNI" -#: lastlog.8.xml:131(para) +#: lastlog.8.xml:153(para) msgid "" "Print the lastlog records more recent than DAYS." @@ -6826,7 +6838,7 @@ msgstr "" "Wyświetlenie rekordĆ³w lastlog nie starszych niż zadana ilość DNI." -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) #, fuzzy #| msgid "" #| ",  KEY-K,  KLUCZ=WARTOŚĆ" -#: lastlog.8.xml:142(para) +#: lastlog.8.xml:164(para) #, fuzzy #| msgid "" #| "Print the lastlog record for user with specified LOGIN." -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "" "The users can be specified by a login name, a numerical user ID, or a " "RANGE of users. This RANGE), or a min value (UID_MIN-)." msgstr "" -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "" "If the user has never logged in the message ** Never logged in** will be displayed instead of the port and time." @@ -6866,18 +6878,18 @@ msgstr "" "logowania wyświetlany jest komunikat **Nigdy nie zalogowany** (użytkownik nigdy się nie logował)." -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "" "Only the entries for the current users of the system will be displayed. " "Other entries may exist for users that were deleted previously." msgstr "" -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) #: chage.1.xml:231(title) msgid "NOTE" msgstr "UWAGI" -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "" "The lastlog file is a database which contains info on " "the last login of each user. You should not rotate it. It is a sparse file, " @@ -6895,15 +6907,15 @@ msgstr "" "wartościami UID). Mozesz wyświetlić rzeczywisty rozmiar tego pliku używając " "polecenia \"ls -s\"." -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "/var/log/lastlog" -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "Baza danych ostatnich logowań użytkownikĆ³w." -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "" "Large gaps in UID numbers will cause the lastlog program to run longer with " "no output to the screen (i.e. if in lastlog database there is no entries for " @@ -6964,7 +6976,7 @@ msgstr "" #| "modified using the chfn1 utility." msgid "" -"The password is used when an user who is not a member of the group wants to " +"The password is used when a user who is not a member of the group wants to " "gain the permissions of this group (see newgrp1)." msgstr "" @@ -7473,7 +7485,7 @@ msgstr "" "replaceable>" #: groupmems.8.xml:109(para) -msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "" #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) @@ -8461,7 +8473,7 @@ msgstr "" msgid "" "The default encryption algorithm can be defined for the system with the " " or variables " -"of /etc/login.defs, and can be overwitten with the " +"of /etc/login.defs, and can be overwritten with the " ", , or options." msgstr "" @@ -8476,7 +8488,7 @@ msgstr "" msgid "" "Except when PAM is used to encrypt the passwords,chpasswd first updates all the passwords in " -"memory, and then commits all the changes to disk if no errors occured for " +"memory, and then commits all the changes to disk if no errors occurred for " "any user." msgstr "" @@ -8643,7 +8655,7 @@ msgstr "" msgid "" "The default encryption algorithm can be defined for the system with the " " variable of /etc/login.defs, and can be overwiten with the , , options." msgstr "" @@ -9028,6 +9040,11 @@ msgstr "" msgid "translator-credits" msgstr "Tomasz Kłoczko , 2006" +#, fuzzy +#~| msgid "-" +#~ msgid "-M" +#~ msgstr "-" + #~ msgid "" #~ "chfn1, chsh\n" "Language-Team: Russian \n" @@ -55,16 +55,15 @@ msgstr "" #: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) #: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) #: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) -#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) -#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname) -#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) -#: login.access.5.xml:46(surname) login.1.xml:78(surname) -#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) -#: groups.1.xml:45(surname) groupmod.8.xml:46(surname) +#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) +#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) +#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname) +#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) +#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) #: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) #: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) -#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) -#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) +#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) +#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) #: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname) msgid "Kłoczko" msgstr "" @@ -89,17 +88,16 @@ msgstr "" #: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) #: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) #: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) -#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) -#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) -#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) -#: login.access.5.xml:48(contrib) login.1.xml:80(contrib) -#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) -#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) +#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) +#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) +#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) +#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) +#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) #: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) #: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) -#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) -#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) -#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib) +#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) +#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) +#: chage.1.xml:48(contrib) msgid "shadow-utils maintainer, 2000 - 2007" msgstr "" @@ -133,14 +131,13 @@ msgstr "" #: newusers.8.xml:66(surname) newgrp.1.xml:52(surname) #: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) #: login.access.5.xml:52(surname) login.1.xml:84(surname) -#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) -#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) -#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) -#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) -#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) -#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) -#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) -#: chfn.1.xml:54(surname) chage.1.xml:52(surname) +#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) +#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) +#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) +#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) +#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) +#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) +#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname) msgid "FranƧois" msgstr "" @@ -169,14 +166,13 @@ msgstr "" #: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) #: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) #: login.access.5.xml:54(contrib) login.1.xml:86(contrib) -#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) -#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) -#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) -#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) -#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) -#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) -#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) -#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib) +#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) +#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) +#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) +#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) +#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) +#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) +#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib) msgid "shadow-utils maintainer, 2007 - now" msgstr "" @@ -256,14 +252,13 @@ msgstr "" #: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) #: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) #: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) -#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) -#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) -#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) -#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) -#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) -#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) -#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) -#: chage.1.xml:72(replaceable) +#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) +#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) +#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) +#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) +#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) +#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) +#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable) msgid "options" msgstr "ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры" @@ -314,11 +309,10 @@ msgstr "" #: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) #: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) #: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) -#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) -#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) -#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) -#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) -#: chage.1.xml:91(title) +#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) +#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) +#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) +#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title) msgid "OPTIONS" msgstr "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" @@ -339,7 +333,7 @@ msgstr "Š ŠµŠ“Š°ŠŗтŠøрŠ¾Š²Š°Ń‚ŃŒ Š±Š°Š·Ńƒ Š“Š°Š½Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ." #: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) #: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) -#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term) +#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) #: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) #: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) #: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) @@ -350,7 +344,7 @@ msgstr ", " # type: Content of: #: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) #: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) -#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) +#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) #: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) #: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) #: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) @@ -378,7 +372,7 @@ msgstr "ŠŠµ Š²Ń‹Š²Š¾Š“Šøть сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠ¹ ŠæрŠø рŠ°Š±Š¾Ń‚Šµ." #: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) #: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) -#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) +#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) #: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) #: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) #: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) @@ -392,7 +386,7 @@ msgstr "" #: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) #: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) -#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) +#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) #: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) #: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) #: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) @@ -423,18 +417,18 @@ msgstr ", " msgid "Indicates which user's tcb shadow file to edit." msgstr "Š£ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗŠ°ŠŗŠ¾Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠ¹ тŠµŠ½ŠµŠ²Š¾Š¹ фŠ°Š¹Š» tcb рŠµŠ“Š°ŠŗтŠøрŠ¾Š²Š°Ń‚ŃŒ." -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) #: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) #: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) #: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) #: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) -#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) -#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) -#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) +#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) +#: chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) #: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) #: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) #: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) @@ -492,39 +486,37 @@ msgstr "" "option>." # type: Content of: -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) #: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) #: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) #: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) #: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) #: newgrp.1.xml:121(title) logoutd.8.xml:89(title) -#: login.access.5.xml:121(title) login.1.xml:338(title) -#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) -#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) -#: groupmems.8.xml:211(title) groupdel.8.xml:140(title) -#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) -#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) -#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) -#: chage.1.xml:256(title) +#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) +#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) +#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) +#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) +#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) +#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) +#: chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "Š¤ŠŠ™Š›Š«" # type: Content of: <refentry><refsect1><para><filename> -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) #: userdel.8.xml:191(filename) useradd.8.xml:690(filename) -#: sg.1.xml:125(filename) pwck.8.xml:272(filename) -#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename) -#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename) -#: groups.1.xml:103(filename) groupmod.8.xml:208(filename) -#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) -#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) -#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) -#: chgpasswd.8.xml:216(filename) +#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) +#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) +#: grpck.8.xml:224(filename) groups.1.xml:103(filename) +#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) +#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) +#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) +#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "/etc/group" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) #: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) #: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) #: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) @@ -534,7 +526,7 @@ msgid "Group account information." msgstr "сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń…" # type: Content of: <refentry><refsect1><para><filename> -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) #: useradd.8.xml:696(filename) sg.1.xml:131(filename) #: newusers.8.xml:418(filename) newgrp.1.xml:142(filename) #: gshadow.5.xml:165(filename) grpck.8.xml:230(filename) @@ -546,7 +538,7 @@ msgid "/etc/gshadow" msgstr "/etc/gshadow" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) #: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) #: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) #: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) @@ -555,7 +547,7 @@ msgid "Secure group account information." msgstr "сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń…" # type: Content of: <refentry><refsect1><para><filename> -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) #: userdel.8.xml:203(filename) useradd.8.xml:678(filename) #: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) #: pwck.8.xml:278(filename) passwd.5.xml:144(filename) @@ -569,7 +561,7 @@ msgid "/etc/passwd" msgstr "/etc/passwd" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) #: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) #: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) #: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) @@ -580,7 +572,7 @@ msgid "User account information." msgstr "сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ…" # type: Content of: <refentry><refsect1><para><filename> -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) #: userdel.8.xml:209(filename) useradd.8.xml:684(filename) #: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) #: shadow.3.xml:229(filename) pwck.8.xml:284(filename) @@ -592,7 +584,7 @@ msgid "/etc/shadow" msgstr "/etc/shadow" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) #: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) #: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) #: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) @@ -602,7 +594,7 @@ msgid "Secure user account information." msgstr "сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ…" # type: Content of: <refentry><refsect1><title> -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) #: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) #: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) #: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) @@ -665,15 +657,15 @@ msgstr "" #: usermod.8.xml:46(surname) userdel.8.xml:46(surname) #: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) #: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) -#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) -#: passwd.1.xml:47(surname) newusers.8.xml:55(surname) -#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) -#: login.defs.5.xml:105(surname) login.1.xml:73(surname) -#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) -#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) -#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname) -#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) -#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname) +#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) +#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname) +#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) +#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) +#: groups.1.xml:40(surname) groupmod.8.xml:41(surname) +#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) +#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) +#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) +#: chage.1.xml:41(surname) msgid "Haugh" msgstr "" @@ -1279,20 +1271,27 @@ msgstr "" # type: Content of: <refentry><refsect1><title> #: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) #: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) -#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) -#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) -#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) +#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) +#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) +#: faillog.8.xml:232(title) chpasswd.8.xml:231(title) #: chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" #: usermod.8.xml:479(para) +#, fuzzy +#| msgid "" +#| "You must make certain that the named user is not executing any processes " +#| "when this command is being executed if the user's numerical user ID, the " +#| "user's name, or the user's home directory is being changed. " +#| "<command>usermod</command> checks this on Linux, but only check if the " +#| "user is logged in according to utmp on other architectures." msgid "" "You must make certain that the named user is not executing any processes " "when this command is being executed if the user's numerical user ID, the " "user's name, or the user's home directory is being changed. " -"<command>usermod</command> checks this on Linux, but only check if the user " -"is logged in according to utmp on other architectures." +"<command>usermod</command> checks this on Linux. On other platforms it only " +"uses utmp to check if the user is logged in." msgstr "" "Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ уŠ±ŠµŠ“Šøться, чтŠ¾ Š¾Ń‚ уŠŗŠ°Š·Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š½Šµ Š·Š°ŠæущŠµŠ½Š¾ Š½ŠøŠŗŠ°ŠŗŠøх " "ŠæрŠ¾Ń†ŠµŃŃŠ¾Š², ŠµŃŠ»Šø ŠæрŠø Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠø этŠ¾Š¹ ŠŗŠ¾Š¼Š°Š½Š“ы ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ся чŠøсŠ»Š¾Š²Š¾Š¹ " @@ -1301,7 +1300,7 @@ msgstr "" "Š“руŠ³Šøх Š°Ń€Ń…ŠøтŠµŠŗтурŠ°Ń… ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся тŠ¾Š»ŃŒŠŗŠ¾ ŠæрŠøсутстŠ²ŠøŠµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² сŠøстŠµŠ¼Šµ " "сŠ¾Š³Š»Š°ŃŠ½Š¾ Š“Š°Š½Š½Ń‹Š¼ utmp." -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "" "You must change the owner of any <command>crontab</command> files or " "<command>at</command> jobs manually." @@ -1309,7 +1308,7 @@ msgstr "" "Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ ŠøŠ·Š¼ŠµŠ½Šøть Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° Š²ŃŠµŃ… фŠ°Š¹Š»Š¾Š² <command>crontab</command> " "ŠøŠ»Šø Š·Š°Š“Š°Š½ŠøŠ¹ <command>at</command>." -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ сŠ“ŠµŠ»Š°Ń‚ŃŒ Š²ŃŠµ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя NIS Š½Š° сŠµŃ€Š²ŠµŃ€Šµ NIS сŠ°Š¼Š¾ŃŃ‚Š¾ŃŃ‚ŠµŠ»ŃŒŠ½Š¾." @@ -1592,7 +1591,7 @@ msgstr "" "ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, сŠ¾Š³Š»Š°ŃŠ½Š¾ сŠ»ŠµŠ“ующŠµŠ¼Ńƒ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ: <placeholder-1/>" # type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename> -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) #: useradd.8.xml:726(filename) su.1.xml:382(filename) #: pwconv.8.xml:253(filename) passwd.1.xml:423(filename) #: newusers.8.xml:424(filename) login.access.5.xml:124(filename) @@ -1604,7 +1603,7 @@ msgid "/etc/login.defs" msgstr "/etc/login.defs" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) #: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) #: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) #: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) @@ -1613,32 +1612,32 @@ msgid "Shadow password suite configuration." msgstr "сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹" # type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename> -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) #: useradd.8.xml:714(filename) newusers.8.xml:436(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subgid" msgstr "/etc/suauth" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) #: newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" # type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename> -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) #: useradd.8.xml:720(filename) newusers.8.xml:442(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subuid" msgstr "/etc/suauth" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) #: newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) #, fuzzy #| msgid "" #| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</" @@ -1933,9 +1932,8 @@ msgstr "усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ" #: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum) #: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable) #: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum) -#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) -#: chfn.1.xml:61(manvolnum) chage.1.xml:59(manvolnum) -#: chage.1.xml:289(replaceable) +#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum) +#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable) msgid "1" msgstr "1" @@ -2377,13 +2375,25 @@ msgstr "" "replaceable>=<replaceable>Š—ŠŠŠ§Š•ŠŠ˜Š•</replaceable>" #: useradd.8.xml:301(para) +#, fuzzy +#| msgid "" +#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</" +#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, " +#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: " +#| "<option>-K</option> <replaceable>PASS_MAX_DAYS</" +#| "replaceable>=<replaceable>-1</replaceable> can be used when creating " +#| "system account to turn off password ageing, even though system account " +#| "has no password at all. Multiple <option>-K</option> options can be " +#| "specified, e.g.: <option>-K</option> <replaceable>UID_MIN</" +#| "replaceable>=<replaceable>100</replaceable> <option>-K</option> " +#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>" msgid "" "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</" "option>, <option>UID_MAX</option>, <option>UMASK</option>, " "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: " "<option>-K</option> <replaceable>PASS_MAX_DAYS</" "replaceable>=<replaceable>-1</replaceable> can be used when creating system " -"account to turn off password ageing, even though system account has no " +"account to turn off password aging, even though system account has no " "password at all. Multiple <option>-K</option> options can be specified, e." "g.: <option>-K</option> <replaceable>UID_MIN</" "replaceable>=<replaceable>100</replaceable> <option>-K</option> " @@ -2409,9 +2419,13 @@ msgid "Do not add the user to the lastlog and faillog databases." msgstr "ŠŠµ Š“Š¾Š±Š°Š²Š»ŃŃ‚ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š±Š°Š·Ń‹ Š“Š°Š½Š½Ń‹Ń… lastlog Šø faillog." #: useradd.8.xml:327(para) +#, fuzzy +#| msgid "" +#| "By default, the user's entries in the lastlog and faillog databases are " +#| "resetted to avoid reusing the entry from a previously deleted user." msgid "" "By default, the user's entries in the lastlog and faillog databases are " -"resetted to avoid reusing the entry from a previously deleted user." +"reset to avoid reusing the entry from a previously deleted user." msgstr "" "ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š±Š°Š·Š°Ń… Š“Š°Š½Š½Ń‹Ń… lastlog Šø faillog " "сŠ±Ń€Š°ŃŃ‹Š²Š°ŃŽŃ‚ся Š²Š¾ ŠøŠ·Š±ŠµŠ¶Š°Š½ŠøŠµ ŠæŠ¾Š²Ń‚Š¾Ń€Š½Š¾Š³Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя Š·Š°ŠæŠøсŠø, Š¾ŃŃ‚Š°Š²ŃˆŠµŠ¹ŃŃ Š¾Ń‚ " @@ -2440,10 +2454,11 @@ msgstr "" "ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠµŃŠ»Šø этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ уŠŗŠ°Š·Š°Š½ Šø Š½Šµ Š·Š°Š“Š°Š½Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń " "<option>CREATE_HOME</option>, Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š½Šµ сŠ¾Š·Š“Š°Ń‘Ń‚ŃŃ." -# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option> -#: useradd.8.xml:354(option) -msgid "-M" -msgstr "-M" +#: useradd.8.xml:353(term) +#, fuzzy +#| msgid "<option>-m</option>, <option>--create-home</option>" +msgid "<option>-M</option>, <option>--no-create-home</option>" +msgstr "<option>-m</option>, <option>--create-home</option>" #: useradd.8.xml:357(para) msgid "" @@ -2528,12 +2543,19 @@ msgstr "" "сŠ¾Š·Š“Š°Š½ŠøŠø Š³Ń€ŃƒŠæŠæ)." #: useradd.8.xml:434(para) +#, fuzzy +#| msgid "" +#| "Note that <command>useradd</command> will not create a home directory for " +#| "such an user, regardless of the default setting in <filename>/etc/login." +#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the " +#| "<option>-m</option> options if you want a home directory for a system " +#| "account to be created." msgid "" "Note that <command>useradd</command> will not create a home directory for " -"such an user, regardless of the default setting in <filename>/etc/login." -"defs</filename> (<option>CREATE_HOME</option>). You have to specify the " -"<option>-m</option> options if you want a home directory for a system " -"account to be created." +"such a user, regardless of the default setting in <filename>/etc/login.defs</" +"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-" +"m</option> options if you want a home directory for a system account to be " +"created." msgstr "" "Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ <command>useradd</command> Š½Šµ сŠ¾Š·Š“Š°Ń‘Ń‚ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š“Š»Ń " "Š“Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š½ŠµŠ·Š°Š²ŠøсŠøŠ¼Š¾ Š¾Ń‚ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š² <filename>/etc/" @@ -3212,10 +3234,14 @@ msgstr "" # type: Content of: <refentry><refsect1><literallayout> #. .RS #: suauth.5.xml:83(literallayout) -#, no-wrap +#, fuzzy, no-wrap +#| msgid "" +#| "\n" +#| " 1) the user su is targetting\n" +#| " " msgid "" "\n" -" 1) the user su is targetting\n" +" 1) the user su is targeting\n" " " msgstr "" "\n" @@ -3264,14 +3290,23 @@ msgstr "" "ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· Ā«,Ā»." #: suauth.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "from-id is formatted the same as to-id except the extra word " +#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</" +#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> " +#| "appears one or more group names, delimited by \",\". It is not sufficient " +#| "to have primary group id of the relevant group, an entry in " +#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</" +#| "manvolnum></citerefentry> is neccessary." msgid "" "from-id is formatted the same as to-id except the extra word " -"<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</" +"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</" "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> " "appears one or more group names, delimited by \",\". It is not sufficient to " "have primary group id of the relevant group, an entry in " "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</" -"manvolnum></citerefentry> is neccessary." +"manvolnum></citerefentry> is necessary." msgstr "" "Š¶ŠµŠ»Š°ŃŽŃ‰ŠøŠ¹-id Š¼Š¾Š¶ŠµŃ‚ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ тŠ¾ Š¶Šµ, чтŠ¾ Šø Š¶ŠµŠ»Š°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¹-id, ŠæŠ»ŃŽŃ Š½Š¾Š²Š¾Šµ " "сŠ»Š¾Š²Š¾<emphasis>GROUP</emphasis>. <emphasis>ALL EXCEPT GROUP</emphasis> тŠ¾Š¶Šµ " @@ -3431,9 +3466,8 @@ msgstr "" "citerefentry>." #: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) -#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) -#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) -#: faillog.5.xml:41(contrib) +#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) +#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib) msgid "Creation, 1989" msgstr "" @@ -4332,8 +4366,13 @@ msgstr "" "ŠæŠ¾Š»Šµ ŠæŠ°Ń€Š¾Š»Ń ŠæустŠ¾." #: shadow.5.xml:117(para) gshadow.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "A password field which starts with a exclamation mark means that the " +#| "password is locked. The remaining characters on the line represent the " +#| "password field before the password was locked." msgid "" -"A password field which starts with a exclamation mark means that the " +"A password field which starts with an exclamation mark means that the " "password is locked. The remaining characters on the line represent the " "password field before the password was locked." msgstr "" @@ -4353,9 +4392,13 @@ msgid "" msgstr "Š”Š°Ń‚Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń Š² Š“Š½ŃŃ… Š½Š°Ń‡ŠøŠ½Š°Ń с 1 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š°." #: shadow.5.xml:134(para) +#, fuzzy +#| msgid "" +#| "The value 0 has a special meaning, which is that the user should change " +#| "her pasword the next time she will log in the system." msgid "" "The value 0 has a special meaning, which is that the user should change her " -"pasword the next time she will log in the system." +"password the next time she will log in the system." msgstr "" "Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ 0 ŠøŠ¼ŠµŠµŃ‚ сŠæŠµŃ†ŠøŠ°Š»ŃŒŠ½Š¾Šµ ŠæрŠµŠ“Š½Š°Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ: Š¾Š½Š¾ уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚, чтŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ " "Š“Š¾Š»Š¶ŠµŠ½ сŠ¼ŠµŠ½Šøть ŠæŠ°Ń€Š¾Š»ŃŒ Š² сŠ»ŠµŠ“ующŠøŠ¹ рŠ°Š· ŠæрŠø Š²Ń…Š¾Š“Šµ Š² сŠøстŠµŠ¼Ńƒ." @@ -4481,9 +4524,15 @@ msgstr "" "яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š°." #: shadow.5.xml:229(para) +#, fuzzy +#| msgid "" +#| "Note that an account expiration differs from a password expiration. In " +#| "case of an acount expiration, the user shall not be allowed to login. In " +#| "case of a password expiration, the user is not allowed to login using her " +#| "password." msgid "" "Note that an account expiration differs from a password expiration. In case " -"of an acount expiration, the user shall not be allowed to login. In case of " +"of an account expiration, the user shall not be allowed to login. In case of " "a password expiration, the user is not allowed to login using her password." msgstr "" "Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ устŠ°Ń€ŠµŠ²Š°Š½ŠøŠµ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø Š¾Ń‚Š»ŠøчŠ°ŠµŃ‚ся Š¾Ń‚ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń. " @@ -4858,20 +4907,17 @@ msgid "pwconv" msgstr "pwconv" # type: Content of: <refentry><refsect1><para><command> -#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) -#: login.defs.5.xml:438(term) +#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term) msgid "pwunconv" msgstr "pwunconv" # type: Content of: <refentry><refsect1><para><command> -#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) -#: login.defs.5.xml:340(term) +#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term) msgid "grpconv" msgstr "grpconv" # type: Content of: <refentry><refsect1><para><command> -#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) -#: login.defs.5.xml:346(term) +#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term) msgid "grpunconv" msgstr "grpunconv" @@ -5094,8 +5140,7 @@ msgstr "ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ цŠµŠ»Š¾ŃŃ‚Š½Š¾ŃŃ‚ŃŒ фŠ°Š¹Š»Š¾Š² ŠæŠ°Ń€Š¾Š»ŠµŠ¹" # type: Content of: <refentry><refsect1><para><emphasis> #: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) #: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) -#: passwd.1.xml:71(refname) passwd.1.xml:77(command) -#: login.defs.5.xml:409(term) +#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term) msgid "passwd" msgstr "passwd" @@ -5282,10 +5327,15 @@ msgstr "" "<replaceable>passwd</replaceable> Šø <replaceable>shadow</replaceable>." #: pwck.8.xml:243(para) +#, fuzzy +#| msgid "" +#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an " +#| "alternative <replaceable>shadow</replaceable> file. In future releases, " +#| "this paramater could be replaced by an alternate TCB directory." msgid "" "Note that when <option>USE_TCB</option> is enabled, you cannot specify an " "alternative <replaceable>shadow</replaceable> file. In future releases, this " -"paramater could be replaced by an alternate TCB directory." +"parameter could be replaced by an alternate TCB directory." msgstr "" "Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠµŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š° <option>USE_TCB</option>, тŠ¾ Š²Ń‹ Š½Šµ Š¼Š¾Š¶ŠµŃ‚Šµ " "уŠŗŠ°Š·Š°Ń‚ŃŒ Š“руŠ³Š¾Š¹ фŠ°Š¹Š» <replaceable>shadow</replaceable>. Š’ сŠ»ŠµŠ“ующŠøх Š²ŠµŃ€ŃŠøях " @@ -5776,8 +5826,12 @@ msgstr "" "этŠ¾Š¼ Š»ŠµŠ³ŠŗŠ¾ Š“Š¾Š³Š°Š“Š°Ń‚ŃŒŃŃ, чтŠ¾ ŠæрŠøŠ²ŠµŠ“ёт Šŗ Š½Š°Ń€ŃƒŃˆŠµŠ½Šøю Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚Šø сŠøстŠµŠ¼Ń‹." #: passwd.1.xml:166(para) +#, fuzzy +#| msgid "" +#| "You can find advices on how to choose a strong password on http://en." +#| "wikipedia.org/wiki/Password_strength" msgid "" -"You can find advices on how to choose a strong password on http://en." +"You can find advice on how to choose a strong password on http://en." "wikipedia.org/wiki/Password_strength" msgstr "" "Šž тŠ¾Š¼, ŠŗŠ°Šŗ Š²Ń‹Š±Ń€Š°Ń‚ŃŒ стŠ¾Š¹ŠŗŠøŠ¹ ŠæŠ°Ń€Š¾Š»ŃŒ, чŠøтŠ°Š¹Ń‚Šµ Š² http://ru.wikipedia.org/wiki/" @@ -6350,7 +6404,9 @@ msgstr "Š˜Š”Š¢ŠžŠ Š˜ŠÆ" # type: Content of: <refentry><refsect1><para> #: nologin.8.xml:91(para) -msgid "The <command>nologin</command> command appearred in BSD 4.4." +#, fuzzy +#| msgid "The <command>nologin</command> command appearred in BSD 4.4." +msgid "The <command>nologin</command> command appeared in BSD 4.4." msgstr "ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° <command>nologin</command> Š²ŠæŠµŃ€Š²Ń‹Šµ ŠæŠ¾ŃŠ²ŠøŠ»Š°ŃŃŒ Š² BSD 4.4." # type: Content of: <refentry><refsect1><variablelist><varlistentry><term> @@ -6400,8 +6456,14 @@ msgid "This is the name of the user." msgstr "Š˜Š¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń." #: newusers.8.xml:116(para) +#, fuzzy +#| msgid "" +#| "It can be the name of a new user or the name of an existing user (or an " +#| "user created before by <command>newusers</command>). In case of an " +#| "existing user, the user's information will be changed, otherwise a new " +#| "user will be created." msgid "" -"It can be the name of a new user or the name of an existing user (or an user " +"It can be the name of a new user or the name of an existing user (or a user " "created before by <command>newusers</command>). In case of an existing user, " "the user's information will be changed, otherwise a new user will be created." msgstr "" @@ -6434,8 +6496,12 @@ msgid "This field is used to define the UID of the user." msgstr "Š­Ń‚Š¾ ŠæŠ¾Š»Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя UID ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń." #: newusers.8.xml:144(para) +#, fuzzy +#| msgid "" +#| "If the field is empty, an new (unused) UID will be defined automatically " +#| "by <command>newusers</command>." msgid "" -"If the field is empty, an new (unused) UID will be defined automatically by " +"If the field is empty, a new (unused) UID will be defined automatically by " "<command>newusers</command>." msgstr "" "Š•ŃŠ»Šø этŠ¾ ŠæŠ¾Š»Šµ ŠæустŠ¾, тŠ¾ ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ <command>newusers</command> Š°Š²Ń‚Š¾Š¼Š°Ń‚ŠøчŠµŃŠŗŠø " @@ -6447,8 +6513,13 @@ msgstr "" "Š•ŃŠ»Šø Š² этŠ¾Š¼ ŠæŠ¾Š»Šµ уŠŗŠ°Š·Š°Š½Š¾ чŠøсŠ»Š¾, тŠ¾ Š¾Š½Š¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ UID." #: newusers.8.xml:152(para) +#, fuzzy +#| msgid "" +#| "If this field contains the name of an existing user (or the name of an " +#| "user created before by <command>newusers</command>), the UID of the " +#| "specified user will be used." msgid "" -"If this field contains the name of an existing user (or the name of an user " +"If this field contains the name of an existing user (or the name of a user " "created before by <command>newusers</command>), the UID of the specified " "user will be used." msgstr "" @@ -8135,7 +8206,9 @@ msgstr "D: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ Š“Š°Š½Š½Ń‹Ń… (ŠšŠ‘)" # type: Content of: <refentry><refsect1><itemizedlist><listitem><para> #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +#, fuzzy +#| msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "F: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ фŠ°Š¹Š»Š° (ŠšŠ‘)" #: limits.5.xml:112(para) @@ -8227,9 +8300,15 @@ msgstr "" # type: Content of: <refentry><refsect1><para> #: limits.5.xml:145(para) +#, fuzzy +#| msgid "" +#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of " +#| "the line is considered a limit string, thus comments are not allowed. A " +#| "invalid limits string will be rejected (not considered) by the " +#| "<command>login</command> program." msgid "" "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of " -"the line is considered a limit string, thus comments are not allowed. A " +"the line is considered a limit string, thus comments are not allowed. An " "invalid limits string will be rejected (not considered) by the " "<command>login</command> program." msgstr "" @@ -8258,16 +8337,26 @@ msgstr "" "ŠæрŠøŠ¼ŠµŠ½ŃŃŽŃ‚ся Šŗ чŠ»ŠµŠ½Š°Š¼ уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ Š³Ń€ŃƒŠæŠæы <replaceable>group</replaceable>." #: limits.5.xml:165(para) +#, fuzzy +#| msgid "" +#| "If more than one line with limits for an user exist, only the first line " +#| "for this user will be considered." msgid "" -"If more than one line with limits for an user exist, only the first line for " +"If more than one line with limits for a user exist, only the first line for " "this user will be considered." msgstr "" "Š•ŃŠ»Šø Š“Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠµŃŃ‚ŃŒ Š±Š¾Š»ŠµŠµ Š¾Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹, тŠ¾ учŠøтыŠ²Š°ŠµŃ‚ся " "тŠ¾Š»ŃŒŠŗŠ¾ ŠæŠµŃ€Š²Š°Ń стрŠ¾ŠŗŠ°." #: limits.5.xml:170(para) +#, fuzzy +#| msgid "" +#| "If no lines are specified for an user, the last <replaceable>@group</" +#| "replaceable> line matching a group whose the user is a member of will be " +#| "considered, or the last line with default limits if no groups contain the " +#| "user." msgid "" -"If no lines are specified for an user, the last <replaceable>@group</" +"If no lines are specified for a user, the last <replaceable>@group</" "replaceable> line matching a group whose the user is a member of will be " "considered, or the last line with default limits if no groups contain the " "user." @@ -8372,7 +8461,37 @@ msgid "" msgstr "" "ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø lastlog Š·Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠøŠµ <emphasis remap=\"I\">Š”ŠŠ•Š™</emphasis>." -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) +#: lastlog.8.xml:107(term) +#, fuzzy +#| msgid "<option>-u</option>, <option>--user</option>" +msgid "<option>-C</option>, <option>--clear</option>" +msgstr "<option>-u</option>, <option>--user</option>" + +#: lastlog.8.xml:111(para) +#, fuzzy +#| msgid "" +#| "This option is only valid in combination with the <option>-d</option> (or " +#| "<option>--home</option>) option." +msgid "" +"Clear lastlog record of a user. This option can be used only together with " +"<option>-u</option> (<option>--user</option>))." +msgstr "" +"Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ <option>-d</option> " +"(ŠøŠ»Šø <option>--home</option>)." + +#: lastlog.8.xml:138(term) +#, fuzzy +#| msgid "<option>-r</option>, <option>--reset</option>" +msgid "<option>-S</option>, <option>--set</option>" +msgstr "<option>-r</option>, <option>--reset</option>" + +#: lastlog.8.xml:142(para) +msgid "" +"Set lastlog record of a user to the current time. This option can be used " +"only together with <option>-u</option> (<option>--user</option>))." +msgstr "" + +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) msgid "" "<option>-t</option>, <option>--time</option> <replaceable>DAYS</" "replaceable>" @@ -8381,14 +8500,14 @@ msgstr "" "replaceable>" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> -#: lastlog.8.xml:131(para) +#: lastlog.8.xml:153(para) msgid "" "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</" "emphasis>." msgstr "" "ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø lastlog Š½Š¾Š²ŠµŠµ чŠµŠ¼ <emphasis remap=\"I\">Š”ŠŠ•Š™</emphasis>." -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) msgid "" "<option>-u</option>, <option>--user</option> <replaceable>LOGIN</" "replaceable>|<replaceable>RANGE</replaceable>" @@ -8397,11 +8516,11 @@ msgstr "" "Š—ŠŠŸŠ˜Š”Š¬</replaceable>|<replaceable>Š”Š˜ŠŠŸŠŠ—ŠžŠ</replaceable>" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> -#: lastlog.8.xml:142(para) +#: lastlog.8.xml:164(para) msgid "Print the lastlog record of the specified user(s)." msgstr "ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсь lastlog тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń уŠŗŠ°Š·Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń(ŠµŠ¹)." -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "" "The users can be specified by a login name, a numerical user ID, or a " "<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</" @@ -8416,7 +8535,7 @@ msgstr "" "Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ (<replaceable>-UID_ŠœŠŠšŠ”</replaceable>) ŠøŠ»Šø Š¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ " "(<replaceable>UID_ŠœŠ˜Š-</replaceable>) Š·Š½Š°Ń‡ŠµŠ½Šøя." -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "" "If the user has never logged in the message <emphasis>** Never logged in**</" "emphasis> will be displayed instead of the port and time." @@ -8425,7 +8544,7 @@ msgstr "" "сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ <emphasis>** ŠŠøŠŗŠ¾Š³Š“Š° Š½Šµ Š²Ń…Š¾Š“ŠøŠ» Š² сŠøстŠµŠ¼Ńƒ**</emphasis> Š²Š¼ŠµŃŃ‚Š¾ " "Š½Š°Š·Š²Š°Š½Šøя ŠæŠ¾Ń€Ń‚Š° Šø Š“Š°Ń‚Ń‹." -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "" "Only the entries for the current users of the system will be displayed. " "Other entries may exist for users that were deleted previously." @@ -8435,13 +8554,13 @@ msgstr "" "ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹." # type: Content of: <refentry><refsect1><title> -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) #: chage.1.xml:231(title) msgid "NOTE" msgstr "Š—ŠŠœŠ•Š§ŠŠŠ˜Š•" # type: Content of: <refentry><refsect1><para> -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "" "The <filename>lastlog</filename> file is a database which contains info on " "the last login of each user. You should not rotate it. It is a sparse file, " @@ -8459,17 +8578,17 @@ msgstr "" "Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹). Š§Ń‚Š¾Š±Ń‹ уŠ²ŠøŠ“ŠµŃ‚ŃŒ рŠµŠ°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ Š²Š²ŠµŠ“ŠøтŠµ Ā«<command>ls -s</command>Ā»." # type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename> -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "/var/log/lastlog" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "сŠ¾Š“ŠµŃ€Š¶Šøт сŠæŠøсŠ¾Šŗ Š·Š°Š²ŠµŃ€ŃˆŃ‘Š½Š½Ń‹Ń… сŠµŠ°Š½ŃŠ¾Š² рŠ°Š±Š¾Ń‚Ń‹ с сŠøстŠµŠ¼Š¾Š¹" # type: Content of: <refentry><refsect1><para> -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "" "Large gaps in UID numbers will cause the lastlog program to run longer with " "no output to the screen (i.e. if in lastlog database there is no entries for " @@ -8532,8 +8651,14 @@ msgstr "" "Š½ŃƒŠ¶ŠµŠ½)." #: gshadow.5.xml:97(para) +#, fuzzy +#| msgid "" +#| "The password is used when an user who is not a member of the group wants " +#| "to gain the permissions of this group (see " +#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</" +#| "manvolnum></citerefentry>)." msgid "" -"The password is used when an user who is not a member of the group wants to " +"The password is used when a user who is not a member of the group wants to " "gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</" "refentrytitle><manvolnum>1</manvolnum></citerefentry>)." msgstr "" @@ -9091,7 +9216,9 @@ msgstr "" # type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para> #: groupmems.8.xml:109(para) -msgid "Add an user to the group membership list." +#, fuzzy +#| msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "Š”Š¾Š±Š°Š²Šøть Š½Š¾Š²Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š³Ń€ŃƒŠæŠæу." #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) @@ -10163,10 +10290,17 @@ msgstr "" "Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń, тŠ¾ Š¾Š½ Š±ŃƒŠ“ŠµŃ‚ Š¾Š±Š½Š¾Š²Š»Ń‘Š½." #: chpasswd.8.xml:97(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> " +#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten " +#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> " +#| "options." msgid "" "The default encryption algorithm can be defined for the system with the " "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables " -"of <filename>/etc/login.defs</filename>, and can be overwitten with the " +"of <filename>/etc/login.defs</filename>, and can be overwritten with the " "<option>-e</option>, <option>-m</option>, or <option>-c</option> options." msgstr "" "Š”ŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ Š·Š°Š“Š°Š½ Š² ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ " @@ -10185,10 +10319,16 @@ msgstr "" "option>, <option>-m</option> ŠøŠ»Šø <option>-c</option>." #: chpasswd.8.xml:111(para) +#, fuzzy +#| msgid "" +#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the " +#| "passwords,</phrase><command>chpasswd</command> first updates all the " +#| "passwords in memory, and then commits all the changes to disk if no " +#| "errors occured for any user." msgid "" "<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</" "phrase><command>chpasswd</command> first updates all the passwords in " -"memory, and then commits all the changes to disk if no errors occured for " +"memory, and then commits all the changes to disk if no errors occurred for " "any user." msgstr "" "ŠšŠ¾Š¼Š°Š½Š“Š° <command>chpasswd</command> <phrase condition=\"pam\">(ŠŗŠ¾Š³Š“Š° Š“Š»Ń " @@ -10361,10 +10501,16 @@ msgstr "" "шŠøфруŠµŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ <command>chgpasswd</command>." #: chgpasswd.8.xml:92(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</" +#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</" +#| "option>, or <option>-c</option> options." msgid "" "The default encryption algorithm can be defined for the system with the " "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</" -"filename>, and can be overwiten with the <option>-e</option>, <option>-m</" +"filename>, and can be overwritten with the <option>-e</option>, <option>-m</" "option>, or <option>-c</option> options." msgstr "" "Š”ŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ Š·Š°Š“Š°Š½ Š² ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ " @@ -10777,6 +10923,10 @@ msgstr "" "Yuri Kozlov <yuray@komyakino.ru>, 2005, 2006, 2012 Sergey Alyoshin <alyoshin." "s@gmail.com>, 2012 " +# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option> +#~ msgid "-M" +#~ msgstr "-M" + #~ msgid "" #~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</" #~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</" diff --git a/man/po/shadow-man-pages.pot b/man/po/shadow-man-pages.pot index 5190b065..2a705d54 100644 --- a/man/po/shadow-man-pages.pot +++ b/man/po/shadow-man-pages.pot @@ -1,7 +1,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" -"POT-Creation-Date: 2014-05-09 12:53+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -105,11 +105,11 @@ msgstr "" msgid "Edit group database." msgstr "" -#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term) groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) chgpasswd.8.xml:131(term) chage.1.xml:129(term) +#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) chgpasswd.8.xml:131(term) chage.1.xml:129(term) msgid "<option>-h</option>, <option>--help</option>" msgstr "" -#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para) +#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para) msgid "Display help message and exit." msgstr "" @@ -129,11 +129,11 @@ msgstr "" msgid "Quiet mode." msgstr "" -#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) chfn.1.xml:153(term) chage.1.xml:197(term) +#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) chfn.1.xml:153(term) chage.1.xml:197(term) msgid "<option>-R</option>, <option>--root</option> <replaceable>CHROOT_DIR</replaceable>" msgstr "" -#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para) +#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para) msgid "Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use the configuration files from the <replaceable>CHROOT_DIR</replaceable> directory." msgstr "" @@ -153,11 +153,11 @@ msgstr "" msgid "Indicates which user's tcb shadow file to edit." msgstr "" -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para) groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para) chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para) chage.1.xml:245(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para) groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para) chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para) chage.1.xml:245(para) msgid "The following configuration variables in <filename>/etc/login.defs</filename> change the behavior of this tool:" msgstr "" @@ -189,43 +189,43 @@ msgstr "" msgid "Editor to be used if <option>VISUAL</option> is not set." msgstr "" -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) newgrp.1.xml:121(title) logoutd.8.xml:89(title) login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) chage.1.xml:256(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) newgrp.1.xml:121(title) logoutd.8.xml:89(title) login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "" -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) userdel.8.xml:191(filename) useradd.8.xml:690(filename) sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) grpck.8.xml:224(filename) groups.1.xml:103(filename) groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) userdel.8.xml:191(filename) useradd.8.xml:690(filename) sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) grpck.8.xml:224(filename) groups.1.xml:103(filename) groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "" -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para) gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para) gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para) msgid "Group account information." msgstr "" -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) useradd.8.xml:696(filename) sg.1.xml:131(filename) newusers.8.xml:418(filename) newgrp.1.xml:142(filename) gshadow.5.xml:165(filename) grpck.8.xml:230(filename) groupmod.8.xml:214(filename) groupmems.8.xml:220(filename) groupdel.8.xml:149(filename) groupadd.8.xml:242(filename) gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename) chgpasswd.8.xml:222(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) useradd.8.xml:696(filename) sg.1.xml:131(filename) newusers.8.xml:418(filename) newgrp.1.xml:142(filename) gshadow.5.xml:165(filename) grpck.8.xml:230(filename) groupmod.8.xml:214(filename) groupmems.8.xml:220(filename) groupdel.8.xml:149(filename) groupadd.8.xml:242(filename) gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename) chgpasswd.8.xml:222(filename) msgid "/etc/gshadow" msgstr "" -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) chgpasswd.8.xml:224(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) chgpasswd.8.xml:224(para) msgid "Secure group account information." msgstr "" -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) userdel.8.xml:203(filename) useradd.8.xml:678(filename) su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) pwck.8.xml:278(filename) passwd.5.xml:144(filename) passwd.1.xml:411(filename) newusers.8.xml:400(filename) newgrp.1.xml:124(filename) login.1.xml:353(filename) grpck.8.xml:236(filename) groupmod.8.xml:226(filename) expiry.1.xml:124(filename) chsh.1.xml:170(filename) chpasswd.8.xml:258(filename) chfn.1.xml:216(filename) chage.1.xml:260(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) userdel.8.xml:203(filename) useradd.8.xml:678(filename) su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) pwck.8.xml:278(filename) passwd.5.xml:144(filename) passwd.1.xml:411(filename) newusers.8.xml:400(filename) newgrp.1.xml:124(filename) login.1.xml:353(filename) grpck.8.xml:236(filename) groupmod.8.xml:226(filename) expiry.1.xml:124(filename) chsh.1.xml:170(filename) chpasswd.8.xml:258(filename) chfn.1.xml:216(filename) chage.1.xml:260(filename) msgid "/etc/passwd" msgstr "" -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para) expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para) chfn.1.xml:218(para) chage.1.xml:263(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para) expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para) chfn.1.xml:218(para) chage.1.xml:263(para) msgid "User account information." msgstr "" -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) userdel.8.xml:209(filename) useradd.8.xml:684(filename) su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) shadow.3.xml:229(filename) pwck.8.xml:284(filename) passwd.5.xml:150(filename) passwd.1.xml:417(filename) newusers.8.xml:406(filename) newgrp.1.xml:130(filename) login.1.xml:359(filename) expiry.1.xml:130(filename) chpasswd.8.xml:264(filename) chage.1.xml:268(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) userdel.8.xml:209(filename) useradd.8.xml:684(filename) su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) shadow.3.xml:229(filename) pwck.8.xml:284(filename) passwd.5.xml:150(filename) passwd.1.xml:417(filename) newusers.8.xml:406(filename) newgrp.1.xml:130(filename) login.1.xml:359(filename) expiry.1.xml:130(filename) chpasswd.8.xml:264(filename) chage.1.xml:268(filename) msgid "/etc/shadow" msgstr "" -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para) chage.1.xml:271(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para) chage.1.xml:271(para) msgid "Secure user account information." msgstr "" -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title) newusers.8.xml:451(title) newgrp.1.xml:151(title) login.defs.5.xml:534(title) login.access.5.xml:133(title) login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title) grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title) groupmems.8.xml:229(title) groupdel.8.xml:197(title) groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title) faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title) chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title) chage.1.xml:311(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title) newusers.8.xml:451(title) newgrp.1.xml:151(title) login.defs.5.xml:534(title) login.access.5.xml:133(title) login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title) grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title) groupmems.8.xml:229(title) groupdel.8.xml:197(title) groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title) faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title) chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title) chage.1.xml:311(title) msgid "SEE ALSO" msgstr "" @@ -521,19 +521,19 @@ msgstr "" msgid "A blank <replaceable>SEUSER</replaceable> will remove the SELinux user mapping for user <replaceable>LOGIN</replaceable> (if any)." msgstr "" -#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) chgpasswd.8.xml:186(title) +#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "" #: usermod.8.xml:479(para) -msgid "You must make certain that the named user is not executing any processes when this command is being executed if the user's numerical user ID, the user's name, or the user's home directory is being changed. <command>usermod</command> checks this on Linux, but only check if the user is logged in according to utmp on other architectures." +msgid "You must make certain that the named user is not executing any processes when this command is being executed if the user's numerical user ID, the user's name, or the user's home directory is being changed. <command>usermod</command> checks this on Linux. On other platforms it only uses utmp to check if the user is logged in." msgstr "" -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "You must change the owner of any <command>crontab</command> files or <command>at</command> jobs manually." msgstr "" -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "" @@ -641,31 +641,31 @@ msgstr "" msgid "If <replaceable>yes</replaceable>, the location of the user tcb directory to be created will not be automatically set to /etc/tcb/user, but will be computed depending on the UID of the user, according to the following algorithm: <placeholder-1/>" msgstr "" -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) useradd.8.xml:726(filename) su.1.xml:382(filename) pwconv.8.xml:253(filename) passwd.1.xml:423(filename) newusers.8.xml:424(filename) login.access.5.xml:124(filename) login.1.xml:389(filename) groupmod.8.xml:220(filename) groupadd.8.xml:248(filename) chsh.1.xml:182(filename) chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename) chfn.1.xml:210(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) useradd.8.xml:726(filename) su.1.xml:382(filename) pwconv.8.xml:253(filename) passwd.1.xml:423(filename) newusers.8.xml:424(filename) login.access.5.xml:124(filename) login.1.xml:389(filename) groupmod.8.xml:220(filename) groupadd.8.xml:248(filename) chsh.1.xml:182(filename) chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename) chfn.1.xml:210(filename) msgid "/etc/login.defs" msgstr "" -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para) msgid "Shadow password suite configuration." msgstr "" -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) useradd.8.xml:714(filename) newusers.8.xml:436(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) useradd.8.xml:714(filename) newusers.8.xml:436(filename) msgid "/etc/subgid" msgstr "" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) newusers.8.xml:438(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) useradd.8.xml:720(filename) newusers.8.xml:442(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) useradd.8.xml:720(filename) newusers.8.xml:442(filename) msgid "/etc/subuid" msgstr "" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) newusers.8.xml:444(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>." msgstr "" @@ -935,7 +935,7 @@ msgid "<option>-K</option>, <option>--key</option> <replaceable>KEY</replac msgstr "" #: useradd.8.xml:301(para) -msgid "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, <option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: <option>-K</option> <replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> can be used when creating system account to turn off password ageing, even though system account has no password at all. Multiple <option>-K</option> options can be specified, e.g.: <option>-K</option> <replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable> <option>-K</option> <replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>" +msgid "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, <option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: <option>-K</option> <replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> can be used when creating system account to turn off password aging, even though system account has no password at all. Multiple <option>-K</option> options can be specified, e.g.: <option>-K</option> <replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable> <option>-K</option> <replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>" msgstr "" #: useradd.8.xml:322(term) @@ -947,7 +947,7 @@ msgid "Do not add the user to the lastlog and faillog databases." msgstr "" #: useradd.8.xml:327(para) -msgid "By default, the user's entries in the lastlog and faillog databases are resetted to avoid reusing the entry from a previously deleted user." +msgid "By default, the user's entries in the lastlog and faillog databases are reset to avoid reusing the entry from a previously deleted user." msgstr "" #: useradd.8.xml:335(term) @@ -962,8 +962,8 @@ msgstr "" msgid "By default, if this option is not specified and <option>CREATE_HOME</option> is not enabled, no home directories are created." msgstr "" -#: useradd.8.xml:354(option) -msgid "-M" +#: useradd.8.xml:353(term) +msgid "<option>-M</option>, <option>--no-create-home</option>" msgstr "" #: useradd.8.xml:357(para) @@ -1007,7 +1007,7 @@ msgid "System users will be created with no aging information in <filename>/etc/ msgstr "" #: useradd.8.xml:434(para) -msgid "Note that <command>useradd</command> will not create a home directory for such an user, regardless of the default setting in <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). You have to specify the <option>-m</option> options if you want a home directory for a system account to be created." +msgid "Note that <command>useradd</command> will not create a home directory for such a user, regardless of the default setting in <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). You have to specify the <option>-m</option> options if you want a home directory for a system account to be created." msgstr "" #: useradd.8.xml:461(para) @@ -1329,7 +1329,7 @@ msgstr "" #. .RS #: suauth.5.xml:83(literallayout) #, no-wrap -msgid "\n 1) the user su is targetting\n " +msgid "\n 1) the user su is targeting\n " msgstr "" #. .fi @@ -1351,7 +1351,7 @@ msgid "Where to-id is either the word <emphasis>ALL</emphasis>, a list of userna msgstr "" #: suauth.5.xml:107(para) -msgid "from-id is formatted the same as to-id except the extra word <emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> appears one or more group names, delimited by \",\". It is not sufficient to have primary group id of the relevant group, an entry in <citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</manvolnum></citerefentry> is neccessary." +msgid "from-id is formatted the same as to-id except the extra word <emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> appears one or more group names, delimited by \",\". It is not sufficient to have primary group id of the relevant group, an entry in <citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</manvolnum></citerefentry> is necessary." msgstr "" #: suauth.5.xml:118(para) @@ -1854,7 +1854,7 @@ msgid "This field may be empty, in which case no passwords are required to authe msgstr "" #: shadow.5.xml:117(para) gshadow.5.xml:107(para) -msgid "A password field which starts with a exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked." +msgid "A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked." msgstr "" #: shadow.5.xml:127(emphasis) @@ -1866,7 +1866,7 @@ msgid "The date of the last password change, expressed as the number of days sin msgstr "" #: shadow.5.xml:134(para) -msgid "The value 0 has a special meaning, which is that the user should change her pasword the next time she will log in the system." +msgid "The value 0 has a special meaning, which is that the user should change her password the next time she will log in the system." msgstr "" #: shadow.5.xml:139(para) @@ -1942,7 +1942,7 @@ msgid "The date of expiration of the account, expressed as the number of days si msgstr "" #: shadow.5.xml:229(para) -msgid "Note that an account expiration differs from a password expiration. In case of an acount expiration, the user shall not be allowed to login. In case of a password expiration, the user is not allowed to login using her password." +msgid "Note that an account expiration differs from a password expiration. In case of an account expiration, the user shall not be allowed to login. In case of a password expiration, the user is not allowed to login using her password." msgstr "" #: shadow.5.xml:235(para) @@ -2331,7 +2331,7 @@ msgid "By default, <command>pwck</command> operates on the files <filename>/etc/ msgstr "" #: pwck.8.xml:243(para) -msgid "Note that when <option>USE_TCB</option> is enabled, you cannot specify an alternative <replaceable>shadow</replaceable> file. In future releases, this paramater could be replaced by an alternate TCB directory." +msgid "Note that when <option>USE_TCB</option> is enabled, you cannot specify an alternative <replaceable>shadow</replaceable> file. In future releases, this parameter could be replaced by an alternate TCB directory." msgstr "" #: pwck.8.xml:312(para) @@ -2544,7 +2544,7 @@ msgid "Compromises in password security normally result from careless password s msgstr "" #: passwd.1.xml:166(para) -msgid "You can find advices on how to choose a strong password on http://en.wikipedia.org/wiki/Password_strength" +msgid "You can find advice on how to choose a strong password on http://en.wikipedia.org/wiki/Password_strength" msgstr "" #: passwd.1.xml:175(para) @@ -2832,7 +2832,7 @@ msgid "HISTORY" msgstr "" #: nologin.8.xml:91(para) -msgid "The <command>nologin</command> command appearred in BSD 4.4." +msgid "The <command>nologin</command> command appeared in BSD 4.4." msgstr "" #: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) newusers.8.xml:85(command) login.defs.5.xml:391(term) @@ -2864,7 +2864,7 @@ msgid "This is the name of the user." msgstr "" #: newusers.8.xml:116(para) -msgid "It can be the name of a new user or the name of an existing user (or an user created before by <command>newusers</command>). In case of an existing user, the user's information will be changed, otherwise a new user will be created." +msgid "It can be the name of a new user or the name of an existing user (or a user created before by <command>newusers</command>). In case of an existing user, the user's information will be changed, otherwise a new user will be created." msgstr "" #: newusers.8.xml:127(emphasis) @@ -2884,7 +2884,7 @@ msgid "This field is used to define the UID of the user." msgstr "" #: newusers.8.xml:144(para) -msgid "If the field is empty, an new (unused) UID will be defined automatically by <command>newusers</command>." +msgid "If the field is empty, a new (unused) UID will be defined automatically by <command>newusers</command>." msgstr "" #: newusers.8.xml:148(para) @@ -2892,7 +2892,7 @@ msgid "If this field contains a number, this number will be used as the UID." msgstr "" #: newusers.8.xml:152(para) -msgid "If this field contains the name of an existing user (or the name of an user created before by <command>newusers</command>), the UID of the specified user will be used." +msgid "If this field contains the name of an existing user (or the name of a user created before by <command>newusers</command>), the UID of the specified user will be used." msgstr "" #: newusers.8.xml:158(para) @@ -3704,7 +3704,7 @@ msgid "D: max data size (KB)" msgstr "" #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "" #: limits.5.xml:112(para) @@ -3761,7 +3761,7 @@ msgid "\n username L2D2048N5\n username L2 D2048 N5\n " msgstr "" #: limits.5.xml:145(para) -msgid "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of the line is considered a limit string, thus comments are not allowed. A invalid limits string will be rejected (not considered) by the <command>login</command> program." +msgid "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of the line is considered a limit string, thus comments are not allowed. An invalid limits string will be rejected (not considered) by the <command>login</command> program." msgstr "" #: limits.5.xml:152(para) @@ -3773,11 +3773,11 @@ msgid "The limits specified in the form \"<replaceable>@group</replaceable>\" ap msgstr "" #: limits.5.xml:165(para) -msgid "If more than one line with limits for an user exist, only the first line for this user will be considered." +msgid "If more than one line with limits for a user exist, only the first line for this user will be considered." msgstr "" #: limits.5.xml:170(para) -msgid "If no lines are specified for an user, the last <replaceable>@group</replaceable> line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user." +msgid "If no lines are specified for a user, the last <replaceable>@group</replaceable> line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user." msgstr "" #: limits.5.xml:177(para) @@ -3824,51 +3824,67 @@ msgstr "" msgid "Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>." msgstr "" -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) -msgid "<option>-t</option>, <option>--time</option> <replaceable>DAYS</replaceable>" +#: lastlog.8.xml:107(term) +msgid "<option>-C</option>, <option>--clear</option>" msgstr "" -#: lastlog.8.xml:131(para) -msgid "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</emphasis>." +#: lastlog.8.xml:111(para) +msgid "Clear lastlog record of a user. This option can be used only together with <option>-u</option> (<option>--user</option>))." msgstr "" -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) -msgid "<option>-u</option>, <option>--user</option> <replaceable>LOGIN</replaceable>|<replaceable>RANGE</replaceable>" +#: lastlog.8.xml:138(term) +msgid "<option>-S</option>, <option>--set</option>" msgstr "" #: lastlog.8.xml:142(para) +msgid "Set lastlog record of a user to the current time. This option can be used only together with <option>-u</option> (<option>--user</option>))." +msgstr "" + +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) +msgid "<option>-t</option>, <option>--time</option> <replaceable>DAYS</replaceable>" +msgstr "" + +#: lastlog.8.xml:153(para) +msgid "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</emphasis>." +msgstr "" + +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) +msgid "<option>-u</option>, <option>--user</option> <replaceable>LOGIN</replaceable>|<replaceable>RANGE</replaceable>" +msgstr "" + +#: lastlog.8.xml:164(para) msgid "Print the lastlog record of the specified user(s)." msgstr "" -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "The users can be specified by a login name, a numerical user ID, or a <replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</replaceable> of users can be specified with a min and max values (<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)." msgstr "" -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "If the user has never logged in the message <emphasis>** Never logged in**</emphasis> will be displayed instead of the port and time." msgstr "" -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "Only the entries for the current users of the system will be displayed. Other entries may exist for users that were deleted previously." msgstr "" -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) chage.1.xml:231(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) chage.1.xml:231(title) msgid "NOTE" msgstr "" -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "The <filename>lastlog</filename> file is a database which contains info on the last login of each user. You should not rotate it. It is a sparse file, so its size on the disk is usually much smaller than the one shown by \"<command>ls -l</command>\" (which can indicate a really big file if you have in <filename>passwd</filename> users with a high UID). You can display its real size with \"<command>ls -s</command>\"." msgstr "" -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "" -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "" -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i.e. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171-799)." msgstr "" @@ -3905,7 +3921,7 @@ msgid "If the password field contains some string that is not a valid result of msgstr "" #: gshadow.5.xml:97(para) -msgid "The password is used when an user who is not a member of the group wants to gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>)." +msgid "The password is used when a user who is not a member of the group wants to gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>)." msgstr "" #: gshadow.5.xml:103(para) @@ -4169,7 +4185,7 @@ msgid "<option>-a</option>, <option>--add</option> <replaceable>user_name</ msgstr "" #: groupmems.8.xml:109(para) -msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "" #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) groupmems.8.xml:157(para) @@ -4663,7 +4679,7 @@ msgid "By default the passwords must be supplied in clear-text, and are encrypte msgstr "" #: chpasswd.8.xml:97(para) -msgid "The default encryption algorithm can be defined for the system with the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables of <filename>/etc/login.defs</filename>, and can be overwitten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options." +msgid "The default encryption algorithm can be defined for the system with the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables of <filename>/etc/login.defs</filename>, and can be overwritten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options." msgstr "" #: chpasswd.8.xml:105(para) @@ -4671,7 +4687,7 @@ msgid "By default, passwords are encrypted by PAM, but (even if not recommended) msgstr "" #: chpasswd.8.xml:111(para) -msgid "<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</phrase><command>chpasswd</command> first updates all the passwords in memory, and then commits all the changes to disk if no errors occured for any user." +msgid "<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</phrase><command>chpasswd</command> first updates all the passwords in memory, and then commits all the changes to disk if no errors occurred for any user." msgstr "" #: chpasswd.8.xml:117(para) @@ -4763,7 +4779,7 @@ msgid "By default the supplied password must be in clear-text, and is encrypted msgstr "" #: chgpasswd.8.xml:92(para) -msgid "The default encryption algorithm can be defined for the system with the <option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</filename>, and can be overwiten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options." +msgid "The default encryption algorithm can be defined for the system with the <option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</filename>, and can be overwritten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options." msgstr "" #: chgpasswd.8.xml:106(para) diff --git a/man/po/stamp-po b/man/po/stamp-po deleted file mode 100644 index 9788f702..00000000 --- a/man/po/stamp-po +++ /dev/null @@ -1 +0,0 @@ -timestamp diff --git a/man/po/sv.po b/man/po/sv.po index aff1e87a..6875d840 100644 --- a/man/po/sv.po +++ b/man/po/sv.po @@ -1,7 +1,7 @@ msgid "" msgstr "" "Project-Id-Version: man pages for shadow 4.0.18\n" -"POT-Creation-Date: 2014-05-09 12:53+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2013-08-23 01:41+0200\n" "Last-Translator: Daniel Nylander <po@danielnylander.se>\n" "Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n" @@ -49,16 +49,15 @@ msgstr "" #: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) #: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) #: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) -#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) -#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname) -#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) -#: login.access.5.xml:46(surname) login.1.xml:78(surname) -#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) -#: groups.1.xml:45(surname) groupmod.8.xml:46(surname) +#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) +#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) +#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname) +#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) +#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) #: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) #: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) -#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) -#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) +#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) +#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) #: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname) msgid "Kłoczko" msgstr "" @@ -83,17 +82,16 @@ msgstr "" #: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) #: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) #: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) -#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) -#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) -#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) -#: login.access.5.xml:48(contrib) login.1.xml:80(contrib) -#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) -#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) +#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) +#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) +#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) +#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) +#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) #: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) #: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) -#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) -#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) -#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib) +#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) +#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) +#: chage.1.xml:48(contrib) msgid "shadow-utils maintainer, 2000 - 2007" msgstr "" @@ -127,14 +125,13 @@ msgstr "" #: newusers.8.xml:66(surname) newgrp.1.xml:52(surname) #: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) #: login.access.5.xml:52(surname) login.1.xml:84(surname) -#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) -#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) -#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) -#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) -#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) -#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) -#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) -#: chfn.1.xml:54(surname) chage.1.xml:52(surname) +#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) +#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) +#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) +#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) +#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) +#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) +#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname) msgid "FranƧois" msgstr "" @@ -163,14 +160,13 @@ msgstr "" #: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) #: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) #: login.access.5.xml:54(contrib) login.1.xml:86(contrib) -#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) -#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) -#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) -#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) -#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) -#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) -#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) -#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib) +#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) +#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) +#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) +#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) +#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) +#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) +#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib) msgid "shadow-utils maintainer, 2007 - now" msgstr "" @@ -248,14 +244,13 @@ msgstr "redigera lƶsenordet, grupp, skugglƶsenord eller skuggruppfil" #: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) #: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) #: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) -#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) -#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) -#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) -#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) -#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) -#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) -#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) -#: chage.1.xml:72(replaceable) +#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) +#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) +#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) +#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) +#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) +#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) +#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable) msgid "options" msgstr "flaggor" @@ -305,11 +300,10 @@ msgstr "" #: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) #: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) #: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) -#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) -#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) -#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) -#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) -#: chage.1.xml:91(title) +#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) +#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) +#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) +#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title) msgid "OPTIONS" msgstr "FLAGGOR" @@ -331,7 +325,7 @@ msgstr "Redigera gruppdatabasen." #: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) #: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) -#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term) +#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) #: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) #: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) #: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) @@ -341,7 +335,7 @@ msgstr "<option>-h</option>, <option>--help</option>" #: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) #: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) -#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) +#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) #: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) #: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) #: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) @@ -367,7 +361,7 @@ msgstr "Tyst lƤge." #: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) #: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) -#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) +#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) #: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) #: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) #: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) @@ -385,7 +379,7 @@ msgstr "" #: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) #: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) -#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) +#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) #: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) #: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) #: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) @@ -414,18 +408,18 @@ msgstr "<option>-q</option>, <option>--quiet</option>" msgid "Indicates which user's tcb shadow file to edit." msgstr "" -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) #: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) #: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) #: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) #: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) -#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) -#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) -#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) +#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) +#: chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) #: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) #: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) #: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) @@ -483,37 +477,35 @@ msgstr "HISTORIK" msgid "Editor to be used if <option>VISUAL</option> is not set." msgstr "" -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) #: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) #: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) #: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) #: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) #: newgrp.1.xml:121(title) logoutd.8.xml:89(title) -#: login.access.5.xml:121(title) login.1.xml:338(title) -#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) -#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) -#: groupmems.8.xml:211(title) groupdel.8.xml:140(title) -#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) -#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) -#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) -#: chage.1.xml:256(title) +#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) +#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) +#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) +#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) +#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) +#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) +#: chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "FILER" -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) #: userdel.8.xml:191(filename) useradd.8.xml:690(filename) -#: sg.1.xml:125(filename) pwck.8.xml:272(filename) -#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename) -#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename) -#: groups.1.xml:103(filename) groupmod.8.xml:208(filename) -#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) -#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) -#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) -#: chgpasswd.8.xml:216(filename) +#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) +#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) +#: grpck.8.xml:224(filename) groups.1.xml:103(filename) +#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) +#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) +#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) +#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "/etc/group" -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) #: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) #: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) #: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) @@ -522,7 +514,7 @@ msgstr "/etc/group" msgid "Group account information." msgstr "Gruppkontoinformation." -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) #: useradd.8.xml:696(filename) sg.1.xml:131(filename) #: newusers.8.xml:418(filename) newgrp.1.xml:142(filename) #: gshadow.5.xml:165(filename) grpck.8.xml:230(filename) @@ -533,7 +525,7 @@ msgstr "Gruppkontoinformation." msgid "/etc/gshadow" msgstr "/etc/gshadow" -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) #: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) #: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) #: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) @@ -541,7 +533,7 @@ msgstr "/etc/gshadow" msgid "Secure group account information." msgstr "SƤker gruppkontoinformation." -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) #: userdel.8.xml:203(filename) useradd.8.xml:678(filename) #: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) #: pwck.8.xml:278(filename) passwd.5.xml:144(filename) @@ -554,7 +546,7 @@ msgstr "SƤker gruppkontoinformation." msgid "/etc/passwd" msgstr "/etc/passwd" -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) #: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) #: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) #: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) @@ -564,7 +556,7 @@ msgstr "/etc/passwd" msgid "User account information." msgstr "AnvƤndarkontoinformation." -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) #: userdel.8.xml:209(filename) useradd.8.xml:684(filename) #: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) #: shadow.3.xml:229(filename) pwck.8.xml:284(filename) @@ -575,7 +567,7 @@ msgstr "AnvƤndarkontoinformation." msgid "/etc/shadow" msgstr "/etc/shadow" -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) #: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) #: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) #: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) @@ -584,7 +576,7 @@ msgstr "/etc/shadow" msgid "Secure user account information." msgstr "SƤker anvƤndarkontoinformation." -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) #: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) #: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) #: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) @@ -659,15 +651,15 @@ msgstr "" #: usermod.8.xml:46(surname) userdel.8.xml:46(surname) #: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) #: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) -#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) -#: passwd.1.xml:47(surname) newusers.8.xml:55(surname) -#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) -#: login.defs.5.xml:105(surname) login.1.xml:73(surname) -#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) -#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) -#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname) -#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) -#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname) +#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) +#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname) +#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) +#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) +#: groups.1.xml:40(surname) groupmod.8.xml:41(surname) +#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) +#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) +#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) +#: chage.1.xml:41(surname) msgid "Haugh" msgstr "" @@ -1188,9 +1180,9 @@ msgstr "" #: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) #: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) -#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) -#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) -#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) +#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) +#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) +#: faillog.8.xml:232(title) chpasswd.8.xml:231(title) #: chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "TƄNK Pƅ" @@ -1200,17 +1192,17 @@ msgid "" "You must make certain that the named user is not executing any processes " "when this command is being executed if the user's numerical user ID, the " "user's name, or the user's home directory is being changed. " -"<command>usermod</command> checks this on Linux, but only check if the user " -"is logged in according to utmp on other architectures." +"<command>usermod</command> checks this on Linux. On other platforms it only " +"uses utmp to check if the user is logged in." msgstr "" -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "" "You must change the owner of any <command>crontab</command> files or " "<command>at</command> jobs manually." msgstr "" -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "" @@ -1429,7 +1421,7 @@ msgid "" "algorithm: <placeholder-1/>" msgstr "" -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) #: useradd.8.xml:726(filename) su.1.xml:382(filename) #: pwconv.8.xml:253(filename) passwd.1.xml:423(filename) #: newusers.8.xml:424(filename) login.access.5.xml:124(filename) @@ -1440,7 +1432,7 @@ msgstr "" msgid "/etc/login.defs" msgstr "/etc/login.defs" -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) #: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) #: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) #: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) @@ -1448,31 +1440,31 @@ msgstr "/etc/login.defs" msgid "Shadow password suite configuration." msgstr "" -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) #: useradd.8.xml:714(filename) newusers.8.xml:436(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subgid" msgstr "/etc/suauth" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) #: newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) #: useradd.8.xml:720(filename) newusers.8.xml:442(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subuid" msgstr "/etc/suauth" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) #: newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) #, fuzzy #| msgid "" #| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</" @@ -1708,9 +1700,8 @@ msgstr "lyckad" #: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum) #: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable) #: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum) -#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) -#: chfn.1.xml:61(manvolnum) chage.1.xml:59(manvolnum) -#: chage.1.xml:289(replaceable) +#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum) +#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable) msgid "1" msgstr "1" @@ -2072,7 +2063,7 @@ msgid "" "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: " "<option>-K</option> <replaceable>PASS_MAX_DAYS</" "replaceable>=<replaceable>-1</replaceable> can be used when creating system " -"account to turn off password ageing, even though system account has no " +"account to turn off password aging, even though system account has no " "password at all. Multiple <option>-K</option> options can be specified, e." "g.: <option>-K</option> <replaceable>UID_MIN</" "replaceable>=<replaceable>100</replaceable> <option>-K</option> " @@ -2101,7 +2092,7 @@ msgstr "" #: useradd.8.xml:327(para) msgid "" "By default, the user's entries in the lastlog and faillog databases are " -"resetted to avoid reusing the entry from a previously deleted user." +"reset to avoid reusing the entry from a previously deleted user." msgstr "" #: useradd.8.xml:335(term) @@ -2121,11 +2112,11 @@ msgid "" "is not enabled, no home directories are created." msgstr "" -#: useradd.8.xml:354(option) +#: useradd.8.xml:353(term) #, fuzzy -#| msgid "-" -msgid "-M" -msgstr "-" +#| msgid "<option>-m</option>, <option>--create-home</option>" +msgid "<option>-M</option>, <option>--no-create-home</option>" +msgstr "<option>-m</option>, <option>--create-home</option>" #: useradd.8.xml:357(para) msgid "" @@ -2204,10 +2195,10 @@ msgstr "" #: useradd.8.xml:434(para) msgid "" "Note that <command>useradd</command> will not create a home directory for " -"such an user, regardless of the default setting in <filename>/etc/login." -"defs</filename> (<option>CREATE_HOME</option>). You have to specify the " -"<option>-m</option> options if you want a home directory for a system " -"account to be created." +"such a user, regardless of the default setting in <filename>/etc/login.defs</" +"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-" +"m</option> options if you want a home directory for a system account to be " +"created." msgstr "" #: useradd.8.xml:461(para) @@ -2764,7 +2755,7 @@ msgstr "" #, no-wrap msgid "" "\n" -" 1) the user su is targetting\n" +" 1) the user su is targeting\n" " " msgstr "" @@ -2809,14 +2800,23 @@ msgstr "" "emphasis> fƶljt av en lista med anvƤndarnamn separerade med \",\"" #: suauth.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "from-id is formatted the same as to-id except the extra word " +#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</" +#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> " +#| "appears one or more group names, delimited by \",\". It is not sufficient " +#| "to have primary group id of the relevant group, an entry in " +#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</" +#| "manvolnum></citerefentry> is neccessary." msgid "" "from-id is formatted the same as to-id except the extra word " -"<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</" +"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</" "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> " "appears one or more group names, delimited by \",\". It is not sufficient to " "have primary group id of the relevant group, an entry in " "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</" -"manvolnum></citerefentry> is neccessary." +"manvolnum></citerefentry> is necessary." msgstr "" "frĆ„n-id Ƥr formaterad pĆ„ samma sƤtt som till-id fƶrutom att det extra ordet " "<emphasis>GROUP</emphasis> kƤnns igen. <emphasis>ALL EXCEPT GROUP</emphasis> " @@ -2954,9 +2954,8 @@ msgstr "" "citerefentry>." #: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) -#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) -#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) -#: faillog.5.xml:41(contrib) +#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) +#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib) msgid "Creation, 1989" msgstr "" @@ -3709,7 +3708,7 @@ msgstr "" #: shadow.5.xml:117(para) gshadow.5.xml:107(para) msgid "" -"A password field which starts with a exclamation mark means that the " +"A password field which starts with an exclamation mark means that the " "password is locked. The remaining characters on the line represent the " "password field before the password was locked." msgstr "" @@ -3729,7 +3728,7 @@ msgstr "" #: shadow.5.xml:134(para) msgid "" "The value 0 has a special meaning, which is that the user should change her " -"pasword the next time she will log in the system." +"password the next time she will log in the system." msgstr "" #: shadow.5.xml:139(para) @@ -3843,7 +3842,7 @@ msgstr "" #: shadow.5.xml:229(para) msgid "" "Note that an account expiration differs from a password expiration. In case " -"of an acount expiration, the user shall not be allowed to login. In case of " +"of an account expiration, the user shall not be allowed to login. In case of " "a password expiration, the user is not allowed to login using her password." msgstr "" @@ -4141,18 +4140,15 @@ msgstr "" msgid "pwconv" msgstr "pwconv" -#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) -#: login.defs.5.xml:438(term) +#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term) msgid "pwunconv" msgstr "pwunconv" -#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) -#: login.defs.5.xml:340(term) +#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term) msgid "grpconv" msgstr "grpconv" -#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) -#: login.defs.5.xml:346(term) +#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term) msgid "grpunconv" msgstr "grpunconv" @@ -4324,8 +4320,7 @@ msgstr "validera integriteten fƶr lƶsenordsfiler" #: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) #: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) -#: passwd.1.xml:71(refname) passwd.1.xml:77(command) -#: login.defs.5.xml:409(term) +#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term) msgid "passwd" msgstr "passwd" @@ -4485,7 +4480,7 @@ msgstr "" msgid "" "Note that when <option>USE_TCB</option> is enabled, you cannot specify an " "alternative <replaceable>shadow</replaceable> file. In future releases, this " -"paramater could be replaced by an alternate TCB directory." +"parameter could be replaced by an alternate TCB directory." msgstr "" #: pwck.8.xml:312(para) @@ -4934,7 +4929,7 @@ msgstr "" #: passwd.1.xml:166(para) msgid "" -"You can find advices on how to choose a strong password on http://en." +"You can find advice on how to choose a strong password on http://en." "wikipedia.org/wiki/Password_strength" msgstr "" @@ -5478,7 +5473,7 @@ msgstr "HISTORIK" #: nologin.8.xml:91(para) #, fuzzy #| msgid "The <command>nologin</command> command appeared in BSD 4.4." -msgid "The <command>nologin</command> command appearred in BSD 4.4." +msgid "The <command>nologin</command> command appeared in BSD 4.4." msgstr "Kommandot <command>nologin</command> dƶk upp i BSD 4.4." #: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) @@ -5520,7 +5515,7 @@ msgstr "" #: newusers.8.xml:116(para) msgid "" -"It can be the name of a new user or the name of an existing user (or an user " +"It can be the name of a new user or the name of an existing user (or a user " "created before by <command>newusers</command>). In case of an existing user, " "the user's information will be changed, otherwise a new user will be created." msgstr "" @@ -5549,7 +5544,7 @@ msgstr "" #: newusers.8.xml:144(para) msgid "" -"If the field is empty, an new (unused) UID will be defined automatically by " +"If the field is empty, a new (unused) UID will be defined automatically by " "<command>newusers</command>." msgstr "" @@ -5559,7 +5554,7 @@ msgstr "" #: newusers.8.xml:152(para) msgid "" -"If this field contains the name of an existing user (or the name of an user " +"If this field contains the name of an existing user (or the name of a user " "created before by <command>newusers</command>), the UID of the specified " "user will be used." msgstr "" @@ -6860,7 +6855,9 @@ msgid "D: max data size (KB)" msgstr "D: maximal datastorlek (KB)" #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +#, fuzzy +#| msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "F: maximal filstorlek (KB)" #: limits.5.xml:112(para) @@ -6936,7 +6933,7 @@ msgstr "" #: limits.5.xml:145(para) msgid "" "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of " -"the line is considered a limit string, thus comments are not allowed. A " +"the line is considered a limit string, thus comments are not allowed. An " "invalid limits string will be rejected (not considered) by the " "<command>login</command> program." msgstr "" @@ -6957,13 +6954,13 @@ msgstr "" #: limits.5.xml:165(para) msgid "" -"If more than one line with limits for an user exist, only the first line for " +"If more than one line with limits for a user exist, only the first line for " "this user will be considered." msgstr "" #: limits.5.xml:170(para) msgid "" -"If no lines are specified for an user, the last <replaceable>@group</" +"If no lines are specified for a user, the last <replaceable>@group</" "replaceable> line matching a group whose the user is a member of will be " "considered, or the last line with default limits if no groups contain the " "user." @@ -7041,7 +7038,33 @@ msgid "" "Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>." msgstr "" -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) +#: lastlog.8.xml:107(term) +#, fuzzy +#| msgid "<option>-q</option>, <option>--quiet</option>" +msgid "<option>-C</option>, <option>--clear</option>" +msgstr "<option>-q</option>, <option>--quiet</option>" + +#: lastlog.8.xml:111(para) +#, fuzzy +#| msgid "<option>-m</option>, <option>--create-home</option>" +msgid "" +"Clear lastlog record of a user. This option can be used only together with " +"<option>-u</option> (<option>--user</option>))." +msgstr "<option>-m</option>, <option>--create-home</option>" + +#: lastlog.8.xml:138(term) +#, fuzzy +#| msgid "<option>-r</option>, <option>--reset</option>" +msgid "<option>-S</option>, <option>--set</option>" +msgstr "<option>-r</option>, <option>--reset</option>" + +#: lastlog.8.xml:142(para) +msgid "" +"Set lastlog record of a user to the current time. This option can be used " +"only together with <option>-u</option> (<option>--user</option>))." +msgstr "" + +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) msgid "" "<option>-t</option>, <option>--time</option> <replaceable>DAYS</" "replaceable>" @@ -7049,13 +7072,13 @@ msgstr "" "<option>-t</option>, <option>--time</option> <replaceable>DAGAR</" "replaceable>" -#: lastlog.8.xml:131(para) +#: lastlog.8.xml:153(para) msgid "" "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</" "emphasis>." msgstr "" -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) #, fuzzy #| msgid "" #| "<option>-K</option>, <option>--key</option> <replaceable>KEY</" @@ -7067,11 +7090,11 @@ msgstr "" "<option>-K</option>, <option>--key</option> <replaceable>NYCKEL</" "replaceable>=<replaceable>VƄRDE</replaceable>" -#: lastlog.8.xml:142(para) +#: lastlog.8.xml:164(para) msgid "Print the lastlog record of the specified user(s)." msgstr "" -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "" "The users can be specified by a login name, a numerical user ID, or a " "<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</" @@ -7080,24 +7103,24 @@ msgid "" "UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)." msgstr "" -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "" "If the user has never logged in the message <emphasis>** Never logged in**</" "emphasis> will be displayed instead of the port and time." msgstr "" -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "" "Only the entries for the current users of the system will be displayed. " "Other entries may exist for users that were deleted previously." msgstr "" -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) #: chage.1.xml:231(title) msgid "NOTE" msgstr "NOTERA" -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "" "The <filename>lastlog</filename> file is a database which contains info on " "the last login of each user. You should not rotate it. It is a sparse file, " @@ -7107,15 +7130,15 @@ msgid "" "its real size with \"<command>ls -s</command>\"." msgstr "" -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "/var/log/lastlog" -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "Databastider fƶr tidigare anvƤndarinloggningar." -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "" "Large gaps in UID numbers will cause the lastlog program to run longer with " "no output to the screen (i.e. if in lastlog database there is no entries for " @@ -7179,7 +7202,7 @@ msgstr "" #| "modified using the <citerefentry><refentrytitle>chfn</" #| "refentrytitle><manvolnum>1</manvolnum></citerefentry> utility." msgid "" -"The password is used when an user who is not a member of the group wants to " +"The password is used when a user who is not a member of the group wants to " "gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</" "refentrytitle><manvolnum>1</manvolnum></citerefentry>)." msgstr "" @@ -7683,7 +7706,7 @@ msgstr "" #: groupmems.8.xml:109(para) #, fuzzy #| msgid "Add a new user to the group membership list." -msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "LƤgg till en ny anvƤndare till gruppens medlemslista." #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) @@ -8682,7 +8705,7 @@ msgstr "" msgid "" "The default encryption algorithm can be defined for the system with the " "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables " -"of <filename>/etc/login.defs</filename>, and can be overwitten with the " +"of <filename>/etc/login.defs</filename>, and can be overwritten with the " "<option>-e</option>, <option>-m</option>, or <option>-c</option> options." msgstr "" @@ -8697,7 +8720,7 @@ msgstr "" msgid "" "<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</" "phrase><command>chpasswd</command> first updates all the passwords in " -"memory, and then commits all the changes to disk if no errors occured for " +"memory, and then commits all the changes to disk if no errors occurred for " "any user." msgstr "" @@ -8861,7 +8884,7 @@ msgstr "" msgid "" "The default encryption algorithm can be defined for the system with the " "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</" -"filename>, and can be overwiten with the <option>-e</option>, <option>-m</" +"filename>, and can be overwritten with the <option>-e</option>, <option>-m</" "option>, or <option>-c</option> options." msgstr "" @@ -9207,6 +9230,11 @@ msgstr "" msgid "translator-credits" msgstr "Daniel Nylander <po@danielnylander.se>, 2006." +#, fuzzy +#~| msgid "-" +#~ msgid "-M" +#~ msgstr "-" + #~ msgid "" #~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</" #~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</" diff --git a/man/po/zh_CN.po b/man/po/zh_CN.po index 066c2052..fee9869a 100644 --- a/man/po/zh_CN.po +++ b/man/po/zh_CN.po @@ -4,7 +4,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow-man-pages VERSION\n" -"POT-Creation-Date: 2014-05-09 12:53+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2013-08-23 01:42+0200\n" "Last-Translator: YunQiang Su <wzssyqa@gmail.com>\n" "Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n" @@ -53,16 +53,15 @@ msgstr "" #: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) #: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) #: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) -#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) -#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname) -#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) -#: login.access.5.xml:46(surname) login.1.xml:78(surname) -#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) -#: groups.1.xml:45(surname) groupmod.8.xml:46(surname) +#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) +#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) +#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname) +#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) +#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) #: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) #: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) -#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) -#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) +#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) +#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) #: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname) msgid "Kłoczko" msgstr "" @@ -87,17 +86,16 @@ msgstr "" #: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) #: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) #: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) -#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) -#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) -#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) -#: login.access.5.xml:48(contrib) login.1.xml:80(contrib) -#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) -#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) +#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) +#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) +#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) +#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) +#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) #: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) #: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) -#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) -#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) -#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib) +#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) +#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) +#: chage.1.xml:48(contrib) msgid "shadow-utils maintainer, 2000 - 2007" msgstr "" @@ -131,14 +129,13 @@ msgstr "" #: newusers.8.xml:66(surname) newgrp.1.xml:52(surname) #: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) #: login.access.5.xml:52(surname) login.1.xml:84(surname) -#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) -#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) -#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) -#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) -#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) -#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) -#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) -#: chfn.1.xml:54(surname) chage.1.xml:52(surname) +#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) +#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) +#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) +#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) +#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) +#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) +#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname) msgid "FranƧois" msgstr "" @@ -167,14 +164,13 @@ msgstr "" #: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) #: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) #: login.access.5.xml:54(contrib) login.1.xml:86(contrib) -#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) -#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) -#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) -#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) -#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) -#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) -#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) -#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib) +#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) +#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) +#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) +#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) +#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) +#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) +#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib) msgid "shadow-utils maintainer, 2007 - now" msgstr "" @@ -245,14 +241,13 @@ msgstr "ē¼–č¾‘åƆē ć€ē»„ć€å½±å­åƆē ęˆ–影子ē»„ꖇ件怂" #: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) #: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) #: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) -#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) -#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) -#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) -#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) -#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) -#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) -#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) -#: chage.1.xml:72(replaceable) +#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) +#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) +#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) +#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) +#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) +#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) +#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable) msgid "options" msgstr "选锹" @@ -299,11 +294,10 @@ msgstr "" #: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) #: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) #: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) -#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) -#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) -#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) -#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) -#: chage.1.xml:91(title) +#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) +#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) +#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) +#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title) msgid "OPTIONS" msgstr "选锹" @@ -324,7 +318,7 @@ msgstr "ē¼–č¾‘ group ę•°ę®åŗ“怂" #: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) #: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) -#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term) +#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) #: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) #: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) #: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) @@ -334,7 +328,7 @@ msgstr "<option>-h</option>, <option>--help</option>" #: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) #: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) -#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para) +#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) #: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) #: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) #: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) @@ -360,7 +354,7 @@ msgstr "安静ęØ”å¼ć€‚" #: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) #: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) -#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term) +#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) #: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) #: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) #: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) @@ -374,7 +368,7 @@ msgstr "" #: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) #: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) -#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para) +#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) #: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) #: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) #: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) @@ -407,18 +401,18 @@ msgstr "<option>-u</option>, <option>--user</option>" msgid "Indicates which user's tcb shadow file to edit." msgstr "ęŒ‡å®šč¦ē¼–č¾‘å“ŖäøŖē”Øꈷēš„ tcb å½±å­ę–‡ä»¶ć€‚" -#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title) +#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) #: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) #: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) #: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) #: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) -#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) -#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) -#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title) +#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) +#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) +#: chfn.1.xml:193(title) chage.1.xml:244(title) msgid "CONFIGURATION" msgstr "配ē½®ę–‡ä»¶" -#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para) +#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) #: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) #: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) #: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) @@ -471,37 +465,35 @@ msgstr "EDITOR" msgid "Editor to be used if <option>VISUAL</option> is not set." msgstr "<option>VISUAL</option> ę²”ęœ‰č®¾ē½®ēš„ęƒ…å†µäø‹ļ¼Œä½æē”Øēš„ē¼–č¾‘å™Ø怂" -#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title) +#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) #: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) #: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) #: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) #: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) #: newgrp.1.xml:121(title) logoutd.8.xml:89(title) -#: login.access.5.xml:121(title) login.1.xml:338(title) -#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title) -#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) -#: groupmems.8.xml:211(title) groupdel.8.xml:140(title) -#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) -#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) -#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) -#: chage.1.xml:256(title) +#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) +#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) +#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) +#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) +#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) +#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) +#: chfn.1.xml:207(title) chage.1.xml:256(title) msgid "FILES" msgstr "ꖇ件" -#: vipw.8.xml:198(filename) usermod.8.xml:517(filename) +#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) #: userdel.8.xml:191(filename) useradd.8.xml:690(filename) -#: sg.1.xml:125(filename) pwck.8.xml:272(filename) -#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename) -#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename) -#: groups.1.xml:103(filename) groupmod.8.xml:208(filename) -#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) -#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) -#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) -#: chgpasswd.8.xml:216(filename) +#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) +#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) +#: grpck.8.xml:224(filename) groups.1.xml:103(filename) +#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) +#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) +#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) +#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename) msgid "/etc/group" msgstr "/etc/group" -#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para) +#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) #: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) #: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) #: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) @@ -510,7 +502,7 @@ msgstr "/etc/group" msgid "Group account information." msgstr "ē»„č“¦ęˆ·äæ”ęÆ怂" -#: vipw.8.xml:204(filename) usermod.8.xml:523(filename) +#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) #: useradd.8.xml:696(filename) sg.1.xml:131(filename) #: newusers.8.xml:418(filename) newgrp.1.xml:142(filename) #: gshadow.5.xml:165(filename) grpck.8.xml:230(filename) @@ -521,7 +513,7 @@ msgstr "ē»„č“¦ęˆ·äæ”ęÆ怂" msgid "/etc/gshadow" msgstr "/etc/gshadow" -#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para) +#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) #: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) #: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) #: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) @@ -529,7 +521,7 @@ msgstr "/etc/gshadow" msgid "Secure group account information." msgstr "安å…Øē»„č“¦ęˆ·äæ”ęÆ怂" -#: vipw.8.xml:210(filename) usermod.8.xml:535(filename) +#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) #: userdel.8.xml:203(filename) useradd.8.xml:678(filename) #: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) #: pwck.8.xml:278(filename) passwd.5.xml:144(filename) @@ -542,7 +534,7 @@ msgstr "安å…Øē»„č“¦ęˆ·äæ”ęÆ怂" msgid "/etc/passwd" msgstr "/etc/passwd" -#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para) +#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) #: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) #: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) #: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) @@ -552,7 +544,7 @@ msgstr "/etc/passwd" msgid "User account information." msgstr "ē”Øꈷ蓦ꈷäæ”ęÆ怂" -#: vipw.8.xml:216(filename) usermod.8.xml:541(filename) +#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) #: userdel.8.xml:209(filename) useradd.8.xml:684(filename) #: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) #: shadow.3.xml:229(filename) pwck.8.xml:284(filename) @@ -563,7 +555,7 @@ msgstr "ē”Øꈷ蓦ꈷäæ”ęÆ怂" msgid "/etc/shadow" msgstr "/etc/shadow" -#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para) +#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) #: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) #: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) #: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) @@ -572,7 +564,7 @@ msgstr "/etc/shadow" msgid "Secure user account information." msgstr "安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂" -#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title) +#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) #: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) #: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) #: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) @@ -635,15 +627,15 @@ msgstr "" #: usermod.8.xml:46(surname) userdel.8.xml:46(surname) #: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) #: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) -#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) -#: passwd.1.xml:47(surname) newusers.8.xml:55(surname) -#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) -#: login.defs.5.xml:105(surname) login.1.xml:73(surname) -#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) -#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) -#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname) -#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) -#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname) +#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) +#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname) +#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) +#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) +#: groups.1.xml:40(surname) groupmod.8.xml:41(surname) +#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) +#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) +#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) +#: chage.1.xml:41(surname) msgid "Haugh" msgstr "" @@ -1186,26 +1178,33 @@ msgstr "" #: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) #: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) -#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title) -#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) -#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) +#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) +#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) +#: faillog.8.xml:232(title) chpasswd.8.xml:231(title) #: chgpasswd.8.xml:186(title) msgid "CAVEATS" msgstr "CAVEATS" #: usermod.8.xml:479(para) +#, fuzzy +#| msgid "" +#| "You must make certain that the named user is not executing any processes " +#| "when this command is being executed if the user's numerical user ID, the " +#| "user's name, or the user's home directory is being changed. " +#| "<command>usermod</command> checks this on Linux, but only check if the " +#| "user is logged in according to utmp on other architectures." msgid "" "You must make certain that the named user is not executing any processes " "when this command is being executed if the user's numerical user ID, the " "user's name, or the user's home directory is being changed. " -"<command>usermod</command> checks this on Linux, but only check if the user " -"is logged in according to utmp on other architectures." +"<command>usermod</command> checks this on Linux. On other platforms it only " +"uses utmp to check if the user is logged in." msgstr "" "å¦‚ęžœč¦ę›“ę”¹ē”Øꈷēš„ę•°å­— ID态ē”Øęˆ·åęˆ–äø»ē›®å½•ļ¼Œéœ€č¦ē”®äæå…č®øå‘½ä»¤ę—¶ļ¼Œē”Øęˆ·ę²”ęœ‰ę‰§č”Œä»»ä½•" "čæ›ēØ‹ć€‚<command>usermod</command> 会åœØ Linux äøŠčæ›č”Œę£€ęŸ„ļ¼›ä½†ę˜ÆåœØ其它平台äøŠļ¼Œä»…" "ä»…ę ¹ę® utmp ę£€ęŸ„ē”Øꈷę˜Æ否已ē»ē™»å½•ć€‚" -#: usermod.8.xml:487(para) +#: usermod.8.xml:486(para) msgid "" "You must change the owner of any <command>crontab</command> files or " "<command>at</command> jobs manually." @@ -1213,7 +1212,7 @@ msgstr "" "ę‚Øåæ…锻ꉋåŠØę›“ę”¹ <command>crontab</command> ę–‡ä»¶ęˆ– <command>at</command> 作äøšēš„" "属äø»ć€‚" -#: usermod.8.xml:491(para) +#: usermod.8.xml:490(para) msgid "You must make any changes involving NIS on the NIS server." msgstr "ę‚Øåæ…é”»ę›“ę”¹ NIS ęœåŠ”å™ØäøŠēš„ NIS ē›øå…³å†…å®¹ć€‚" @@ -1473,7 +1472,7 @@ msgstr "" "å¦‚ęžœę˜Æ <replaceable>yes</replaceable>ļ¼Œč¦åˆ›å»ŗē”Øꈷ tcb ē›®å½•äøä¼šč‡ŖåŠØč®¾ē½®äøŗ /" "etc/tcb/userļ¼Œä½†ę˜Æä¼šę ¹ę®ē”Øꈷēš„ UID č®”ē®—ļ¼Œę ¹ę®ēš„ē®—ę³•å¦‚äø‹ļ¼š<placeholder-1/>" -#: usermod.8.xml:529(filename) userdel.8.xml:197(filename) +#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) #: useradd.8.xml:726(filename) su.1.xml:382(filename) #: pwconv.8.xml:253(filename) passwd.1.xml:423(filename) #: newusers.8.xml:424(filename) login.access.5.xml:124(filename) @@ -1484,7 +1483,7 @@ msgstr "" msgid "/etc/login.defs" msgstr "/etc/login.defs" -#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para) +#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) #: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) #: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) #: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) @@ -1492,31 +1491,31 @@ msgstr "/etc/login.defs" msgid "Shadow password suite configuration." msgstr "Shadow åƆē å„—件配ē½®ć€‚" -#: usermod.8.xml:547(filename) userdel.8.xml:215(filename) +#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) #: useradd.8.xml:714(filename) newusers.8.xml:436(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subgid" msgstr "/etc/suauth" -#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para) +#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) #: newusers.8.xml:438(para) msgid "Per user subordinate group IDs." msgstr "" -#: usermod.8.xml:553(filename) userdel.8.xml:221(filename) +#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) #: useradd.8.xml:720(filename) newusers.8.xml:442(filename) #, fuzzy #| msgid "/etc/suauth" msgid "/etc/subuid" msgstr "/etc/suauth" -#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para) +#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) #: newusers.8.xml:444(para) msgid "Per user subordinate user IDs." msgstr "" -#: usermod.8.xml:563(para) +#: usermod.8.xml:562(para) #, fuzzy #| msgid "" #| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</" @@ -1786,9 +1785,8 @@ msgstr "ęˆåŠŸ" #: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum) #: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable) #: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum) -#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) -#: chfn.1.xml:61(manvolnum) chage.1.xml:59(manvolnum) -#: chage.1.xml:289(replaceable) +#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum) +#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable) msgid "1" msgstr "1" @@ -2169,13 +2167,25 @@ msgstr "" "replaceable>=<replaceable>VALUE</replaceable>" #: useradd.8.xml:301(para) +#, fuzzy +#| msgid "" +#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</" +#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, " +#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: " +#| "<option>-K</option> <replaceable>PASS_MAX_DAYS</" +#| "replaceable>=<replaceable>-1</replaceable> can be used when creating " +#| "system account to turn off password ageing, even though system account " +#| "has no password at all. Multiple <option>-K</option> options can be " +#| "specified, e.g.: <option>-K</option> <replaceable>UID_MIN</" +#| "replaceable>=<replaceable>100</replaceable> <option>-K</option> " +#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>" msgid "" "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</" "option>, <option>UID_MAX</option>, <option>UMASK</option>, " "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: " "<option>-K</option> <replaceable>PASS_MAX_DAYS</" "replaceable>=<replaceable>-1</replaceable> can be used when creating system " -"account to turn off password ageing, even though system account has no " +"account to turn off password aging, even though system account has no " "password at all. Multiple <option>-K</option> options can be specified, e." "g.: <option>-K</option> <replaceable>UID_MIN</" "replaceable>=<replaceable>100</replaceable> <option>-K</option> " @@ -2199,9 +2209,13 @@ msgid "Do not add the user to the lastlog and faillog databases." msgstr "äøč¦å°†ē”Øęˆ·ę·»åŠ åˆ°ęœ€čæ‘ē™»å½•å’Œē™»å½•å¤±č“„ę•°ę®åŗ“怂" #: useradd.8.xml:327(para) +#, fuzzy +#| msgid "" +#| "By default, the user's entries in the lastlog and faillog databases are " +#| "resetted to avoid reusing the entry from a previously deleted user." msgid "" "By default, the user's entries in the lastlog and faillog databases are " -"resetted to avoid reusing the entry from a previously deleted user." +"reset to avoid reusing the entry from a previously deleted user." msgstr "" "默认äøŠļ¼Œęœ€čæ‘ē™»å½•å’Œē™»å½•å¤±č“„äø­ē”Øꈷēš„ę”ē›®ä¼šč¢«é‡ē½®ļ¼Œä»„éæå…é‡ę–°ä½æē”Ø先前删除ēš„ē”Øꈷ" "ēš„ę”ē›®ć€‚" @@ -2227,9 +2241,11 @@ msgstr "" "默认äøŠļ¼Œå¦‚ęžœę²”ęœ‰ęŒ‡å®šę­¤é€‰é”¹å¹¶äø” <option>CREATE_HOME</option> ę²”ęœ‰åÆē”Øļ¼Œäøä¼šåˆ›" "å»ŗäø»ē›®å½•ć€‚" -#: useradd.8.xml:354(option) -msgid "-M" -msgstr "-M" +#: useradd.8.xml:353(term) +#, fuzzy +#| msgid "<option>-m</option>, <option>--create-home</option>" +msgid "<option>-M</option>, <option>--no-create-home</option>" +msgstr "<option>-m</option>, <option>--create-home</option>" #: useradd.8.xml:357(para) msgid "" @@ -2308,12 +2324,19 @@ msgstr "" "option> counterparts for the creation of groups)怂" #: useradd.8.xml:434(para) +#, fuzzy +#| msgid "" +#| "Note that <command>useradd</command> will not create a home directory for " +#| "such an user, regardless of the default setting in <filename>/etc/login." +#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the " +#| "<option>-m</option> options if you want a home directory for a system " +#| "account to be created." msgid "" "Note that <command>useradd</command> will not create a home directory for " -"such an user, regardless of the default setting in <filename>/etc/login." -"defs</filename> (<option>CREATE_HOME</option>). You have to specify the " -"<option>-m</option> options if you want a home directory for a system " -"account to be created." +"such a user, regardless of the default setting in <filename>/etc/login.defs</" +"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-" +"m</option> options if you want a home directory for a system account to be " +"created." msgstr "" "ę³Øꄏļ¼š<command>useradd</command> äøä¼šäøŗčæ™ē§ē”Øęˆ·åˆ›å»ŗäø»ē›®å½•ļ¼Œę— č®ŗ <filename>/" "etc/login.defs</filename> (<option>CREATE_HOME</option>) äø­ę˜Æēš„é»˜č®¤č®¾ē½®ę˜Æꀎ" @@ -2895,10 +2918,14 @@ msgstr "" #. .RS #: suauth.5.xml:83(literallayout) -#, no-wrap +#, fuzzy, no-wrap +#| msgid "" +#| "\n" +#| " 1) the user su is targetting\n" +#| " " msgid "" "\n" -" 1) the user su is targetting\n" +" 1) the user su is targeting\n" " " msgstr "" "\n" @@ -2938,14 +2965,23 @@ msgstr "" "<emphasis>ALL EXCEPT</emphasis> åŽč·Ÿé€—å·åˆ†éš”ēš„ē”Øęˆ·ååˆ—č”Ø怂" #: suauth.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "from-id is formatted the same as to-id except the extra word " +#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</" +#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> " +#| "appears one or more group names, delimited by \",\". It is not sufficient " +#| "to have primary group id of the relevant group, an entry in " +#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</" +#| "manvolnum></citerefentry> is neccessary." msgid "" "from-id is formatted the same as to-id except the extra word " -"<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</" +"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</" "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> " "appears one or more group names, delimited by \",\". It is not sufficient to " "have primary group id of the relevant group, an entry in " "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</" -"manvolnum></citerefentry> is neccessary." +"manvolnum></citerefentry> is necessary." msgstr "" "from-id ę ¼å¼å’Œ to-id ē›ø同ļ¼Œä½†ę˜ÆåÆ仄多čƆ别äø€äøŖčƍ <emphasis>GROUP</emphasis>怂" "<emphasis>ALL EXCEPT GROUP</emphasis> 也ę˜Æ꜉ꕈēš„怂<emphasis>GROUP</emphasis> " @@ -3082,9 +3118,8 @@ msgstr "" "citerefentry>." #: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) -#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) -#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) -#: faillog.5.xml:41(contrib) +#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) +#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib) msgid "Creation, 1989" msgstr "" @@ -3867,8 +3902,13 @@ msgstr "" "ę­¢ä»»ä½•č®æ问怂" #: shadow.5.xml:117(para) gshadow.5.xml:107(para) +#, fuzzy +#| msgid "" +#| "A password field which starts with a exclamation mark means that the " +#| "password is locked. The remaining characters on the line represent the " +#| "password field before the password was locked." msgid "" -"A password field which starts with a exclamation mark means that the " +"A password field which starts with an exclamation mark means that the " "password is locked. The remaining characters on the line represent the " "password field before the password was locked." msgstr "" @@ -3885,9 +3925,13 @@ msgid "" msgstr "꜀čæ‘äø€ę¬”ę›“ę”¹åƆē ēš„ꗶ闓ļ¼Œč”Øē¤ŗ从1970幓1꜈1ę—„å¼€å§‹ēš„å¤©ę•°ć€‚" #: shadow.5.xml:134(para) +#, fuzzy +#| msgid "" +#| "The value 0 has a special meaning, which is that the user should change " +#| "her pasword the next time she will log in the system." msgid "" "The value 0 has a special meaning, which is that the user should change her " -"pasword the next time she will log in the system." +"password the next time she will log in the system." msgstr "0 ꜉ē‰¹ę®Šę„ę€ļ¼Œč”Øē¤ŗē”Øꈷåŗ”čÆ„åœØäø‹ę¬”ē™»å½•ē³»ē»Ÿę—¶ę›“ę”¹åƆē ć€‚" #: shadow.5.xml:139(para) @@ -3992,9 +4036,15 @@ msgid "" msgstr "蓦ꈷčæ‡ęœŸēš„ę—„ꜟļ¼Œč”Øē¤ŗ从1970幓1꜈1ę—„å¼€å§‹ēš„å¤©ę•°ć€‚" #: shadow.5.xml:229(para) +#, fuzzy +#| msgid "" +#| "Note that an account expiration differs from a password expiration. In " +#| "case of an acount expiration, the user shall not be allowed to login. In " +#| "case of a password expiration, the user is not allowed to login using her " +#| "password." msgid "" "Note that an account expiration differs from a password expiration. In case " -"of an acount expiration, the user shall not be allowed to login. In case of " +"of an account expiration, the user shall not be allowed to login. In case of " "a password expiration, the user is not allowed to login using her password." msgstr "" "ę³Øꄏļ¼Œč“¦ęˆ·čæ‡ęœŸäøåŒäŗŽåƆē čæ‡ęœŸć€‚č“¦ęˆ·čæ‡ęœŸę—¶ļ¼Œē”Øęˆ·å°†äøč¢«å…č®øē™»å½•ļ¼›åƆē čæ‡ęœŸę—¶ļ¼Œē”Ø" @@ -4298,18 +4348,15 @@ msgstr "" msgid "pwconv" msgstr "pwconv" -#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) -#: login.defs.5.xml:438(term) +#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term) msgid "pwunconv" msgstr "pwunconv" -#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) -#: login.defs.5.xml:340(term) +#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term) msgid "grpconv" msgstr "grpconv" -#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) -#: login.defs.5.xml:346(term) +#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term) msgid "grpunconv" msgstr "grpunconv" @@ -4511,8 +4558,7 @@ msgstr "ę£€ęŸ„åƆē ę–‡ä»¶ēš„å®Œę•“ꀧ" #: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) #: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) -#: passwd.1.xml:71(refname) passwd.1.xml:77(command) -#: login.defs.5.xml:409(term) +#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term) msgid "passwd" msgstr "passwd" @@ -4668,10 +4714,15 @@ msgstr "" "选ꋩę›æä»£ę–‡ä»¶ć€‚" #: pwck.8.xml:243(para) +#, fuzzy +#| msgid "" +#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an " +#| "alternative <replaceable>shadow</replaceable> file. In future releases, " +#| "this paramater could be replaced by an alternate TCB directory." msgid "" "Note that when <option>USE_TCB</option> is enabled, you cannot specify an " "alternative <replaceable>shadow</replaceable> file. In future releases, this " -"paramater could be replaced by an alternate TCB directory." +"parameter could be replaced by an alternate TCB directory." msgstr "" "ę³Øꄏļ¼Œ<option>USE_TCB</option> åÆē”Øę—¶ļ¼Œę‚Øäøčƒ½ęŒ‡å®šå¦å¤–ēš„ <replaceable>shadow</" "replaceable>ć€‚ä»„åŽēš„ē‰ˆęœ¬äø­ļ¼Œę­¤å‚ę•°åÆčƒ½ä¼šč¢«ę›æę¢ęˆäø€äøŖ另外ēš„ TCB ē›®å½•ć€‚" @@ -5086,8 +5137,12 @@ msgstr "" "ęˆ–č€…č”—é“å·ć€‚ę‰€ęœ‰čæ™äŗ›åÆ仄ē”ØäŗŽēŒœęµ‹ę„ęŸå®³ē³»ē»Ÿå®‰å…Ø怂" #: passwd.1.xml:166(para) +#, fuzzy +#| msgid "" +#| "You can find advices on how to choose a strong password on http://en." +#| "wikipedia.org/wiki/Password_strength" msgid "" -"You can find advices on how to choose a strong password on http://en." +"You can find advice on how to choose a strong password on http://en." "wikipedia.org/wiki/Password_strength" msgstr "" "ę‚ØåÆ仄åœØåœØ http://zh.wikipedia.org/zh-cn/åƆē å¼ŗåŗ¦ ę‰¾åˆ°ę€Žę ·é€‰ę‹©å¼ŗ壮åƆē ēš„å»ŗ" @@ -5588,7 +5643,9 @@ msgid "HISTORY" msgstr "历史" #: nologin.8.xml:91(para) -msgid "The <command>nologin</command> command appearred in BSD 4.4." +#, fuzzy +#| msgid "The <command>nologin</command> command appearred in BSD 4.4." +msgid "The <command>nologin</command> command appeared in BSD 4.4." msgstr "<command>nologin</command> 首ꬔå‡ŗēŽ°äŗŽ BSD 4.4怂" #: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) @@ -5639,8 +5696,14 @@ msgid "This is the name of the user." msgstr "čæ™ę˜Æē”Øꈷēš„ē”Øęˆ·åć€‚" #: newusers.8.xml:116(para) +#, fuzzy +#| msgid "" +#| "It can be the name of a new user or the name of an existing user (or an " +#| "user created before by <command>newusers</command>). In case of an " +#| "existing user, the user's information will be changed, otherwise a new " +#| "user will be created." msgid "" -"It can be the name of a new user or the name of an existing user (or an user " +"It can be the name of a new user or the name of an existing user (or a user " "created before by <command>newusers</command>). In case of an existing user, " "the user's information will be changed, otherwise a new user will be created." msgstr "" @@ -5666,8 +5729,12 @@ msgid "This field is used to define the UID of the user." msgstr "ę­¤å­—ę®µē”ØäŗŽå®šä¹‰ē”Øꈷēš„ UID怂" #: newusers.8.xml:144(para) +#, fuzzy +#| msgid "" +#| "If the field is empty, an new (unused) UID will be defined automatically " +#| "by <command>newusers</command>." msgid "" -"If the field is empty, an new (unused) UID will be defined automatically by " +"If the field is empty, a new (unused) UID will be defined automatically by " "<command>newusers</command>." msgstr "" "å¦‚ęžœę­¤å­—ę®µäøŗē©ŗļ¼Œ<command>newusers</command> 会č‡ŖåŠØē”®å®šäø€äøŖꖰēš„(ęœŖä½æē”Øēš„)UID怂" @@ -5677,8 +5744,13 @@ msgid "If this field contains a number, this number will be used as the UID." msgstr "å¦‚ęžœę­¤å­—ę®µåŒ…å«äø€äøŖę•°å­—ļ¼Œę­¤ę•°å­—会ē”ØäŗŽ UID怂" #: newusers.8.xml:152(para) +#, fuzzy +#| msgid "" +#| "If this field contains the name of an existing user (or the name of an " +#| "user created before by <command>newusers</command>), the UID of the " +#| "specified user will be used." msgid "" -"If this field contains the name of an existing user (or the name of an user " +"If this field contains the name of an existing user (or the name of a user " "created before by <command>newusers</command>), the UID of the specified " "user will be used." msgstr "" @@ -7012,7 +7084,9 @@ msgid "D: max data size (KB)" msgstr "Dļ¼šęœ€å¤§ę•°ę®å¤§å° (KB)" #: limits.5.xml:111(para) -msgid "F: maximum filesize (KB)" +#, fuzzy +#| msgid "F: maximum filesize (KB)" +msgid "F: maximum file size (KB)" msgstr "Fļ¼šęœ€å¤§ę–‡ä»¶å°ŗåÆø (KB)" #: limits.5.xml:112(para) @@ -7092,7 +7166,7 @@ msgstr "" #: limits.5.xml:145(para) msgid "" "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of " -"the line is considered a limit string, thus comments are not allowed. A " +"the line is considered a limit string, thus comments are not allowed. An " "invalid limits string will be rejected (not considered) by the " "<command>login</command> program." msgstr "" @@ -7113,13 +7187,13 @@ msgstr "" #: limits.5.xml:165(para) msgid "" -"If more than one line with limits for an user exist, only the first line for " +"If more than one line with limits for a user exist, only the first line for " "this user will be considered." msgstr "" #: limits.5.xml:170(para) msgid "" -"If no lines are specified for an user, the last <replaceable>@group</" +"If no lines are specified for a user, the last <replaceable>@group</" "replaceable> line matching a group whose the user is a member of will be " "considered, or the last line with default limits if no groups contain the " "user." @@ -7197,7 +7271,37 @@ msgid "" "Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>." msgstr "åŖę˜¾ē¤ŗ老äŗŽ <emphasis remap=\"I\">DAYS</emphasis> ēš„ęœ€čæ‘ē™»å½•č®°å½•ć€‚" -#: lastlog.8.xml:127(term) faillog.8.xml:192(term) +#: lastlog.8.xml:107(term) +#, fuzzy +#| msgid "<option>-u</option>, <option>--user</option>" +msgid "<option>-C</option>, <option>--clear</option>" +msgstr "<option>-u</option>, <option>--user</option>" + +#: lastlog.8.xml:111(para) +#, fuzzy +#| msgid "" +#| "This option is only valid in combination with the <option>-d</option> (or " +#| "<option>--home</option>) option." +msgid "" +"Clear lastlog record of a user. This option can be used only together with " +"<option>-u</option> (<option>--user</option>))." +msgstr "" +"čæ™äøŖ选锹åŖęœ‰å’Œ <option>-d</option> (ꈖ <option>--home</option>) 选锹ē»„合ä½æē”Ø" +"ę—¶ę‰ęœ‰ę•ˆć€‚" + +#: lastlog.8.xml:138(term) +#, fuzzy +#| msgid "<option>-r</option>, <option>--reset</option>" +msgid "<option>-S</option>, <option>--set</option>" +msgstr "<option>-r</option>, <option>--reset</option>" + +#: lastlog.8.xml:142(para) +msgid "" +"Set lastlog record of a user to the current time. This option can be used " +"only together with <option>-u</option> (<option>--user</option>))." +msgstr "" + +#: lastlog.8.xml:149(term) faillog.8.xml:192(term) msgid "" "<option>-t</option>, <option>--time</option> <replaceable>DAYS</" "replaceable>" @@ -7205,13 +7309,13 @@ msgstr "" "<option>-t</option>, <option>--time</option> <replaceable>DAYS</" "replaceable>" -#: lastlog.8.xml:131(para) +#: lastlog.8.xml:153(para) msgid "" "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</" "emphasis>." msgstr "åŖēŽ°å®žę–°äŗŽ <emphasis remap=\"I\">DAYS</emphasis> ēš„ęœ€čæ‘ē™»å½•č®°å½•ć€‚" -#: lastlog.8.xml:138(term) faillog.8.xml:202(term) +#: lastlog.8.xml:160(term) faillog.8.xml:202(term) msgid "" "<option>-u</option>, <option>--user</option> <replaceable>LOGIN</" "replaceable>|<replaceable>RANGE</replaceable>" @@ -7219,11 +7323,11 @@ msgstr "" "<option>-u</option>, <option>--user</option> <replaceable>LOGIN</" "replaceable>|<replaceable>RANGE</replaceable>" -#: lastlog.8.xml:142(para) +#: lastlog.8.xml:164(para) msgid "Print the lastlog record of the specified user(s)." msgstr "ēŽ°å®žęŒ‡å®šē”Øꈷēš„ęœ€čæ‘ē™»å½•č®°å½•ć€‚" -#: lastlog.8.xml:145(para) faillog.8.xml:211(para) +#: lastlog.8.xml:167(para) faillog.8.xml:211(para) msgid "" "The users can be specified by a login name, a numerical user ID, or a " "<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</" @@ -7232,7 +7336,7 @@ msgid "" "UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)." msgstr "" -#: lastlog.8.xml:157(para) +#: lastlog.8.xml:179(para) msgid "" "If the user has never logged in the message <emphasis>** Never logged in**</" "emphasis> will be displayed instead of the port and time." @@ -7240,18 +7344,18 @@ msgstr "" "å¦‚ęžœē”Øęˆ·ä»Žę„ę²”ęœ‰ē™»å½•čæ‡ļ¼Œå°†ä¼šę˜¾ē¤ŗ <emphasis>** 从ęœŖē™»å½• **</emphasis> 而äøę˜Æē«Æ" "å£å’Œę—¶é—“ć€‚" -#: lastlog.8.xml:162(para) +#: lastlog.8.xml:184(para) msgid "" "Only the entries for the current users of the system will be displayed. " "Other entries may exist for users that were deleted previously." msgstr "" -#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title) +#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) #: chage.1.xml:231(title) msgid "NOTE" msgstr "ę³Øꄏ" -#: lastlog.8.xml:171(para) +#: lastlog.8.xml:193(para) msgid "" "The <filename>lastlog</filename> file is a database which contains info on " "the last login of each user. You should not rotate it. It is a sparse file, " @@ -7261,15 +7365,15 @@ msgid "" "its real size with \"<command>ls -s</command>\"." msgstr "" -#: lastlog.8.xml:185(filename) +#: lastlog.8.xml:207(filename) msgid "/var/log/lastlog" msgstr "/var/log/lastlog" -#: lastlog.8.xml:187(para) +#: lastlog.8.xml:209(para) msgid "Database times of previous user logins." msgstr "" -#: lastlog.8.xml:195(para) +#: lastlog.8.xml:217(para) msgid "" "Large gaps in UID numbers will cause the lastlog program to run longer with " "no output to the screen (i.e. if in lastlog database there is no entries for " @@ -7316,8 +7420,14 @@ msgid "" msgstr "" #: gshadow.5.xml:97(para) +#, fuzzy +#| msgid "" +#| "The password is used when an user who is not a member of the group wants " +#| "to gain the permissions of this group (see " +#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</" +#| "manvolnum></citerefentry>)." msgid "" -"The password is used when an user who is not a member of the group wants to " +"The password is used when a user who is not a member of the group wants to " "gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</" "refentrytitle><manvolnum>1</manvolnum></citerefentry>)." msgstr "" @@ -7783,7 +7893,9 @@ msgstr "" "replaceable>" #: groupmems.8.xml:109(para) -msgid "Add an user to the group membership list." +#, fuzzy +#| msgid "Add an user to the group membership list." +msgid "Add a user to the group membership list." msgstr "将äø€äøŖē”Øęˆ·ę·»åŠ åˆ°ē»„ęˆå‘˜åˆ—č”Ø怂" #: groupmems.8.xml:110(para) groupmems.8.xml:126(para) @@ -8666,12 +8778,21 @@ msgstr "" "龄äæ”ęÆļ¼Œä¹Ÿä¼šę›“ę–°ä¹‹ć€‚" #: chpasswd.8.xml:97(para) +#, fuzzy +#| msgid "" +#| "The default encryption algorithm can be defined for the system with the " +#| "ENCRYPT_METHOD variable of <filename>/etc/login.defs</filename>, and can " +#| "be overwiten with the <option>-e</option>, <option>-m</option>, or " +#| "<option>-c</option> options." msgid "" "The default encryption algorithm can be defined for the system with the " "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables " -"of <filename>/etc/login.defs</filename>, and can be overwitten with the " +"of <filename>/etc/login.defs</filename>, and can be overwritten with the " "<option>-e</option>, <option>-m</option>, or <option>-c</option> options." msgstr "" +"é»˜č®¤åŠ åƆē®—ę³•åÆ仄通čæ‡ <filename>/etc/login.defs</filename> ēš„ ENCRYPT_METHOD " +"å˜é‡č®¾ē½®ļ¼Œå¹¶äø”åÆ仄ä½æē”Ø <option>-e</option>, <option>-m</option> ꈖ <option>-" +"c</option> é€‰é”¹č¦†ē›–怂" #: chpasswd.8.xml:105(para) msgid "" @@ -8684,7 +8805,7 @@ msgstr "" msgid "" "<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</" "phrase><command>chpasswd</command> first updates all the passwords in " -"memory, and then commits all the changes to disk if no errors occured for " +"memory, and then commits all the changes to disk if no errors occurred for " "any user." msgstr "" @@ -8835,7 +8956,7 @@ msgstr "" msgid "" "The default encryption algorithm can be defined for the system with the " "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</" -"filename>, and can be overwiten with the <option>-e</option>, <option>-m</" +"filename>, and can be overwritten with the <option>-e</option>, <option>-m</" "option>, or <option>-c</option> options." msgstr "" "é»˜č®¤åŠ åƆē®—ę³•åÆ仄通čæ‡ <filename>/etc/login.defs</filename> ēš„ ENCRYPT_METHOD " @@ -9170,6 +9291,9 @@ msgstr "<command>chage</command> å‘½ä»¤ęœ‰å¦‚äø‹é€€å‡ŗ值ļ¼š<placeholder-1/>" msgid "translator-credits" msgstr "YunQiang Su <wzssyqa@gmail.com>, 2010." +#~ msgid "-M" +#~ msgstr "-M" + #~ msgid "" #~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</" #~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</" diff --git a/man/pt_BR/Makefile.in b/man/pt_BR/Makefile.in deleted file mode 100644 index 9dc135a9..00000000 --- a/man/pt_BR/Makefile.in +++ /dev/null @@ -1,633 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/pt_BR -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/pt_BR -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = \ - man1/gpasswd.1 \ - man8/groupadd.8 \ - man8/groupdel.8 \ - man8/groupmod.8 \ - man5/passwd.5 \ - man5/shadow.5 - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/pt_BR/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/pt_BR/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man5 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man5 \ - uninstall-man8 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/pwck.8.xml b/man/pwck.8.xml index fbe4cd7c..25952df5 100644 --- a/man/pwck.8.xml +++ b/man/pwck.8.xml @@ -243,7 +243,7 @@ <para condition="tcb"> Note that when <option>USE_TCB</option> is enabled, you cannot specify an alternative <replaceable>shadow</replaceable> file. In - future releases, this paramater could be replaced by an alternate + future releases, this parameter could be replaced by an alternate TCB directory. </para> </refsect1> diff --git a/man/ru/Makefile.in b/man/ru/Makefile.in deleted file mode 100644 index 25900cee..00000000 --- a/man/ru/Makefile.in +++ /dev/null @@ -1,740 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@USE_PAM_TRUE@am__append_2 = $(man_nopam) -DIST_COMMON = $(srcdir)/../generate_translations.mak \ - $(srcdir)/../generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am -subdir = man/ru -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/ru -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = man1/chage.1 man1/chfn.1 man8/chgpasswd.8 man8/chpasswd.8 \ - man1/chsh.1 man1/expiry.1 man5/faillog.5 man8/faillog.8 \ - man3/getspnam.3 man1/gpasswd.1 man8/groupadd.8 man8/groupdel.8 \ - man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ - man8/grpconv.8 man8/grpunconv.8 man5/gshadow.5 man8/lastlog.8 \ - man1/login.1 man5/login.defs.5 man8/logoutd.8 man1/newgrp.1 \ - man8/newusers.8 man8/nologin.8 man1/passwd.1 man5/passwd.5 \ - man8/pwck.8 man8/pwconv.8 man8/pwunconv.8 man1/sg.1 \ - man3/shadow.3 man5/shadow.5 man1/su.1 man5/suauth.5 \ - man8/useradd.8 man8/userdel.8 man8/usermod.8 man8/vigr.8 \ - man8/vipw.8 $(am__append_1) -man_nopam = \ - man5/limits.5 \ - man5/login.access.5 \ - man5/porttime.5 - -EXTRA_DIST = $(man_MANS) man1/id.1 man8/sulogin.8 $(am__append_2) -LANG = $(notdir $(CURDIR)) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/ru/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/ru/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man3: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man3dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.3[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ - done; } - -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man3dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.3[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-am - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man3 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ - uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - clean-local cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man3 install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-man3 uninstall-man5 uninstall-man8 - - -@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in -@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml -@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml ../po/$(LANG).po -@ENABLE_REGENERATE_MAN_TRUE@ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@ -@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^<refentry .*\)>:\1 lang="$(LANG)">:' $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^<!-- SHADOW-CONFIG-HERE -->/<!ENTITY % config SYSTEM "config.xml">%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(<!DOCTYPE .*docbookx.dtd"\)>/\1 [<!ENTITY % config SYSTEM "config.xml">%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/ru/man1/chage.1 b/man/ru/man1/chage.1 deleted file mode 100644 index 51c606b1..00000000 --- a/man/ru/man1/chage.1 +++ /dev/null @@ -1,179 +0,0 @@ -'\" t -.\" Title: chage -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "chage" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -chage \- ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBchage\fR\ 'u -\fBchage\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] \fIŠ£Š§ŠŠ¢ŠŠŠÆ_Š—ŠŠŸŠ˜Š”Š¬\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBchage\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹ Š¼ŠµŠ¶Š“у Š“Š°Ń‚Š¾Š¹ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń Šø Š“Š°Ń‚Š¾Š¹ ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń\&. Š­Ń‚Š° ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøя ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся сŠøстŠµŠ¼Š¾Š¹ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя Š¼Š¾Š¼ŠµŠ½Ń‚Š°, ŠŗŠ¾Š³Š“Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ сŠ¼ŠµŠ½Šøть сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBchage\fR: -.PP -\fB\-d\fR, \fB\-\-lastday\fR\ \&\fIŠŸŠžŠ”Š›_Š”Š•ŠŠ¬\fR -.RS 4 -Š£ŃŃ‚Š°Š½Š¾Š²Šøть чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ ŠæрŠ¾ŃˆŠµŠ“шŠøх с 1 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š°, ŠŗŠ¾Š³Š“Š° Š±Ń‹Š»Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŃŃ сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń\&. Š”Š°Ń‚Š° Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ тŠ°ŠŗŠ¶Šµ уŠŗŠ°Š·Š°Š½Š° Š² Š²ŠøŠ“Šµ Š“Š“Š“Š“\-ŠœŠœ\-Š”Š” (ŠøŠ»Šø Š² фŠ¾Ń€Š¼Šµ сŠ¾Š³Š»Š°ŃŠ½Š¾ рŠµŠ³ŠøŠ¾Š½Š°Š»ŃŒŠ½Ń‹Š¼ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠ°Š¼)\&. -.RE -.PP -\fB\-E\fR, \fB\-\-expiredate\fR \fIŠ”ŠŠ¢Š_Š£Š”Š¢ŠŠ Š•Š’ŠŠŠ˜ŠÆ\fR -.RS 4 -Š£ŃŃ‚Š°Š½Š¾Š²Šøть Š“Š°Ń‚Ńƒ устŠ°Ń€ŠµŠ²Š°Š½Šøя учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š·Š°Š“Š°Ń‘Ń‚ŃŃ чŠøсŠ»Š¾Š¼ Š“Š½ŠµŠ¹ ŠæрŠ¾ŃˆŠµŠ“шŠøх с 1 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š°\&. Š”Š°Ń‚Š° Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ тŠ°ŠŗŠ¶Šµ Š·Š°Š“Š°Š½Š° Š² Š²ŠøŠ“Šµ Š“Š“Š“Š“\-ŠœŠœ\-Š”Š” (ŠøŠ»Šø Š² фŠ¾Ń€Š¼Šµ сŠ¾Š³Š»Š°ŃŠ½Š¾ рŠµŠ³ŠøŠ¾Š½Š°Š»ŃŒŠ½Ń‹Š¼ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠ°Š¼)\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ, чья учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±Ń‹Š»Š° Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°, Š“Š¾Š»Š¶ŠµŠ½ Š¾Š±Ń€Š°Ń‚Šøться Šŗ сŠøстŠµŠ¼Š½Š¾Š¼Ńƒ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ńƒ, ŠµŃŠ»Šø хŠ¾Ń‡ŠµŃ‚ Š² Š“Š°Š»ŃŒŠ½ŠµŠ¹ŃˆŠµŠ¼ рŠ°Š±Š¾Ń‚Š°Ń‚ŃŒ с сŠøстŠµŠ¼Š¾Š¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fI\-1\fR -Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Šµ -\fIŠ”ŠŠ¢Š_Š£Š”Š¢ŠŠ Š•Š’ŠŠŠ˜ŠÆ\fR -Š¾Ń‚Š¼ŠµŠ½ŃŠµŃ‚ устŠ°Ń€ŠµŠ²Š°Š½ŠøŠµ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIŠ”ŠŠ•Š™\fR -.RS 4 -Š£ŃŃ‚Š°Š½Š¾Š²Šøть ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹ Š½ŠµŠ°ŠŗтŠøŠ²Š½Š¾ŃŃ‚Šø ŠæŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°\&. Š’ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Šµ -\fIŠ”ŠŠ•Š™\fR -Š·Š°Š“Š°Ń‘Ń‚ŃŃ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹ Š½ŠµŠ°ŠŗтŠøŠ²Š½Š¾ŃŃ‚Šø\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ, чья учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±Ń‹Š»Š° Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°, Š“Š¾Š»Š¶ŠµŠ½ Š¾Š±Ń€Š°Ń‚Šøться Šŗ сŠøстŠµŠ¼Š½Š¾Š¼Ńƒ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ńƒ, ŠµŃŠ»Šø хŠ¾Ń‡ŠµŃ‚ Š² Š“Š°Š»ŃŒŠ½ŠµŠ¹ŃˆŠµŠ¼ рŠ°Š±Š¾Ń‚Š°Ń‚ŃŒ с сŠøстŠµŠ¼Š¾Š¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fI\-1\fR -Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Šµ -\fIŠ”ŠŠ•Š™\fR -Š¾Ń‚Š¼ŠµŠ½ŃŠµŃ‚ Š½ŠµŠ°ŠŗтŠøŠ²Š½Š¾ŃŃ‚ŃŒ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -.RE -.PP -\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIŠœŠ˜Š_Š”ŠŠ•Š™\fR -.RS 4 -Š—Š°Š“Š°Ń‚ŃŒ -\fIŠ¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹\fR -Š¼ŠµŠ¶Š“у сŠ¼ŠµŠ½Š°Š¼Šø ŠæŠ°Ń€Š¾Š»Ń\&. ŠŃƒŠ»ŠµŠ²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ этŠ¾Š³Š¾ ŠæŠ¾Š»Ń уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ Š½Š° тŠ¾, чтŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ Š¼ŠµŠ½ŃŃ‚ŃŒ сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ ŠŗŠ¾Š³Š“Š° Š·Š°Ń…Š¾Ń‡ŠµŃ‚\&. -.RE -.PP -\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIŠœŠŠšŠ”_Š”ŠŠ•Š™\fR -.RS 4 -Š£ŃŃ‚Š°Š½Š¾Š²Šøть Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹ рŠ°Š±Š¾Ń‚Š¾ŃŠæŠ¾ŃŠ¾Š±Š½Š¾ŃŃ‚Šø ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø суŠ¼Š¼Š° Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹ -\fIŠœŠŠšŠ”_Š”ŠŠ•Š™\fR -Šø -\fIŠŸŠžŠ”Š›_Š”Š•ŠŠ¬\fR -рŠ°Š½ŃŒŃˆŠµ тŠµŠŗущŠµŠ³Š¾ Š“Š½Ń, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠæрŠøŠ“ётся ŠøŠ·Š¼ŠµŠ½Šøть сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ ŠæŠµŃ€ŠµŠ“ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ŠøŠµŠ¼ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š”Š»Ń тŠ¾Š³Š¾, чтŠ¾Š±Ń‹ этŠ¾ Š½Šµ Š±Ń‹Š»Š¾ Š½ŠµŠ¾Š¶ŠøŠ“Š°Š½Š½Š¾ŃŃ‚ŃŒŃŽ Š¼Š¾Š¶Š½Š¾ Š²Š¾ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-W\fR, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š°ŠŗтŠøŠ²ŠøруŠµŃ‚ Š²Ń‹Š“Š°Ń‡Ńƒ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾ сŠ¼ŠµŠ½Šµ ŠæŠ°Ń€Š¾Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š·Š°Ń€Š°Š½ŠµŠµ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fI\-1\fR -Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Šµ -\fIŠœŠŠšŠ”_Š”ŠŠ•Š™\fR -Š¾Ń‚Š¼ŠµŠ½ŃŠµŃ‚ ŠæрŠ¾Š²ŠµŃ€Šŗу ŠæŠ°Ń€Š¾Š»Ń\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIŠŸŠ Š•Š”Š£ŠŸ_Š”ŠŠ•Š™\fR -.RS 4 -Š£ŃŃ‚Š°Š½Š¾Š²Šøть ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹ Š²Ń‹Š“Š°Ń‡Šø ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя, ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ ŠæŠ¾Ń‚Ń€ŠµŠ±ŃƒŠµŃ‚ся сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń\&. ŠŸŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fIŠŸŠ Š•Š”Š£ŠŸ_Š”ŠŠ•Š™\fR -счŠøтŠ°ŠµŃ‚ся Š² Š“Š½ŃŃ…, Š² тŠµŃ‡ŠµŠ½ŠøŠø ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾Š»ŃƒŃ‡Š°Ń‚ŃŒ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń, ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ этŠ¾ сŠ»ŃƒŃ‡Šøтся\&. -.RE -.PP -Š•ŃŠ»Šø Š½Šø Š¾Š“ŠøŠ½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ уŠŗŠ°Š·Š°Š½, тŠ¾ -\fBchage\fR -ŠæŠµŃ€ŠµŃ…Š¾Š“Šøт Š² ŠøŠ½Ń‚ŠµŃ€Š°ŠŗтŠøŠ²Š½Ń‹Š¹ рŠµŠ¶ŠøŠ¼, ŠæрŠµŠ“Š»Š°Š³Š°Ń Š·Š°ŠæустŠøŠ²ŃˆŠµŠ¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠøŠ·Š¼ŠµŠ½Šøть Š·Š½Š°Ń‡ŠµŠ½Šøя Š²ŃŠµŃ… ŠæŠ¾Š»ŠµŠ¹ сŠ²Š¾ŠµŠ¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š’Š²Š¾Š“ŠøŠ¼Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š·Š°Š¼ŠµŠ½ŃŠµŃ‚ тŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾Š»Ń; ŠµŃŠ»Šø Š²Š²ŠµŠ“ŠµŠ½Š° ŠæустŠ°Ń стрŠ¾ŠŗŠ°, тŠ¾ тŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾ŃŃ‚Š°Ń‘Ń‚ŃŃ Š½ŠµŠøŠ·Š¼ŠµŠ½Š½Ń‹Š¼\&. Š¢ŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ŠŗŠ°Š·Š°Š½Š¾ Š² сŠŗŠ¾Š±ŠŗŠ°Ń… -\fI[ ]\fR\&. -.SH "Š—ŠŠœŠ•Š§ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBchage\fR -трŠµŠ±ŃƒŠµŃ‚ Š½Š°Š»ŠøчŠøя фŠ°Š¹Š»Š° тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBchage\fR -рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ тŠ¾Š»ŃŒŠŗŠ¾ Š¾Ń‚ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š·Š° ŠøсŠŗŠ»ŃŽŃ‡ŠµŠ½ŠøŠµŠ¼ Š²Ń‹Š·Š¾Š²Š° с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-l\fR, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š¼Š¾Š¶ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š½ŠµŠæрŠøŠ²ŠøŠ»ŠµŠ³ŠøрŠ¾Š²Š°Š½Š½Ń‹Š¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя Š“Š°Ń‚Ń‹ устŠ°Ń€ŠµŠ²Š°Š½Šøя сŠ²Š¾ŠµŠ³Š¾ ŠæŠ°Ń€Š¾Š»Ń\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBchage\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI1\fR -.RS 4 -Š“Š¾ŃŃ‚ŃƒŠæ Š·Š°ŠæрŠµŃ‰Ń‘Š½ -.RE -.PP -\fI2\fR -.RS 4 -Š¾ŃˆŠøŠ±ŠŗŠ° Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Ń… ŠŗŠ¾Š¼Š°Š½Š“ы -.RE -.PP -\fI15\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ Š½Š°Š¹Ń‚Šø фŠ°Š¹Š» тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/ru/man1/chfn.1 b/man/ru/man1/chfn.1 deleted file mode 100644 index 023a2646..00000000 --- a/man/ru/man1/chfn.1 +++ /dev/null @@ -1,154 +0,0 @@ -'\" t -.\" Title: chfn -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "chfn" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -chfn \- ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šµ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBchfn\fR\ 'u -\fBchfn\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] [\fIŠ£Š§ŠŠ¢ŠŠŠÆ_Š—ŠŠŸŠ˜Š”Š¬\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBchfn\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ Š¤Š˜Šž, рŠ°Š±Š¾Ń‡ŠøŠ¹ тŠµŠ»ŠµŃ„Š¾Š½, рŠ°Š±Š¾Ń‡ŠøŠ¹ Š½Š¾Š¼ŠµŃ€ ŠŗŠ¾Š¼Š½Š°Ń‚Ń‹, рŠ°Š±Š¾Ń‡ŠøŠ¹ Šø Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ Š½Š¾Š¼ŠµŃ€ тŠµŠ»ŠµŃ„Š¾Š½Š° Š“Š»Ń учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. ŠžŠ±Ń‹Ń‡Š½Š¾, этŠø Š“Š°Š½Š½Ń‹Šµ Š²Ń‹Š²Š¾Š“ятся ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ -\fBfinger\fR(1) -Šø ŠµŠ¹ ŠæŠ¾Š“Š¾Š±Š½Ń‹Š¼Šø ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Š¼Šø\&. ŠžŠ±Ń‹Ń‡Š½Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Šøть тŠ¾Š»ŃŒŠŗŠ¾ Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Ń‹Šµ Š“Š°Š½Š½Ń‹Šµ сŠ¾Š±ŃŃ‚Š²ŠµŠ½Š½Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø, рŠ°Š·Ń€ŠµŃˆŃ‘Š½Š½Ń‹Šµ Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs -(Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠ¾Š¹ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ Š½Šµ рŠ°Š·Ń€ŠµŃˆŠ°ŠµŃ‚ся Š¼ŠµŠ½ŃŃ‚ŃŒ сŠ²Š¾Ń‘ ŠøŠ¼Ń Šø фŠ°Š¼ŠøŠ»Šøю)\&. Š”уŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ Š»ŃŽŠ±Ń‹Šµ Š“Š°Š½Š½Ń‹Šµ Š»ŃŽŠ±Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. ŠšŃ€Š¾Š¼Šµ тŠ¾Š³Š¾, тŠ¾Š»ŃŒŠŗŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-o\fR -Š“Š»Ń ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š½ŠµŃŃ‚Š°Š½Š“Š°Ń€Ń‚ŠøŠ·Š¾Š²Š°Š½Š½Š¾Š¹ чŠ°ŃŃ‚Šø Š“Š°Š½Š½Ń‹Ń… GECOS\&. -.PP -Š§Š°ŃŃ‚Šø ŠæŠ¾Š»Ń GECOS Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ Š“Š²Š¾ŠµŃ‚Š¾Ń‡ŠøŠ¹\&. Š—Š° ŠøсŠŗŠ»ŃŽŃ‡ŠµŠ½ŠøŠµŠ¼ чŠ°ŃŃ‚Šø -\fIŠ“руŠ³Š°Ń\fR, Š² Š½Šøх Š½Šµ Š“Š¾Š»Š¶Š½Š¾ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒŃŃ Š·Š°Šæятых Šø Š·Š½Š°ŠŗŠ¾Š² рŠ°Š²Š½Š¾\&. Š¢Š°ŠŗŠ¶Šµ рŠµŠŗŠ¾Š¼ŠµŠ½Š“уŠµŃ‚ся ŠøŠ·Š±ŠµŠ³Š°Ń‚ŃŒ сŠøŠ¼Š²Š¾Š»Š¾Š² Š½Šµ Š² ŠŗŠ¾Š“ŠøрŠ¾Š²ŠŗŠµ US\-ASCII, Š½Š¾ этŠ¾ ŠŗŠ°ŃŠ°ŠµŃ‚ся тŠ¾Š»ŃŒŠŗŠ¾ Š½Š¾Š¼ŠµŃ€Š¾Š² тŠµŠ»ŠµŃ„Š¾Š½Š¾Š²\&. Š§Š°ŃŃ‚ŃŒ -\fIŠ“руŠ³Š°Ń\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń хрŠ°Š½ŠµŠ½Šøя ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾Š± учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“руŠ³ŠøŠ¼Šø ŠæрŠøŠ»Š¾Š¶ŠµŠ½ŠøяŠ¼Šø\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBchfn\fR: -.PP -\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fIŠ¤Š˜Šž\fR -.RS 4 -Š˜Š·Š¼ŠµŠ½ŃŠµŃ‚ Š¤Š˜Šž ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fIŠ”ŠžŠœŠŠØŠŠ˜Š™_Š¢Š•Š›Š•Š¤ŠžŠ\fR -.RS 4 -Š˜Š·Š¼ŠµŠ½ŃŠµŃ‚ Š½Š¾Š¼ŠµŃ€ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ тŠµŠ»ŠµŃ„Š¾Š½Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fB\-o\fR, \fB\-\-other\fR\ \&\fIŠ”Š Š£Š“ŠŠÆ\fR -.RS 4 -Š˜Š·Š¼ŠµŠ½ŃŠµŃ‚ Š“руŠ³ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю GECOS Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šµ\&. Š­Ń‚Š° чŠ°ŃŃ‚ŃŒ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń хрŠ°Š½ŠµŠ½Šøя ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾Š± учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Š¾Š¹ Š“руŠ³ŠøŠ¼Šø ŠæрŠøŠ»Š¾Š¶ŠµŠ½ŠøяŠ¼Šø, Šø Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒŃŃ тŠ¾Š»ŃŒŠŗŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼\&. -.RE -.PP -\fB\-r\fR, \fB\-\-room\fR\ \&\fIŠŠžŠœŠ•Š _ŠšŠžŠœŠŠŠ¢Š«\fR -.RS 4 -Š˜Š·Š¼ŠµŠ½ŃŠµŃ‚ Š½Š¾Š¼ŠµŃ€ ŠŗŠ¾Š¼Š½Š°Ń‚Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fIŠ ŠŠ‘ŠžŠ§Š˜Š™_Š¢Š•Š›Š•Š¤ŠžŠ\fR -.RS 4 -Š˜Š·Š¼ŠµŠ½ŃŠµŃ‚ Š½Š¾Š¼ŠµŃ€ рŠ°Š±Š¾Ń‡ŠµŠ³Š¾ тŠµŠ»ŠµŃ„Š¾Š½Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -Š•ŃŠ»Šø Š½Šø Š¾Š“ŠøŠ½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ уŠŗŠ°Š·Š°Š½, тŠ¾ -\fBchfn\fR -ŠæŠµŃ€ŠµŃ…Š¾Š“Šøт Š² ŠøŠ½Ń‚ŠµŃ€Š°ŠŗтŠøŠ²Š½Ń‹Š¹ рŠµŠ¶ŠøŠ¼, ŠæрŠµŠ“Š»Š°Š³Š°Ń Š·Š°ŠæустŠøŠ²ŃˆŠµŠ¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠøŠ·Š¼ŠµŠ½Šøть Š“Š°Š½Š½Ń‹Šµ сŠ²Š¾ŠµŠ¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š’Š²Š¾Š“ŠøŠ¼Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š·Š°Š¼ŠµŠ½ŃŠµŃ‚ тŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š·Š°ŠæŠøсŠø; ŠµŃŠ»Šø Š²Š²ŠµŠ“ŠµŠ½Š° ŠæустŠ°Ń стрŠ¾ŠŗŠ°, тŠ¾ тŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾ŃŃ‚Š°Ń‘Ń‚ŃŃ Š½ŠµŠøŠ·Š¼ŠµŠ½Š½Ń‹Š¼\&. Š¢ŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ŠŗŠ°Š·Š°Š½Š¾ Š² сŠŗŠ¾Š±ŠŗŠ°Ń… -\fB[ ]\fR\&. ŠŸŃ€Šø Š²Ń‹Š·Š¾Š²Šµ Š±ŠµŠ· ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° -\fBchfn\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь Š·Š°ŠæустŠøŠ²ŃˆŠµŠ³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBCHFN_AUTH\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š•ŃŠ»Šø рŠ°Š²Š½Š¾ yes, chfn -.RE -.PP -\fBCHFN_RESTRICT\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š­Ń‚ŠøŠ¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ Š¾ŠæрŠµŠ“ŠµŠ»ŃŃŽŃ‚ся чŠ°ŃŃ‚Šø ŠæŠ¾Š»Ń -\fIgecos\fR -Š² фŠ°Š¹Š»Šµ -/etc/passwd, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š¼Š¾Š³ŃƒŃ‚ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ Š¾Š±Ń‹Ń‡Š½Ń‹Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ -\fBchfn\fR\&. Š”трŠ¾ŠŗŠ° Š¼Š¾Š¶ŠµŃ‚ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ Š»ŃŽŠ±ŃƒŃŽ ŠŗŠ¾Š¼Š±ŠøŠ½Š°Ń†Šøю Š±ŃƒŠŗŠ² -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR -Š“Š»Ń ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя ŠæŠ¾Š»Š½Š¾Š³Š¾ ŠøŠ¼ŠµŠ½Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š½Š¾Š¼ŠµŃ€Š° ŠŗŠ¾Š¼Š½Š°Ń‚Ń‹, рŠ°Š±Š¾Ń‡ŠµŠ³Š¾ Šø Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ тŠµŠ»ŠµŃ„Š¾Š½Š°, сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠµŠ½Š½Š¾\&. Š”Š»Ń сŠ¾Š²Š¼ŠµŃŃ‚ŠøŠ¼Š¾ŃŃ‚Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIyes\fR -эŠŗŠ²ŠøŠ²Š°Š»ŠµŠ½Ń‚Š½Š¾ -\fIrwh\fR -Šø -\fIno\fR -эŠŗŠ²ŠøŠ²Š°Š»ŠµŠ½Ń‚Š½Š¾ -\fIfrwh\fR\&. Š•ŃŠ»Šø Š½ŠøчŠµŠ³Š¾ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ тŠ¾Š»ŃŒŠŗŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ Š²Ń‹ŠæŠ¾Š»Š½ŃŃ‚ŃŒ Š»ŃŽŠ±Ń‹Šµ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя\&. ŠŠ°ŠøŠ±Š¾Š»ŠµŠµ Š¾Š³Ń€Š°Š½ŠøчŠøтŠµŠ»ŃŒŠ½Š°Ń Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠ° Š“Š¾ŃŃ‚ŠøŠ³Š°ŠµŃ‚ся сŠ½ŃŃ‚ŠøŠµŠ¼ SUID Š±ŠøтŠ° с фŠ°Š¹Š»Š° -chfn\&. -.RE -.PP -\fBLOGIN_STRING\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š”трŠ¾ŠŗŠ°\-ŠæрŠøŠ³Š»Š°ŃˆŠµŠ½ŠøŠµ Šŗ Š²Š²Š¾Š“у ŠæŠ°Ń€Š¾Š»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: \(FoPassword:\(Fc ŠøŠ»Šø ŠæŠµŃ€ŠµŠ²Š¾Š“ этŠ¾Š¹ стрŠ¾ŠŗŠø Š½Š° рŠ°Š·Š½Ń‹Šµ яŠ·Ń‹ŠŗŠø\&. Š•ŃŠ»Šø Š²Ń‹ ŠøŠ·Š¼ŠµŠ½ŠøтŠµ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, тŠ¾ ŠæŠµŃ€ŠµŠ²Š¾Š“ Š±ŃƒŠ“ŠµŃ‚ Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.sp -Š•ŃŠ»Šø Š² стрŠ¾ŠŗŠµ сŠ¾Š“ŠµŃ€Š¶Šøтся ŠæŠ¾Š“стрŠ¾ŠŗŠ° -\fI%s\fR, тŠ¾ Š¾Š½Š° Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š¼ŠµŠ½ŠµŠ½Š° Š½Š° ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchsh\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/ru/man1/chsh.1 b/man/ru/man1/chsh.1 deleted file mode 100644 index c588c218..00000000 --- a/man/ru/man1/chsh.1 +++ /dev/null @@ -1,117 +0,0 @@ -'\" t -.\" Title: chsh -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "chsh" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -chsh \- ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBchsh\fR\ 'u -\fBchsh\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] [\fIŠ£Š§ŠŠ¢ŠŠŠÆ_Š—ŠŠŸŠ˜Š”Š¬\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBchsh\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. ŠžŠ½Š° Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠŗŠ°ŠŗŠ°Ń ŠŗŠ¾Š¼Š°Š½Š“Š° Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæŠ¾ŃŠ»Šµ рŠµŠ³ŠøстрŠ°Ń†ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² сŠøстŠµŠ¼Šµ\&. ŠžŠ±Ń‹Ń‡Š½Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń сŠ²Š¾ŠµŠ¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø; суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу Š»ŃŽŠ±Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBchsh\fR: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fIŠžŠ‘ŠžŠ›ŠžŠ§ŠšŠ\fR -.RS 4 -Š˜Š¼Ń Š½Š¾Š²Š¾Š¹ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø Š·Š°Š“Š°Ń‚ŃŒ ŠæустŠ¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š° рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š°Ń Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ° ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. -.RE -.PP -Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-s\fR -Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ -\fBchsh\fR -ŠæŠµŃ€ŠµŃ…Š¾Š“Šøт Š² ŠøŠ½Ń‚ŠµŃ€Š°ŠŗтŠøŠ²Š½Ń‹Š¹ рŠµŠ¶ŠøŠ¼, ŠæрŠµŠ“Š»Š°Š³Š°Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠøŠ·Š¼ŠµŠ½Šøть сŠ²Š¾ŃŽ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу\&. Š’Š²Š¾Š“ŠøŠ¼Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š·Š°Š¼ŠµŠ½ŃŠµŃ‚ тŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾Š»Ń; ŠµŃŠ»Šø Š²Š²ŠµŠ“ŠµŠ½Š° ŠæустŠ°Ń стрŠ¾ŠŗŠ°, тŠ¾ тŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾ŃŃ‚Š°Ń‘Ń‚ŃŃ Š½ŠµŠøŠ·Š¼ŠµŠ½Š½Ń‹Š¼\&. Š¢ŠµŠŗущŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø уŠŗŠ°Š·Š°Š½Š¾ Š² сŠŗŠ¾Š±ŠŗŠ°Ń… -\fI[ ]\fR\&. -.SH "Š—ŠŠœŠ•Š§ŠŠŠ˜Š•" -.PP -Š’сŠµ Š“Š¾ŠæустŠøŠ¼Ń‹Šµ ŠøŠ¼ŠµŠ½Š° рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Ń‹Ń… Š¾Š±Š¾Š»Š¾Ń‡ŠµŠŗ Š“Š¾Š»Š¶Š½Ń‹ Š±Ń‹Ń‚ŃŒ уŠŗŠ°Š·Š°Š½Ń‹ Š² фŠ°Š¹Š»Šµ -/etc/shells\&. ŠŠ° суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń этŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ Š½Šµ Š“ŠµŠ¹ŃŃ‚Š²ŃƒŠµŃ‚ Šø ŠæŠ¾ŃŃ‚Š¾Š¼Ńƒ ŠµŠ¼Ńƒ рŠ°Š·Ń€ŠµŃˆŠµŠ½Š¾ уŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒ Š»ŃŽŠ±Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. Š”Š»Ń учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø с Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½Š¾Š¹ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ¾Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Šøть сŠ²Š¾ŃŽ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу\&. ŠŸŠ¾ŃŃ‚Š¾Š¼Ńƒ -/bin/rsh -Š² фŠ°Š¹Š»Šµ -/etc/shells -Š»ŃƒŃ‡ŃˆŠµ Š½Šµ уŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒ, тŠ°Šŗ ŠŗŠ°Šŗ, ŠµŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ сŠ»ŃƒŃ‡Š°Š¹Š½Š¾ ŠøŠ·Š¼ŠµŠ½Šøт сŠ²Š¾ŃŽ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу Š½Š° эту Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу, тŠ¾ Š½Šµ сŠ¼Š¾Š¶ŠµŃ‚ Š²Š¾ŃŃŃ‚Š°Š½Š¾Š²Šøть ŠµŃ‘ ŠæŠµŃ€Š²Š¾Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBCHSH_AUTH\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š•ŃŠ»Šø рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° -\fBchsh\fR -Š±ŃƒŠ“ŠµŃ‚ ŠæрŠ¾Š²Š¾Š“Šøть Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†Šøю ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ Š²Ń‹ŠæŠ¾Š»Š½Šøть Š»ŃŽŠ±Ń‹Šµ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя, Š² сŠ»ŃƒŃ‡Š°Šµ ŠµŃŠ»Šø ŠŗŠ¾Š¼Š°Š½Š“Š° Š½Šµ Š·Š°ŠæущŠµŠ½Ń‹ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼\&. -.RE -.PP -\fBLOGIN_STRING\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š”трŠ¾ŠŗŠ°\-ŠæрŠøŠ³Š»Š°ŃˆŠµŠ½ŠøŠµ Šŗ Š²Š²Š¾Š“у ŠæŠ°Ń€Š¾Š»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: \(FoPassword:\(Fc ŠøŠ»Šø ŠæŠµŃ€ŠµŠ²Š¾Š“ этŠ¾Š¹ стрŠ¾ŠŗŠø Š½Š° рŠ°Š·Š½Ń‹Šµ яŠ·Ń‹ŠŗŠø\&. Š•ŃŠ»Šø Š²Ń‹ ŠøŠ·Š¼ŠµŠ½ŠøтŠµ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, тŠ¾ ŠæŠµŃ€ŠµŠ²Š¾Š“ Š±ŃƒŠ“ŠµŃ‚ Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.sp -Š•ŃŠ»Šø Š² стрŠ¾ŠŗŠµ сŠ¾Š“ŠµŃ€Š¶Šøтся ŠæŠ¾Š“стрŠ¾ŠŗŠ° -\fI%s\fR, тŠ¾ Š¾Š½Š° Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š¼ŠµŠ½ŠµŠ½Š° Š½Š° ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shells -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт сŠæŠøсŠ¾Šŗ рŠ°Š·Ń€ŠµŃˆŃ‘Š½Š½Ń‹Ń… рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Ń‹Ń… Š¾Š±Š¾Š»Š¾Ń‡ŠµŠŗ -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchfn\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/ru/man1/expiry.1 b/man/ru/man1/expiry.1 deleted file mode 100644 index 40aa3c2f..00000000 --- a/man/ru/man1/expiry.1 +++ /dev/null @@ -1,75 +0,0 @@ -'\" t -.\" Title: expiry -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "expiry" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -expiry \- ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ Šø ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠ°Ń€Š¾Š»ŃŒ сŠ¾Š³Š»Š°ŃŠ½Š¾ ŠæŠ¾Š»ŠøтŠøŠŗŠµ устŠ°Ń€ŠµŠ²Š°Š½Šøя -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBexpiry\fR\ 'u -\fBexpiry\fR \fIŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBexpiry\fR -ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ (ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-c\fR) сŠŗŠ¾Š»ŃŒŠŗŠ¾ ŠµŃ‰Ń‘ Š²Ń€ŠµŠ¼ŠµŠ½Šø Š±ŃƒŠ“ŠµŃ‚ рŠ°Š±Š¾Ń‚Š¾ŃŠæŠ¾ŃŠ¾Š±ŠµŠ½ тŠµŠŗущŠøŠ¹ ŠæŠ°Ń€Š¾Š»ŃŒ Šø Š²Ń‹Š½ŃƒŠ¶Š“Š°ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Šøть ŠµŠ³Š¾ (ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-f\fR), ŠµŃŠ»Šø этŠ¾ трŠµŠ±ŃƒŠµŃ‚ся\&. ŠžŠ½Š° Š¼Š¾Š¶ŠµŃ‚ Š·Š°ŠæусŠŗŠ°Ń‚ŃŒŃŃ Š¾Š±Ń‹Ń‡Š½Ń‹Š¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBexpiry\fR: -.PP -\fB\-c\fR, \fB\-\-check\fR -.RS 4 -ŠŸŃ€Š¾Š²ŠµŃ€ŃŠµŃ‚ Šø ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń у тŠµŠŗущŠµŠ³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -ŠŸŃ€ŠøŠ½ŃƒŠ“ŠøтŠµŠ»ŃŒŠ½Š¾ Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠ°Ń€Š¾Š»ŃŒ, ŠµŃŠ»Šø ŠµŠ³Š¾ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠøстёŠŗ\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/ru/man1/gpasswd.1 b/man/ru/man1/gpasswd.1 deleted file mode 100644 index fef73409..00000000 --- a/man/ru/man1/gpasswd.1 +++ /dev/null @@ -1,224 +0,0 @@ -'\" t -.\" Title: gpasswd -.\" Author: Rafal Maszkowski -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "gpasswd" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -gpasswd \- уŠæрŠ°Š²Š»ŠµŠ½ŠøŠµ /etc/group Šø /etc/gshadow -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBgpasswd\fR\ 'u -\fBgpasswd\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€\fR] \fIŠ³Ń€ŃƒŠæŠæŠ°\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgpasswd\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя фŠ°Š¹Š»Š¾Š¼ -/etc/groupŠø /etc/gshadow\&. Š’ ŠŗŠ°Š¶Š“Š¾Š¹ Š³Ń€ŃƒŠæŠæŠµ Š¼Š¾Š³ŃƒŃ‚ Š±Ń‹Ń‚ŃŒ Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Ń‹ -Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ń‹, -чŠ»ŠµŠ½Ń‹ Šø ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.PP -Š”ŠøстŠµŠ¼Š½Ń‹Šµ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ń‹ Š¼Š¾Š³ŃƒŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-A\fR, чтŠ¾Š±Ń‹ Š½Š°Š·Š½Š°Ń‡Šøть Š³Ń€ŃƒŠæŠæŠµ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Š°(Š¾Š²) Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-M\fR -Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя сŠæŠøсŠŗŠ° чŠ»ŠµŠ½Š¾Š², Š° тŠ°ŠŗŠ¶Šµ ŠøŠ¼ŠµŃŽŃ‚ Š²ŃŠµ ŠæрŠ°Š²Š° Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Š¾Š² Šø чŠ»ŠµŠ½Š¾Š² Š³Ń€ŃƒŠæŠæы\&. -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgpasswd\fR, Š·Š°ŠæущŠµŠ½Š½Š°Ń -Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Š¾Š¼ Š³Ń€ŃƒŠæŠæы -с уŠŗŠ°Š·Š°Š½ŠøŠµŠ¼ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ тŠ¾Š»ŃŒŠŗŠ¾ ŠøŠ¼ŠµŠ½Šø Š³Ń€ŃƒŠæŠæы, ŠæрŠµŠ“Š»Š¾Š¶Šøт Š½Š°Š·Š½Š°Ń‡Šøть ŠæŠ°Ń€Š¾Š»ŃŒ -\fIŠ³Ń€ŃƒŠæŠæŠµ\fR\&. -.PP -Š•ŃŠ»Šø ŠæŠ°Ń€Š¾Š»ŃŒ Š½Šµ ŠæустŠ¾Š¹, тŠ¾ Š“Š»Ń чŠ»ŠµŠ½Š¾Š² Š³Ń€ŃƒŠæŠæы Š²Ń‹Š·Š¾Š² -\fBnewgrp\fR(1) -ŠæŠ°Ń€Š¾Š»Ń Š½Šµ трŠµŠ±ŃƒŠµŃ‚, Š° Š½Šµ чŠ»ŠµŠ½Ń‹ Š³Ń€ŃƒŠæŠæы Š“Š¾Š»Š¶Š½Ń‹ Š²Š²ŠµŃŃ‚Šø ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.SS "Š—Š°Š¼ŠµŃ‡Š°Š½Šøя Š¾ ŠæŠ°Ń€Š¾Š»ŃŃ… Š³Ń€ŃƒŠæŠæ" -.PP -ŠŸŠ°Ń€Š¾Š»Šø Š³Ń€ŃƒŠæŠæ ŠøŠ¼ŠµŃŽŃ‚ Š²Ń€Š¾Š¶Š“ёŠ½Š½ŃƒŃŽ ŠæрŠ¾Š±Š»ŠµŠ¼Ńƒ с Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚ŃŒŃŽ, тŠ°Šŗ ŠŗŠ°Šŗ ŠæŠ°Ń€Š¾Š»ŃŒ Š·Š½Š°ŠµŃ‚ Š±Š¾Š»ŠµŠµ Š¾Š“Š½Š¾Š³Š¾ чŠµŠ»Š¾Š²ŠµŠŗŠ°\&. ŠžŠ“Š½Š°ŠŗŠ¾, Š³Ń€ŃƒŠæŠæы яŠ²Š»ŃŃŽŃ‚ся ŠæŠ¾Š»ŠµŠ·Š½Ń‹Š¼ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š¼ сŠ¾Š²Š¼ŠµŃŃ‚Š½Š¾Š¹ рŠ°Š±Š¾Ń‚Ń‹ рŠ°Š·Š»ŠøчŠ½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -Š—Š° ŠøсŠŗŠ»ŃŽŃ‡ŠµŠ½ŠøŠµŠ¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² -\fB\-A\fR -Šø -\fB\-M\fR, ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры Š½ŠµŠ»ŃŒŠ·Ń ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š²Š¼ŠµŃŃ‚Šµ\&. -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBgpasswd\fR: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\fR -.RS 4 -Š”Š¾Š±Š°Š²Šøть -\fIŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR -Š² уŠŗŠ°Š·Š°Š½Š½ŃƒŃŽ -\fIŠ³Ń€ŃƒŠæŠæу\fR\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\fR -.RS 4 -Š£Š“Š°Š»Šøть -\fIŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR -ŠøŠ· уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ -\fIŠ³Ń€ŃƒŠæŠæы\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-Q\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\-password\fR -.RS 4 -Š£Š“Š°Š»Šøть ŠæŠ°Ń€Š¾Š»ŃŒ уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ -\fIŠ³Ń€ŃƒŠæŠæы\fR\&. ŠŸŠ°Ń€Š¾Š»ŃŒ Š³Ń€ŃƒŠæŠæы Š±ŃƒŠ“ŠµŃ‚ ŠæустыŠ¼\&. Š¢Š¾Š»ŃŒŠŗŠ¾ чŠ»ŠµŠ½Ń‹ Š³Ń€ŃƒŠæŠæы сŠ¼Š¾Š³ŃƒŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ -\fBnewgrp\fR -Š“Š»Ń Š²Ń…Š¾Š“Š° Š² уŠŗŠ°Š·Š°Š½Š½ŃƒŃŽ -\fIŠ³Ń€ŃƒŠæŠæу\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-restrict\fR -.RS 4 -ŠžŠ³Ń€Š°Š½ŠøчŠøть Š“Š¾ŃŃ‚ŃƒŠæ Šŗ уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ -\fIŠ³Ń€ŃƒŠæŠæŠµ\fR\&. ŠŸŠ°Ń€Š¾Š»ŃŒ Š³Ń€ŃƒŠæŠæы стŠ°Š½Š¾Š²Šøтся рŠ°Š²Š½Ń‹Š¼ \(Fo!\(Fc\&. Š¢Š¾Š»ŃŒŠŗŠ¾ чŠ»ŠµŠ½Ń‹ Š³Ń€ŃƒŠæŠæы ŠøŠ¼ŠµŃŽŃ‰ŠøŠµ ŠæŠ°Ń€Š¾Š»ŃŒ сŠ¼Š¾Š³ŃƒŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ -\fBnewgrp\fR -Š“Š»Ń Š²Ń…Š¾Š“Š° Š² уŠŗŠ°Š·Š°Š½Š½ŃƒŃŽ -\fIŠ³Ń€ŃƒŠæŠæу\fR\&. -.RE -.PP -\fB\-A\fR, \fB\-\-administrators\fR \fIŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\fR, \&... -.RS 4 -Š—Š°Š“Š°Ń‚ŃŒ сŠæŠøсŠ¾Šŗ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæы\&. -.RE -.PP -\fB\-M\fR, \fB\-\-members\fR\ \&\fIŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\fR, \&... -.RS 4 -Š—Š°Š“Š°Ń‚ŃŒ сŠæŠøсŠ¾Šŗ чŠ»ŠµŠ½Š¾Š² Š³Ń€ŃƒŠæŠæы\&. -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š”Š°Š½Š½Š°Ń утŠøŠ»ŠøтŠ° рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ тŠ¾Š»ŃŒŠŗŠ¾ с фŠ°Š¹Š»Š¾Š¼ -/etc/groupŠø /etc/gshadow\&. -ŠžŠ½Š° Š½Šµ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Šøть Š³Ń€ŃƒŠæŠæу NIS ŠøŠ»Šø LDAP, этŠ¾ Š½ŃƒŠ¶Š½Š¾ Š“ŠµŠ»Š°Ń‚ŃŒ Š½Š° сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŠµŠ¼ сŠµŃ€Š²ŠµŃ€Šµ\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBENCRYPT_METHOD\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ сŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹ (ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся, ŠµŃŠ»Šø Š°Š»Š³Š¾Ń€ŠøтŠ¼ Š½Šµ уŠŗŠ°Š·Š°Š½ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -\fIDES\fR -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠ±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š½Š¾Š²Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š±ŃƒŠ“ут Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Ń‹ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5, сŠ¾Š²Š¼ŠµŃŃ‚ŠøŠ¼Š¾Š¼Ńƒ с ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¼ Š² Š½Š¾Š²Ń‹Ń… Š²ŠµŃ€ŃŠøях FreeBSD\&. ŠžŠ½ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø Š½ŠµŠ¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½Š¾Š¹ Š“Š»ŠøŠ½Ń‹ Šø ŠøŠ¼ŠµŠµŃ‚ Š±Š¾Š»ŠµŠµ Š“Š»ŠøŠ½Š½ŃƒŃŽ стрŠ¾Šŗу сŠ¾Š»Šø\&. Š£ŃŃ‚Š°Š½Š¾Š²ŠøтŠµ Š² -\fIno\fR, ŠµŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ ŠŗŠ¾ŠæŠøрŠ¾Š²Š°Ń‚ŃŒ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š² Š“руŠ³ŠøŠµ сŠøстŠµŠ¼Ń‹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š½Šµ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŃŽŃ‚ Š½Š¾Š²Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -\fIno\fR\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -ŠøŠ»Šø Š»ŃŽŠ±Ń‹Š¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š·Š°Š“Š°Ń‘Ń‚ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń устŠ°Ń€ŠµŠ»Š°; ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (чŠøсŠ»Š¾), \fBSHA_CRYPT_MAX_ROUNDS\fR (чŠøсŠ»Š¾) -.RS 4 -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBENCRYPT_METHOD\fR -рŠ°Š²Š½Š¾ -\fISHA256\fR -ŠøŠ»Šø -\fISHA512\fR, этŠ° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² SHA, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Ń… Š°Š»Š³Š¾Ń€ŠøтŠ¼Š¾Š¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š½Šµ Š·Š°Š“Š°Š½Š¾ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š£Š²ŠµŠ»ŠøчŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾Š²Ń‹ŃˆŠ°ŠµŃ‚ сŠ»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ ŠæŠ¾Š“Š±Š¾Ń€Š° ŠæŠ°Ń€Š¾Š»Ń ŠæрŠ¾ŃŃ‚Ń‹Š¼ ŠæŠµŃ€ŠµŠ±Š¾Ń€Š¾Š¼\&. ŠŠ¾ Š·Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠæрŠø этŠ¾Š¼ Š“Š»Ń Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ трŠµŠ±ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š½Ń‹Ń… рŠµŃŃƒŃ€ŃŠ¾Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š·Š°Š“Š°Š½Š°, тŠ¾ libc Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (5000)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½Šøя Š“Š¾Š»Š¶Š½Ń‹ Š»ŠµŠ¶Š°Ń‚ŃŒ Š² Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Šµ 1000\-999999999\&. -.sp -Š•ŃŠ»Šø Š·Š°Š“Š°Š½Š¾ ŠŗŠ°ŠŗŠ¾Šµ\-тŠ¾ Š¾Š“Š½Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \(em -\fBSHA_CRYPT_MIN_ROUNDS\fR -ŠøŠ»Šø -\fBSHA_CRYPT_MAX_ROUNDS\fR -\(em тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ этŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š•ŃŠ»Šø -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBnewgrp\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBgrpck\fR(8), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/ru/man1/groups.1 b/man/ru/man1/groups.1 deleted file mode 100644 index 856379e9..00000000 --- a/man/ru/man1/groups.1 +++ /dev/null @@ -1,62 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "groups" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -groups \- ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ ŠøŠ¼ŠµŠ½Š° Š³Ń€ŃƒŠæŠæ Š·Š°ŠæустŠøŠ²ŃˆŠµŠ³Š¾ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIŠøŠ¼Ń\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBgroups\fR -ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ ŠøŠ¼ŠµŠ½Š° Š³Ń€ŃƒŠæŠæ Š·Š°ŠæустŠøŠ²ŃˆŠµŠ³Š¾ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø Šøх чŠøсŠ»Š¾Š²Ń‹Šµ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ń‹ (ID)\&. Š•ŃŠ»Šø Š“Š»Ń Š½Š¾Š¼ŠµŃ€Š° Š³Ń€ŃƒŠæŠæы Š½ŠµŃ‚ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŠµŠ¹ Š·Š°ŠæŠøсŠø Š² фŠ°Š¹Š»Šµ -/etc/group, тŠ¾ Š¾Ń‚Š¾Š±Ń€Š°Š¶Š°ŠµŃ‚ся чŠøсŠ»Š¾Š²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. ŠŸŃ€Šø уŠŗŠ°Š·Š°Š½ŠøŠø Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Š¾Š³Š¾ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -\fIŠøŠ¼Ń\fR -Š²Ń‹Š²Š¾Š“ятся Š³Ń€ŃƒŠæŠæы Š“Š»Ń учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø с уŠŗŠ°Š·Š°Š½Š½Ń‹Š¼ -\fIŠøŠ¼ŠµŠ½ŠµŠ¼\fR\&. -.SH "Š—ŠŠœŠ•Š§ŠŠŠ˜Š•" -.PP -Š’ сŠøстŠµŠ¼Š°Ń…, Š½Šµ ŠøŠ¼ŠµŃŽŃ‰Šøх ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠŗŠø Š¾Š“Š½Š¾Š²Ń€ŠµŠ¼ŠµŠ½Š½Š¾Š³Š¾ чŠ»ŠµŠ½ŃŃ‚Š²Š° Š² Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠøх Š³Ń€ŃƒŠæŠæŠ°Ń…, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøя ŠøŠ· фŠ°Š¹Š»Š° -/etc/group\&. Š”Š»Ń сŠ¼ŠµŠ½Ń‹ сŠ²Š¾ŠµŠ¹ тŠµŠŗущŠµŠ¹ рŠµŠ°Š»ŃŒŠ½Š¾Š¹ ŠøŠ»Šø эффŠµŠŗтŠøŠ²Š½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠŗŠ¾Š¼Š°Š½Š“ы -\fBnewgrp\fR -ŠøŠ»Šø -\fBsg\fR\&. -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/ru/man1/id.1 b/man/ru/man1/id.1 deleted file mode 100644 index 833bde45..00000000 --- a/man/ru/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "id" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -id \- display current user and group ID names -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/ru/man1/login.1 b/man/ru/man1/login.1 deleted file mode 100644 index 5327111d..00000000 --- a/man/ru/man1/login.1 +++ /dev/null @@ -1,480 +0,0 @@ -'\" t -.\" Title: login -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "login" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -login \- Š½Š°Ń‡ŠøŠ½Š°ŠµŃ‚ сŠµŠ°Š½Ń Š² сŠøстŠµŠ¼Šµ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIуŠ·ŠµŠ»\fR] [\fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR] [\fIŠŸŠ•Š Š•ŠœŠ•ŠŠŠŠÆ_ŠžŠšŠ Š£Š–Š•ŠŠ˜ŠÆ=Š—ŠŠŠ§Š•ŠŠ˜Š•\fR...] -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIуŠ·ŠµŠ»\fR] \-f \fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] \-r\ \fIуŠ·ŠµŠ»\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlogin\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń Š·Š°ŠæусŠŗŠ° Š½Š¾Š²Š¾Š³Š¾ сŠµŠ°Š½ŃŠ° Š² сŠøстŠµŠ¼Šµ\&. ŠšŠ°Šŗ ŠæрŠ°Š²ŠøŠ»Š¾, этŠ° ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° Š²Ń‹Š·Ń‹Š²Š°ŠµŃ‚ся Š°Š²Ń‚Š¾Š¼Š°Ń‚ŠøчŠµŃŠŗŠø Šø Š²Ń‹Š²Š¾Š“Šøт ŠæрŠøŠ³Š»Š°ŃˆŠµŠ½ŠøŠµ -\fIlogin:\fR -Š½Š° тŠµŃ€Š¼ŠøŠ½Š°Š» ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlogin\fR -Š¼Š¾Š¶ŠµŃ‚ Š²Š¾ŃŠæрŠøŠ½ŠøŠ¼Š°Ń‚ŃŒŃŃ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ¾Š¹ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Š½Šµ ŠŗŠ°Šŗ ŠæрŠ¾ŃŃ‚Š°Ń ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° Šø Š²Ń‹Š·Ń‹Š²Š°Ń‚ŃŒŃŃ Š½Šµ ŠŗŠ°Šŗ ŠæŠ¾Š“ŠæрŠ¾Ń†ŠµŃŃ\&. ŠŸŃ€Šø Š²Ń‹Š·Š¾Š²Šµ ŠøŠ· Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø -\fBlogin\fR -Š“Š¾Š»Š¶Š½Š° Š·Š°ŠæусŠŗŠ°Ń‚ŃŒŃŃ ŠæŠ¾ŃŃ€ŠµŠ“стŠ²Š¾Š¼ Š²Ń‹Š·Š¾Š²Š° -\fBexec login\fR, чтŠ¾ ŠæрŠøŠ²Š¾Š“Šøт Šŗ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½Šøю рŠ°Š±Š¾Ń‚Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² тŠµŠŗущŠµŠ¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠµ (Šø, тŠ°ŠŗŠøŠ¼ Š¾Š±Ń€Š°Š·Š¾Š¼, Š²Š½Š¾Š²ŃŒ Š²Ń…Š¾Š“ящŠøŠ¹ Š² сŠøстŠµŠ¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ ŠæŠ¾ŠæŠ°Š“ёт Š² сŠµŠ°Š½Ń Š²Ń‹Š·Š²Š°Š²ŃˆŠµŠ³Š¾)\&. ŠŸŠ¾ŠæытŠŗŠ° Š·Š°ŠæустŠøть -\fBlogin\fR -ŠøŠ· Š»ŃŽŠ±Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø, Š¾Ń‚Š»ŠøчŠ½Š¾Š¹ Š¾Ń‚ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹, ŠæрŠøŠ²Š¾Š“Šøт Šŗ сŠ¾Š¾Š±Ń‰ŠµŠ½Šøю Š¾Š± Š¾ŃˆŠøŠ±ŠŗŠµ\&. -.PP -Š’ ŠŗŠ°ŠŗŠ¾Š¹\-тŠ¾ Š¼Š¾Š¼ŠµŠ½Ń‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠæŠ¾ŠæрŠ¾ŃŃŃ‚ Š²Š²ŠµŃŃ‚Šø сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. Š§Ń‚Š¾Š±Ń‹ Š½Šµ Š“Š¾ŠæустŠøть рŠ°ŃŠŗрытŠøя, сŠøŠ¼Š²Š¾Š»Ń‹ ŠæрŠø Š²Š²Š¾Š“Šµ ŠæŠ°Ń€Š¾Š»Ń Š½Šµ Š¾Ń‚Š¾Š±Ń€Š°Š¶Š°ŃŽŃ‚ся\&. Š Š°Š·Ń€ŠµŃˆŠµŠ½Š¾ Š¾Ń‡ŠµŠ½ŃŒ Š¼Š°Š»ŠµŠ½ŃŒŠŗŠ¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæŠ¾ŠæытŠ¾Šŗ Š²Š²Š¾Š“Š° Š½ŠµŠæрŠ°Š²ŠøŠ»ŃŒŠ½Š¾Š³Š¾ ŠæŠ°Ń€Š¾Š»Ń, ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ -\fBlogin\fR -Š·Š°ŠŗŠ¾Š½Ń‡Šøт рŠ°Š±Š¾Ń‚Ńƒ Šø ŠæрŠµŃ€Š²Ń‘Ń‚ ŠæŠ¾Š“ŠŗŠ»ŃŽŃ‡ŠµŠ½ŠøŠµ\&. -.PP -Š•ŃŠ»Šø Š²ŠŗŠ»ŃŽŃ‡Ń‘Š½ Š¼ŠµŃ…Š°Š½ŠøŠ·Š¼ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø, тŠ¾ ŠæŠµŃ€ŠµŠ“ Š²Ń…Š¾Š“Š¾Š¼ Š² сŠøстŠµŠ¼Ńƒ Š¼Š¾Š¶ŠµŃ‚ ŠæŠ¾Ń‚Ń€ŠµŠ±Š¾Š²Š°Ń‚ŃŒŃŃ сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń\&. Š”Š»Ń этŠ¾Š³Š¾ Š½ŃƒŠ¶Š½Š¾ Š²Š²ŠµŃŃ‚Šø стŠ°Ń€Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ Šø Š½Š¾Š²Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. ŠŸŠ¾Š“рŠ¾Š±Š½ŠµŠ¹ Š¾Š± этŠ¾Š¼ Š½Š°ŠæŠøсŠ°Š½Š¾ Š² -\fBpasswd\fR(1)\&. -.PP -ŠŸŠ¾ŃŠ»Šµ усŠæŠµŃˆŠ½Š¾Š³Š¾ Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ, Š±ŃƒŠ“ут ŠæŠ¾ŠŗŠ°Š·Š°Š½Ń‹ сŠ¾Š¾Š±Ń‰ŠµŠ½Šøя Š¾Ń‚ сŠøстŠµŠ¼Ń‹ Šø Š¾ Š½Š°Š»ŠøчŠøŠø ŠæŠ¾Ń‡Ń‚Ń‹\&. ŠœŠ¾Š¶Š½Š¾ Š¾Ń‚ŠŗŠ»ŃŽŃ‡Šøть Š²Ń‹Š²Š¾Š“ фŠ°Š¹Š»Š° сŠøстŠµŠ¼Š½Ń‹Ń… сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠ¹ ŠøŠ· фŠ°Š¹Š»Š° -/etc/motd, сŠ¾Š·Š“Š°Š² Š² Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼ ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ фŠ°Š¹Š» Š½ŃƒŠ»ŠµŠ²Š¾Š¹ Š“Š»ŠøŠ½Ń‹ с ŠøŠ¼ŠµŠ½ŠµŠ¼ -\&.hushlogin\&. Š”Š¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ Š¾ Š½Š°Š»ŠøчŠøŠø ŠæŠ¾Ń‡Ń‚Ń‹ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ Š¾Š“Š½ŠøŠ¼ ŠøŠ·: \(Fo\fIŠ£ Š²Š°Ń ŠµŃŃ‚ŃŒ Š½Š¾Š²Š°Ń ŠæŠ¾Ń‡Ń‚Š°\&.\fR\(Fc, \(Fo\fIŠ£ Š²Š°Ń ŠµŃŃ‚ŃŒ ŠæŠ¾Ń‡Ń‚Š°\&.\fR\(Fc ŠøŠ»Šø \(Fo\fIŠ£ Š²Š°Ń Š½ŠµŃ‚ ŠæŠ¾Ń‡Ń‚Ń‹\&.\fR\(Fc, Š² Š·Š°Š²ŠøсŠøŠ¼Š¾ŃŃ‚Šø Š¾Ń‚ Š½Š°ŠæŠ¾Š»Š½ŠµŠ½Š½Š¾ŃŃ‚Šø ŠæŠ¾Ń‡Ń‚Š¾Š²Š¾Š³Š¾ ящŠøŠŗŠ°\&. -.PP -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š° учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø Šø Š³Ń€ŃƒŠæŠæы Š±ŃƒŠ“ŠµŃ‚ Š²Š·ŃŃ‚Š¾ ŠøŠ· фŠ°Š¹Š»Š° -/etc/passwd\&. Š—Š½Š°Ń‡ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Ń… -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$PATH\fR, -\fB$LOGNAME\fR -Šø -\fB$MAIL\fR -устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŃŽŃ‚ся сŠ¾Š³Š»Š°ŃŠ½Š¾ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŠøŠ¼ ŠæŠ¾Š»ŃŠ¼ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š¢Š°ŠŗŠ¶Šµ Š¼Š¾Š³ŃƒŃ‚ Š±Ń‹Ń‚ŃŒ устŠ°Š½Š¾Š²Š»ŠµŠ½Ń‹ Š·Š½Š°Ń‡ŠµŠ½Šøя ulimit, umask Šø nice ŠøŠ· ŠæŠ¾Š»Ń GECOS\&. -.PP -Š’ Š½ŠµŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… сŠøстŠµŠ¼Š°Ń… ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fB$TERM\fR -Š±ŃƒŠ“ŠµŃ‚ ŠæрŠøсŠ²Š¾ŠµŠ½ тŠøŠæ тŠµŃ€Š¼ŠøŠ½Š°Š»Š° Š»ŠøŠ½ŠøŠø tty, сŠ¾Š³Š»Š°ŃŠ½Š¾ Š“Š°Š½Š½Ń‹Š¼ ŠøŠ· фŠ°Š¹Š»Š° -/etc/ttytype\&. -.PP -Š¢Š°ŠŗŠ¶Šµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ сцŠµŠ½Š°Ń€ŠøŠ¹ ŠøŠ½ŠøцŠøŠ°Š»ŠøŠ·Š°Ń†ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š³Š¾ ŠøŠ½Ń‚ŠµŃ€ŠæрŠµŃ‚Š°Ń‚Š¾Ń€Š° ŠŗŠ¾Š¼Š°Š½Š“\&. ŠŸŠ¾Š“рŠ¾Š±Š½ŠµŠ¹ Š¾Š± этŠ¾Š¹ фуŠ½ŠŗцŠøŠø сŠ¼Š¾Ń‚Ń€ŠøтŠµ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŃƒŃŽ сŠæрŠ°Š²Š¾Ń‡Š½ŃƒŃŽ стрŠ°Š½Šøцу\&. -.PP -Š”уŠ±ŃŠøстŠµŠ¼Š½Ń‹Š¹ Š²Ń…Š¾Š“ Š² сŠøстŠµŠ¼Ńƒ Š¼Š¾Š¶Š½Š¾ рŠ°ŃŠæŠ¾Š·Š½Š°Ń‚ŃŒ ŠæŠ¾ Š½Š°Š»ŠøчŠøю сŠøŠ¼Š²Š¾Š»Š° \(Fo*\(Fc Š² Š½Š°Ń‡Š°Š»Šµ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø\&. Š—Š°Š“Š°Š½Š½Ń‹Š¹ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ ŠŗŠ°Šŗ ŠŗŠ¾Ń€ŠµŠ½ŃŒ Š½Š¾Š²Š¾Š¹ фŠ°Š¹Š»Š¾Š²Š¾Š¹ сŠøстŠµŠ¼Ń‹, Š² ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ рŠµŠ³ŠøстрŠøруŠµŃ‚ся ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\&. -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlogin\fR -ŠŠ• уŠ“Š°Š»ŃŠµŃ‚ Š·Š°ŠæŠøсŠø Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… ŠøŠ· фŠ°Š¹Š»Š° utmp\&. Š­Ń‚Š° Š·Š°Š“Š°Ń‡Š° ŠæрŠ¾Š³Ń€Š°Š¼Š¼ -\fBgetty\fR(8) -Šø -\fBinit\fR(8) -\(em уŠ“Š°Š»ŃŃ‚ŃŒ Š·Š°ŠæŠøсŠø Š¾ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Šµ тŠµŃ€Š¼ŠøŠ½Š°Š»ŃŒŠ½Š¾Š³Š¾ сŠµŠ°Š½ŃŠ°\&. Š•ŃŠ»Šø -\fBlogin\fR -Š·Š°ŠæусŠŗŠ°ŠµŃ‚ся ŠøŠ· ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Š±ŠµŠ· -\fBexec\fR, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠæрŠ¾Š“Š¾Š»Š¶Š°ŠµŃ‚ Š½Š°Ń…Š¾Š“Šøться Š² сŠøстŠµŠ¼Šµ Š“Š°Š¶Šµ ŠæŠ¾ŃŠ»Šµ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½Šøя рŠ°Š±Š¾Ń‚Ń‹ Š² \(FoŠæŠ¾Ń€Š¾Š¶Š“ёŠ½Š½Š¾Š¼ сŠµŠ°Š½ŃŠµ\(Fc\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -\fB\-f\fR -.RS 4 -ŠŠµ Š²Ń‹ŠæŠ¾Š»Š½ŃŃ‚ŃŒ Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†Šøю, ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ уŠ¶Šµ ŠæрŠ¾ŃˆŃ‘Š» ŠæрŠ¾Š²ŠµŃ€Šŗу\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: Š² этŠ¾Š¼ сŠ»ŃƒŃ‡Š°Šµ -\fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR -Š¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Š¾\&. -.RE -.PP -\fB\-h\fR -.RS 4 -Š˜Š¼Ń уŠ“Š°Š»Ń‘Š½Š½Š¾Š³Š¾ уŠ·Š»Š°, Š½Š° ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š½ŃƒŠ¶Š½Š¾ Š²Š¾Š¹Ń‚Šø\&. -.RE -.PP -\fB\-p\fR -.RS 4 -Š”Š¾Ń…Ń€Š°Š½Šøть Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ\&. -.RE -.PP -\fB\-r\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š» autologin Š“Š»Ń rlogin\&. -.RE -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры -\fB\-r\fR, -\fB\-h\fR -Šø -\fB\-f\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся тŠ¾Š»ŃŒŠŗŠ¾ ŠµŃŠ»Šø -\fBlogin\fR -Š·Š°ŠæусŠŗŠ°ŠµŃ‚ся суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼\&. -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š”Š°Š½Š½Š°Ń Š²ŠµŃ€ŃŠøя -\fBlogin\fR -Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ сŠ¾Š±Ń€Š°Š½Š° с рŠ°Š·Š½Ń‹Š¼Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø Šø тŠ¾Š»ŃŒŠŗŠ¾ Š½ŠµŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ŠøŠ· Š½Šøх сŠ¼Š¾Š³ŃƒŃ‚ Š±Ń‹Ń‚ŃŒ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Ń‹ Š½Š° Š»ŃŽŠ±Š¾Š¹ Š¼Š°ŃˆŠøŠ½Šµ\&. -.PP -Š Š°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½ŠøŠµ фŠ°Š¹Š»Š¾Š² Š¼Š¾Š¶ŠµŃ‚ Š¾Ń‚Š»ŠøчŠ°Ń‚ŃŒŃŃ Š½Š° рŠ°Š·Š½Ń‹Ń… сŠøстŠµŠ¼Š°Ń…\&. -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlogin\fR -ŠŠ• уŠ“Š°Š»ŃŠµŃ‚ Š·Š°ŠæŠøсŠø Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… ŠøŠ· фŠ°Š¹Š»Š° utmp\&. Š­Ń‚Š° Š·Š°Š“Š°Ń‡Š° ŠæрŠ¾Š³Ń€Š°Š¼Š¼ -\fBgetty\fR(8) -Šø -\fBinit\fR(8) -\(em уŠ“Š°Š»ŃŃ‚ŃŒ Š·Š°ŠæŠøсŠø Š¾ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Šµ тŠµŃ€Š¼ŠøŠ½Š°Š»ŃŒŠ½Š¾Š³Š¾ сŠµŠ°Š½ŃŠ°\&. Š•ŃŠ»Šø -\fBlogin\fR -Š·Š°ŠæусŠŗŠ°ŠµŃ‚ся ŠøŠ· ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Š±ŠµŠ· -\fBexec\fR, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠæрŠ¾Š“Š¾Š»Š¶Š°ŠµŃ‚ Š½Š°Ń…Š¾Š“Šøться Š² сŠøстŠµŠ¼Šµ Š“Š°Š¶Šµ ŠæŠ¾ŃŠ»Šµ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½Šøя рŠ°Š±Š¾Ń‚Ń‹ Š² \(FoŠæŠ¾Ń€Š¾Š¶Š“ёŠ½Š½Š¾Š¼ сŠµŠ°Š½ŃŠµ\(Fc\&. -.PP -ŠšŠ°Šŗ Šø Š“Š»Ń Š»ŃŽŠ±Š¾Š¹ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹, Š·Š°ŠæусŠŗ -\fBlogin\fR -Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠ¾Š“Š“ŠµŠ»Š°Š½\&. Š•ŃŠ»Šø Š½ŠµŃƒŠæŠ¾Š»Š½Š¾Š¼Š¾Ń‡ŠµŠ½Š½Ń‹Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø ŠøŠ¼ŠµŃŽŃ‚ фŠøŠ·ŠøчŠµŃŠŗŠøŠ¹ Š“Š¾ŃŃ‚ŃƒŠæ Šŗ Š¼Š°ŃˆŠøŠ½Šµ, тŠ¾ Š°Ń‚Š°ŠŗующŠøŠ¹ Š¼Š¾Š¶ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ этŠ¾ Š“Š»Ń ŠæŠ¾Š»ŃƒŃ‡ŠµŠ½Šøя ŠæŠ°Ń€Š¾Š»Ń сŠ»ŠµŠ“ующŠµŠ³Š¾ чŠµŠ»Š¾Š²ŠµŠŗŠ°, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š±ŃƒŠ“ŠµŃ‚ рŠ°Š±Š¾Ń‚Š°Ń‚ŃŒ Š·Š° Š¼Š°ŃˆŠøŠ½Š¾Š¹\&. ŠŸŠ¾Š“ Linux ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø Š¼Š¾Š³ŃƒŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š¼ŠµŃ…Š°Š½ŠøŠ·Š¼ SAK Š“Š»Ń устŠ°Š½Š¾Š²Š»ŠµŠ½Šøя Š“Š¾ŃŃ‚Š¾Š²ŠµŃ€Š½Š¾Š³Š¾ ŠæутŠø Šø тŠ°ŠŗŠøŠ¼ Š¾Š±Ń€Š°Š·Š¾Š¼ ŠæрŠµŠ“Š¾Ń‚Š²Ń€Š°Ń‰ŠµŠ½Šøя Š°Ń‚Š°ŠŗŠø\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBCONSOLE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ ŠøŠ»Šø ŠæŠ¾Š»Š½Š¾Š¼Ńƒ ŠæутŠø Šŗ фŠ°Š¹Š»Ńƒ с ŠøŠ¼ŠµŠ½Š°Š¼Šø устрŠ¾Š¹ŃŃ‚Š² (Š¾Š“Š½Š¾ Š½Š° стрŠ¾Šŗу), ŠøŠ»Šø сŠæŠøсŠŗу ŠøŠ¼Ń‘Š½ устрŠ¾Š¹ŃŃ‚Š², ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· \(Fo:\(Fc\&. Š’Ń…Š¾Š“ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ рŠ°Š·Ń€ŠµŃˆŃ‘Š½ тŠ¾Š»ŃŒŠŗŠ¾ с этŠøх устрŠ¾Š¹ŃŃ‚Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ Š²Ń…Š¾Š“Šøть Š² сŠøстŠµŠ¼Ńƒ с Š»ŃŽŠ±Š¾Š³Š¾ устрŠ¾Š¹ŃŃ‚Š²Š°\&. -.sp -Š£ŃŃ‚Ń€Š¾Š¹ŃŃ‚Š²Š° Š“Š¾Š»Š¶Š½Ń‹ уŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒŃŃ Š±ŠµŠ· Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ ŠæрŠµŃ„ŠøŠŗсŠ° /dev/\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š”ŠæŠøсŠ¾Šŗ Š³Ń€ŃƒŠæŠæ Š“Š»Ń Š“Š¾Š±Š°Š²Š»ŠµŠ½Šøя Šŗ Š½Š°Š±Š¾Ń€Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøх Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Ń… Š³Ń€ŃƒŠæŠæ ŠæрŠø Š²Ń…Š¾Š“Šµ с ŠŗŠ¾Š½ŃŠ¾Š»Šø (Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŠ¼Š¾Š¹ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ CONSOLE)\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š½Šµ уŠŗŠ°Š·Š°Š½Š°\&. - -Š˜ŃŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ Š¾ŃŃ‚Š¾Ń€Š¾Š¶Š½Š¾ \(em Š¼Š¾Š¶ŠµŃ‚ Š“Š°Ń‚ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ ŠæŠ¾ŃŃ‚Š¾ŃŠ½Š½Ń‹Š¹ Š“Š¾ŃŃ‚ŃƒŠæ Šŗ этŠøŠ¼ Š³Ń€ŃƒŠæŠæŠ°Š¼, Š“Š°Š¶Šµ ŠµŃŠ»Šø Š¾Š½Šø Š½Šµ Š²Ń…Š¾Š“ŠøŠ»Šø с ŠŗŠ¾Š½ŃŠ¾Š»Šø\&. -.RE -.PP -\fBDEFAULT_HOME\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚, Š¼Š¾Š¶Š½Š¾ Š»Šø Š²Š¾Š¹Ń‚Šø Š² сŠøстŠµŠ¼Ńƒ, ŠµŃŠ»Šø Š½ŠµŠ»ŃŒŠ·Ń Š²Ń‹ŠæŠ¾Š»Š½Šøть cd Š² Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю \(Fono\(Fc\&. -.sp -Š•ŃŠ»Šø рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾ŠæŠ°Š“Š°Ń‚ŃŒ Š² ŠŗŠ¾Ń€Š½ŠµŠ²Š¾Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ (/), ŠµŃŠ»Šø Š½ŠµŠ²Š¾Š·Š¼Š¾Š¶Š½Š¾ Š²Ń‹ŠæŠ¾Š»Š½Šøть cd Š² ŠµŠ³Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. -.RE -.PP -\fBENV_HZ\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя HZ ŠæрŠø Š²Ń…Š¾Š“Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² сŠøстŠµŠ¼Ńƒ\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с -\fIHZ=\fR\&. ŠžŠ±Ń‹Ń‡Š½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š»Ń Linux \(em -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (стрŠ¾ŠŗŠ°) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (стрŠ¾ŠŗŠ°) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя TZ ŠæрŠø Š²Ń…Š¾Š“Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ рŠ°Š²Š½Š¾ ŠøŠ¼ŠµŠ½Šø чŠ°ŃŠ¾Š²Š¾Š³Š¾ ŠæŠ¾ŃŃŠ°, Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‰ŠµŠ³Š¾ŃŃ -\fITZ=\fR -(Š½Š°ŠæрŠøŠ¼ŠµŃ€, -\fITZ=CST6CDT\fR), ŠøŠ»Šø ŠæŠ¾Š»Š½Š¾Š¼Ńƒ ŠæутŠø Šŗ фŠ°Š¹Š»Ńƒ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø чŠ°ŃŠ¾Š²Š¾Š³Š¾ ŠæŠ¾ŃŃŠ° (Š½Š°ŠæрŠøŠ¼ŠµŃ€, -/etc/tzname)\&. -.sp -Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ¾Š»Š½Ń‹Š¹ Šæуть, Š½Š¾ фŠ°Š¹Š» Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ ŠøŠ»Šø Š½ŠµŠ“Š¾ŃŃ‚ŃƒŠæŠµŠ½ Š“Š»Ń чтŠµŠ½Šøя, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø этŠ¾Ń‚ фŠ°Š¹Š» сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Šø Š“Š¾ŃŃ‚ŃƒŠæ Š“Š»Ń чтŠµŠ½Šøя, тŠ¾ ŠøŠ· Š½ŠµŠ³Š¾ чŠøтŠ°ŠµŃ‚ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Šµ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ\&. ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° Š“Š¾Š»Š¶Š½Š° ŠøŠ¼ŠµŃ‚ŃŒ фŠ¾Ń€Š¼Š°Ń‚: ŠøŠ¼Ń=Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š”трŠ¾ŠŗŠø, Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‰ŠøŠµŃŃ с #, счŠøтŠ°ŃŽŃ‚ся ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€ŠøŠµŠ¼ Šø ŠøŠ³Š½Š¾Ń€Šøруются\&. -.RE -.PP -\fBERASECHAR\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ¼Š²Š¾Š» ERASE у тŠµŃ€Š¼ŠøŠ½Š°Š»Š° (\fI010\fR -= backspace, -\fI0177\fR -= DEL)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š¾Š¶ŠµŃ‚ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с \(Fo0\(Fc ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø Š·Š½Š°Ń‡ŠµŠ½Šøя Š² Š²Š¾ŃŃŒŠ¼ŠµŃ€ŠøчŠ½Š¾Š¹ сŠøстŠµŠ¼Šµ счŠøсŠ»ŠµŠ½Šøя ŠøŠ»Šø \(Fo0x\(Fc ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø Š·Š½Š°Ń‡ŠµŠ½Šøя Š² шŠµŃŃ‚Š½Š°Š“цŠ°Ń‚ŠµŃ€ŠøчŠ½Š¾Š¹ сŠøстŠµŠ¼Šµ счŠøсŠ»ŠµŠ½Šøя\&. -.RE -.PP -\fBFAIL_DELAY\fR (чŠøсŠ»Š¾) -.RS 4 -Š—Š°Š“ŠµŃ€Š¶ŠŗŠ° Š² сŠµŠŗуŠ½Š“Š°Ń… ŠæŠµŃ€ŠµŠ“ ŠæŠ¾Š²Ń‚Š¾Ń€Š½Š¾Š¹ ŠæŠ¾ŠæытŠŗŠ¾Š¹ ŠæŠ¾ŃŠ»Šµ Š½ŠµŃƒŠ“Š°Ń‡Š½Š¾Š³Š¾ Š²Ń…Š¾Š“Š°\&. -.RE -.PP -\fBFAILLOG_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ Šø ŠæŠ¾ŠŗŠ°Š· ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… Š²Ń…Š¾Š“Š°Ń… ŠøŠ· -/var/log/faillog\&. -.RE -.PP -\fBFAKE_SHELL\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° -\fBlogin\fR -Š·Š°ŠæустŠøт уŠŗŠ°Š·Š°Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу Š²Š¼ŠµŃŃ‚Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø Š·Š°Š“Š°Š½Š½Š¾Š¹ Š² -/etc/passwd\&. -.RE -.PP -\fBFTMP_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Šµ ŠæŠ¾ŠæытŠŗŠø Š²Ń…Š¾Š“Š° Š±ŃƒŠ“ут ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Ń‚ŃŒŃŃ Š² этŠ¾Ń‚ фŠ°Š¹Š» Š² фŠ¾Ń€Š¼Š°Ń‚Šµ utmp\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ этŠ¾Ń‚ фŠ°Š¹Š» Š¼Š¾Š¶ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ Š²ŃŠµ Š¾Š±Ń‹Ń‡Š½Ń‹Šµ ŠæŠµŃ€ŠµŠ³Š¾Š²Š¾Ń€Ń‹ (chatter) ŠæрŠø Š²Ń…Š¾Š“Šµ\&. Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ¾Š»Š½Ń‹Š¹ Šæуть Šŗ фŠ°Š¹Š»Ńƒ, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š²ŠŗŠ»ŃŽŃ‡Ń‘Š½ сŠ¾ŠŗрŠ°Ń‰Ń‘Š½Š½Ń‹Š¹ (hushed) рŠµŠ¶ŠøŠ¼, ŠµŃŠ»Šø Š² этŠ¾Š¼ фŠ°Š¹Š»Šµ уŠŗŠ°Š·Š°Š½Š¾ ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ°\&. Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ Š½Šµ ŠæŠ¾Š»Š½Ń‹Š¹ Šæуть, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š²ŠŗŠ»ŃŽŃ‡Ń‘Š½ сŠ¾ŠŗрŠ°Ń‰Ń‘Š½Š½Ń‹Š¹ (hushed) рŠµŠ¶ŠøŠ¼, ŠµŃŠ»Šø фŠ°Š¹Š» Š½Š°Ń…Š¾Š“Šøтся Š² Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼ ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fBISSUE_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ этŠ¾Ń‚ фŠ°Š¹Š» Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾ŠŗŠ°Š·Š°Š½ ŠæŠµŃ€ŠµŠ“ ŠŗŠ°Š¶Š“ыŠ¼ ŠæŠ¾ŃŠ²Š»ŠµŠ½ŠøŠµŠ¼ ŠæрŠøŠ³Š»Š°ŃˆŠµŠ½Šøя Š½Š° Š²Ń…Š¾Š“\&. -.RE -.PP -\fBKILLCHAR\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ¼Š²Š¾Š» KILL у тŠµŃ€Š¼ŠøŠ½Š°Š»Š° (\fI025\fR -= CTRL/U)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š¾Š¶ŠµŃ‚ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с \(Fo0\(Fc ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø Š·Š½Š°Ń‡ŠµŠ½Šøя Š² Š²Š¾ŃŃŒŠ¼ŠµŃ€ŠøчŠ½Š¾Š¹ сŠøстŠµŠ¼Šµ счŠøсŠ»ŠµŠ½Šøя ŠøŠ»Šø \(Fo0x\(Fc ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø Š·Š½Š°Ń‡ŠµŠ½Šøя Š² шŠµŃŃ‚Š½Š°Š“цŠ°Ń‚ŠµŃ€ŠøчŠ½Š¾Š¹ сŠøстŠµŠ¼Šµ счŠøсŠ»ŠµŠ½Šøя\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ Šø ŠæŠ¾ŠŗŠ°Š· ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾ Š²Ń€ŠµŠ¼ŠµŠ½Šø Š²Ń…Š¾Š“Š° ŠøŠ· /var/log/lastlog\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° ŠæрŠø Š²Š²Š¾Š“Šµ Š½ŠµŠ²ŠµŃ€Š½Š¾Š³Š¾ ŠæŠ°Ń€Š¾Š»Ń\&. -.RE -.PP -\fBLOGIN_STRING\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š”трŠ¾ŠŗŠ°\-ŠæрŠøŠ³Š»Š°ŃˆŠµŠ½ŠøŠµ Šŗ Š²Š²Š¾Š“у ŠæŠ°Ń€Š¾Š»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: \(FoPassword:\(Fc ŠøŠ»Šø ŠæŠµŃ€ŠµŠ²Š¾Š“ этŠ¾Š¹ стрŠ¾ŠŗŠø Š½Š° рŠ°Š·Š½Ń‹Šµ яŠ·Ń‹ŠŗŠø\&. Š•ŃŠ»Šø Š²Ń‹ ŠøŠ·Š¼ŠµŠ½ŠøтŠµ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, тŠ¾ ŠæŠµŃ€ŠµŠ²Š¾Š“ Š±ŃƒŠ“ŠµŃ‚ Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.sp -Š•ŃŠ»Šø Š² стрŠ¾ŠŗŠµ сŠ¾Š“ŠµŃ€Š¶Šøтся ŠæŠ¾Š“стрŠ¾ŠŗŠ° -\fI%s\fR, тŠ¾ Š¾Š½Š° Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š¼ŠµŠ½ŠµŠ½Š° Š½Š° ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š²Ń€ŠµŠ¼Ń Š² сŠµŠŗуŠ½Š“Š°Ń…, Š¾Ń‚Š²ŠµŠ“ёŠ½Š½Š¾Šµ Š½Š° Š²Ń…Š¾Š“\&. -.RE -.PP -\fBLOG_OK_LOGINS\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ усŠæŠµŃˆŠ½Ń‹Ń… Š²Ń…Š¾Š“Š¾Š²\&. -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæŠ¾ŠŗŠ°Š· Š½ŠµŠøŠ·Š²ŠµŃŃ‚Š½Ń‹Ń… ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠæрŠø Š·Š°ŠæŠøсŠø Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š°\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ Š½ŠµŠøŠ·Š²ŠµŃŃ‚Š½Ń‹Ń… ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¼Š¾Š¶ŠµŃ‚ ŠæрŠøŠ²ŠµŃŃ‚Šø Šŗ ŠæрŠ¾Š±Š»ŠµŠ¼Š°Š¼ с Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚ŃŒŃŽ, ŠµŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š²Š²ŠµŠ“ёт сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ Š²Š¼ŠµŃŃ‚Š¾ сŠ²Š¾ŠµŠ³Š¾ ŠøŠ¼ŠµŠ½Šø\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ ŠæрŠ¾Š²ŠµŃ€Šŗу Šø ŠæŠ¾ŠŗŠ°Š· сŠ¾ŃŃ‚Š¾ŃŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Š¾Š³Š¾ ящŠøŠŗŠ° ŠæрŠø Š²Ń…Š¾Š“Šµ\&. -.sp -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ Š²Ń‹ŠŗŠ»ŃŽŃ‡Šøть этŠ¾, ŠµŃŠ»Šø ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ящŠøŠŗ ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся ŠøŠ· фŠ°Š¹Š»Š¾Š² Š°Š²Ń‚Š¾Š·Š°ŠæусŠŗŠ° Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø (\(Fomailx \-e\(Fc ŠøŠ»Šø ŠæŠ¾Ń…Š¾Š¶ŠµŠ¹ ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹)\&. -.RE -.PP -\fBMAIL_DIR\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠŸŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. Š”Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½ŃƒŠ¶ŠµŠ½ Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¼ ящŠøŠŗŠ¾Š¼ ŠæрŠø ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠø ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠæрŠø сŠ±Š¾Ń€ŠŗŠµ\&. -.RE -.PP -\fBMAIL_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½ŠøŠµ ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Ń… фŠ°Š¹Š»Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¾Ń‚Š½Š¾ŃŠøтŠµŠ»ŃŒŠ½Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. -.RE -.PP -ŠŸŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ -\fBMAIL_DIR\fR -Šø -\fBMAIL_FILE\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š°Š¼Šø -\fBuseradd\fR, -\fBusermod\fR -Šø -\fBuserdel\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя, ŠæŠµŃ€ŠµŠ¼ŠµŃ‰ŠµŠ½Šøя ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBMAIL_CHECK_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š¾Š½Šø тŠ°ŠŗŠ¶Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fBMAIL\fR\&. -.PP -\fBMOTD_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ ŠæрŠø Š²Ń…Š¾Š“Šµ Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾ŠŗŠ°Š·Š°Š½Š¾ \(FoсŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ Š“Š½Ń\(Fc ŠøŠ· фŠ°Š¹Š»Š° сŠ¾ сŠæŠøсŠŗŠ¾Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹, рŠ°Š·Š“ŠµŠ»Ń‘Š½Š½Ń‹Ń… \(Fo:\(Fc\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ ŠøŠ¼ŠµŠ½Šø фŠ°Š¹Š»Š°, чьё сущŠµŃŃ‚Š²Š¾Š²Š°Š½ŠøŠµ Š·Š°ŠæрŠµŃ‚Šøт Š²Ń…Š¾Š“ Š“Š»Ń Š½Šµ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. Š’ фŠ°Š¹Š»Šµ Š“Š¾Š»Š¶Š½Š¾ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒŃŃ сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ, Š¾ŠæŠøсыŠ²Š°ŃŽŃ‰ŠµŠµ ŠæŠ¾Ń‡ŠµŠ¼Ńƒ Š·Š°ŠæрŠµŃ‰Ń‘Š½ Š²Ń…Š¾Š“\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Š²ŠµŃ€Šŗу Š²Ń€ŠµŠ¼ŠµŠ½Š½Ń‹Ń… Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹, Š·Š°Š“Š°Š½Š½Ń‹Ń… Š² -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Š½Š¾Š²Šŗу Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹ рŠµŃŃƒŃ€ŃŠ¾Š² ŠøŠ· -/etc/limits -Šø ulimit, umask Šø niceness ŠøŠ· ŠæŠ¾Š»Ń gecos фŠ°Š¹Š»Š° passwd\&. -.RE -.PP -\fBTTYGROUP\fR (стрŠ¾ŠŗŠ°), \fBTTYPERM\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠŸŃ€Š°Š²Š° тŠµŃ€Š¼ŠøŠ½Š°Š»Š°: tty Š²Ń…Š¾Š“Š° Š±ŃƒŠ“ŠµŃ‚ ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‚ŃŒ Š³Ń€ŃƒŠæŠæŠµ -\fBTTYGROUP\fR, Š° ŠæрŠ°Š²Š° Š±ŃƒŠ“ут Š½Š°Š·Š½Š°Ń‡ŠµŠ½Ń‹ Š² сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠøŠø с -\fBTTYPERM\fR\&. -.sp -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, тŠµŃ€Š¼ŠøŠ½Š°Š»Š¾Š¼ Š²Š»Š°Š“ŠµŠµŃ‚ ŠæŠµŃ€Š²ŠøчŠ½Š°Ń Š³Ń€ŃƒŠæŠæŠ° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š° ŠæрŠ°Š²Š° устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŃŽŃ‚ся Š² -\fI0600\fR\&. -.sp -Š’ -\fBTTYGROUP\fR -Š¼Š¾Š¶ŠµŃ‚ Š·Š°Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠøŠ»Šø ŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы, ŠøŠ»Šø чŠøсŠ»Š¾Š²Š¾Š¹ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø Š²Š°ŃˆŠ° ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° -\fBwrite\fR -ŠøŠ¼ŠµŠµŃ‚ \(Fosetgid\(Fc сŠ¾ сŠæŠµŃ†ŠøŠ°Š»ŃŒŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæŠ¾Š¹, ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‚ тŠµŃ€Š¼ŠøŠ½Š°Š»Ń‹, тŠ¾ ŠæрŠøсŠ²Š¾Š¹Ń‚Šµ TTYGROUP Š½Š¾Š¼ŠµŃ€ этŠ¾Š¹ Š³Ń€ŃƒŠæŠæы, Š° TTYPERM Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 0620\&. Š’ ŠæрŠ¾Ń‚ŠøŠ²Š½Š¾Š¼ сŠ»ŃƒŃ‡Š°Šµ Š¾ŃŃ‚Š°Š²ŃŒŃ‚Šµ TTYGROUP Š·Š°ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚ŠøрŠ¾Š²Š°Š½Š½Š¾Š¹ Šø Š½Š°Š·Š½Š°Ń‡ŃŒŃ‚Šµ TTYPERM Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 622 ŠøŠ»Šø 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š² Š½ŠµŠ¹ уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ся ŠøŠ¼Ń фŠ°Š¹Š»Š°, Š² ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¼ Š¾ŠæŠøсŠ°Š½Š¾ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠøŠµ Š¼ŠµŠ¶Š“у Š»ŠøŠ½ŠøŠµŠ¹ tty Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ Š¾ŠŗруŠ¶ŠµŠ½Šøя TERM\&. ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° фŠ°Š¹Š»Š° ŠøŠ¼ŠµŠµŃ‚ фŠ¾Ń€Š¼Š°Ń‚ Š²ŠøŠ“Š° \(Fovt100 tty01\(Fc\&. -.RE -.PP -\fBULIMIT\fR (чŠøсŠ»Š¾) -.RS 4 -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBulimit\fR -ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. -.RE -.PP -\fBUMASK\fR (чŠøсŠ»Š¾) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š°ŃŠŗŠø Š“Š¾ŃŃ‚ŃƒŠæŠ° Š“Š»Ń сŠ¾Š·Š“Š°Š²Š°ŠµŠ¼Ń‹Ń… фŠ°Š¹Š»Š¾Š²\&. Š•ŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½Š¾, тŠ¾ Š¼Š°ŃŠŗŠ° устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŠµŃ‚ся Š² 022\&. -.sp -ŠšŠ¾Š¼Š°Š½Š“ы -\fBuseradd\fR -Šø -\fBnewusers\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ эту Š¼Š°ŃŠŗу Š“Š»Ń устŠ°Š½Š¾Š²ŠŗŠø ŠæрŠ°Š² Š“Š¾ŃŃ‚ŃƒŠæŠ° Šŗ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼Ńƒ ŠŗŠ°Ń‚Š°Š»Š¾Š³Ńƒ, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š¾Š½Šø сŠ¾Š·Š“Š°ŃŽŃ‚\&. -.sp -Š¢Š°ŠŗŠ¶Šµ Š¾Š½Š° ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š¾Š¹ -\fBlogin\fR -Š“Š»Ń Š·Š°Š“Š°Š½Šøя Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ Š·Š½Š°Ń‡ŠµŠ½Šøя umask ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ° Š¼Š°ŃŠŗŠ° Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š° ŠøŠ· ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š¹ стрŠ¾ŠŗŠø GECOS (ŠµŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń -\fBQUOTAS_ENAB\fR) ŠøŠ»Šø уŠŗŠ°Š·Š°Š½ŠøŠµŠ¼ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя с ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š¼ -\fIK\fR, Š² -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Š½Š¾Š²Šŗу Š³Ń€ŃƒŠæŠæы Š±ŠøтŠ¾Š² umask рŠ°Š²Š½Š¾Š¹ Š±ŠøтŠ°Š¼ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° (ŠæрŠøŠ¼ŠµŃ€: 022 \-> 002, 077 \-> 007) Š“Š»Ń Š½Šµ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠµŃŠ»Šø uid рŠ°Š²ŠµŠ½ gid Šø ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń сŠ¾Š²ŠæŠ°Š“Š°ŠµŃ‚ с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ -\fBuserdel\fR -уŠ“Š°Š»ŃŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗую Š³Ń€ŃƒŠæŠæу, ŠµŃŠ»Šø Š² Š½ŠµŠ¹ Š½ŠµŃ‚ Š±Š¾Š»ŃŒŃˆŠµ чŠ»ŠµŠ½Š¾Š², Š° -\fBuseradd\fR -ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю сŠ¾Š·Š“Š°Ń‘Ń‚ Š³Ń€ŃƒŠæŠæу с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/var/run/utmp -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт сŠæŠøсŠ¾Šŗ рŠ°Š±Š¾Ń‚Š°ŃŽŃ‰Šøх сŠµŠ°Š½ŃŠ¾Š² Š² сŠøстŠµŠ¼Šµ -.RE -.PP -/var/log/wtmp -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт сŠæŠøсŠ¾Šŗ Š·Š°Š²ŠµŃ€ŃˆŃ‘Š½Š½Ń‹Ń… сŠµŠ°Š½ŃŠ¾Š² рŠ°Š±Š¾Ń‚Ń‹ с сŠøстŠµŠ¼Š¾Š¹ -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/motd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт сŠøстŠµŠ¼Š½Ń‹Šµ сŠ¾Š¾Š±Ń‰ŠµŠ½Šøя Š·Š° Š“ŠµŠ½ŃŒ -.RE -.PP -/etc/nologin -.RS 4 -ŠæрŠø сущŠµŃŃ‚Š²Š¾Š²Š°Š½ŠøŠø фŠ°Š¹Š»Š° Š±Š»Š¾ŠŗŠøруŠµŃ‚ся Š“Š¾ŃŃ‚ŃƒŠæ Š² сŠøстŠµŠ¼Ńƒ Š¾Š±Ń‹Ń‡Š½Ń‹Š¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ -.RE -.PP -/etc/ttytype -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт сŠæŠøсŠ¾Šŗ тŠøŠæŠ¾Š² тŠµŃ€Š¼ŠøŠ½Š°Š»Š¾Š² -.RE -.PP -$HOME/\&.hushlogin -.RS 4 -ŠæрŠø сущŠµŃŃ‚Š²Š¾Š²Š°Š½ŠøŠø фŠ°Š¹Š»Š° сŠøстŠµŠ¼Š½Ń‹Šµ сŠ¾Š¾Š±Ń‰ŠµŠ½Šøя ŠæрŠø Š²Ń…Š¾Š“Šµ Š² сŠøстŠµŠ¼Ńƒ Š½Šµ Š²Ń‹Š²Š¾Š“ятся -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBmail\fR(1), -\fBpasswd\fR(1), -\fBsh\fR(1), -\fBsu\fR(1), -\fBlogin.defs\fR(5), -\fBnologin\fR(5), -\fBpasswd\fR(5), -\fBsecuretty\fR(5), -\fBgetty\fR(8)\&. diff --git a/man/ru/man1/newgrp.1 b/man/ru/man1/newgrp.1 deleted file mode 100644 index 158cfea6..00000000 --- a/man/ru/man1/newgrp.1 +++ /dev/null @@ -1,92 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "newgrp" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -newgrp \- Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ рŠµŠ³ŠøстрŠ°Ń†Šøю ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š½Š¾Š²Š¾Š¹ Š³Ń€ŃƒŠæŠæŠµ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIŠ³Ń€ŃƒŠæŠæŠ°\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBnewgrp\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя ID тŠµŠŗущŠµŠ¹ Š³Ń€ŃƒŠæŠæы Š² рŠ°Š±Š¾Ń‚Š°ŃŽŃ‰ŠµŠ¼ сŠµŠ°Š½ŃŠµ\&. Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-\fR, тŠ¾ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ ŠøŠ½ŠøцŠøŠ°Š»ŠøŠ·ŠøрŠ¾Š²Š°Š½Š¾ ŠæŠ¾Š²Ń‚Š¾Ń€Š½Š¾, ŠŗŠ°Šŗ ŠµŃŠ»Šø Š±Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š·Š°Š½Š¾Š²Š¾ Š²Š¾ŃˆŃ‘Š» Š² сŠøстŠµŠ¼Ńƒ, ŠøŠ½Š°Ń‡Šµ ŠøŠ¼ŠµŃŽŃ‰ŠµŠµŃŃ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ, Š²ŠŗŠ»ŃŽŃ‡Š°Ń тŠµŠŗущŠøŠ¹ рŠ°Š±Š¾Ń‡ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³, ŠøŠ·Š¼ŠµŠ½ŠµŠ½Š¾ Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBnewgrp\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ тŠµŠŗущŠµŠ¹ рŠµŠ°Š»ŃŒŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы Š½Š° Š·Š°Š“Š°Š½Š½Ń‹Š¹ ŠøŠ»Šø Š½Š° Š³Ń€ŃƒŠæŠæу ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, уŠŗŠ°Š·Š°Š½Š½ŃƒŃŽ Š² фŠ°Š¹Š»Šµ -/etc/passwd, Š² сŠ»ŃƒŃ‡Š°Šµ ŠµŃŠ»Šø ŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы Š½Šµ уŠŗŠ°Š·Š°Š½Š¾\&. ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBnewgrp\fR -тŠ°ŠŗŠ¶Šµ ŠæытŠ°ŠµŃ‚ся Š“Š¾Š±Š°Š²Šøть Š³Ń€ŃƒŠæŠæу Š² сŠæŠøсŠ¾Šŗ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ яŠ²Š»ŃŠµŃ‚ся суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼, тŠ¾ ŠµŠ³Š¾ ŠæŠ¾ŠæрŠ¾ŃŃŃ‚ Š²Š²ŠµŃŃ‚Šø ŠæŠ°Ń€Š¾Š»ŃŒ, Š“Š°Š¶Šµ ŠµŃŠ»Šø Š¾Š½ ŠµŠ³Š¾ Š½Šµ ŠøŠ¼ŠµŠµŃ‚ (Š² фŠ°Š¹Š»Šµ -/etc/shadow, ŠµŃŠ»Šø Š“Š»Ń этŠ¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ¼ŠµŠµŃ‚ся Š·Š°ŠæŠøсь Š² фŠ°Š¹Š»Šµ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹, ŠøŠ½Š°Ń‡Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся фŠ°Š¹Š» -/etc/passwd), Š° Š³Ń€ŃƒŠæŠæŠ° ŠøŠ¼ŠµŠµŃ‚, ŠøŠ»Šø ŠµŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ яŠ²Š»ŃŠµŃ‚ся чŠ»ŠµŠ½Š¾Š¼ Š³Ń€ŃƒŠæŠæы, Š° Š³Ń€ŃƒŠæŠæŠ° ŠøŠ¼ŠµŠµŃ‚ ŠæŠ°Ń€Š¾Š»ŃŒ\&. Š•ŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ яŠ²Š»ŃŠµŃ‚ся чŠ»ŠµŠ½Š¾Š¼ Š³Ń€ŃƒŠæŠæы, Š° у Š³Ń€ŃƒŠæŠæы ŠæустŠ¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ Š±ŃƒŠ“ŠµŃ‚ Š¾Ń‚ŠŗŠ°Š·Š°Š½Š¾ Š² Š“Š¾ŃŃ‚ŃƒŠæŠµ\&. -.PP -Š•ŃŠ»Šø ŠµŃŃ‚ŃŒ Š·Š°ŠæŠøсь Š“Š»Ń этŠ¾Š¹ Š³Ń€ŃƒŠæŠæы Š² фŠ°Š¹Š»Šµ -/etc/gshadow, тŠ¾ сŠæŠøсŠ¾Šŗ чŠ»ŠµŠ½Š¾Š² Šø ŠæŠ°Ń€Š¾Š»ŃŒ этŠ¾Š¹ Š³Ń€ŃƒŠæŠæы Š±ŃƒŠ“ут Š²Š·ŃŃ‚Ń‹ ŠøŠ· этŠ¾Š³Š¾ фŠ°Š¹Š»Š°, ŠøŠ½Š°Ń‡Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š°ŠæŠøсь ŠøŠ· фŠ°Š¹Š»Š° -/etc/group\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBSYSLOG_SG_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ \(Fosyslog\(Fc Š“ŠµŠ¹ŃŃ‚Š²ŠøŠ¹ -\fBsg\fR\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/ru/man1/passwd.1 b/man/ru/man1/passwd.1 deleted file mode 100644 index 44b08754..00000000 --- a/man/ru/man1/passwd.1 +++ /dev/null @@ -1,352 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "passwd" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -passwd \- ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠ°Ń€Š¾Š»ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBpasswd\fR\ 'u -\fBpasswd\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] [\fIŠ£Š§ŠŠ¢ŠŠŠÆ_Š—ŠŠŸŠ˜Š”Š¬\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBpasswd\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøх учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹\&. ŠžŠ±Ń‹Ń‡Š½Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Šøть ŠæŠ°Ń€Š¾Š»ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ сŠ²Š¾ŠµŠ¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø, суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Šøть ŠæŠ°Ń€Š¾Š»ŃŒ Š»ŃŽŠ±Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBpasswd\fR -тŠ°ŠŗŠ¶Šµ ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾Š± учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠøŠ»Šø срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń\&. -.SS "Š˜Š·Š¼ŠµŠ½ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š¾Š»Ń" -.PP -Š”Š½Š°Ń‡Š°Š»Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠæŠ¾ŠæрŠ¾ŃŃŃ‚ Š²Š²ŠµŃŃ‚Šø стŠ°Ń€Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ, ŠµŃŠ»Šø Š¾Š½ Š±Ń‹Š»\&. Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š¾Š»ŃŒ Š·Š°ŃˆŠøфрŠ¾Š²Ń‹Š²Š°ŠµŃ‚ся Šø срŠ°Š²Š½ŠøŠ²Š°ŠµŃ‚ся с ŠøŠ¼ŠµŃŽŃ‰ŠøŠ¼ŃŃ\&. Š£ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠµŃŃ‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ Š¾Š“Š½Š° ŠæŠ¾ŠæытŠŗŠ° Š²Š²ŠµŃŃ‚Šø ŠæрŠ°Š²ŠøŠ»ŃŒŠ½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. Š”Š»Ń суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń этŠ¾Ń‚ шŠ°Š³ ŠæрŠ¾ŠæусŠŗŠ°ŠµŃ‚ся, Š“Š»Ń тŠ¾Š³Š¾ чтŠ¾Š±Ń‹ Š¼Š¾Š¶Š½Š¾ Š±Ń‹Š»Š¾ ŠøŠ·Š¼ŠµŠ½Šøть Š·Š°Š±Ń‹Ń‚Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.PP -ŠŸŠ¾ŃŠ»Šµ Š²Š²Š¾Š“Š° ŠæŠ°Ń€Š¾Š»Ń ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøя Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń, чтŠ¾Š±Ń‹ уŠ±ŠµŠ“Šøться, чтŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ рŠ°Š·Ń€ŠµŃˆŠµŠ½Š¾ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ Š² Š½Š°ŃŃ‚Š¾ŃŃ‰ŠøŠ¹ Š¼Š¾Š¼ŠµŠ½Ń‚\&. Š•ŃŠ»Šø Š½ŠµŃ‚, тŠ¾ -\fBpasswd\fR -Š½Šµ ŠæрŠ¾ŠøŠ·Š²Š¾Š“Šøт ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š¾Š»Ń Šø Š·Š°Š²ŠµŃ€ŃˆŠ°ŠµŃ‚ рŠ°Š±Š¾Ń‚Ńƒ\&. -.PP -Š—Š°Ń‚ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠæрŠµŠ“Š»Š¾Š¶Š°Ń‚ Š“Š²Š°Š¶Š“ы Š²Š²ŠµŃŃ‚Šø Š½Š¾Š²Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š²Ń‚Š¾Ń€Š¾Š³Š¾ Š²Š²Š¾Š“Š° срŠ°Š²Š½ŠøŠ²Š°ŠµŃ‚ся с ŠæŠµŃ€Š²Ń‹Š¼ Šø Š“Š»Ń ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя ŠæŠ°Ń€Š¾Š»Šø ŠøŠ· Š¾Š±ŠµŠøх ŠæŠ¾ŠæытŠ¾Šŗ Š“Š¾Š»Š¶Š½Ń‹ сŠ¾Š²ŠæŠ°ŃŃ‚ŃŒ\&. -.PP -Š—Š°Ń‚ŠµŠ¼ ŠæŠ°Ń€Š¾Š»ŃŒ тŠµŃŃ‚ŠøруŠµŃ‚ся Š½Š° сŠ»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ ŠæŠ¾Š“Š±Š¾Ń€Š°\&. Š”Š¾Š³Š»Š°ŃŠ½Š¾ Š¾Š±Ń‰ŠøŠ¼ ŠæрŠøŠ½Ń†ŠøŠæŠ°Š¼, ŠæŠ°Ń€Š¾Š»Šø Š“Š¾Š»Š¶Š½Ń‹ Š±Ń‹Ń‚ŃŒ Š“Š»ŠøŠ½Š¾Š¹ Š¾Ń‚ 6 Š“Š¾ 8 сŠøŠ¼Š²Š¾Š»Š¾Š² Šø Š²ŠŗŠ»ŃŽŃ‡Š°Ń‚ŃŒ Š¾Š“ŠøŠ½ ŠøŠ»Šø Š±Š¾Š»ŠµŠµ сŠøŠ¼Š²Š¾Š»Š¾Š² ŠŗŠ°Š¶Š“Š¾Š³Š¾ тŠøŠæŠ°: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -стрŠ¾Ń‡Š½Ń‹Šµ Š±ŃƒŠŗŠ²Ń‹ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -цŠøфры Š¾Ń‚ 0 Š“Š¾ 9 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Š·Š½Š°ŠŗŠø ŠæуŠ½ŠŗтуŠ°Ń†ŠøŠø -.RE -.PP -ŠŠµ Š²ŠŗŠ»ŃŽŃ‡Š°Š¹Ń‚Šµ сŠøстŠµŠ¼Š½Ń‹Šµ сŠøŠ¼Š²Š¾Š»Ń‹ стŠøрŠ°Š½Šøя Šø уŠ“Š°Š»ŠµŠ½Šøя\&. ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBpasswd\fR -Š½Šµ ŠæрŠøŠ¼ŠµŃ‚ ŠæŠ°Ń€Š¾Š»ŃŒ, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š½Šµ ŠøŠ¼ŠµŠµŃ‚ Š“Š¾ŃŃ‚Š°Ń‚Š¾Ń‡Š½Š¾Š¹ сŠ»Š¾Š¶Š½Š¾ŃŃ‚Šø\&. -.SS "Š’Ń‹Š±Š¾Ń€ ŠæŠ°Ń€Š¾Š»Ń" -.PP -Š‘ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»Ń Š·Š°Š²ŠøсŠøт Š¾Ń‚ стŠ¾Š¹ŠŗŠ¾ŃŃ‚Šø Š°Š»Š³Š¾Ń€ŠøтŠ¼Š° шŠøфрŠ¾Š²Š°Š½Šøя Šø рŠ°Š·Š¼ŠµŃ€Š° ŠæрŠ¾ŃŃ‚Ń€Š°Š½ŃŃ‚Š²Š° ŠŗŠ»ŃŽŃ‡Š°\&. Š’ стŠ°Ń€Ń‹Ń… сŠøстŠµŠ¼Š°Ń… -\fIUNIX\fR -Š¼ŠµŃ‚Š¾Š“ шŠøфрŠ¾Š²Š°Š½Šøя Š¾ŃŠ½Š¾Š²Ń‹Š²Š°Š»ŃŃ Š½Š° Š°Š»Š³Š¾Ń€ŠøтŠ¼Šµ NBS DES\&. Š”ŠµŠ¹Ń‡Š°Ń рŠµŠŗŠ¾Š¼ŠµŠ½Š“уют Š±Š¾Š»ŠµŠµ Š½Š¾Š²Ń‹Šµ Š¼ŠµŃ‚Š¾Š“ы (сŠ¼Š¾Ń‚Ń€ŠøтŠµ -\fBENCRYPT_METHOD\fR)\&. Š Š°Š·Š¼ŠµŃ€ ŠæрŠ¾ŃŃ‚Ń€Š°Š½ŃŃ‚Š²Š° ŠŗŠ»ŃŽŃ‡Š° Š·Š°Š²ŠøсŠøт Š¾Ń‚ стŠµŠæŠµŠ½Šø ŠæрŠ¾ŠøŠ·Š²Š¾Š»ŃŒŠ½Š¾ŃŃ‚Šø Š²Ń‹Š±Ń€Š°Š½Š½Š¾Š³Š¾ ŠæŠ°Ń€Š¾Š»Ń\&. -.PP -ŠŸŃ€Šø Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½ŠøŠø Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚Šø ŠæŠ°Ń€Š¾Š»Ń Š²Ń‹Š±ŠøрŠ°ŃŽŃ‚ Š½ŠµŃ‡Ń‚Š¾ срŠµŠ“Š½ŠµŠµ Š¼ŠµŠ¶Š“у сŠ»Š¾Š¶Š½Ń‹Š¼ ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø сŠ»Š¾Š¶Š½Š¾ŃŃ‚ŃŒŃŽ рŠ°Š±Š¾Ń‚Ń‹ с Š½ŠøŠ¼\&. ŠŸŠ¾ этŠ¾Š¹ ŠæрŠøчŠøŠ½Šµ, Š²Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ яŠ²Š»ŃŠµŃ‚ся сŠ»Š¾Š²Š¾Š¼ ŠøŠ· сŠ»Š¾Š²Š°Ń€Ń ŠøŠ»Šø ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ ŠæрŠøŠ“ётся Š·Š°ŠæŠøсŠ°Ń‚ŃŒ ŠøŠ·\-Š·Š° ŠµŠ³Š¾ сŠ»Š¾Š¶Š½Š¾ŃŃ‚Šø\&. Š¢Š°ŠŗŠ¶Šµ, ŠæŠ°Ń€Š¾Š»ŃŒ Š½Šµ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š½Š°Š·Š²Š°Š½ŠøŠµŠ¼ чŠµŠ³Š¾\-Š»ŠøŠ±Š¾, Š½Š¾Š¼ŠµŃ€Š¾Š¼ Š²Š°ŃˆŠµŠ¹ Š»ŠøцŠµŠ½Š·ŠøŠø, Š“Š½Ń‘Š¼ рŠ¾Š¶Š“ŠµŠ½Šøя Šø Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¼ Š°Š“рŠµŃŠ¾Š¼\&. ŠžŠ±Š¾ Š²ŃŃ‘Š¼ этŠ¾Š¼ Š»ŠµŠ³ŠŗŠ¾ Š“Š¾Š³Š°Š“Š°Ń‚ŃŒŃŃ, чтŠ¾ ŠæрŠøŠ²ŠµŠ“ёт Šŗ Š½Š°Ń€ŃƒŃˆŠµŠ½Šøю Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚Šø сŠøстŠµŠ¼Ń‹\&. -.PP -Šž тŠ¾Š¼, ŠŗŠ°Šŗ Š²Ń‹Š±Ń€Š°Ń‚ŃŒ стŠ¾Š¹ŠŗŠøŠ¹ ŠæŠ°Ń€Š¾Š»ŃŒ, чŠøтŠ°Š¹Ń‚Šµ Š² http://ru\&.wikipedia\&.org/wiki/Š”Š»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ_ŠæŠ°Ń€Š¾Š»Ń\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBpasswd\fR: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ Š²Š¼ŠµŃŃ‚Šµ с -\fB\-S\fR -Š“Š»Ń Š²Ń‹Š²Š¾Š“Š° стŠ°Ń‚ŃƒŃŠ° Š²ŃŠµŃ… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR -.RS 4 -Š£Š“Š°Š»Šøть ŠæŠ°Ń€Š¾Š»ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (сŠ“ŠµŠ»Š°Ń‚ŃŒ ŠµŠ³Š¾ ŠæустыŠ¼)\&. Š­Ń‚Š¾ Š±Ń‹ŃŃ‚рыŠ¹ сŠæŠ¾ŃŠ¾Š± Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š­Ń‚Š¾ сŠ“ŠµŠ»Š°ŠµŃ‚ уŠŗŠ°Š·Š°Š½Š½ŃƒŃŽ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь Š±ŠµŃŠæŠ°Ń€Š¾Š»ŃŒŠ½Š¾Š¹\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expire\fR -.RS 4 -ŠŠµŠ¼ŠµŠ“Š»ŠµŠ½Š½Š¾ сŠ“ŠµŠ»Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ устŠ°Ń€ŠµŠ²ŃˆŠøŠ¼\&. Š’ рŠµŠ·ŃƒŠ»ŃŒŃ‚Š°Ń‚Šµ этŠ¾ Š·Š°ŃŃ‚Š°Š²Šøт ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ·Š¼ŠµŠ½Šøть ŠæŠ°Ń€Š¾Š»ŃŒ ŠæрŠø сŠ»ŠµŠ“ующŠµŠ¼ Š²Ń…Š¾Š“Šµ Š² сŠøстŠµŠ¼Ńƒ\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIŠ”ŠŠ•Š™\fR -.RS 4 -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń Š±Š»Š¾ŠŗŠøрŠ¾Š²ŠŗŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾ ŠæрŠ¾ŃˆŠµŃŃ‚Š²ŠøŠø Š·Š°Š“Š°Š½Š½Š¾Š³Š¾ чŠøсŠ»Š° Š“Š½ŠµŠ¹ ŠæŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń\&. Š¢Š¾ ŠµŃŃ‚ŃŒ, ŠµŃŠ»Šø ŠæŠ°Ń€Š¾Š»ŃŒ устŠ°Ń€ŠµŠ» Šø ŠæрŠ¾ŃˆŠ»Š¾ Š±Š¾Š»ŠµŠµ уŠŗŠ°Š·Š°Š½Š½Ń‹Ń… -\fIŠ”ŠŠ•Š™\fR, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š±Š¾Š»ŃŒŃˆŠµ Š½Šµ сŠ¼Š¾Š¶ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š“Š°Š½Š½ŃƒŃŽ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь\&. -.RE -.PP -\fB\-k\fR, \fB\-\-keep\-tokens\fR -.RS 4 -Š£ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚, чтŠ¾ ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š¾Š»Ń Š½ŃƒŠ¶Š½Š¾ Š²Ń‹ŠæŠ¾Š»Š½Šøть тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń устŠ°Ń€ŠµŠ²ŃˆŠøх ŠŗŠ»ŃŽŃ‡ŠµŠ¹ Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø (ŠæŠ°Ń€Š¾Š»ŠµŠ¹)\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø хŠ¾Ń‚ŃŃ‚ Š¾ŃŃ‚Š°Š²Šøть сŠ²Š¾Šø Š½ŠµŠæрŠ¾ŃŃ€Š¾Ń‡ŠµŠ½Š½Ń‹Šµ ŠŗŠ»ŃŽŃ‡Šø Š½ŠµŃ‚Ń€Š¾Š½ŃƒŃ‚Ń‹Š¼Šø\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\fR -.RS 4 -Š—Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š±Š»Š¾ŠŗŠøруŠµŃ‚ ŠæŠ°Ń€Š¾Š»ŃŒ, ŠøŠ·Š¼ŠµŠ½ŃŃ ŠµŠ³Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Š° Š²Š°Ń€ŠøŠ°Š½Ń‚, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š½Šµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¼ ŠæŠ°Ń€Š¾Š»ŠµŠ¼ (Š“Š¾Š±Š°Š²Š»ŃŠµŃ‚ся сŠøŠ¼Š²Š¾Š» \(Fo!\(Fc Š² Š½Š°Ń‡Š°Š»Š¾ ŠæŠ°Ń€Š¾Š»Ń)\&. -.sp -Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ¾ Š½Šµ Š±Š»Š¾ŠŗŠøруŠµŃ‚ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š²ŃŃ‘ ŠµŃ‰Ń‘ Š¼Š¾Š¶ŠµŃ‚ Š²Š¾Š¹Ń‚Šø Š² сŠøстŠµŠ¼Ńƒ с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ Š“руŠ³Š¾Š³Š¾ сŠæŠ¾ŃŠ¾Š±Š° Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø (Š½Š°ŠæрŠøŠ¼ŠµŃ€, с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠŗŠ»ŃŽŃ‡Š° SSH)\&. Š§Ń‚Š¾Š±Ń‹ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь, Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€ Š“Š¾Š»Š¶ŠµŠ½ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠŗŠ¾Š¼Š°Š½Š“у -\fBusermod \-\-expiredate 1\fR -(этŠ¾ устŠ°Š½Š¾Š²Šøт Š“Š°Ń‚Ńƒ устŠ°Ń€ŠµŠ²Š°Š½Šøя учётŠ½Š¾Š¹ Š·Š°ŠæŠøсь рŠ°Š²Š½Š¾Š¹ 2 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š°)\&. -.sp -ŠŸŠ¾ŃŠµŃ‚ŠøтŠµŠ»ŃŒ с Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š½Ń‹Š¼ ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Š½Šµ Š¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Šøть сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.RE -.PP -\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIŠœŠ˜Š_Š”ŠŠ•Š™\fR -.RS 4 -Š—Š°Š“Š°Ń‚ŃŒ -\fIŠ¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹\fR -Š¼ŠµŠ¶Š“у сŠ¼ŠµŠ½Š°Š¼Šø ŠæŠ°Ń€Š¾Š»Ń\&. ŠŃƒŠ»ŠµŠ²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ этŠ¾Š³Š¾ ŠæŠ¾Š»Ń уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ Š½Š° тŠ¾, чтŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ Š¼ŠµŠ½ŃŃ‚ŃŒ сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ ŠŗŠ¾Š³Š“Š° Š·Š°Ń…Š¾Ń‡ŠµŃ‚\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -ŠŠµ Š²Ń‹Š²Š¾Š“Šøть сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠ¹ ŠæрŠø рŠ°Š±Š¾Ń‚Šµ\&. -.RE -.PP -\fB\-r\fR, \fB\-\-repository\fR\ \&\fIŠ Š•ŠŸŠžŠ—Š˜Š¢ŠžŠ Š˜Š™\fR -.RS 4 -Š˜Š·Š¼ŠµŠ½Šøть ŠæŠ°Ń€Š¾Š»ŃŒ Š² -\fIŠ Š•ŠŸŠžŠ—Š˜Š¢ŠžŠ Š˜Š˜\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-S\fR, \fB\-\-status\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ сŠ¾ŃŃ‚Š¾ŃŠ½ŠøŠµ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š˜Š½Ń„Š¾Ń€Š¼Š°Ń†Šøя Š¾ сŠ¾ŃŃ‚Š¾ŃŠ½ŠøŠø сŠ¾Š“ŠµŃ€Š¶Šøт 7 ŠæŠ¾Š»ŠµŠ¹\&. ŠŸŠµŃ€Š²Š¾Šµ ŠæŠ¾Š»Šµ сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ¼Ń учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š’Ń‚Š¾Ń€Š¾Šµ ŠæŠ¾Š»Šµ уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚, Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½ Š»Šø ŠæŠ°Ń€Š¾Š»ŃŒ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø (L), Š¾Š½Š° Š±ŠµŠ· ŠæŠ°Ń€Š¾Š»Ń (NP) ŠøŠ»Šø у Š½ŠµŃ‘ ŠµŃŃ‚ŃŒ рŠ°Š±Š¾Ń‡ŠøŠ¹ ŠæŠ°Ń€Š¾Š»ŃŒ (P)\&. Š¢Ń€ŠµŃ‚ŃŒŠµ ŠæŠ¾Š»Šµ хрŠ°Š½Šøт Š“Š°Ń‚Ńƒ ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ³Š¾ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя ŠæŠ°Ń€Š¾Š»Ń\&. Š’ сŠ»ŠµŠ“ующŠøх чŠµŃ‚ырёх ŠæŠ¾Š»ŃŃ… хрŠ°Š½ŃŃ‚ся Š¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ, Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ, ŠæŠµŃ€ŠøŠ¾Š“ Š²Ń‹Š“Š°Ń‡Šø ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Šø ŠæŠµŃ€ŠøŠ¾Š“ Š½ŠµŠ°ŠŗтŠøŠ²Š½Š¾ŃŃ‚Šø ŠæŠ°Ń€Š¾Š»Ń\&. Š­Ń‚Šø срŠ¾ŠŗŠø ŠøŠ·Š¼ŠµŃ€ŃŃŽŃ‚ся Š² Š“Š½ŃŃ…\&. -.RE -.PP -\fB\-u\fR, \fB\-\-unlock\fR -.RS 4 -Š Š°Š·Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ рŠ°Š·Š±Š»Š¾ŠŗŠøруŠµŃ‚ ŠæŠ°Ń€Š¾Š»ŃŒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°Ń ŠµŠ³Š¾ ŠæрŠµŠ¶Š½ŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ (ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š±Ń‹Š»Š¾ ŠæŠµŃ€ŠµŠ“ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ŠøŠµŠ¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -\fB\-l\fR)\&. -.RE -.PP -\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIŠŸŠ Š•Š”_Š”ŠŠ•Š™\fR -.RS 4 -Š£ŃŃ‚Š°Š½Š¾Š²Šøть чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š²Ń‹Š“Š°Ń‡Šø ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя, ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ ŠæŠ¾Ń‚Ń€ŠµŠ±ŃƒŠµŃ‚ся сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń\&. Š’ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Šµ -\fIŠŸŠ Š•Š”_Š”ŠŠ•Š™\fR -уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ся чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ ŠæŠ°Ń€Š¾Š»ŃŒ устŠ°Ń€ŠµŠµŃ‚, Š² тŠµŃ‡ŠµŠ½ŠøŠø ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ Š±ŃƒŠ“ут Š½Š°ŠæŠ¾Š¼ŠøŠ½Š°Ń‚ŃŒ, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ сŠŗŠ¾Ń€Š¾ устŠ°Ń€ŠµŠµŃ‚\&. -.RE -.PP -\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIŠœŠŠšŠ”_Š”ŠŠ•Š™\fR -.RS 4 -Š£ŃŃ‚Š°Š½Š¾Š²Šøть Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹, Š² тŠµŃ‡ŠµŠ½ŠøŠø ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŃŒ Š¾ŃŃ‚Š°Ń‘Ń‚ŃŃ рŠ°Š±Š¾Ń‡ŠøŠ¼\&. ŠŸŠ¾ŃŠ»Šµ -\fIŠœŠŠšŠ”_Š”ŠŠ•Š™\fR -ŠæŠ°Ń€Š¾Š»ŃŒ Š½ŃƒŠ¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½Šøть\&. -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š”Š»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»Ń ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся Š½Š° рŠ°Š·Š½Ń‹Ń… Š¼Š°ŃˆŠøŠ½Š°Ń… ŠæŠ¾ рŠ°Š·Š½Š¾Š¼Ńƒ\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ Š½Š°ŃŃ‚Š¾ŃŃ‚ŠµŠ»ŃŒŠ½Š¾ рŠµŠŗŠ¾Š¼ŠµŠ½Š“уŠµŃ‚ся Š²Ń‹Š±ŠøрŠ°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ тŠ°ŠŗŠ¾Š¹ сŠ»Š¾Š¶Š½Š¾ŃŃ‚Šø, чтŠ¾Š±Ń‹ ŠµŠ¼Ńƒ Š½Š¾Ń€Š¼Š°Š»ŃŒŠ½Š¾ рŠ°Š±Š¾Ń‚Š°Š»Š¾ŃŃŒ\&. -.PP -ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø Š½Šµ Š¼Š¾Š³ŃƒŃ‚ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ сŠ²Š¾Šø ŠæŠ°Ń€Š¾Š»Šø Š² сŠøстŠµŠ¼Šµ, ŠµŃŠ»Šø Š²ŠŗŠ»ŃŽŃ‡Ń‘Š½ NIS Šø Š¾Š½Šø Š½Šµ Š²Š¾ŃˆŠ»Šø Š½Š° сŠµŃ€Š²ŠµŃ€ NIS\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBENCRYPT_METHOD\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ сŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹ (ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся, ŠµŃŠ»Šø Š°Š»Š³Š¾Ń€ŠøтŠ¼ Š½Šµ уŠŗŠ°Š·Š°Š½ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -\fIDES\fR -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠ±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š½Š¾Š²Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š±ŃƒŠ“ут Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Ń‹ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5, сŠ¾Š²Š¼ŠµŃŃ‚ŠøŠ¼Š¾Š¼Ńƒ с ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¼ Š² Š½Š¾Š²Ń‹Ń… Š²ŠµŃ€ŃŠøях FreeBSD\&. ŠžŠ½ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø Š½ŠµŠ¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½Š¾Š¹ Š“Š»ŠøŠ½Ń‹ Šø ŠøŠ¼ŠµŠµŃ‚ Š±Š¾Š»ŠµŠµ Š“Š»ŠøŠ½Š½ŃƒŃŽ стрŠ¾Šŗу сŠ¾Š»Šø\&. Š£ŃŃ‚Š°Š½Š¾Š²ŠøтŠµ Š² -\fIno\fR, ŠµŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ ŠŗŠ¾ŠæŠøрŠ¾Š²Š°Ń‚ŃŒ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š² Š“руŠ³ŠøŠµ сŠøстŠµŠ¼Ń‹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š½Šµ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŃŽŃ‚ Š½Š¾Š²Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -\fIno\fR\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -ŠøŠ»Šø Š»ŃŽŠ±Ń‹Š¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š·Š°Š“Š°Ń‘Ń‚ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń устŠ°Ń€ŠµŠ»Š°; ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Šµ ŠæрŠ¾Š²ŠµŃ€ŠŗŠø ŠæрŠø сŠ¼ŠµŠ½Šµ ŠæŠ°Ń€Š¾Š»Ń\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠŸŃ€ŠµŠ“уŠæрŠµŠ¶Š“Š°Ń‚ŃŒ Š¾ сŠ»Š°Š±Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŃŃ… (Š½Š¾ рŠ°Š·Ń€ŠµŃˆŠ°Ń‚ŃŒ Šøх ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ) Š“Š»Ń суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæŠ¾ŠæытŠ¾Šŗ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń (сŠ»ŠøшŠŗŠ¾Š¼ ŠæрŠ¾ŃŃ‚Š¾Š³Š¾) ŠæрŠø Š½ŠµŠæрŠ¾Ń…Š¾Š¶Š“ŠµŠ½ŠøŠø ŠæрŠ¾Š²ŠµŃ€ŠŗŠø\&. -.RE -.PP -\fBPASS_MAX_LEN\fR (чŠøсŠ»Š¾), \fBPASS_MIN_LEN\fR (чŠøсŠ»Š¾) -.RS 4 -ŠšŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š·Š½Š°Ń‡ŠøŠ¼Ń‹Ń… сŠøŠ¼Š²Š¾Š»Š¾Š² Š² ŠæŠ°Ń€Š¾Š»Šµ Š“Š»Ń crypt()\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBPASS_MAX_LEN\fR -рŠ°Š²Š½Š¾ 8\&. ŠŠµ ŠøŠ·Š¼ŠµŠ½ŃŠ¹Ń‚Šµ, ŠµŃŠ»Šø Š²Š°Ńˆ crypt() Š»ŃƒŃ‡ŃˆŠµ\&. Š˜Š³Š½Š¾Ń€ŠøруŠµŃ‚ся, ŠµŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBMD5_CRYPT_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (чŠøсŠ»Š¾), \fBSHA_CRYPT_MAX_ROUNDS\fR (чŠøсŠ»Š¾) -.RS 4 -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBENCRYPT_METHOD\fR -рŠ°Š²Š½Š¾ -\fISHA256\fR -ŠøŠ»Šø -\fISHA512\fR, этŠ° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² SHA, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Ń… Š°Š»Š³Š¾Ń€ŠøтŠ¼Š¾Š¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š½Šµ Š·Š°Š“Š°Š½Š¾ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š£Š²ŠµŠ»ŠøчŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾Š²Ń‹ŃˆŠ°ŠµŃ‚ сŠ»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ ŠæŠ¾Š“Š±Š¾Ń€Š° ŠæŠ°Ń€Š¾Š»Ń ŠæрŠ¾ŃŃ‚Ń‹Š¼ ŠæŠµŃ€ŠµŠ±Š¾Ń€Š¾Š¼\&. ŠŠ¾ Š·Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠæрŠø этŠ¾Š¼ Š“Š»Ń Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ трŠµŠ±ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š½Ń‹Ń… рŠµŃŃƒŃ€ŃŠ¾Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š·Š°Š“Š°Š½Š°, тŠ¾ libc Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (5000)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½Šøя Š“Š¾Š»Š¶Š½Ń‹ Š»ŠµŠ¶Š°Ń‚ŃŒ Š² Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Šµ 1000\-999999999\&. -.sp -Š•ŃŠ»Šø Š·Š°Š“Š°Š½Š¾ ŠŗŠ°ŠŗŠ¾Šµ\-тŠ¾ Š¾Š“Š½Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \(em -\fBSHA_CRYPT_MIN_ROUNDS\fR -ŠøŠ»Šø -\fBSHA_CRYPT_MAX_ROUNDS\fR -\(em тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ этŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š•ŃŠ»Šø -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBpasswd\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI1\fR -.RS 4 -Š“Š¾ŃŃ‚ŃƒŠæ Š·Š°ŠæрŠµŃ‰Ń‘Š½ -.RE -.PP -\fI2\fR -.RS 4 -Š½ŠµŠ“Š¾ŠæустŠøŠ¼Š°Ń ŠŗŠ¾Š¼Š±ŠøŠ½Š°Ń†Šøя ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² -.RE -.PP -\fI3\fR -.RS 4 -Š½ŠµŠ¾Š¶ŠøŠ“Š°Š½Š½Š°Ń Š¾ŃˆŠøŠ±ŠŗŠ° ŠæрŠø рŠ°Š±Š¾Ń‚Šµ, Š½ŠøчŠµŠ³Š¾ Š½Šµ сŠ“ŠµŠ»Š°Š½Š¾ -.RE -.PP -\fI4\fR -.RS 4 -Š½ŠµŠ¾Š¶ŠøŠ“Š°Š½Š½Š°Ń Š¾ŃˆŠøŠ±ŠŗŠ° ŠæрŠø рŠ°Š±Š¾Ń‚Šµ, Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²ŃƒŠµŃ‚ фŠ°Š¹Š» -passwd -.RE -.PP -\fI5\fR -.RS 4 -фŠ°Š¹Š» -passwd -Š·Š°Š½ŃŃ‚ Š“руŠ³Š¾Š¹ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š¾Š¹, ŠæŠ¾ŠæрŠ¾Š±ŃƒŠ¹Ń‚Šµ ŠµŃ‰Ń‘ рŠ°Š· -.RE -.PP -\fI6\fR -.RS 4 -Š½ŠµŠ“Š¾ŠæустŠøŠ¼Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchpasswd\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBlogin.defs\fR(5),\fBusermod\fR(8)\&. diff --git a/man/ru/man1/sg.1 b/man/ru/man1/sg.1 deleted file mode 100644 index 226cb568..00000000 --- a/man/ru/man1/sg.1 +++ /dev/null @@ -1,91 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "sg" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -sg \- Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ ŠŗŠ¾Š¼Š°Š½Š“у с ŠæрŠ°Š²Š°Š¼Šø Š“руŠ³Š¾Š¹ Š³Ń€ŃƒŠæŠæы -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [Š³Ń€ŃƒŠæŠæŠ°\ [\-c]\ ŠŗŠ¾Š¼Š°Š½Š“Š°] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBsg\fR -рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ ŠæŠ¾Š“Š¾Š±Š½Š¾ ŠŗŠ¾Š¼Š°Š½Š“Šµ -\fBnewgrp\fR, Š½Š¾ Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° Š¾Š¶ŠøŠ“Š°ŠµŃ‚ ŠŗŠ¾Š¼Š°Š½Š“у\&. ŠšŠ¾Š¼Š°Š½Š“Š° Š±ŃƒŠ“ŠµŃ‚ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š° Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ¾Š¹ -/bin/sh\&. Š’ Š±Š¾Š»ŃŒŃˆŠøŠ½ŃŃ‚Š²Šµ Š¾Š±Š¾Š»Š¾Ń‡ŠµŠŗ, Š¾Ń‚ŠŗуŠ“Š° Š¼Š¾Š¶ŠµŃ‚ Š·Š°ŠæусŠŗŠ°Ń‚ŃŒŃŃ -\fBsg\fR, ŠŗŠ¾Š¼Š°Š½Š“у ŠøŠ· Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠøх сŠ»Š¾Š² Š½ŃƒŠ¶Š½Š¾ Š·Š°ŠŗŠ»ŃŽŃ‡Š°Ń‚ŃŒ Š² ŠŗŠ°Š²Ń‹Ń‡ŠŗŠø\&. Š”Ń€ŃƒŠ³ŠøŠ¼ Š¾Ń‚Š»ŠøчŠøŠµŠ¼ Š¼ŠµŠ¶Š“у -\fBnewgrp\fR -Šø -\fBsg\fR -яŠ²Š»ŃŠµŃ‚ся тŠ¾, чтŠ¾ Š½ŠµŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø Š²Š¾ŃŠæрŠøŠ½ŠøŠ¼Š°ŃŽŃ‚ -\fBnewgrp\fR -Š¾ŃŠ¾Š±ŠµŠ½Š½Ń‹Š¼ Š¾Š±Ń€Š°Š·Š¾Š¼, Š·Š°Š¼ŠµŠ½ŃŃ сŠµŠ±Ń Š½Š¾Š²Ń‹Š¼ эŠŗŠ·ŠµŠ¼ŠæŠ»ŃŃ€Š¾Š¼ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø, ŠŗŠ¾Ń‚Š¾Ń€ŃƒŃŽ сŠ¾Š·Š“Š°Ń‘Ń‚ -\fBnewgrp\fR\&. Š­Ń‚Š¾Š³Š¾ Š½Šµ ŠæрŠ¾ŠøсхŠ¾Š“Šøт с ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ -\fBsg\fR, ŠæŠ¾ŃŃ‚Š¾Š¼Ńƒ ŠæŠ¾ŃŠ»Šµ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½Šøя рŠ°Š±Š¾Ń‚Ń‹ -\fBsg\fR -Š²Ń‹ Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ŠµŃŃŒ Š² ŠæрŠµŠ“ыŠ“ущую Š³Ń€ŃƒŠæŠæу\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBSYSLOG_SG_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ \(Fosyslog\(Fc Š“ŠµŠ¹ŃŃ‚Š²ŠøŠ¹ -\fBsg\fR\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/ru/man1/su.1 b/man/ru/man1/su.1 deleted file mode 100644 index 0d22511f..00000000 --- a/man/ru/man1/su.1 +++ /dev/null @@ -1,443 +0,0 @@ -'\" t -.\" Title: su -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "su" "1" "05/09/2014" "shadow\-utils 4\&.2" "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -su \- ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ID ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø Š“ŠµŠ»Š°ŠµŃ‚ ŠµŠ³Š¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBsu\fR\ 'u -\fBsu\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] [\fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBsu\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń тŠ¾Š³Š¾, чтŠ¾Š±Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š³ стŠ°Ń‚ŃŒ Š“руŠ³ŠøŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼ Š² тŠµŠŗущŠµŠ¼ сŠµŠ°Š½ŃŠµ\&. Š•ŃŠ»Šø -\fBsu\fR -Š²Ń‹Š·Ń‹Š²Š°ŠµŃ‚ся Š±ŠµŠ· -\fBŠøŠ¼ŠµŠ½Šø_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR, тŠ¾ этŠ¾ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“ŠµŠ»Š°ŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼\&. ŠŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-\fR -Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š“Š»Ń Š²Š¾ŃŃŠ¾Š·Š“Š°Š½Šøя Š¾ŠŗруŠ¶ŠµŠ½Šøя, тŠ°ŠŗŠ¾Š³Š¾ Š¶Šµ ŠŗŠ°Šŗ ŠµŃŠ»Šø Š±Ń‹ Š½Š°ŃŃ‚Š¾ŃŃ‰ŠøŠ¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š²Ń‹ŠæŠ¾Š»Š½ŃŠ» Š²Ń…Š¾Š“ Š² сŠøстŠµŠ¼Ńƒ\&. -.PP -ŠŸŠ¾ŃŠ»Šµ ŠøŠ¼ŠµŠ½Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¼Š¾Š¶Š½Š¾ уŠŗŠ°Š·Š°Ń‚ŃŒ Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Šµ Š°Ń€Š³ŃƒŠ¼ŠµŠ½Ń‚Ń‹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š±ŃƒŠ“ут ŠæŠµŃ€ŠµŠ“Š°Š½Ń‹ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š’ чŠ°ŃŃ‚Š½Š¾ŃŃ‚Šø, Š°Ń€Š³ŃƒŠ¼ŠµŠ½Ń‚ -\fB\-c\fR -Š·Š°ŃŃ‚Š°Š²Šøт Š±Š¾Š»ŃŒŃˆŠøŠ½ŃŃ‚Š²Š¾ Š¾Š±Š¾Š»Š¾Ń‡ŠµŠŗ счŠøтŠ°Ń‚ŃŒ сŠ»ŠµŠ“ующŠøŠ¹ Š°Ń€Š³ŃƒŠ¼ŠµŠ½Ń‚ ŠŗŠ°Šŗ ŠŗŠ¾Š¼Š°Š½Š“у\&. ŠšŠ¾Š¼Š°Š½Š“Š° Š±ŃƒŠ“ŠµŃ‚ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š° Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ¾Š¹, уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ Š² фŠ°Š¹Š»Šµ -/etc/passwd, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń яŠ²Š»ŃŠµŃ‚ся рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š“Š»Ń уŠŗŠ°Š·Ń‹Š²Š°ŠµŠ¼Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -Š’Ń‹ Š¼Š¾Š¶ŠµŃ‚Šµ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-\-\fR -чтŠ¾Š±Ń‹ Š¾Ń‚Š“ŠµŠ»Šøть ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры -\fBsu\fR -Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š², ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ŠæŠµŃ€ŠµŠ“Š°ŃŽŃ‚ся Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠµ\&. -.PP -ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠæрŠµŠ“Š»Š¾Š¶Š°Ń‚ Š²Š²ŠµŃŃ‚Šø ŠæŠ°Ń€Š¾Š»ŃŒ, ŠµŃŠ»Šø Š¾Š½ Š·Š°Š“Š°Š½\&. ŠŸŃ€Šø Š½ŠµŠ²ŠµŃ€Š½Š¾Š¼ ŠæŠ°Ń€Š¾Š»Šµ Š²Š¾Š·Š½ŠøŠŗŠ°ŠµŃ‚ сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ Š¾Š± Š¾ŃˆŠøŠ±ŠŗŠµ\&. Š’сŠµ ŠæŠ¾ŠæытŠŗŠø, уŠ“Š°Ń‡Š½Ń‹Šµ Šø Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Šµ, ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»Šøруются сŠøстŠµŠ¼Š¾Š¹ с цŠµŠ»ŃŒŃŽ Š¾Š±Š½Š°Ń€ŃƒŠ¶ŠµŠ½Šøя Š·Š»Š¾ŃƒŠæŠ¾Ń‚Ń€ŠµŠ±Š»ŠµŠ½ŠøŠ¹\&. -.PP -Š¢ŠµŠŗущŠµŠµ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ ŠæŠµŃ€ŠµŠ“Š°Ń‘Ń‚ŃŃ Š½Š¾Š²Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠµ\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fB$PATH\fR -сŠ±Ń€Š°ŃŃ‹Š²Š°ŠµŃ‚ся Š² Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -/bin:/usr/bin -Š“Š»Ń Š¾Š±Ń‹Ń‡Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠøŠ»Šø Š² -/sbin:/bin:/usr/sbin:/usr/bin -Š“Š»Ń суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š­Ń‚Šø Š·Š½Š°Ń‡ŠµŠ½Šøя Š¼Š¾Š¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½Šøть Š² ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Ń… -\fBENV_PATH\fR -Šø -\fBENV_SUPATH\fR -Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs\&. -.PP -Š”уŠ±ŃŠøстŠµŠ¼Š½Ń‹Š¹ Š²Ń…Š¾Š“ Š² сŠøстŠµŠ¼Ńƒ Š¼Š¾Š¶Š½Š¾ рŠ°ŃŠæŠ¾Š·Š½Š°Ń‚ŃŒ ŠæŠ¾ Š½Š°Š»ŠøчŠøю сŠøŠ¼Š²Š¾Š»Š° \(Fo*\(Fc Š² Š½Š°Ń‡Š°Š»Šµ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø\&. Š—Š°Š“Š°Š½Š½Ń‹Š¹ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ ŠŗŠ°Šŗ ŠŗŠ¾Ń€ŠµŠ½ŃŒ Š½Š¾Š²Š¾Š¹ фŠ°Š¹Š»Š¾Š²Š¾Š¹ сŠøстŠµŠ¼Ń‹, Š² ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ рŠµŠ³ŠøстрŠøруŠµŃ‚ся ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBsu\fR: -.PP -\fB\-c\fR, \fB\-\-command\fR\ \&\fIŠšŠžŠœŠŠŠ”Š\fR -.RS 4 -Š£ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗŠ¾Š¼Š°Š½Š“у, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ¾Š¹ Š² Š²ŠøŠ“Šµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° Š“Š»Ń -\fB\-c\fR\&. -.sp -The executed command will have no controlling terminal\&. This option cannot be used to execute interactive programs which need a controlling TTY\&. -.RE -.PP -\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR -.RS 4 -ŠŸŃ€ŠµŠ“Š¾ŃŃ‚Š°Š²Š»ŃŠµŃ‚ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ, ŠŗŠ°Šŗ ŠµŃŠ»Šø Š±Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½ŠµŠæŠ¾ŃŃ€ŠµŠ“стŠ²ŠµŠ½Š½Š¾ рŠµŠ³ŠøстрŠøрŠ¾Š²Š°Š»ŃŃ Š² сŠøстŠµŠ¼Šµ\&. -.sp -When -\fB\-\fR -is used, it must be specified before any -\fBusername\fR\&. For portability it is recommended to use it as last option, before any -\fBusername\fR\&. The other forms (\fB\-l\fR -and -\fB\-\-login\fR) do not have this restriction\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fIŠžŠ‘ŠžŠ›ŠžŠ§ŠšŠ\fR -.RS 4 -ŠžŠ±Š¾Š»Š¾Ń‡ŠŗŠ°, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š°\&. -.sp -Š—Š°ŠæущŠµŠ½Š½Š°Ń Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ° Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ся ŠøŠ· (Š² ŠæŠ¾Ń€ŃŠ“ŠŗŠµ уŠ±Ń‹Š²Š°Š½Šøя ŠæрŠøŠ¾Ń€ŠøтŠµŃ‚Š°): -.PP -.RS 4 -ŠžŠ±Š¾Š»Š¾Ń‡ŠŗŠ° уŠŗŠ°Š·Š°Š½Š½Š°Ń Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Šµ \-\-shell\&. -.RE -.PP -.RS 4 -Š•ŃŠ»Šø ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся -\fB\-\-preserve\-environment\fR, тŠ¾ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ° Š·Š°Š“Š°Ń‘Ń‚ŃŃ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fB$SHELL\fR\&. -.RE -.PP -.RS 4 -ŠžŠ±Š¾Š»Š¾Ń‡ŠŗŠ°, уŠŗŠ°Š·Š°Š½Š½Š°Ń Š² Š·Š°ŠæŠøсŠø фŠ°Š¹Š»Š° -/etc/passwd -Š“Š»Ń Š·Š°Š“Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -.RS 4 -/bin/sh, ŠµŃŠ»Šø Š½Šø Š¾Š“Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠµ Š½Šµ Š±Ń‹Š»Š¾ Š½Š°Š¹Š“ŠµŠ½Š¾ с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ Š¼ŠµŃ‚Š¾Š“Š¾Š², уŠŗŠ°Š·Š°Š½Š½Ń‹Ń… Š²Ń‹ŃˆŠµ\&. -.RE -.sp -Š•ŃŠ»Šø Š·Š°Š“Š°Š½Š½Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠøŠ¼ŠµŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу (тŠ¾ ŠµŃŃ‚ŃŒ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ° Š² ŠæŠ¾Š»Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š¹ Š·Š°ŠæŠøсŠø Š² фŠ°Š¹Š»Šµ -/etc/passwd -Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²ŃƒŠµŃ‚ Š² фŠ°Š¹Š»Šµ -/etc/shells), тŠ¾ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-\-shell\fR -ŠøŠ»Šø ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fB$SHELL\fR -Š½Šµ Š±ŃƒŠ“ут учтŠµŠ½Ń‹, ŠµŃŠ»Šø -\fBsu\fR -Š½Šµ Š±Ń‹Š»Š° Š·Š°ŠæущŠµŠ½Š° суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼\&. -.RE -.PP -\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR -.RS 4 -Š”Š¾Ń…Ń€Š°Š½Šøть тŠµŠŗущŠµŠµ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ Š·Š° ŠøсŠŗŠ»ŃŽŃ‡ŠµŠ½ŠøŠµŠ¼: -.PP -\fB$PATH\fR -.RS 4 -сŠ±Ń€Š°ŃŃ‹Š²Š°ŠµŃ‚ся Š² Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBENV_PATH\fR -ŠøŠ»Šø -\fBENV_SUPATH\fR -(сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š“Š°Š»ŠµŠµ) ŠøŠ· -/etc/login\&.defs; -.RE -.PP -\fB$IFS\fR -.RS 4 -сŠ±Ń€Š°ŃŃ‹Š²Š°ŠµŃ‚ся Š² Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\(Fo<space><tab><newline>\(Fc, ŠµŃŠ»Šø Š¾Š½Š° устŠ°Š½Š¾Š²Š»ŠµŠ½Š°\&. -.RE -.sp -Š•ŃŠ»Šø Š·Š°Š“Š°Š½Š½Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠøŠ¼ŠµŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу, тŠ¾ этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ срŠ°Š±Š¾Ń‚Š°ŠµŃ‚ (ŠµŃŠ»Šø -\fBsu\fR -Š½Šµ Š·Š°ŠæусŠŗŠ°ŠµŃ‚ся суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼)\&. -.sp -Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠæŠ¾Š²ŠµŠ“ŠµŠ½ŠøŠµ Š¾ŠŗруŠ¶ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю тŠ°ŠŗŠ¾Š²Š¾: -.PP -.RS 4 -ŠŸŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$USER\fR, -\fB$LOGNAME\fR, -\fB$PATH\fR -Šø -\fB$IFS\fR -сŠ±Ń€Š°ŃŃ‹Š²Š°ŃŽŃ‚ся\&. -.RE -.PP -.RS 4 -Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-\-login\fR -Š½Šµ уŠŗŠ°Š·Š°Š½, тŠ¾ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ ŠŗŠ¾ŠæŠøруŠµŃ‚ся, Š·Š° ŠøсŠŗŠ»ŃŽŃ‡ŠµŠ½ŠøŠµŠ¼ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Ń…, ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… Š²Ń‹ŃˆŠµ\&. -.RE -.PP -.RS 4 -Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-\-login\fR -уŠŗŠ°Š·Š°Š½, тŠ¾ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fB$TERM\fR, -\fB$COLORTERM\fR, -\fB$DISPLAY\fR -Šø -\fB$XAUTHORITY\fR -ŠŗŠ¾ŠæŠøруются (ŠµŃŠ»Šø Š¾Š½Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Ń‹)\&. -.RE -.PP -.RS 4 -Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-\-login\fR -уŠŗŠ°Š·Š°Š½, тŠ¾ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fB$TZ\fR, -\fB$HZ\fR -Šø -\fB$MAIL\fR -устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŃŽŃ‚ся сŠ¾Š³Š»Š°ŃŠ½Š¾ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Š¼ фŠ°Š¹Š»Š° -/etc/login\&.defs: -\fBENV_TZ\fR, -\fBENV_HZ\fR, -\fBMAIL_DIR\fR -Šø -\fBMAIL_FILE\fR -(сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š“Š°Š»ŠµŠµ)\&. -.RE -.PP -.RS 4 -Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-\-login\fR -уŠŗŠ°Š·Š°Š½, тŠ¾ Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Šµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š¾ŠŗруŠ¶ŠµŠ½Šøя Š¼Š¾Š³ŃƒŃ‚ Š±Ń‹Ń‚ŃŒ устŠ°Š½Š¾Š²Š»ŠµŠ½Ń‹ ŠøŠ· фŠ°Š¹Š»Š° -\fBENVIRON_FILE\fR -(сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š“Š°Š»ŠµŠµ)\&. -.RE -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š”Š°Š½Š½Š°Ń Š²ŠµŃ€ŃŠøя ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ -\fBsu\fR -Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ сŠ¾Š±Ń€Š°Š½Š° с рŠ°Š·Š½Ń‹Š¼Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø Šø тŠ¾Š»ŃŒŠŗŠ¾ Š½ŠµŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ŠøŠ· Š½Šøх сŠ¼Š¾Š³ŃƒŃ‚ Š±Ń‹Ń‚ŃŒ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Ń‹ Š½Š° Š»ŃŽŠ±Š¾Š¹ Š¼Š°ŃˆŠøŠ½Šµ\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBCONSOLE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ ŠøŠ»Šø ŠæŠ¾Š»Š½Š¾Š¼Ńƒ ŠæутŠø Šŗ фŠ°Š¹Š»Ńƒ с ŠøŠ¼ŠµŠ½Š°Š¼Šø устрŠ¾Š¹ŃŃ‚Š² (Š¾Š“Š½Š¾ Š½Š° стрŠ¾Šŗу), ŠøŠ»Šø сŠæŠøсŠŗу ŠøŠ¼Ń‘Š½ устрŠ¾Š¹ŃŃ‚Š², ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· \(Fo:\(Fc\&. Š’Ń…Š¾Š“ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ рŠ°Š·Ń€ŠµŃˆŃ‘Š½ тŠ¾Š»ŃŒŠŗŠ¾ с этŠøх устрŠ¾Š¹ŃŃ‚Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ Š²Ń…Š¾Š“Šøть Š² сŠøстŠµŠ¼Ńƒ с Š»ŃŽŠ±Š¾Š³Š¾ устрŠ¾Š¹ŃŃ‚Š²Š°\&. -.sp -Š£ŃŃ‚Ń€Š¾Š¹ŃŃ‚Š²Š° Š“Š¾Š»Š¶Š½Ń‹ уŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒŃŃ Š±ŠµŠ· Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ ŠæрŠµŃ„ŠøŠŗсŠ° /dev/\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š”ŠæŠøсŠ¾Šŗ Š³Ń€ŃƒŠæŠæ Š“Š»Ń Š“Š¾Š±Š°Š²Š»ŠµŠ½Šøя Šŗ Š½Š°Š±Š¾Ń€Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøх Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Ń… Š³Ń€ŃƒŠæŠæ ŠæрŠø Š²Ń…Š¾Š“Šµ с ŠŗŠ¾Š½ŃŠ¾Š»Šø (Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŠ¼Š¾Š¹ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ CONSOLE)\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š½Šµ уŠŗŠ°Š·Š°Š½Š°\&. - -Š˜ŃŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ Š¾ŃŃ‚Š¾Ń€Š¾Š¶Š½Š¾ \(em Š¼Š¾Š¶ŠµŃ‚ Š“Š°Ń‚ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ ŠæŠ¾ŃŃ‚Š¾ŃŠ½Š½Ń‹Š¹ Š“Š¾ŃŃ‚ŃƒŠæ Šŗ этŠøŠ¼ Š³Ń€ŃƒŠæŠæŠ°Š¼, Š“Š°Š¶Šµ ŠµŃŠ»Šø Š¾Š½Šø Š½Šµ Š²Ń…Š¾Š“ŠøŠ»Šø с ŠŗŠ¾Š½ŃŠ¾Š»Šø\&. -.RE -.PP -\fBDEFAULT_HOME\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚, Š¼Š¾Š¶Š½Š¾ Š»Šø Š²Š¾Š¹Ń‚Šø Š² сŠøстŠµŠ¼Ńƒ, ŠµŃŠ»Šø Š½ŠµŠ»ŃŒŠ·Ń Š²Ń‹ŠæŠ¾Š»Š½Šøть cd Š² Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю \(Fono\(Fc\&. -.sp -Š•ŃŠ»Šø рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾ŠæŠ°Š“Š°Ń‚ŃŒ Š² ŠŗŠ¾Ń€Š½ŠµŠ²Š¾Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ (/), ŠµŃŠ»Šø Š½ŠµŠ²Š¾Š·Š¼Š¾Š¶Š½Š¾ Š²Ń‹ŠæŠ¾Š»Š½Šøть cd Š² ŠµŠ³Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. -.RE -.PP -\fBENV_HZ\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя HZ ŠæрŠø Š²Ń…Š¾Š“Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² сŠøстŠµŠ¼Ńƒ\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с -\fIHZ=\fR\&. ŠžŠ±Ń‹Ń‡Š½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š»Ń Linux \(em -\fIHZ=100\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø этŠ¾Ń‚ фŠ°Š¹Š» сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Šø Š“Š¾ŃŃ‚ŃƒŠæ Š“Š»Ń чтŠµŠ½Šøя, тŠ¾ ŠøŠ· Š½ŠµŠ³Š¾ чŠøтŠ°ŠµŃ‚ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Šµ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ\&. ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° Š“Š¾Š»Š¶Š½Š° ŠøŠ¼ŠµŃ‚ŃŒ фŠ¾Ń€Š¼Š°Ń‚: ŠøŠ¼Ń=Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š”трŠ¾ŠŗŠø, Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‰ŠøŠµŃŃ с #, счŠøтŠ°ŃŽŃ‚ся ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€ŠøŠµŠ¼ Šø ŠøŠ³Š½Š¾Ń€Šøруются\&. -.RE -.PP -\fBENV_PATH\fR (стрŠ¾ŠŗŠ°) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (стрŠ¾ŠŗŠ°) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя TZ ŠæрŠø Š²Ń…Š¾Š“Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ рŠ°Š²Š½Š¾ ŠøŠ¼ŠµŠ½Šø чŠ°ŃŠ¾Š²Š¾Š³Š¾ ŠæŠ¾ŃŃŠ°, Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‰ŠµŠ³Š¾ŃŃ -\fITZ=\fR -(Š½Š°ŠæрŠøŠ¼ŠµŃ€, -\fITZ=CST6CDT\fR), ŠøŠ»Šø ŠæŠ¾Š»Š½Š¾Š¼Ńƒ ŠæутŠø Šŗ фŠ°Š¹Š»Ńƒ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø чŠ°ŃŠ¾Š²Š¾Š³Š¾ ŠæŠ¾ŃŃŠ° (Š½Š°ŠæрŠøŠ¼ŠµŃ€, -/etc/tzname)\&. -.sp -Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ¾Š»Š½Ń‹Š¹ Šæуть, Š½Š¾ фŠ°Š¹Š» Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ ŠøŠ»Šø Š½ŠµŠ“Š¾ŃŃ‚ŃƒŠæŠµŠ½ Š“Š»Ń чтŠµŠ½Šøя, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBLOGIN_STRING\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š”трŠ¾ŠŗŠ°\-ŠæрŠøŠ³Š»Š°ŃˆŠµŠ½ŠøŠµ Šŗ Š²Š²Š¾Š“у ŠæŠ°Ń€Š¾Š»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: \(FoPassword:\(Fc ŠøŠ»Šø ŠæŠµŃ€ŠµŠ²Š¾Š“ этŠ¾Š¹ стрŠ¾ŠŗŠø Š½Š° рŠ°Š·Š½Ń‹Šµ яŠ·Ń‹ŠŗŠø\&. Š•ŃŠ»Šø Š²Ń‹ ŠøŠ·Š¼ŠµŠ½ŠøтŠµ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, тŠ¾ ŠæŠµŃ€ŠµŠ²Š¾Š“ Š±ŃƒŠ“ŠµŃ‚ Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.sp -Š•ŃŠ»Šø Š² стрŠ¾ŠŗŠµ сŠ¾Š“ŠµŃ€Š¶Šøтся ŠæŠ¾Š“стрŠ¾ŠŗŠ° -\fI%s\fR, тŠ¾ Š¾Š½Š° Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š¼ŠµŠ½ŠµŠ½Š° Š½Š° ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ ŠæрŠ¾Š²ŠµŃ€Šŗу Šø ŠæŠ¾ŠŗŠ°Š· сŠ¾ŃŃ‚Š¾ŃŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Š¾Š³Š¾ ящŠøŠŗŠ° ŠæрŠø Š²Ń…Š¾Š“Šµ\&. -.sp -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ Š²Ń‹ŠŗŠ»ŃŽŃ‡Šøть этŠ¾, ŠµŃŠ»Šø ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ящŠøŠŗ ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся ŠøŠ· фŠ°Š¹Š»Š¾Š² Š°Š²Ń‚Š¾Š·Š°ŠæусŠŗŠ° Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø (\(Fomailx \-e\(Fc ŠøŠ»Šø ŠæŠ¾Ń…Š¾Š¶ŠµŠ¹ ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹)\&. -.RE -.PP -\fBMAIL_DIR\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠŸŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. Š”Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½ŃƒŠ¶ŠµŠ½ Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¼ ящŠøŠŗŠ¾Š¼ ŠæрŠø ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠø ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠæрŠø сŠ±Š¾Ń€ŠŗŠµ\&. -.RE -.PP -\fBMAIL_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½ŠøŠµ ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Ń… фŠ°Š¹Š»Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¾Ń‚Š½Š¾ŃŠøтŠµŠ»ŃŒŠ½Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. -.RE -.PP -ŠŸŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ -\fBMAIL_DIR\fR -Šø -\fBMAIL_FILE\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š°Š¼Šø -\fBuseradd\fR, -\fBusermod\fR -Šø -\fBuserdel\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя, ŠæŠµŃ€ŠµŠ¼ŠµŃ‰ŠµŠ½Šøя ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBMAIL_CHECK_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š¾Š½Šø тŠ°ŠŗŠ¶Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fBMAIL\fR\&. -.PP -\fBQUOTAS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Š½Š¾Š²Šŗу Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹ рŠµŃŃƒŃ€ŃŠ¾Š² ŠøŠ· -/etc/limits -Šø ulimit, umask Šø niceness ŠøŠ· ŠæŠ¾Š»Ń gecos фŠ°Š¹Š»Š° passwd\&. -.RE -.PP -\fBSULOG_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š»ŃŽŠ±Š°Ń Š°ŠŗтŠøŠ²Š½Š¾ŃŃ‚ŃŒ su Š±ŃƒŠ“ŠµŃ‚ ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Ń‚ŃŒŃŃ Š² этŠ¾Ń‚ фŠ°Š¹Š»\&. -.RE -.PP -\fBSU_NAME\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š²Ń‹Š²Š¾Š“Šøтся ŠøŠ¼Ń ŠŗŠ¾Š¼Š°Š½Š“ы ŠŗŠ¾Š³Š“Š° рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ \(Fosu \-\(Fc\&. ŠŠ°ŠæрŠøŠ¼ŠµŃ€, ŠµŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ \(Fosu\(Fc, тŠ¾ \(Fops\(Fc ŠæŠ¾ŠŗŠ°Š¶ŠµŃ‚ ŠŗŠ¾Š¼Š°Š½Š“у ŠŗŠ°Šŗ \(Fo\-su\(Fc\&. Š•ŃŠ»Šø Š½Šµ Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ \(Fops\(Fc ŠæŠ¾ŠŗŠ°Š¶ŠµŃ‚ ŠøŠ¼Ń Š·Š°ŠæусŠŗŠ°ŠµŠ¼Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø Š½Š°ŠæрŠøŠ¼ŠµŃ€ ŠŗŠ°Šŗ \(Fo\-sh\(Fc\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š•ŃŠ»Šø рŠ°Š²Š½Š° -\fIyes\fR, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ чŠ»ŠµŠ½Š¾Š¼ ŠæŠµŃ€Š²Š¾Š¹ Š³Ń€ŃƒŠæŠæы с gid 0 Š² фŠ°Š¹Š»Šµ -/etc/group -(Š² Š±Š¾Š»ŃŒŃˆŠøŠ½ŃŃ‚Š²Šµ сŠøстŠµŠ¼ Linux Š½Š°Š·Ń‹Š²Š°ŠµŃ‚ся -\fIroot\fR), чтŠ¾Š±Ń‹ ŠøŠ¼ŠµŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š·Š°ŠæусŠŗŠ°Ń‚ŃŒ -\fBsu\fR -Š“Š»Ń ŠæŠ¾Š»ŃƒŃ‡ŠµŠ½Šøя uid 0\&. Š•ŃŠ»Šø Š³Ń€ŃƒŠæŠæŠ° Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚, ŠøŠ»Šø ŠæустŠ°, тŠ¾ Š½ŠøŠŗтŠ¾ Š½Šµ сŠ¼Š¾Š¶ŠµŃ‚ ŠæŠ¾Š»ŃƒŃ‡Šøть uid 0 с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ -\fBsu\fR\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ \(Fosyslog\(Fc Š“ŠµŠ¹ŃŃ‚Š²ŠøŠ¹ -\fBsu\fR -\(em Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Š¾ Šŗ ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½Šøю Š² фŠ°Š¹Š»Šµ sulog\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Š½Š¾Š²Šŗу Š³Ń€ŃƒŠæŠæы Š±ŠøтŠ¾Š² umask рŠ°Š²Š½Š¾Š¹ Š±ŠøтŠ°Š¼ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° (ŠæрŠøŠ¼ŠµŃ€: 022 \-> 002, 077 \-> 007) Š“Š»Ń Š½Šµ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠµŃŠ»Šø uid рŠ°Š²ŠµŠ½ gid Šø ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń сŠ¾Š²ŠæŠ°Š“Š°ŠµŃ‚ с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ -\fBuserdel\fR -уŠ“Š°Š»ŃŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗую Š³Ń€ŃƒŠæŠæу, ŠµŃŠ»Šø Š² Š½ŠµŠ¹ Š½ŠµŃ‚ Š±Š¾Š»ŃŒŃˆŠµ чŠ»ŠµŠ½Š¾Š², Š° -\fBuseradd\fR -ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю сŠ¾Š·Š“Š°Ń‘Ń‚ Š³Ń€ŃƒŠæŠæу с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠŸŃ€Šø усŠæŠµŃˆŠ½Š¾Š¼ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠø -\fBsu\fR -Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ ŠŗŠ¾Š“ Š²Ń‹Ń…Š¾Š“Š° ŠŗŠ¾Š¼Š°Š½Š“ы, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š±Ń‹Š»Š° Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š°\&. -.PP -Š•ŃŠ»Šø Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы Š·Š°Š²ŠµŃ€ŃˆŠøŠ»Š¾ŃŃŒ ŠæŠ¾ сŠøŠ³Š½Š°Š»Ńƒ, тŠ¾ -\fBsu\fR -Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ Š½Š¾Š¼ŠµŃ€ этŠ¾Š³Š¾ сŠøŠ³Š½Š°Š»Š° ŠæŠ»ŃŽŃ 128\&. -.PP -Š•ŃŠ»Šø su Š·Š°Š²ŠµŃ€ŃˆŠøŠ»Š° ŠŗŠ¾Š¼Š°Š½Š“у (тŠ°Šŗ ŠŗŠ°Šŗ Š±Ń‹Š» Š·Š°ŠæрŠ¾Ń сŠ“ŠµŠ»Š°Ń‚ŃŒ этŠ¾ Šø ŠŗŠ¾Š¼Š°Š½Š“Š° Š½Šµ Š·Š°Š²ŠµŃ€ŃˆŠøŠ»Š°ŃŃŒ Š² ŠæŠ¾Š»Š¾Š¶ŠµŠ½Š½Š¾Šµ Š²Ń€ŠµŠ¼Ń), тŠ¾ -\fBsu\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°ŠµŃ‚ся с ŠŗŠ¾Š“Š¾Š¼ 255\&. -.PP -ŠŠµŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ŠŗŠ¾Š“ы Š²Ń‹Ń…Š¾Š“Š° -\fBsu\fR -Š½Šµ Š·Š°Š²Šøсят Š¾Ń‚ Š·Š°ŠæусŠŗŠ°ŠµŠ¼Š¾Š¹ ŠŗŠ¾Š¼Š°Š½Š“ы: -.PP -\fI0\fR -.RS 4 -Š£ŃŠæŠµŃˆŠ½Š¾ (тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń -\fB\-\-help\fR) -.RE -.PP -\fI1\fR -.RS 4 -Š”Š±Š¾Š¹ Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø ŠøŠ»Šø сŠøстŠµŠ¼Ń‹ -.RE -.PP -\fI126\fR -.RS 4 -Š—Š°ŠæрŠ¾ŃˆŠµŠ½Š½Š°Ń ŠŗŠ¾Š¼Š°Š½Š“Š° Š½Šµ Š½Š°Š¹Š“ŠµŠ½Š° -.RE -.PP -\fI127\fR -.RS 4 -Š—Š°ŠæрŠ¾ŃˆŠµŠ½Š½Š°Ń ŠŗŠ¾Š¼Š°Š½Š“Š° Š½Šµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š° -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin\fR(1), -\fBlogin.defs\fR(5), -\fBsg\fR(1), -\fBsh\fR(1)\&. diff --git a/man/ru/man3/getspnam.3 b/man/ru/man3/getspnam.3 deleted file mode 100644 index cd473da3..00000000 --- a/man/ru/man3/getspnam.3 +++ /dev/null @@ -1 +0,0 @@ -.so man3/shadow.3 diff --git a/man/ru/man3/shadow.3 b/man/ru/man3/shadow.3 deleted file mode 100644 index 30a9b21d..00000000 --- a/man/ru/man3/shadow.3 +++ /dev/null @@ -1,236 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š‘ŠøŠ±Š»ŠøŠ¾Ń‚ŠµŃ‡Š½Ń‹Šµ фуŠ½ŠŗцŠøŠø -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "shadow" "3" "05/09/2014" "shadow\-utils 4\&.2" "Š‘ŠøŠ±Š»ŠøŠ¾Ń‚ŠµŃ‡Š½Ń‹Šµ фуŠ½ŠŗцŠøŠø" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -shadow, getspnam \- ŠæрŠ¾Ń†ŠµŠ“уры Š“Š»Ń рŠ°Š±Š¾Ń‚Ń‹ с фŠ°Š¹Š»Š¾Š¼ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.PP -\fI#include <shadow\&.h>\fR -.PP -\fIstruct spwd *getspent();\fR -.PP -\fIstruct spwd *getspnam(char\fR\fI*name\fR\fI);\fR -.PP -\fIvoid setspent();\fR -.PP -\fIvoid endspent();\fR -.PP -\fIstruct spwd *fgetspent(FILE\fR\fI*fp\fR\fI);\fR -.PP -\fIstruct spwd *sgetspent(char\fR\fI*cp\fR\fI);\fR -.PP -\fIint putspent(struct spwd\fR\fI*p,\fR\fIŠ¤ŠŠ™Š›\fR\fI*fp\fR\fI);\fR -.PP -\fIint lckpwdf();\fR -.PP -\fIint ulckpwdf();\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -\fIshadow\fR -уŠæрŠ°Š²Š»ŃŠµŃ‚ сŠ¾Š“ŠµŃ€Š¶ŠøŠ¼Ń‹Š¼ фŠ°Š¹Š»Š° тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹, -/etc/shadow\&. Š”труŠŗтурŠ° Š² фŠ°Š¹Š»Šµ -\fI#include\fR: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct spwd { - char *sp_namp; /* ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń */ - char *sp_pwdp; /* шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ */ - long int sp_lstchg; /* Š“Š°Ń‚Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń */ - long int sp_min; /* Š“Š½ŠµŠ¹ Š“Š¾Š»Š¶Š½Š¾ ŠæрŠ¾Š¹Ń‚Šø Š¼ŠµŠ¶Š“у сŠ¼ŠµŠ½Š°Š¼Šø ŠæŠ°Ń€Š¾Š»Ń\&. */ - long int sp_max; /* Š“Š½ŠµŠ¹ ŠæŠµŃ€ŠµŠ“ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Š¾ŃŃ‚ŃŒŃŽ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń */ - long int sp_warn; /* Š“Š½ŠµŠ¹ Š²Ń‹Š²Š¾Š“Š° ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø */ - long int sp_inact; /* Š“Š½ŠµŠ¹ ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š·Š°Š±Š»Š¾ŠŗŠøруŠµŃ‚ся */ - long int sp_expire; /* Š“Š°Ń‚Š° устŠ°Ń€ŠµŠ²Š°Š½Šøя учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø */ - unsigned long int sp_flag; /* Š·Š°Ń€ŠµŠ·ŠµŃ€Š²ŠøрŠ¾Š²Š°Š½Š¾ */ -} -.fi -.if n \{\ -.RE -.\} -.PP -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠŗŠ°Š¶Š“Š¾Š³Š¾ ŠæŠ¾Š»Ń: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_namp \- уŠŗŠ°Š·Š°Ń‚ŠµŠ»ŃŒ Š½Š° стрŠ¾Šŗу с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š·Š°Š²ŠµŃ€ŃˆŠ°ŃŽŃ‰ŃƒŃŽŃŃ Š½ŃƒŠ»ŠµŠ²Ń‹Š¼ сŠøŠ¼Š²Š¾Š»Š¾Š¼ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_pwdp \- уŠŗŠ°Š·Š°Ń‚ŠµŠ»ŃŒ Š½Š° стрŠ¾Šŗу с ŠæŠ°Ń€Š¾Š»ŠµŠ¼, Š·Š°Š²ŠµŃ€ŃˆŠ°ŃŽŃ‰ŃƒŃŽŃŃ Š½ŃƒŠ»ŠµŠ²Ń‹Š¼ сŠøŠ¼Š²Š¾Š»Š¾Š¼ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_lstchg \- ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹, ŠŗŠ¾Š³Š“Š° Š±Ń‹Š» ŠøŠ·Š¼ŠµŠ½Ń‘Š½ ŠæŠ°Ń€Š¾Š»ŃŒ ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠøŠ¹ рŠ°Š·, Š½Š°Ń‡ŠøŠ½Š°Ń с 1 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š° -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_min \- ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹, ŠŗŠ¾Š³Š“Š° Š¼Š¾Š¶Š½Š¾ Š½Šµ Š¼ŠµŠ½ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_max \- ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹, ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š“Š¾Š»Š¶Š½Š¾ ŠæрŠ¾Š¹Ń‚Šø, чтŠ¾Š±Ń‹ Š½ŃƒŠ¶Š½Š¾ Š±Ń‹Š»Š¾ ŠæŠ¾Š¼ŠµŠ½ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_warn \- ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹, ŠŗŠ¾Š³Š“Š° Š±ŃƒŠ“ŠµŃ‚ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š¾ сŠŗŠ¾Ń€Š¾Š¼ устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ ŠæŠ°Ń€Š¾Š»ŃŒ устŠ°Ń€ŠµŠµŃ‚ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_inact \- ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š¹Ń‚Šø ŠæŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń, ŠŗŠ¾Š³Š“Š° Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒ счŠøтŠ°Ń‚ŃŒ, чтŠ¾ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š½ŠµŠ°ŠŗтŠøŠ²Š½Š° Šø Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š° -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_expire \- Š“Š½ŠµŠ¹, ŠæŠ¾ŃŠ»Šµ ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°, Š½Š°Ń‡ŠøŠ½Š°Ń с 1 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š° -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_flag \- Š·Š°Ń€ŠµŠ·ŠµŃ€Š²ŠøрŠ¾Š²Š°Š½Š¾ -.RE -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š¤ŃƒŠ½ŠŗцŠøŠø -\fIgetspent\fR, -\fIgetspname\fR, -\fIfgetspent\fR -Šø -\fIsgetspent\fR -Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŃŽŃ‚ уŠŗŠ°Š·Š°Ń‚ŠµŠ»ŃŒ Š½Š° струŠŗтуру -\fIstruct spwd\fR\&. -\fIgetspent\fR -Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующую Š·Š°ŠæŠøсь ŠøŠ· фŠ°Š¹Š»Š°, Š° -\fIfgetspent\fR -Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующую Š·Š°ŠæŠøсь ŠøŠ· Š·Š°Š“Š°Š½Š½Š¾Š³Š¾ ŠŗŠ°Š½Š°Š»Š°, ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°Ń, чтŠ¾ этŠ¾ фŠ°Š¹Š» ŠæрŠ°Š²ŠøŠ»ŃŒŠ½Š¾Š³Š¾ фŠ¾Ń€Š¼Š°Ń‚Š°\&.\fIsgetspent\fR -Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ уŠŗŠ°Š·Š°Ń‚ŠµŠ»ŃŒ Š½Š° -\fIstruct spwd\fR, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃ ŠæрŠµŠ“Š¾ŃŃ‚Š°Š²Š»ŠµŠ½Š½ŃƒŃŽ стрŠ¾Šŗу Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ Š²Ń…Š¾Š“ящŠøх Š“Š°Š½Š½Ń‹Ń…\&. -\fIgetspnam\fR -ŠøщŠµŃ‚ Š½Š°Ń‡ŠøŠ½Š°Ń с тŠµŠŗущŠµŠ¹ ŠæŠ¾Š·ŠøцŠøŠø Š² фŠ°Š¹Š»Šµ Š·Š°ŠæŠøсь ŠæŠ¾ ŠøŠ¼ŠµŠ½Šø -\fIname\fR\&. -.PP -Š¤ŃƒŠ½ŠŗцŠøŠø -\fIsetspent\fR -Šø -\fIendspent\fR -Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š“Š»Ń ŠæŠµŃ€ŠµŠ¼ŠµŃ‰ŠµŠ½Šøя Š² Š½Š°Ń‡Š°Š»Š¾ Šø ŠŗŠ¾Š½ŠµŃ† фŠ°Š¹Š»Š° тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠµŠ½Š½Š¾\&. -.PP -Š¤ŃƒŠ½ŠŗцŠøŠø -\fIlckpwdf\fR -Šø -\fIulckpwdf\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся Š“Š»Ń ŠæŠ¾Š»ŃƒŃ‡ŠµŠ½Šøя Š¼Š¾Š½Š¾ŠæŠ¾Š»ŃŒŠ½Š¾Š³Š¾ Š“Š¾ŃŃ‚ŃƒŠæŠ° Šŗ фŠ°Š¹Š»Ńƒ -/etc/shadow\&. -\fIlckpwdf\fR -ŠæытŠ°ŠµŃ‚ся Š²Ń‹ŠæŠ¾Š»Š½Šøть Š±Š»Š¾ŠŗŠøрŠ¾Š²Šŗу с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ -\fIpw_lock\fR -Š² тŠµŃ‡ŠµŠ½ŠøŠø 15 сŠµŠŗуŠ½Š“\&. Š”Š°Š»ŠµŠµ Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ся ŠæŠ¾ŠæытŠŗŠ° ŠæŠ¾Š»ŃƒŃ‡Šøть Š²Ń‚Š¾Ń€ŃƒŃŽ Š±Š»Š¾ŠŗŠøрŠ¾Š²Šŗу с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ -\fIspw_lock\fR -Š² тŠµŃ‡ŠµŠ½ŠøŠø Š²Ń€ŠµŠ¼ŠµŠ½Šø Š¾ŃŃ‚Š°Š²ŃˆŠµŠ³Š¾ŃŃ Š¾Ń‚ ŠæŠµŃ€Š²Š¾Š½Š°Ń‡Š°Š»ŃŒŠ½Ń‹Ń… 15 сŠµŠŗуŠ½Š“\&. ŠŸŃ€Šø Š½ŠµŃƒŠ“Š°Ń‡Šµ Š² Š»ŃŽŠ±Š¾Š¹ ŠøŠ· Š±Š»Š¾ŠŗŠøрŠ¾Š²Š¾Šŗ Š² тŠµŃ‡ŠµŠ½ŠøŠø 15 сŠµŠŗуŠ½Š“, фуŠ½ŠŗцŠøя -\fIlckpwdf\fR -Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ \-1\&. Š•ŃŠ»Šø Š¾Š±Šµ Š±Š»Š¾ŠŗŠøрŠ¾Š²ŠŗŠø ŠæрŠ¾ŃˆŠ»Šø усŠæŠµŃˆŠ½Š¾ Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ся 0\&. -.SH "Š”Š˜ŠŠ“ŠŠžŠ”Š¢Š˜ŠšŠ" -.PP -Š¤ŃƒŠ½ŠŗцŠøŠø Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŃŽŃ‚ NULL, ŠµŃŠ»Šø Š²ŃŠµ Š·Š°ŠæŠøсŠø ŠŗŠ¾Š½Ń‡ŠøŠ»Šøсь ŠøŠ»Šø ŠæрŠ¾ŠøŠ·Š¾ŃˆŠ»Š° Š¾ŃˆŠøŠ±ŠŗŠ° Š²Š¾ Š²Ń€ŠµŠ¼Ń рŠ°Š±Š¾Ń‚Ń‹\&. Š¤ŃƒŠ½ŠŗцŠøŠø, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŃŽŃ‰ŠøŠµ -\fIint\fR, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŃŽŃ‚ 0 ŠæрŠø усŠæŠµŃˆŠ½Š¾Š¼ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠø Šø \-1 Š² сŠ»ŃƒŃ‡Š°Šµ Š½ŠµŃƒŠ“Š°Ń‡Šø\&. -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š”Š°Š½Š½Ń‹Šµ фуŠ½ŠŗцŠøŠø Š¼Š¾Š³ŃƒŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ тŠ¾Š»ŃŒŠŗŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼, тŠ°Šŗ ŠŗŠ°Šŗ Š“Š¾ŃŃ‚ŃƒŠæ Šŗ фŠ°Š¹Š»Ńƒ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½\&. -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBgetpwent\fR(3), -\fBshadow\fR(5)\&. diff --git a/man/ru/man5/faillog.5 b/man/ru/man5/faillog.5 deleted file mode 100644 index 4568728a..00000000 --- a/man/ru/man5/faillog.5 +++ /dev/null @@ -1,65 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "faillog" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -faillog \- фŠ°Š¹Š» ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»Š° Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š’ фŠ°Š¹Š»Šµ -/var/log/faillog -сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ся счётчŠøŠŗŠø Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° Šø Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»Ń ŠŗŠ°Š¶Š“Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -.PP -Š­Ń‚Š¾Ń‚ фŠ°Š¹Š» сŠ¾ŃŃ‚Š¾Šøт ŠøŠ· Š·Š°ŠæŠøсŠµŠ¹ ŠæŠ¾ŃŃ‚Š¾ŃŠ½Š½Š¾Š¹ Š“Š»ŠøŠ½Ń‹, уŠæŠ¾Ń€ŃŠ“Š¾Ń‡ŠµŠ½Š½Ń‹Ń… ŠæŠ¾ чŠøсŠ»Š¾Š²Š¾Š¼Ńƒ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ńƒ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. ŠšŠ°Š¶Š“Š°Ń Š·Š°ŠæŠøсь сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° с Š¼Š¾Š¼ŠµŠ½Ń‚Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ³Š¾ усŠæŠµŃˆŠ½Š¾Š³Š¾ Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ, Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°, тŠµŃ€Š¼ŠøŠ½Š°Š», с ŠŗŠ¾Ń‚Š¾Ń€Š¾Š³Š¾ Š¾ŃŃƒŃ‰ŠµŃŃ‚Š²Š»ŃŠ»Š°ŃŃŒ ŠæŠ¾ŃŠ»ŠµŠ“Š½ŃŃ Š½ŠµŃƒŠ“Š°Ń‡Š½Š°Ń ŠæŠ¾ŠæытŠŗŠ° Š²Ń…Š¾Š“Š°, Š“Š°Ń‚Ńƒ этŠ¾Š³Š¾ сŠ¾Š±Ń‹Ń‚Šøя Šø ŠøŠ½Ń‚ŠµŃ€Š²Š°Š» (Š² сŠµŠŗуŠ½Š“Š°Ń…) Š½Š° сŠŗŠ¾Š»ŃŒŠŗŠ¾ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š° Š² сŠ»ŃƒŃ‡Š°Šµ Š½ŠµŃƒŠ“Š°Ń‡Š½Š¾Š¹ ŠæŠ¾ŠæытŠŗŠø\&. -.PP -Š”труŠŗтурŠ° фŠ°Š¹Š»Š°: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct faillog { - short fail_cnt; - short fail_max; - char fail_line[12]; - time_t fail_time; - long fail_locktime; -}; -.fi -.if n \{\ -.RE -.\} -.SH "Š¤ŠŠ™Š›Š«" -.PP -/var/log/faillog -.RS 4 -Š¶ŃƒŃ€Š½Š°Š» Š½ŠµŃƒŠ“Š°Š²ŃˆŠøхся ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBfaillog\fR(8) diff --git a/man/ru/man5/gshadow.5 b/man/ru/man5/gshadow.5 deleted file mode 100644 index 5a5ec61c..00000000 --- a/man/ru/man5/gshadow.5 +++ /dev/null @@ -1,101 +0,0 @@ -'\" t -.\" Title: gshadow -.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "gshadow" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -gshadow \- фŠ°Š¹Š» с Š·Š°Ń‰ŠøщŠ°ŠµŠ¼Š¾Š¹ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠµŠ¹ Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š¤Š°Š¹Š» -/etc/gshadow -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń…\&. -.PP -Š­Ń‚Š¾Ń‚ фŠ°Š¹Š» Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š½ŠµŠ“Š¾ŃŃ‚ŃƒŠæŠµŠ½ Š¾Š±Ń‹Ń‡Š½Š¾Š¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ, ŠµŃŠ»Šø Š½ŃƒŠ¶Š½Š¾ Š¾Š±ŠµŃŠæŠµŃ‡Šøть Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.PP -ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° фŠ°Š¹Š»Š° сŠ¾Š“ŠµŃ€Š¶Šøт ŠæŠ¾Š»Ń, Š¾Ń‚Š“ŠµŠ»Ń‘Š½Š½Ń‹Š¼Šø Š“руŠ³ Š¾Ń‚ Š“руŠ³Š° Š“Š²Š¾ŠµŃ‚Š¾Ń‡ŠøŠµŠ¼: -.PP -\fBŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы\fR -.RS 4 -Š”Š¾Š»Š¶Š½Š¾ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ ŠæрŠ°Š²ŠøŠ»ŃŒŠ½Š¾Šµ ŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Š² сŠøстŠµŠ¼Šµ\&. -.RE -.PP -\fBшŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\fR -.RS 4 -ŠŸŠ¾Š“рŠ¾Š±Š½ŠµŠ¹ Š¾ ŠæŠ°Ń€Š¾Š»Šµ сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š² сŠæрŠ°Š²Š¾Ń‡Š½Š¾Š¹ стрŠ°Š½ŠøцŠµ -\fBcrypt\fR(3)\&. -.sp -Š•ŃŠ»Šø ŠæŠ¾Š»Šµ ŠæŠ°Ń€Š¾Š»Ń сŠ¾Š“ŠµŃ€Š¶Šøт стрŠ¾Šŗу, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š½Šµ уŠ“Š¾Š²Š»ŠµŃ‚Š²Š¾Ń€ŃŠµŃ‚ трŠµŠ±Š¾Š²Š°Š½ŠøяŠ¼ -\fBcrypt\fR(3), Š½Š°ŠæрŠøŠ¼ŠµŃ€ сŠ¾Š“ŠµŃ€Š¶Šøт ! ŠøŠ»Šø *, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ сŠ¼Š¾Š¶ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ unix Š“Š»Ń Š“Š¾ŃŃ‚ŃƒŠæŠ° Š² Š³Ń€ŃƒŠæŠæу (Š° чŠ»ŠµŠ½Ńƒ Š³Ń€ŃƒŠæŠæы ŠæŠ°Ń€Š¾Š»ŃŒ Š½Šµ Š½ŃƒŠ¶ŠµŠ½)\&. -.sp -ŠŸŠ°Ń€Š¾Š»ŃŒ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся, ŠµŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ, Š½Šµ яŠ²Š»ŃŃŽŃ‰ŠµŠ¼Ńƒ чŠ»ŠµŠ½Š¾Š¼ Š³Ń€ŃƒŠæŠæы, трŠµŠ±ŃƒŃŽŃ‚ся ŠæрŠ°Š²Š° этŠ¾Š¹ Š³Ń€ŃƒŠæŠæы (сŠ¼Š¾Ń‚Ń€ŠøтŠµ -\fBnewgrp\fR(1))\&. -.sp -Š­Ń‚Š¾ ŠæŠ¾Š»Šµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæустыŠ¼; Š² этŠ¾Š¼ сŠ»ŃƒŃ‡Š°Šµ тŠ¾Š»ŃŒŠŗŠ¾ чŠ»ŠµŠ½Ń‹ Š³Ń€ŃƒŠæŠæы Š¼Š¾Š³ŃƒŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ ŠæрŠ°Š²Š°Š¼Šø Š³Ń€ŃƒŠæŠæы\&. -.sp -ŠŸŠ¾Š»Šµ ŠæŠ°Ń€Š¾Š»Ń Š¼Š¾Š¶ŠµŃ‚ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с Š²Š¾ŃŠŗŠ»ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾Š³Š¾ Š·Š½Š°ŠŗŠ°, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠ³Š¾, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½\&. ŠžŃŃ‚Š°Š²ŃˆŠøŠµŃŃ сŠøŠ¼Š²Š¾Š»Ń‹ Š² стрŠ¾ŠŗŠµ ŠæрŠµŠ“стŠ°Š²Š»ŃŃŽŃ‚ ŠæŠ¾Š»Šµ ŠæŠ°Ń€Š¾Š»Ń Š“Š¾ ŠµŠ³Š¾ Š±Š»Š¾ŠŗŠøрŠ¾Š²ŠŗŠø\&. -.sp -Š”Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ Š·Š°Š¼ŠµŠ½ŃŠµŃ‚ Š»ŃŽŠ±Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ, уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ Š² фŠ°Š¹Š»Šµ -/etc/group\&. -.RE -.PP -\fBŠ°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ń‹\fR -.RS 4 -Š”ŠæŠøсŠ¾Šŗ ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· Š·Š°Šæятую\&. -.sp -ŠŠ“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ń‹ Š¼Š¾Š³ŃƒŃ‚ Š¼ŠµŠ½ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ ŠøŠ»Šø чŠ»ŠµŠ½ŃŃ‚Š²Š¾ Š² Š³Ń€ŃƒŠæŠæŠµ\&. -.sp -ŠŠ“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ń‹ тŠ°ŠŗŠ¶Šµ ŠøŠ¼ŠµŃŽŃ‚ тŠµ Š¶Šµ ŠæрŠ°Š²Š°, чтŠ¾ Šø чŠ»ŠµŠ½Ń‹ Š³Ń€ŃƒŠæŠæы (сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š“Š°Š»ŠµŠµ)\&. -.RE -.PP -\fBчŠ»ŠµŠ½Ń‹\fR -.RS 4 -Š”ŠæŠøсŠ¾Šŗ ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· Š·Š°Šæятую\&. -.sp -Š§Š»ŠµŠ½Ń‹ Š¼Š¾Š³ŃƒŃ‚ ŠøŠ¼ŠµŃ‚ŃŒ Š“Š¾ŃŃ‚ŃƒŠæ Šŗ Š³Ń€ŃƒŠæŠæŠµ Š±ŠµŠ· Š²Š²Š¾Š“Š° ŠæŠ°Ń€Š¾Š»Ń\&. -.sp -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ тŠ¾Ń‚ Š¶Šµ сŠæŠøсŠ¾Šŗ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ чтŠ¾ Šø Š² -/etc/group\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBgpasswd\fR(5), -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBgrpconv\fR(8), -\fBnewgrp\fR(1)\&. diff --git a/man/ru/man5/limits.5 b/man/ru/man5/limits.5 deleted file mode 100644 index c7ea73e2..00000000 --- a/man/ru/man5/limits.5 +++ /dev/null @@ -1,273 +0,0 @@ -'\" t -.\" Title: limits -.\" Author: Luca Berra -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "limits" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -limits \- фŠ°Š¹Š» ŠŗŠ¾Š½Ń‚Ń€Š¾Š»Ń рŠµŃŃƒŃ€ŃŠ¾Š² -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š’ фŠ°Š¹Š»Šµ -\fIlimits\fR -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -/etc/limits -ŠøŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµŠ¼ LIMITS_FILE Š² фŠ°Š¹Š»Šµ -config\&.h) Š¾ŠæŠøсыŠ²Š°ŃŽŃ‚ся Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š¼Š¾Š¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ\&. Š­Ń‚Š¾Ń‚ фŠ°Š¹Š» Š“Š¾Š»Š¶ŠµŠ½ ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‚ŃŒ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ Šø ŠæрŠ°Š²Š¾ Š½Š° чтŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ у суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю учётŠ½Š°Ń Š·Š°ŠæŠøсь \(Foroot\(Fc Š½ŠøчŠµŠ¼ Š½Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Š°\&. Š¤Š°ŠŗтŠøчŠµŃŠŗŠø, Š½ŠøŠŗŠ°Šŗ Š½ŠµŠ»ŃŒŠ·Ń устŠ°Š½Š¾Š²Šøть Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ этŠ¾Š¹ ŠæрŠ¾Ń†ŠµŠ“уры Š½Š° учётŠ½Ń‹Šµ Š·Š°ŠæŠøсŠø, ŠøŠ¼ŠµŃŽŃ‰ŠøŠµ ŠæрŠ°Š²Š° суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (учётŠ½Ń‹Šµ Š·Š°ŠæŠøсŠø с UID рŠ°Š²Š½Ń‹Š¼ 0)\&. -.PP -ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° Š¾ŠæŠøсыŠ²Š°ŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ Š“Š»Ń Š¾Š“Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ¼ŠµŠµŃ‚ Š²ŠøŠ“: -.PP -\fIuser Š”Š¢Š ŠžŠšŠ_ŠžŠ“Š ŠŠŠ˜Š§Š•ŠŠ˜Š™\fR -.PP -ŠøŠ»Šø Š² Š²ŠøŠ“Šµ: -.PP -\fI@group Š”Š¢Š ŠžŠšŠ_ŠžŠ“Š ŠŠŠ˜Š§Š•ŠŠ˜Š™\fR -.PP -\fIŠ”Š¢Š ŠžŠšŠ_ŠžŠ“Š ŠŠŠ˜Š§Š•ŠŠ˜Š™\fR -\(em этŠ¾ стрŠ¾ŠŗŠ°, Š² ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ уŠŗŠ°Š·Š°Š½Ń‹ срŠ°Š·Ńƒ Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹\&. ŠšŠ°Š¶Š“Š¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ сŠ¾ŃŃ‚Š¾Šøт ŠøŠ· Š±ŃƒŠŗŠ²ŠµŠ½Š½Š¾Š³Š¾ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š° Šø чŠøсŠ»Š¾Š²Š¾Š³Š¾ Š·Š½Š°Ń‡ŠµŠ½Šøя\&. -.PP -Š”Š¾ŠæустŠøŠ¼Ń‹Šµ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ń‹: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -A: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š°Š“рŠµŃŠ½Š¾Šµ ŠæрŠ¾ŃŃ‚Ń€Š°Š½ŃŃ‚Š²Š¾ (ŠšŠ‘) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -C: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ фŠ°Š¹Š»Š° core (ŠšŠ‘) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -D: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ Š“Š°Š½Š½Ń‹Ń… (ŠšŠ‘) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -F: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ фŠ°Š¹Š»Š° (ŠšŠ‘) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -K: Š¼Š°ŃŠŗŠ° сŠ¾Š·Š“Š°Š²Š°ŠµŠ¼Ń‹Ń… фŠ°Š¹Š»Š¾Š², устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŠµŃ‚ся с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ Š²Ń‹Š·Š¾Š²Š° -\fBumask\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -I: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ устуŠæчŠøŠ²Š¾ŃŃ‚Šø (nice) (0\&.\&.39, ŠæрŠµŠ¾Š±Ń€Š°Š·ŃƒŠµŠ¼Ń‹Šµ Š² 20\&.\&.\-19) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -L: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š²Š¾Š·Š¼Š¾Š¶Š½Ń‹Ń… рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¹ Š² сŠøстŠµŠ¼Šµ этŠ¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -M: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ сŠøŠ½Ń…Ń€Š¾Š½ŠøŠ·ŠøруŠµŠ¼Š¾Šµ Š°Š“рŠµŃŠ½Š¾Šµ ŠæрŠ¾ŃŃ‚Ń€Š°Š½ŃŃ‚Š²Š¾ ŠæŠ°Š¼ŃŃ‚Šø (ŠšŠ‘) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -N: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š¾Ń‚Šŗрытых фŠ°Š¹Š»Š¾Š² -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -O: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ ŠæрŠøŠ¾Ń€ŠøтŠµŃ‚ рŠµŠ°Š»ŃŒŠ½Š¾Š³Š¾ Š²Ń€ŠµŠ¼ŠµŠ½Šø -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -P: ŠæрŠøŠ¾Ń€ŠøтŠµŃ‚ ŠæрŠ¾Ń†ŠµŃŃŠ°, устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŠµŃ‚ся с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ Š²Ń‹Š·Š¾Š²Š° -\fBsetpriority\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -R: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ рŠµŠ·ŠøŠ“ŠµŠ½Ń‚Š½Š¾Š³Š¾ сŠµŠ³Š¼ŠµŠ½Ń‚Š° (ŠšŠ‘) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -S: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ стŠµŠŗŠ° (ŠšŠ‘) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -T: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š²Ń€ŠµŠ¼Ń ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š° (Š¼ŠøŠ½ŃƒŃ‚) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -U: Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ ŠæрŠ¾Ń†ŠµŃŃŠ¾Š² -.RE -.PP -ŠŠ°ŠæрŠøŠ¼ŠµŃ€, Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIL2D2048N5\fR -Š“Š¾ŠæустŠøŠ¼Š¾ Š“Š»Ń -\fIŠ”Š¢Š ŠžŠšŠ˜_ŠžŠ“Š ŠŠŠ˜Š§Š•ŠŠ˜Š™\fR\&. Š”Š»Ń уŠ“Š¾Š±ŃŃ‚Š²Š° чтŠµŠ½Šøя, сŠ»ŠµŠ“ующŠøŠµ Š·Š°ŠæŠøсŠø эŠŗŠ²ŠøŠ²Š°Š»ŠµŠ½Ń‚Š½Ń‹: -.sp -.if n \{\ -.RS 4 -.\} -.nf - username L2D2048N5 - username L2 D2048 N5 - -.fi -.if n \{\ -.RE -.\} -.PP -Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠæŠ¾ŃŠ»Šµ -\fIusername\fR -Š¾ŃŃ‚Š°Š²ŃˆŠ°ŃŃŃ чŠ°ŃŃ‚ŃŒ стрŠ¾ŠŗŠø счŠøтŠ°ŠµŃ‚ся стрŠ¾ŠŗŠ¾Š¹ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹, ŠæŠ¾ŃŃ‚Š¾Š¼Ńƒ ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€ŠøŠø Š½ŠµŠ“Š¾ŠæустŠøŠ¼Ń‹\&. ŠŠµŠæрŠ°Š²ŠøŠ»ŃŒŠ½Š°Ń стрŠ¾ŠŗŠ° Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹ Š±ŃƒŠ“ŠµŃ‚ Š¾Ń‚Š±Ń€Š¾ŃˆŠµŠ½Š° (Š½Šµ учтŠµŠ½Š°) ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š¾Š¹ -\fBlogin\fR\&. -.PP -Š—Š°ŠæŠøсь ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š²Ń‹Š³Š»ŃŠ“Šøт ŠŗŠ°Šŗ username "\fI*\fR"\&. Š•ŃŠ»Šø у Š²Š°Ń ŠµŃŃ‚ŃŒ Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠ¾ Š·Š°ŠæŠøсŠµŠ¹ -\fIŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\fR -Š² фŠ°Š¹Š»Šµ -\fILIMITS_FILE\fR, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ ŠæŠ¾ŃŠ»ŠµŠ“Š½ŃŃ\&. -.PP -ŠžŠ³Ń€Š°Š½ŠøчŠµŠ½Šøя, Š·Š°Š“Š°Š²Š°ŠµŠ¼Ń‹Šµ Š² Š²ŠøŠ“Šµ \(Fo\fI@group\fR\(Fc, ŠæрŠøŠ¼ŠµŠ½ŃŃŽŃ‚ся Šŗ чŠ»ŠµŠ½Š°Š¼ уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ Š³Ń€ŃƒŠæŠæы -\fIgroup\fR\&. -.PP -Š•ŃŠ»Šø Š“Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠµŃŃ‚ŃŒ Š±Š¾Š»ŠµŠµ Š¾Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹, тŠ¾ учŠøтыŠ²Š°ŠµŃ‚ся тŠ¾Š»ŃŒŠŗŠ¾ ŠæŠµŃ€Š²Š°Ń стрŠ¾ŠŗŠ°\&. -.PP -Š•ŃŠ»Šø Š“Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š½Šµ уŠŗŠ°Š·Š°Š½Š¾ Š½Šø Š¾Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø, тŠ¾ учŠøтыŠ²Š°ŠµŃ‚ся ŠæŠ¾ŃŠ»ŠµŠ“Š½ŃŃ стрŠ¾ŠŗŠ° -\fI@group\fR -с Š³Ń€ŃƒŠæŠæŠ¾Š¹, Š² ŠŗŠ¾Ń‚Š¾Ń€ŃƒŃŽ Š²Ń…Š¾Š“Šøт ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ, ŠøŠ»Šø ŠæŠ¾ŃŠ»ŠµŠ“Š½ŃŃ стрŠ¾ŠŗŠ° с Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøяŠ¼Šø ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠµŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½Š¾ Š³Ń€ŃƒŠæŠæ, Š² ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š²Ń…Š¾Š“Šøт ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\&. -.PP -Š§Ń‚Š¾Š±Ń‹ ŠæŠ¾Š»Š½Š¾ŃŃ‚ŃŒŃŽ сŠ½ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя с ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š¾Š“ŠøŠ½Š¾Ń‡Š½Š¾Šµ тŠøрŠµ \(Fo\fI\-\fR\(Fc\&. -.PP -Š§Ń‚Š¾Š±Ń‹ сŠ½ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ с ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š²Š¼ŠµŃŃ‚Š¾ чŠøсŠ»Š¾Š²Š¾Š³Š¾ Š·Š½Š°Ń‡ŠµŠ½Šøя Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š¾Š“ŠøŠ½Š¾Ń‡Š½Š¾Šµ тŠøрŠµ \(Fo\fI\-\fR\(Fc\&. -.PP -Š¢Š°ŠŗŠ¶Šµ Š·Š°Š¼ŠµŃ‚ŃŒŃ‚Šµ, чтŠ¾ Š²ŃŠµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹ Š“ŠµŠ»Š°ŃŽŃ‚ся Š”Š›ŠÆ ŠšŠžŠŠšŠ Š•Š¢ŠŠžŠ™ Š£Š§ŠŠ¢ŠŠžŠ™ Š—ŠŠŸŠ˜Š”Š˜\&. ŠžŠ½Šø Š½Šµ яŠ²Š»ŃŃŽŃ‚ся Š³Š»Š¾Š±Š°Š»ŃŒŠ½Ń‹Š¼Šø Šø Š½Šµ ŠæŠ¾ŃŃ‚Š¾ŃŠ½Š½Ń‹\&. Š’Š¾Š·Š¼Š¾Š¶Š½Š¾ Š³Š»Š¾Š±Š°Š»ŃŒŠ½Ń‹Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Šø ŠæŠ¾ŃŠ²ŃŃ‚ся, Š½Š¾ ŠæŠ¾ŠŗŠ° этŠ¾ тŠ¾Š»ŃŒŠŗŠ¾ Š² ŠæŠ»Š°Š½Š°Ń… ;) -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/limits -.RS 4 -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin\fR(1), -\fBsetpriority\fR(2), -\fBsetrlimit\fR(2)\&. diff --git a/man/ru/man5/login.access.5 b/man/ru/man5/login.access.5 deleted file mode 100644 index 99db3351..00000000 --- a/man/ru/man5/login.access.5 +++ /dev/null @@ -1,67 +0,0 @@ -'\" t -.\" Title: login.access -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "login\&.access" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -login.access \- фŠ°Š¹Š» ŠŗŠ¾Š½Ń‚Ń€Š¾Š»Ń Š“Š¾ŃŃ‚ŃƒŠæŠ° Š² сŠøстŠµŠ¼Ńƒ -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š’ фŠ°Š¹Š»Šµ -\fIlogin\&.access\fR -Š¾ŠæрŠµŠ“ŠµŠ»ŃŃŽŃ‚ся ŠŗŠ¾Š¼Š±ŠøŠ½Š°Ń†ŠøŠø (ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ, уŠ·ŠµŠ») Šø/ŠøŠ»Šø (ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ, тŠµŃ€Š¼ŠøŠ½Š°Š»), ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¼ Š±ŃƒŠ“ŠµŃ‚ рŠ°Š·Ń€ŠµŃˆŃ‘Š½ ŠøŠ»Šø Š·Š°ŠæрŠµŃ‰Ń‘Š½ Š²Ń…Š¾Š“ Š² сŠøстŠµŠ¼Ńƒ\&. -.PP -ŠšŠ¾Š³Š“Š° ŠŗтŠ¾\-тŠ¾ ŠæытŠ°ŠµŃ‚ся Š²Š¾Š¹Ń‚Šø Š² сŠøстŠµŠ¼Ńƒ Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ся сŠŗŠ°Š½ŠøрŠ¾Š²Š°Š½ŠøŠµ фŠ°Š¹Š»Š° -\fIlogin\&.access\fR -Š² ŠæŠ¾ŠøсŠŗŠ°Ń… ŠæŠµŃ€Š²Š¾Š¹ сŠ¾Š²ŠæŠ°Š“Š°ŃŽŃ‰ŠµŠ¹ Š·Š°ŠæŠøсŠø (ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ, уŠ·ŠµŠ»), ŠøŠ»Šø Š² сŠ»ŃƒŃ‡Š°Šµ Š½Šµ сŠµŃ‚ŠµŠ²Š¾Š³Š¾ Š²Ń…Š¾Š“Š°, ŠæŠµŃ€Š²Š¾Š¹ сŠ¾Š²ŠæŠ°Š“Š°ŃŽŃ‰ŠµŠ¹ Š·Š°ŠæŠøсŠø (ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ, тŠµŃ€Š¼ŠøŠ½Š°Š»)\&. Š˜Š· Š½Š°Š¹Š“ŠµŠ½Š½Š¾Š¹ Š·Š°ŠæŠøсŠø Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ся ŠæŠ¾Š»Šµ ŠæрŠ°Š² Š“Š¾ŃŃ‚ŃƒŠæŠ°, ŠæŠ¾ ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¼Ńƒ Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся рŠ°Š·Ń€ŠµŃˆŠ°Ń‚ŃŒ Š»Šø Š“Š°Š½Š½Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø Š²Ń…Š¾Š“ Š² сŠøстŠµŠ¼Ńƒ ŠøŠ»Šø Š½ŠµŃ‚\&. -.PP -ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° тŠ°Š±Š»Šøцы ŠŗŠ¾Š½Ń‚Ń€Š¾Š»Ń Š“Š¾ŃŃ‚ŃƒŠæŠ° Š² сŠøстŠµŠ¼Ńƒ сŠ¾ŃŃ‚Š¾Šøт ŠøŠ· трёх ŠæŠ¾Š»ŠµŠ¹ рŠ°Š·Š“ŠµŠ»Ń‘Š½Š½Ń‹Ń… сŠøŠ¼Š²Š¾Š»Š¾Š¼ \(Fo:\(Fc Šø Š²Ń‹Š³Š»ŃŠ“Šøт тŠ°Šŗ: -.PP -\fIŠæрŠ°Š²Š°_Š“Š¾ŃŃ‚ŃƒŠæŠ°\fR:\fIŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø\fR:\fIŠøстŠ¾Ń‡Š½ŠøŠŗŠø\fR -.PP -ŠŸŠµŃ€Š²Š¾Šµ ŠæŠ¾Š»Šµ Š“Š¾Š»Š¶Š½Š¾ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ сŠøŠ¼Š²Š¾Š» \(Fo\fI+\fR\(Fc (Š“Š¾ŃŃ‚ŃƒŠæ рŠ°Š·Ń€ŠµŃˆŃ‘Š½) ŠøŠ»Šø \(Fo\fI\-\fR\(Fc (Š“Š¾ŃŃ‚ŃƒŠæ Š·Š°ŠæрŠµŃ‰Ń‘Š½)\&. Š’Ń‚Š¾Ń€Š¾Šµ ŠæŠ¾Š»Šµ Š“Š¾Š»Š¶Š½Š¾ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ ŠøŠ¼Ń Š¾Š“Š½Š¾Š¹ ŠøŠ»Šø Š±Š¾Š»ŠµŠµ учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹, ŠøŠ¼ŠµŠ½Š° Š³Ń€ŃƒŠæŠæ ŠøŠ»Šø -\fIALL\fR -(Š²ŃŠµŠ³Š“Š° сŠ¾Š²ŠæŠ°Š“Š°ŠµŃ‚)\&. Š¢Ń€ŠµŃ‚ŃŒŠµ ŠæŠ¾Š»Šµ Š“Š¾Š»Š¶Š½Š¾ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ Š¾Š“Š½Š¾ ŠøŠ»Šø Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠøх ŠøŠ¼Ń‘Š½ тŠµŃ€Š¼ŠøŠ½Š°Š»Š¾Š² (Š“Š»Ń Š“Š¾ŃŃ‚ŃƒŠæŠ° Š½Šµ ŠøŠ· сŠµŃ‚Šø), ŠøŠ¼ŠµŠ½Š° уŠ·Š»Š¾Š², Š“Š¾Š¼ŠµŠ½Š½Ń‹Ń… ŠøŠ¼Ń‘Š½ (Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‚ся с \(Fo\&.\(Fc), Š°Š“рŠµŃŠ° уŠ·Š»Š¾Š², Š°Š“рŠµŃŠ° ŠæŠ¾Š“сŠµŃ‚ŠµŠ¹ (Š·Š°ŠŗŠ°Š½Ń‡ŠøŠ²Š°ŃŽŃ‚ся Š½Š° \(Fo\&.\(Fc), -\fIALL\fR -(Š²ŃŠµŠ³Š“Š° сŠ¾Š²ŠæŠ°Š“Š°ŠµŃ‚) ŠøŠ»Šø -\fILOCAL\fR -(Š»ŃŽŠ±Š°Ń стрŠ¾ŠŗŠ°, Š½Šµ сŠ¾Š“ŠµŃ€Š¶Š°Ń‰Š°Ń сŠøŠ¼Š²Š¾Š»Š° \(Fo\&.\(Fc)\&. Š•ŃŠ»Šø ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся NIS, тŠ¾ тŠ°ŠŗŠ¶Šµ Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ @ŠøŠ¼Ń_сŠµŃ‚ŠµŠ²Š¾Š¹_Š³Ń€ŃƒŠæŠæы Š² шŠ°Š±Š»Š¾Š½Š°Ń… уŠ·Š»Š¾Š² ŠøŠ»Šø ŠøŠ¼ŠµŠ½Š°Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.PP -ŠžŠæŠµŃ€Š°Ń‚Š¾Ń€ -\fIEXCEPT\fR -ŠæŠ¾Š¼Š¾Š³Š°ŠµŃ‚ Š² Š½Š°ŠæŠøсŠ°Š½ŠøŠø ŠŗŠ¾Š¼ŠæŠ°ŠŗтŠ½Ń‹Ń… ŠæрŠ°Š²ŠøŠ»\&. -.PP -ŠŸŠ¾ŠøсŠŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ ŠæрŠ¾ŠøŠ·Š²Š¾Š“Šøтся тŠ¾Š»ŃŒŠŗŠ¾ ŠŗŠ¾Š³Š“Š° ŠøŠ¼Ń Š½Šµ сŠ¾Š²ŠæŠ°Š“Š°ŠµŃ‚ с рŠµŠ³ŠøстрŠøрующŠøŠ¼ŃŃ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼\&. Š Š°ŃŃŠ¼Š°Ń‚Ń€ŠøŠ²Š°ŃŽŃ‚ся Š³Ń€ŃƒŠæŠæы тŠ¾Š»ŃŒŠŗŠ¾ с яŠ²Š½Š¾ ŠæрŠ¾ŠæŠøсŠ°Š½Š½Ń‹Š¼Šø Š² Š½Šøх ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼Šø: ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° Š½Šµ ŠæрŠøŠ½ŠøŠ¼Š°ŠµŃ‚ Š²Š¾ Š²Š½ŠøŠ¼Š°Š½ŠøŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin\fR(1)\&. diff --git a/man/ru/man5/login.defs.5 b/man/ru/man5/login.defs.5 deleted file mode 100644 index 257dcfdd..00000000 --- a/man/ru/man5/login.defs.5 +++ /dev/null @@ -1,815 +0,0 @@ -'\" t -.\" Title: login.defs -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "login\&.defs" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -login.defs \- сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š¤Š°Š¹Š» -/etc/login\&.defs -сŠ¾Š“ŠµŃ€Š¶Šøт Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ (shadow password suite)\&. Š­Ń‚Š¾Ń‚ фŠ°Š¹Š» яŠ²Š»ŃŠµŃ‚ся Š¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¼\&. ŠžŃ‚ŃŃƒŃ‚ŃŃ‚Š²ŠøŠµ Š“Š°Š½Š½Š¾Š³Š¾ фŠ°Š¹Š»Š° Š½Šµ ŠæŠ¾Š²Š»ŠøяŠµŃ‚ Š½Š° рŠ°Š±Š¾Ń‚Ńƒ сŠøстŠµŠ¼Ń‹, Š½Š¾, Š²ŠµŃ€Š¾ŃŃ‚Š½Š¾, ŠæрŠøŠ²ŠµŠ“ёт Šŗ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Šøю Š½ŠµŠ¶ŠµŠ»Š°ŠµŠ¼Ń‹Ń… Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¹\&. -.PP -Š¤Š°Š¹Š» ŠæрŠµŠ“стŠ°Š²Š»ŃŠµŃ‚ сŠ¾Š±Š¾Š¹ Š¾Š±Ń‹Ń‡Š½Ń‹Š¹ тŠµŠŗстŠ¾Š²Ń‹Š¹ фŠ°Š¹Š»; ŠŗŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° Š¾ŠæŠøсыŠ²Š°ŠµŃ‚ Š¾Š“ŠøŠ½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø\&. Š”трŠ¾ŠŗŠø сŠ¾ŃŃ‚Š¾ŃŃ‚ ŠøŠ· Š½Š°Š·Š²Š°Š½Šøя ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° Šø ŠµŠ³Š¾ Š·Š½Š°Ń‡ŠµŠ½Šøя, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ рŠ°Š·Š“ŠµŠ»ŃŃŽŃ‚ся ŠæрŠ¾Š±ŠµŠ»ŃŒŠ½Ń‹Š¼ сŠøŠ¼Š²Š¾Š»Š¾Š¼\&. ŠŸŃƒŃŃ‚Ń‹Šµ стрŠ¾ŠŗŠø Šø ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€ŠøŠø ŠøŠ³Š½Š¾Ń€Šøруются\&. ŠšŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€ŠøŠø Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‚ся сŠ¾ Š·Š½Š°ŠŗŠ° фуŠ½Ń‚Š° \(Fo#\(Fc, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€Š²Ń‹Š¼ Š½ŠµŠæрŠ¾Š±ŠµŠ»ŃŒŠ½Ń‹Š¼ сŠøŠ¼Š²Š¾Š»Š¾Š¼ Š² стрŠ¾ŠŗŠµ\&. -.PP -Š—Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² Š¼Š¾Š³ŃƒŃ‚ Š±Ń‹Ń‚ŃŒ чŠµŃ‚ырёх тŠøŠæŠ¾Š²: стрŠ¾ŠŗŠø, Š»Š¾Š³ŠøчŠµŃŠŗŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя, чŠøсŠ»Š° Šø Š“Š»ŠøŠ½Š½Ń‹Šµ чŠøсŠ»Š°\&. Š”трŠ¾ŠŗŠø сŠ¾ŃŃ‚Š¾ŃŃ‚ ŠøŠ· Š»ŃŽŠ±Ń‹Ń… ŠæŠµŃ‡Š°Ń‚Š½Ń‹Ń… сŠøŠ¼Š²Š¾Š»Š¾Š²\&. ŠŸŠ¾Š“ Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¼Šø Š·Š½Š°Ń‡ŠµŠ½ŠøяŠ¼Šø ŠæŠ¾Š“рŠ°Š·ŃƒŠ¼ŠµŠ²Š°ŃŽŃ‚ся -\fIyes\fR -ŠøŠ»Šø -\fIno\fR\&. ŠŠµŠ¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Ń‹Š¹ Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøŠ»Šø ŠøŠ¼ŠµŃŽŃ‰ŠøŠ¹ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ, Š¾Ń‚Š»ŠøчŠ½Š¾Šµ Š¾Ń‚ уŠŗŠ°Š·Š°Š½Š½Ń‹Ń… Š²Ń‹ŃˆŠµ, счŠøтŠ°ŠµŃ‚ся ŠŗŠ°Šŗ ŠøŠ¼ŠµŃŽŃ‰ŠøŠ¹ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIno\fR\&. Š§ŠøсŠ»Š° (Š¾Š±Ń‹Ń‡Š½Ń‹Šµ Šø Š“Š»ŠøŠ½Š½Ń‹Šµ) Š¼Š¾Š¶Š½Š¾ Š·Š°Š“Š°Š²Š°Ń‚ŃŒ Š² Š“ŠµŃŃŃ‚ŠøчŠ½Š¾Š¹, Š²Š¾ŃŃŒŠ¼ŠµŃ€ŠøчŠ½Š¾Š¹ (ŠæŠµŃ€ŠµŠ“ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµŠ¼ стŠ°Š²Šøтся \(Fo\fI0\fR\(Fc) ŠøŠ»Šø шŠµŃŃ‚Š½Š°Š“цŠ°Ń‚ŠµŃ€ŠøчŠ½Š¾Š¹ (ŠæŠµŃ€ŠµŠ“ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµŠ¼ стŠ°Š²Šøтся \(Fo\fI0x\fR\(Fc) сŠøстŠµŠ¼Š°Ń… счŠøсŠ»ŠµŠ½Šøя\&. ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Šµ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° Š¾Š±Ń‹Ń‡Š½Š¾Š³Š¾ Šø Š“Š»ŠøŠ½Š½Š¾Š³Š¾ чŠøсŠ»Š° Š·Š°Š²Šøсят Š¾Ń‚ Š°Ń€Ń…ŠøтŠµŠŗтуры ŠŗŠ¾Š¼ŠæьютŠµŃ€Š°\&. -.PP -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹ сŠ»ŠµŠ“ующŠøŠµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø: -.PP -\fBCHFN_AUTH\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š•ŃŠ»Šø рŠ°Š²Š½Š¾ yes, chfn -.RE -.PP -\fBCHFN_RESTRICT\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š­Ń‚ŠøŠ¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ Š¾ŠæрŠµŠ“ŠµŠ»ŃŃŽŃ‚ся чŠ°ŃŃ‚Šø ŠæŠ¾Š»Ń -\fIgecos\fR -Š² фŠ°Š¹Š»Šµ -/etc/passwd, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š¼Š¾Š³ŃƒŃ‚ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ Š¾Š±Ń‹Ń‡Š½Ń‹Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ -\fBchfn\fR\&. Š”трŠ¾ŠŗŠ° Š¼Š¾Š¶ŠµŃ‚ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ Š»ŃŽŠ±ŃƒŃŽ ŠŗŠ¾Š¼Š±ŠøŠ½Š°Ń†Šøю Š±ŃƒŠŗŠ² -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR -Š“Š»Ń ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя ŠæŠ¾Š»Š½Š¾Š³Š¾ ŠøŠ¼ŠµŠ½Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š½Š¾Š¼ŠµŃ€Š° ŠŗŠ¾Š¼Š½Š°Ń‚Ń‹, рŠ°Š±Š¾Ń‡ŠµŠ³Š¾ Šø Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ тŠµŠ»ŠµŃ„Š¾Š½Š°, сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠµŠ½Š½Š¾\&. Š”Š»Ń сŠ¾Š²Š¼ŠµŃŃ‚ŠøŠ¼Š¾ŃŃ‚Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIyes\fR -эŠŗŠ²ŠøŠ²Š°Š»ŠµŠ½Ń‚Š½Š¾ -\fIrwh\fR -Šø -\fIno\fR -эŠŗŠ²ŠøŠ²Š°Š»ŠµŠ½Ń‚Š½Š¾ -\fIfrwh\fR\&. Š•ŃŠ»Šø Š½ŠøчŠµŠ³Š¾ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ тŠ¾Š»ŃŒŠŗŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ Š²Ń‹ŠæŠ¾Š»Š½ŃŃ‚ŃŒ Š»ŃŽŠ±Ń‹Šµ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя\&. ŠŠ°ŠøŠ±Š¾Š»ŠµŠµ Š¾Š³Ń€Š°Š½ŠøчŠøтŠµŠ»ŃŒŠ½Š°Ń Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠ° Š“Š¾ŃŃ‚ŠøŠ³Š°ŠµŃ‚ся сŠ½ŃŃ‚ŠøŠµŠ¼ SUID Š±ŠøтŠ° с фŠ°Š¹Š»Š° -chfn\&. -.RE -.PP -\fBCHSH_AUTH\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š•ŃŠ»Šø рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° -\fBchsh\fR -Š±ŃƒŠ“ŠµŃ‚ ŠæрŠ¾Š²Š¾Š“Šøть Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†Šøю ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ Š²Ń‹ŠæŠ¾Š»Š½Šøть Š»ŃŽŠ±Ń‹Šµ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя, Š² сŠ»ŃƒŃ‡Š°Šµ ŠµŃŠ»Šø ŠŗŠ¾Š¼Š°Š½Š“Š° Š½Šµ Š·Š°ŠæущŠµŠ½Ń‹ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¼\&. -.RE -.PP -\fBCONSOLE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ ŠøŠ»Šø ŠæŠ¾Š»Š½Š¾Š¼Ńƒ ŠæутŠø Šŗ фŠ°Š¹Š»Ńƒ с ŠøŠ¼ŠµŠ½Š°Š¼Šø устрŠ¾Š¹ŃŃ‚Š² (Š¾Š“Š½Š¾ Š½Š° стрŠ¾Šŗу), ŠøŠ»Šø сŠæŠøсŠŗу ŠøŠ¼Ń‘Š½ устрŠ¾Š¹ŃŃ‚Š², ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· \(Fo:\(Fc\&. Š’Ń…Š¾Š“ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ рŠ°Š·Ń€ŠµŃˆŃ‘Š½ тŠ¾Š»ŃŒŠŗŠ¾ с этŠøх устрŠ¾Š¹ŃŃ‚Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ Š²Ń…Š¾Š“Šøть Š² сŠøстŠµŠ¼Ńƒ с Š»ŃŽŠ±Š¾Š³Š¾ устрŠ¾Š¹ŃŃ‚Š²Š°\&. -.sp -Š£ŃŃ‚Ń€Š¾Š¹ŃŃ‚Š²Š° Š“Š¾Š»Š¶Š½Ń‹ уŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒŃŃ Š±ŠµŠ· Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ ŠæрŠµŃ„ŠøŠŗсŠ° /dev/\&. -.RE -.PP -\fBCONSOLE_GROUPS\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š”ŠæŠøсŠ¾Šŗ Š³Ń€ŃƒŠæŠæ Š“Š»Ń Š“Š¾Š±Š°Š²Š»ŠµŠ½Šøя Šŗ Š½Š°Š±Š¾Ń€Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøх Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Ń… Š³Ń€ŃƒŠæŠæ ŠæрŠø Š²Ń…Š¾Š“Šµ с ŠŗŠ¾Š½ŃŠ¾Š»Šø (Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŠ¼Š¾Š¹ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ CONSOLE)\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š½Šµ уŠŗŠ°Š·Š°Š½Š°\&. - -Š˜ŃŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ Š¾ŃŃ‚Š¾Ń€Š¾Š¶Š½Š¾ \(em Š¼Š¾Š¶ŠµŃ‚ Š“Š°Ń‚ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ ŠæŠ¾ŃŃ‚Š¾ŃŠ½Š½Ń‹Š¹ Š“Š¾ŃŃ‚ŃƒŠæ Šŗ этŠøŠ¼ Š³Ń€ŃƒŠæŠæŠ°Š¼, Š“Š°Š¶Šµ ŠµŃŠ»Šø Š¾Š½Šø Š½Šµ Š²Ń…Š¾Š“ŠøŠ»Šø с ŠŗŠ¾Š½ŃŠ¾Š»Šø\&. -.RE -.PP -\fBCREATE_HOME\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚, Š“Š¾Š»Š¶ŠµŠ½ Š»Šø сŠ¾Š·Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š“Š»Ń Š½Š¾Š²Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š½Šµ Š²Š»ŠøяŠµŃ‚ Š½Š° сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Šø Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š° ŠøŠ· ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø\&. -.RE -.PP -\fBDEFAULT_HOME\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚, Š¼Š¾Š¶Š½Š¾ Š»Šø Š²Š¾Š¹Ń‚Šø Š² сŠøстŠµŠ¼Ńƒ, ŠµŃŠ»Šø Š½ŠµŠ»ŃŒŠ·Ń Š²Ń‹ŠæŠ¾Š»Š½Šøть cd Š² Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю \(Fono\(Fc\&. -.sp -Š•ŃŠ»Šø рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾ŠæŠ°Š“Š°Ń‚ŃŒ Š² ŠŗŠ¾Ń€Š½ŠµŠ²Š¾Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ (/), ŠµŃŠ»Šø Š½ŠµŠ²Š¾Š·Š¼Š¾Š¶Š½Š¾ Š²Ń‹ŠæŠ¾Š»Š½Šøть cd Š² ŠµŠ³Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. -.RE -.PP -\fBENCRYPT_METHOD\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ сŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹ (ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся, ŠµŃŠ»Šø Š°Š»Š³Š¾Ń€ŠøтŠ¼ Š½Šµ уŠŗŠ°Š·Š°Š½ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -\fIDES\fR -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBENV_HZ\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя HZ ŠæрŠø Š²Ń…Š¾Š“Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² сŠøстŠµŠ¼Ńƒ\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с -\fIHZ=\fR\&. ŠžŠ±Ń‹Ń‡Š½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š»Ń Linux \(em -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_PATH\fR (стрŠ¾ŠŗŠ°) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (стрŠ¾ŠŗŠ°) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя TZ ŠæрŠø Š²Ń…Š¾Š“Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ рŠ°Š²Š½Š¾ ŠøŠ¼ŠµŠ½Šø чŠ°ŃŠ¾Š²Š¾Š³Š¾ ŠæŠ¾ŃŃŠ°, Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‰ŠµŠ³Š¾ŃŃ -\fITZ=\fR -(Š½Š°ŠæрŠøŠ¼ŠµŃ€, -\fITZ=CST6CDT\fR), ŠøŠ»Šø ŠæŠ¾Š»Š½Š¾Š¼Ńƒ ŠæутŠø Šŗ фŠ°Š¹Š»Ńƒ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø чŠ°ŃŠ¾Š²Š¾Š³Š¾ ŠæŠ¾ŃŃŠ° (Š½Š°ŠæрŠøŠ¼ŠµŃ€, -/etc/tzname)\&. -.sp -Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ¾Š»Š½Ń‹Š¹ Šæуть, Š½Š¾ фŠ°Š¹Š» Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ ŠøŠ»Šø Š½ŠµŠ“Š¾ŃŃ‚ŃƒŠæŠµŠ½ Š“Š»Ń чтŠµŠ½Šøя, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: -\fITZ=CST6CDT\fR\&. -.RE -.PP -\fBENVIRON_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø этŠ¾Ń‚ фŠ°Š¹Š» сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Šø Š“Š¾ŃŃ‚ŃƒŠæ Š“Š»Ń чтŠµŠ½Šøя, тŠ¾ ŠøŠ· Š½ŠµŠ³Š¾ чŠøтŠ°ŠµŃ‚ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Šµ Š¾ŠŗруŠ¶ŠµŠ½ŠøŠµ\&. ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° Š“Š¾Š»Š¶Š½Š° ŠøŠ¼ŠµŃ‚ŃŒ фŠ¾Ń€Š¼Š°Ń‚: ŠøŠ¼Ń=Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š”трŠ¾ŠŗŠø, Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‰ŠøŠµŃŃ с #, счŠøтŠ°ŃŽŃ‚ся ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€ŠøŠµŠ¼ Šø ŠøŠ³Š½Š¾Ń€Šøруются\&. -.RE -.PP -\fBERASECHAR\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ¼Š²Š¾Š» ERASE у тŠµŃ€Š¼ŠøŠ½Š°Š»Š° (\fI010\fR -= backspace, -\fI0177\fR -= DEL)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š¾Š¶ŠµŃ‚ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с \(Fo0\(Fc ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø Š·Š½Š°Ń‡ŠµŠ½Šøя Š² Š²Š¾ŃŃŒŠ¼ŠµŃ€ŠøчŠ½Š¾Š¹ сŠøстŠµŠ¼Šµ счŠøсŠ»ŠµŠ½Šøя ŠøŠ»Šø \(Fo0x\(Fc ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø Š·Š½Š°Ń‡ŠµŠ½Šøя Š² шŠµŃŃ‚Š½Š°Š“цŠ°Ń‚ŠµŃ€ŠøчŠ½Š¾Š¹ сŠøстŠµŠ¼Šµ счŠøсŠ»ŠµŠ½Šøя\&. -.RE -.PP -\fBFAIL_DELAY\fR (чŠøсŠ»Š¾) -.RS 4 -Š—Š°Š“ŠµŃ€Š¶ŠŗŠ° Š² сŠµŠŗуŠ½Š“Š°Ń… ŠæŠµŃ€ŠµŠ“ ŠæŠ¾Š²Ń‚Š¾Ń€Š½Š¾Š¹ ŠæŠ¾ŠæытŠŗŠ¾Š¹ ŠæŠ¾ŃŠ»Šµ Š½ŠµŃƒŠ“Š°Ń‡Š½Š¾Š³Š¾ Š²Ń…Š¾Š“Š°\&. -.RE -.PP -\fBFAILLOG_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ Šø ŠæŠ¾ŠŗŠ°Š· ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… Š²Ń…Š¾Š“Š°Ń… ŠøŠ· -/var/log/faillog\&. -.RE -.PP -\fBFAKE_SHELL\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° -\fBlogin\fR -Š·Š°ŠæустŠøт уŠŗŠ°Š·Š°Š½Š½ŃƒŃŽ Š¾Š±Š¾Š»Š¾Ń‡Šŗу Š²Š¼ŠµŃŃ‚Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø Š·Š°Š“Š°Š½Š½Š¾Š¹ Š² -/etc/passwd\&. -.RE -.PP -\fBFTMP_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Šµ ŠæŠ¾ŠæытŠŗŠø Š²Ń…Š¾Š“Š° Š±ŃƒŠ“ут ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Ń‚ŃŒŃŃ Š² этŠ¾Ń‚ фŠ°Š¹Š» Š² фŠ¾Ń€Š¼Š°Ń‚Šµ utmp\&. -.RE -.PP -\fBGID_MAX\fR (чŠøсŠ»Š¾), \fBGID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæ, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR, -\fBgroupadd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя Š¾Š±Ń‹Ń‡Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBGID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBGID_MAX\fR) рŠ°Š²Š½Š¾ 1000 (сŠ¾Š¾Ń‚Š²\&. 60000)\&. -.RE -.PP -\fBHUSHLOGIN_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ этŠ¾Ń‚ фŠ°Š¹Š» Š¼Š¾Š¶ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ Š²ŃŠµ Š¾Š±Ń‹Ń‡Š½Ń‹Šµ ŠæŠµŃ€ŠµŠ³Š¾Š²Š¾Ń€Ń‹ (chatter) ŠæрŠø Š²Ń…Š¾Š“Šµ\&. Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ¾Š»Š½Ń‹Š¹ Šæуть Šŗ фŠ°Š¹Š»Ńƒ, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š²ŠŗŠ»ŃŽŃ‡Ń‘Š½ сŠ¾ŠŗрŠ°Ń‰Ń‘Š½Š½Ń‹Š¹ (hushed) рŠµŠ¶ŠøŠ¼, ŠµŃŠ»Šø Š² этŠ¾Š¼ фŠ°Š¹Š»Šµ уŠŗŠ°Š·Š°Š½Š¾ ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ°\&. Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ Š½Šµ ŠæŠ¾Š»Š½Ń‹Š¹ Šæуть, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š²ŠŗŠ»ŃŽŃ‡Ń‘Š½ сŠ¾ŠŗрŠ°Ń‰Ń‘Š½Š½Ń‹Š¹ (hushed) рŠµŠ¶ŠøŠ¼, ŠµŃŠ»Šø фŠ°Š¹Š» Š½Š°Ń…Š¾Š“Šøтся Š² Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼ ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fBISSUE_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ этŠ¾Ń‚ фŠ°Š¹Š» Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾ŠŗŠ°Š·Š°Š½ ŠæŠµŃ€ŠµŠ“ ŠŗŠ°Š¶Š“ыŠ¼ ŠæŠ¾ŃŠ²Š»ŠµŠ½ŠøŠµŠ¼ ŠæрŠøŠ³Š»Š°ŃˆŠµŠ½Šøя Š½Š° Š²Ń…Š¾Š“\&. -.RE -.PP -\fBKILLCHAR\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ¼Š²Š¾Š» KILL у тŠµŃ€Š¼ŠøŠ½Š°Š»Š° (\fI025\fR -= CTRL/U)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š¾Š¶ŠµŃ‚ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с \(Fo0\(Fc ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø Š·Š½Š°Ń‡ŠµŠ½Šøя Š² Š²Š¾ŃŃŒŠ¼ŠµŃ€ŠøчŠ½Š¾Š¹ сŠøстŠµŠ¼Šµ счŠøсŠ»ŠµŠ½Šøя ŠøŠ»Šø \(Fo0x\(Fc ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø Š·Š½Š°Ń‡ŠµŠ½Šøя Š² шŠµŃŃ‚Š½Š°Š“цŠ°Ń‚ŠµŃ€ŠøчŠ½Š¾Š¹ сŠøстŠµŠ¼Šµ счŠøсŠ»ŠµŠ½Šøя\&. -.RE -.PP -\fBLASTLOG_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ Šø ŠæŠ¾ŠŗŠ°Š· ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾ Š²Ń€ŠµŠ¼ŠµŠ½Šø Š²Ń…Š¾Š“Š° ŠøŠ· /var/log/lastlog\&. -.RE -.PP -\fBLOG_OK_LOGINS\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ усŠæŠµŃˆŠ½Ń‹Ń… Š²Ń…Š¾Š“Š¾Š²\&. -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæŠ¾ŠŗŠ°Š· Š½ŠµŠøŠ·Š²ŠµŃŃ‚Š½Ń‹Ń… ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠæрŠø Š·Š°ŠæŠøсŠø Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š°\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ Š½ŠµŠøŠ·Š²ŠµŃŃ‚Š½Ń‹Ń… ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¼Š¾Š¶ŠµŃ‚ ŠæрŠøŠ²ŠµŃŃ‚Šø Šŗ ŠæрŠ¾Š±Š»ŠµŠ¼Š°Š¼ с Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚ŃŒŃŽ, ŠµŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š²Š²ŠµŠ“ёт сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ Š²Š¼ŠµŃŃ‚Š¾ сŠ²Š¾ŠµŠ³Š¾ ŠøŠ¼ŠµŠ½Šø\&. -.RE -.PP -\fBLOGIN_RETRIES\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° ŠæрŠø Š²Š²Š¾Š“Šµ Š½ŠµŠ²ŠµŃ€Š½Š¾Š³Š¾ ŠæŠ°Ń€Š¾Š»Ń\&. -.RE -.PP -\fBLOGIN_STRING\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š”трŠ¾ŠŗŠ°\-ŠæрŠøŠ³Š»Š°ŃˆŠµŠ½ŠøŠµ Šŗ Š²Š²Š¾Š“у ŠæŠ°Ń€Š¾Š»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: \(FoPassword:\(Fc ŠøŠ»Šø ŠæŠµŃ€ŠµŠ²Š¾Š“ этŠ¾Š¹ стрŠ¾ŠŗŠø Š½Š° рŠ°Š·Š½Ń‹Šµ яŠ·Ń‹ŠŗŠø\&. Š•ŃŠ»Šø Š²Ń‹ ŠøŠ·Š¼ŠµŠ½ŠøтŠµ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, тŠ¾ ŠæŠµŃ€ŠµŠ²Š¾Š“ Š±ŃƒŠ“ŠµŃ‚ Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.sp -Š•ŃŠ»Šø Š² стрŠ¾ŠŗŠµ сŠ¾Š“ŠµŃ€Š¶Šøтся ŠæŠ¾Š“стрŠ¾ŠŗŠ° -\fI%s\fR, тŠ¾ Š¾Š½Š° Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š¼ŠµŠ½ŠµŠ½Š° Š½Š° ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fBLOGIN_TIMEOUT\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š²Ń€ŠµŠ¼Ń Š² сŠµŠŗуŠ½Š“Š°Ń…, Š¾Ń‚Š²ŠµŠ“ёŠ½Š½Š¾Šµ Š½Š° Š²Ń…Š¾Š“\&. -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ ŠæрŠ¾Š²ŠµŃ€Šŗу Šø ŠæŠ¾ŠŗŠ°Š· сŠ¾ŃŃ‚Š¾ŃŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Š¾Š³Š¾ ящŠøŠŗŠ° ŠæрŠø Š²Ń…Š¾Š“Šµ\&. -.sp -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ Š²Ń‹ŠŗŠ»ŃŽŃ‡Šøть этŠ¾, ŠµŃŠ»Šø ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ящŠøŠŗ ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся ŠøŠ· фŠ°Š¹Š»Š¾Š² Š°Š²Ń‚Š¾Š·Š°ŠæусŠŗŠ° Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø (\(Fomailx \-e\(Fc ŠøŠ»Šø ŠæŠ¾Ń…Š¾Š¶ŠµŠ¹ ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹)\&. -.RE -.PP -\fBMAIL_DIR\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠŸŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. Š”Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½ŃƒŠ¶ŠµŠ½ Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¼ ящŠøŠŗŠ¾Š¼ ŠæрŠø ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠø ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠæрŠø сŠ±Š¾Ń€ŠŗŠµ\&. -.RE -.PP -\fBMAIL_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½ŠøŠµ ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Ń… фŠ°Š¹Š»Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¾Ń‚Š½Š¾ŃŠøтŠµŠ»ŃŒŠ½Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. -.RE -.PP -ŠŸŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ -\fBMAIL_DIR\fR -Šø -\fBMAIL_FILE\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š°Š¼Šø -\fBuseradd\fR, -\fBusermod\fR -Šø -\fBuserdel\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя, ŠæŠµŃ€ŠµŠ¼ŠµŃ‰ŠµŠ½Šøя ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBMAIL_CHECK_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š¾Š½Šø тŠ°ŠŗŠ¶Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠ±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š½Š¾Š²Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š±ŃƒŠ“ут Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Ń‹ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5, сŠ¾Š²Š¼ŠµŃŃ‚ŠøŠ¼Š¾Š¼Ńƒ с ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¼ Š² Š½Š¾Š²Ń‹Ń… Š²ŠµŃ€ŃŠøях FreeBSD\&. ŠžŠ½ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø Š½ŠµŠ¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½Š¾Š¹ Š“Š»ŠøŠ½Ń‹ Šø ŠøŠ¼ŠµŠµŃ‚ Š±Š¾Š»ŠµŠµ Š“Š»ŠøŠ½Š½ŃƒŃŽ стрŠ¾Šŗу сŠ¾Š»Šø\&. Š£ŃŃ‚Š°Š½Š¾Š²ŠøтŠµ Š² -\fIno\fR, ŠµŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ ŠŗŠ¾ŠæŠøрŠ¾Š²Š°Ń‚ŃŒ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š² Š“руŠ³ŠøŠµ сŠøстŠµŠ¼Ń‹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š½Šµ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŃŽŃ‚ Š½Š¾Š²Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -\fIno\fR\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -ŠøŠ»Šø Š»ŃŽŠ±Ń‹Š¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š·Š°Š“Š°Ń‘Ń‚ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń устŠ°Ń€ŠµŠ»Š°; ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBMOTD_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ ŠæрŠø Š²Ń…Š¾Š“Šµ Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾ŠŗŠ°Š·Š°Š½Š¾ \(FoсŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ Š“Š½Ń\(Fc ŠøŠ· фŠ°Š¹Š»Š° сŠ¾ сŠæŠøсŠŗŠ¾Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹, рŠ°Š·Š“ŠµŠ»Ń‘Š½Š½Ń‹Ń… \(Fo:\(Fc\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ ŠøŠ¼ŠµŠ½Šø фŠ°Š¹Š»Š°, чьё сущŠµŃŃ‚Š²Š¾Š²Š°Š½ŠøŠµ Š·Š°ŠæрŠµŃ‚Šøт Š²Ń…Š¾Š“ Š“Š»Ń Š½Šµ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. Š’ фŠ°Š¹Š»Šµ Š“Š¾Š»Š¶Š½Š¾ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒŃŃ сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ, Š¾ŠæŠøсыŠ²Š°ŃŽŃ‰ŠµŠµ ŠæŠ¾Ń‡ŠµŠ¼Ńƒ Š·Š°ŠæрŠµŃ‰Ń‘Š½ Š²Ń…Š¾Š“\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Šµ ŠæрŠ¾Š²ŠµŃ€ŠŗŠø ŠæрŠø сŠ¼ŠµŠ½Šµ ŠæŠ°Ń€Š¾Š»Ń\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠŸŃ€ŠµŠ“уŠæрŠµŠ¶Š“Š°Ń‚ŃŒ Š¾ сŠ»Š°Š±Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŃŃ… (Š½Š¾ рŠ°Š·Ń€ŠµŃˆŠ°Ń‚ŃŒ Šøх ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ) Š“Š»Ń суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæŠ¾ŠæытŠ¾Šŗ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń (сŠ»ŠøшŠŗŠ¾Š¼ ŠæрŠ¾ŃŃ‚Š¾Š³Š¾) ŠæрŠø Š½ŠµŠæрŠ¾Ń…Š¾Š¶Š“ŠµŠ½ŠøŠø ŠæрŠ¾Š²ŠµŃ€ŠŗŠø\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š¾Š»ŃŒ стŠ°Ń€ŠµŠµ этŠ¾Š³Š¾ чŠøсŠ»Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæрŠ¾Ń†ŠµŠ“урŠ° сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š¼ŠµŠ¶Š“у ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøяŠ¼Šø ŠæŠ°Ń€Š¾Š»Ń\&. Š›ŃŽŠ±Š°Ń сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń рŠ°Š½ŠµŠµ Š·Š°Š“Š°Š½Š½Š¾Š³Š¾ срŠ¾ŠŗŠ° Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š° Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (чŠøсŠ»Š¾) -.RS 4 -Š§ŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š·Š° ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š½Š°Ń‡Š½Ń‘Ń‚ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń\&. ŠŃƒŠ»ŠµŠ²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Ń‘Ń‚ŃŃ Š² Š“ŠµŠ½ŃŒ устŠ°Ń€ŠµŠ²Š°Š½Šøя, ŠæрŠø Š¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠø ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, Š²Ń‹Š“Š°Ń‡Š° ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾Ń‚ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ся\&. -.RE -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры -\fBPASS_MAX_DAYS\fR, -\fBPASS_MIN_DAYS\fR -Šø -\fBPASS_WARN_AGE\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся тŠ¾Š»ŃŒŠŗŠ¾ ŠæрŠø сŠ¾Š·Š“Š°Š½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š›ŃŽŠ±Ń‹Šµ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя этŠøх ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² Š½Šµ Š²Š»Šøяют Š½Š° уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠøŠµ учётŠ½Ń‹Šµ Š·Š°ŠæŠøсŠø\&. -.PP -\fBPASS_MAX_LEN\fR (чŠøсŠ»Š¾), \fBPASS_MIN_LEN\fR (чŠøсŠ»Š¾) -.RS 4 -ŠšŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š·Š½Š°Ń‡ŠøŠ¼Ń‹Ń… сŠøŠ¼Š²Š¾Š»Š¾Š² Š² ŠæŠ°Ń€Š¾Š»Šµ Š“Š»Ń crypt()\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBPASS_MAX_LEN\fR -рŠ°Š²Š½Š¾ 8\&. ŠŠµ ŠøŠ·Š¼ŠµŠ½ŃŠ¹Ń‚Šµ, ŠµŃŠ»Šø Š²Š°Ńˆ crypt() Š»ŃƒŃ‡ŃˆŠµ\&. Š˜Š³Š½Š¾Ń€ŠøруŠµŃ‚ся, ŠµŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBMD5_CRYPT_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Š²ŠµŃ€Šŗу Š²Ń€ŠµŠ¼ŠµŠ½Š½Ń‹Ń… Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹, Š·Š°Š“Š°Š½Š½Ń‹Ń… Š² -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Š½Š¾Š²Šŗу Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠ¹ рŠµŃŃƒŃ€ŃŠ¾Š² ŠøŠ· -/etc/limits -Šø ulimit, umask Šø niceness ŠøŠ· ŠæŠ¾Š»Ń gecos фŠ°Š¹Š»Š° passwd\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (чŠøсŠ»Š¾), \fBSHA_CRYPT_MAX_ROUNDS\fR (чŠøсŠ»Š¾) -.RS 4 -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBENCRYPT_METHOD\fR -рŠ°Š²Š½Š¾ -\fISHA256\fR -ŠøŠ»Šø -\fISHA512\fR, этŠ° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² SHA, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Ń… Š°Š»Š³Š¾Ń€ŠøтŠ¼Š¾Š¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š½Šµ Š·Š°Š“Š°Š½Š¾ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š£Š²ŠµŠ»ŠøчŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾Š²Ń‹ŃˆŠ°ŠµŃ‚ сŠ»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ ŠæŠ¾Š“Š±Š¾Ń€Š° ŠæŠ°Ń€Š¾Š»Ń ŠæрŠ¾ŃŃ‚Ń‹Š¼ ŠæŠµŃ€ŠµŠ±Š¾Ń€Š¾Š¼\&. ŠŠ¾ Š·Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠæрŠø этŠ¾Š¼ Š“Š»Ń Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ трŠµŠ±ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š½Ń‹Ń… рŠµŃŃƒŃ€ŃŠ¾Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š·Š°Š“Š°Š½Š°, тŠ¾ libc Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (5000)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½Šøя Š“Š¾Š»Š¶Š½Ń‹ Š»ŠµŠ¶Š°Ń‚ŃŒ Š² Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Šµ 1000\-999999999\&. -.sp -Š•ŃŠ»Šø Š·Š°Š“Š°Š½Š¾ ŠŗŠ°ŠŗŠ¾Šµ\-тŠ¾ Š¾Š“Š½Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \(em -\fBSHA_CRYPT_MIN_ROUNDS\fR -ŠøŠ»Šø -\fBSHA_CRYPT_MAX_ROUNDS\fR -\(em тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ этŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š•ŃŠ»Šø -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.RE -.PP -\fBSULOG_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š»ŃŽŠ±Š°Ń Š°ŠŗтŠøŠ²Š½Š¾ŃŃ‚ŃŒ su Š±ŃƒŠ“ŠµŃ‚ ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Ń‚ŃŒŃŃ Š² этŠ¾Ń‚ фŠ°Š¹Š»\&. -.RE -.PP -\fBSU_NAME\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š²Ń‹Š²Š¾Š“Šøтся ŠøŠ¼Ń ŠŗŠ¾Š¼Š°Š½Š“ы ŠŗŠ¾Š³Š“Š° рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ \(Fosu \-\(Fc\&. ŠŠ°ŠæрŠøŠ¼ŠµŃ€, ŠµŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ \(Fosu\(Fc, тŠ¾ \(Fops\(Fc ŠæŠ¾ŠŗŠ°Š¶ŠµŃ‚ ŠŗŠ¾Š¼Š°Š½Š“у ŠŗŠ°Šŗ \(Fo\-su\(Fc\&. Š•ŃŠ»Šø Š½Šµ Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ \(Fops\(Fc ŠæŠ¾ŠŗŠ°Š¶ŠµŃ‚ ŠøŠ¼Ń Š·Š°ŠæусŠŗŠ°ŠµŠ¼Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø Š½Š°ŠæрŠøŠ¼ŠµŃ€ ŠŗŠ°Šŗ \(Fo\-sh\(Fc\&. -.RE -.PP -\fBSU_WHEEL_ONLY\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š•ŃŠ»Šø рŠ°Š²Š½Š° -\fIyes\fR, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ чŠ»ŠµŠ½Š¾Š¼ ŠæŠµŃ€Š²Š¾Š¹ Š³Ń€ŃƒŠæŠæы с gid 0 Š² фŠ°Š¹Š»Šµ -/etc/group -(Š² Š±Š¾Š»ŃŒŃˆŠøŠ½ŃŃ‚Š²Šµ сŠøстŠµŠ¼ Linux Š½Š°Š·Ń‹Š²Š°ŠµŃ‚ся -\fIroot\fR), чтŠ¾Š±Ń‹ ŠøŠ¼ŠµŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š·Š°ŠæусŠŗŠ°Ń‚ŃŒ -\fBsu\fR -Š“Š»Ń ŠæŠ¾Š»ŃƒŃ‡ŠµŠ½Šøя uid 0\&. Š•ŃŠ»Šø Š³Ń€ŃƒŠæŠæŠ° Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚, ŠøŠ»Šø ŠæустŠ°, тŠ¾ Š½ŠøŠŗтŠ¾ Š½Šµ сŠ¼Š¾Š¶ŠµŃ‚ ŠæŠ¾Š»ŃƒŃ‡Šøть uid 0 с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ -\fBsu\fR\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (чŠøсŠ»Š¾), \fBSYS_GID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæ, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR, -\fBgroupadd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя сŠøстŠµŠ¼Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBSYS_GID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&.\fBSYS_GID_MAX\fR) рŠ°Š²Š½Š¾ 101 (сŠ¾Š¾Ń‚Š²\&. -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (чŠøсŠ»Š¾), \fBSYS_UID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBSYS_UID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBSYS_UID_MAX\fR) рŠ°Š²Š½Š¾ 101 (сŠ¾Š¾Ń‚Š²\&. -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBSYSLOG_SG_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ \(Fosyslog\(Fc Š“ŠµŠ¹ŃŃ‚Š²ŠøŠ¹ -\fBsg\fR\&. -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Šøть ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½ŠøŠµ \(Fosyslog\(Fc Š“ŠµŠ¹ŃŃ‚Š²ŠøŠ¹ -\fBsu\fR -\(em Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Š¾ Šŗ ŠæрŠ¾Ń‚Š¾ŠŗŠ¾Š»ŠøрŠ¾Š²Š°Š½Šøю Š² фŠ°Š¹Š»Šµ sulog\&. -.RE -.PP -\fBTTYGROUP\fR (стрŠ¾ŠŗŠ°), \fBTTYPERM\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠŸŃ€Š°Š²Š° тŠµŃ€Š¼ŠøŠ½Š°Š»Š°: tty Š²Ń…Š¾Š“Š° Š±ŃƒŠ“ŠµŃ‚ ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‚ŃŒ Š³Ń€ŃƒŠæŠæŠµ -\fBTTYGROUP\fR, Š° ŠæрŠ°Š²Š° Š±ŃƒŠ“ут Š½Š°Š·Š½Š°Ń‡ŠµŠ½Ń‹ Š² сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠøŠø с -\fBTTYPERM\fR\&. -.sp -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, тŠµŃ€Š¼ŠøŠ½Š°Š»Š¾Š¼ Š²Š»Š°Š“ŠµŠµŃ‚ ŠæŠµŃ€Š²ŠøчŠ½Š°Ń Š³Ń€ŃƒŠæŠæŠ° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š° ŠæрŠ°Š²Š° устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŃŽŃ‚ся Š² -\fI0600\fR\&. -.sp -Š’ -\fBTTYGROUP\fR -Š¼Š¾Š¶ŠµŃ‚ Š·Š°Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠøŠ»Šø ŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы, ŠøŠ»Šø чŠøсŠ»Š¾Š²Š¾Š¹ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø Š²Š°ŃˆŠ° ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° -\fBwrite\fR -ŠøŠ¼ŠµŠµŃ‚ \(Fosetgid\(Fc сŠ¾ сŠæŠµŃ†ŠøŠ°Š»ŃŒŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæŠ¾Š¹, ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‚ тŠµŃ€Š¼ŠøŠ½Š°Š»Ń‹, тŠ¾ ŠæрŠøсŠ²Š¾Š¹Ń‚Šµ TTYGROUP Š½Š¾Š¼ŠµŃ€ этŠ¾Š¹ Š³Ń€ŃƒŠæŠæы, Š° TTYPERM Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 0620\&. Š’ ŠæрŠ¾Ń‚ŠøŠ²Š½Š¾Š¼ сŠ»ŃƒŃ‡Š°Šµ Š¾ŃŃ‚Š°Š²ŃŒŃ‚Šµ TTYGROUP Š·Š°ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚ŠøрŠ¾Š²Š°Š½Š½Š¾Š¹ Šø Š½Š°Š·Š½Š°Ń‡ŃŒŃ‚Šµ TTYPERM Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 622 ŠøŠ»Šø 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š°, тŠ¾ Š² Š½ŠµŠ¹ уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ся ŠøŠ¼Ń фŠ°Š¹Š»Š°, Š² ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¼ Š¾ŠæŠøсŠ°Š½Š¾ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠøŠµ Š¼ŠµŠ¶Š“у Š»ŠøŠ½ŠøŠµŠ¹ tty Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ Š¾ŠŗруŠ¶ŠµŠ½Šøя TERM\&. ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° фŠ°Š¹Š»Š° ŠøŠ¼ŠµŠµŃ‚ фŠ¾Ń€Š¼Š°Ń‚ Š²ŠøŠ“Š° \(Fovt100 tty01\(Fc\&. -.RE -.PP -\fBUID_MAX\fR (чŠøсŠ»Š¾), \fBUID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя Š¾Š±Ń‹Ń‡Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBUID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBUID_MAX\fR) рŠ°Š²Š½Š¾ 1000 (сŠ¾Š¾Ń‚Š²\&. 60000)\&. -.RE -.PP -\fBULIMIT\fR (чŠøсŠ»Š¾) -.RS 4 -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBulimit\fR -ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. -.RE -.PP -\fBUMASK\fR (чŠøсŠ»Š¾) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š°ŃŠŗŠø Š“Š¾ŃŃ‚ŃƒŠæŠ° Š“Š»Ń сŠ¾Š·Š“Š°Š²Š°ŠµŠ¼Ń‹Ń… фŠ°Š¹Š»Š¾Š²\&. Š•ŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½Š¾, тŠ¾ Š¼Š°ŃŠŗŠ° устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŠµŃ‚ся Š² 022\&. -.sp -ŠšŠ¾Š¼Š°Š½Š“ы -\fBuseradd\fR -Šø -\fBnewusers\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ эту Š¼Š°ŃŠŗу Š“Š»Ń устŠ°Š½Š¾Š²ŠŗŠø ŠæрŠ°Š² Š“Š¾ŃŃ‚ŃƒŠæŠ° Šŗ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼Ńƒ ŠŗŠ°Ń‚Š°Š»Š¾Š³Ńƒ, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š¾Š½Šø сŠ¾Š·Š“Š°ŃŽŃ‚\&. -.sp -Š¢Š°ŠŗŠ¶Šµ Š¾Š½Š° ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š¾Š¹ -\fBlogin\fR -Š“Š»Ń Š·Š°Š“Š°Š½Šøя Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ Š·Š½Š°Ń‡ŠµŠ½Šøя umask ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ° Š¼Š°ŃŠŗŠ° Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š° ŠøŠ· ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š¹ стрŠ¾ŠŗŠø GECOS (ŠµŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń -\fBQUOTAS_ENAB\fR) ŠøŠ»Šø уŠŗŠ°Š·Š°Š½ŠøŠµŠ¼ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя с ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š¼ -\fIK\fR, Š² -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERDEL_CMD\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ńƒ, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæрŠø уŠ“Š°Š»ŠµŠ½ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. ŠžŠ½Š° Š“Š¾Š»Š¶Š½Š° уŠ“Š°Š»ŃŃ‚ŃŒ Š»ŃŽŠ±Ń‹Šµ Š·Š°Š“Š°Š½Šøя at/cron/ŠæŠµŃ‡Š°Ń‚Šø уŠ“Š°Š»ŃŠµŠ¼Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (ŠæŠµŃ€ŠµŠ“Š°Ń‘Ń‚ŃŃ Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ ŠæŠµŃ€Š²Š¾Š³Š¾ Š°Ń€Š³ŃƒŠ¼ŠµŠ½Ń‚Š°)\&. -.sp -Š’Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŠ¼Ń‹Š¹ сцŠµŠ½Š°Ń€ŠøŠµŠ¼ ŠŗŠ¾Š“ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½Šøя Š½Šµ учŠøтыŠ²Š°ŠµŃ‚ся\&. -.sp -Š’Š¾Ń‚ ŠæрŠ¾ŃŃ‚Š¾Š¹ сцŠµŠ½Š°Ń€ŠøŠ¹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ уŠ“Š°Š»ŃŠµŃ‚ Š·Š°Š“Š°Š½Šøя ŠæŠµŃ‡Š°Ń‚Šø, cron Šø at: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# ŠæрŠ¾Š²ŠµŃ€Šøть Š²ŃŠµ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Ń‹Šµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры -if [ $# != 1 ]; then - echo "Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ŠøŠµ: $0 ŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń" - exit 1 -fi - -# уŠ“Š°Š»Šøть Š·Š°Š“Š°Š½Šøя cron -crontab \-r \-u $1 - -# уŠ“Š°Š»Šøть Š·Š°Š“Š°Š½Šøя at -# Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ¾ уŠ“Š°Š»Šøт Š²ŃŠµ Š·Š°Š“Š°Š½Šøя с уŠŗŠ°Š·Š°Š½Š½Ń‹Š¼ UID, -# Š“Š°Š¶Šµ ŠµŃŠ»Šø Š¾Š½ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń Š“руŠ³Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# уŠ“Š°Š»Šøть Š·Š°Š“Š°Š½Šøя ŠæŠµŃ‡Š°Ń‚Šø -lprm $1 - -# Š²ŃŃ‘ -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Š½Š¾Š²Šŗу Š³Ń€ŃƒŠæŠæы Š±ŠøтŠ¾Š² umask рŠ°Š²Š½Š¾Š¹ Š±ŠøтŠ°Š¼ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° (ŠæрŠøŠ¼ŠµŃ€: 022 \-> 002, 077 \-> 007) Š“Š»Ń Š½Šµ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠµŃŠ»Šø uid рŠ°Š²ŠµŠ½ gid Šø ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń сŠ¾Š²ŠæŠ°Š“Š°ŠµŃ‚ с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ -\fBuserdel\fR -уŠ“Š°Š»ŃŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗую Š³Ń€ŃƒŠæŠæу, ŠµŃŠ»Šø Š² Š½ŠµŠ¹ Š½ŠµŃ‚ Š±Š¾Š»ŃŒŃˆŠµ чŠ»ŠµŠ½Š¾Š², Š° -\fBuseradd\fR -ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю сŠ¾Š·Š“Š°Ń‘Ń‚ Š³Ń€ŃƒŠæŠæу с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.SH "ŠŸŠ•Š Š•ŠšŠ ŠŠ”Š¢ŠŠ«Š• Š”Š”Š«Š›ŠšŠ˜" -.PP -Š”Š»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠŗрёстŠ½Ń‹Šµ ссыŠ»ŠŗŠø Š¾Ń‚Ń€Š°Š¶Š°ŃŽŃ‚ сŠ²ŃŠ·ŃŒ Š¼ŠµŠ¶Š“у ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Š¼Šø Šø Šøх ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼ ŠøŠ· Š½Š°Š±Š¾Ń€Š° Š“Š»Ń рŠ°Š±Š¾Ń‚Ń‹ с тŠµŠ½ŠµŠ²Ń‹Š¼Šø ŠæŠ°Ń€Š¾Š»ŃŠ¼Šø\&. -.PP -chfn -.RS 4 -CHFN_AUTH -CHFN_RESTRICT -LOGIN_STRING -.RE -.PP -chgpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chpasswd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENABSHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chsh -.RS 4 -CHSH_AUTH LOGIN_STRING -.RE -.PP -gpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -groupadd -.RS 4 -GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN -.RE -.PP -groupdel -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmems -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmod -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpck -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpunconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -login -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE -ERASECHAR FAIL_DELAY -FAILLOG_ENAB -FAKE_SHELL -FTMP_FILE -HUSHLOGIN_FILE -ISSUE_FILE -KILLCHAR -LASTLOG_ENAB -LOGIN_RETRIES -LOGIN_STRING -LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB -MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB -TTYGROUP TTYPERM TTYTYPE_FILE -ULIMIT UMASK -USERGROUPS_ENAB -.RE -.PP -newgrp / sg -.RS 4 -SYSLOG_SG_ENAB -.RE -.PP -newusers -.RS 4 -ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -passwd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -pwck -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -pwconv -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -su -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENVIRON_FILE -ENV_PATH ENV_SUPATH -ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB -SULOG_FILE SU_NAME -SU_WHEEL_ONLY -SYSLOG_SU_ENAB -USERGROUPS_ENAB -.RE -.PP -sulogin -.RS 4 -ENV_HZ -ENV_TZ -.RE -.PP -useradd -.RS 4 -CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -userdel -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB -.RE -.PP -usermod -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBsu\fR(1), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBpam\fR(8)\&. diff --git a/man/ru/man5/passwd.5 b/man/ru/man5/passwd.5 deleted file mode 100644 index b7359e49..00000000 --- a/man/ru/man5/passwd.5 +++ /dev/null @@ -1,174 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "passwd" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -passwd \- фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š¤Š°Š¹Š» -/etc/passwd -сŠ¾Š“ŠµŃ€Š¶Šøт учётŠ½Ń‹Šµ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠæŠ¾ Š¾Š“Š½Š¾Š¹ Š² ŠŗŠ°Š¶Š“Š¾Š¹ стрŠ¾ŠŗŠµ\&. Š”трŠ¾ŠŗŠ° сŠ¾ŃŃ‚Š¾Šøт ŠøŠ· сŠµŠ¼Šø ŠæŠ¾Š»ŠµŠ¹, рŠ°Š·Š“ŠµŠ»Ń‘Š½Š½Ń‹Ń… Š“Š²Š¾ŠµŃ‚Š¾Ń‡ŠøяŠ¼Šø (\(Fo:\(Fc)\&. ŠŸŠ¾Š»Ń: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š“Š»Ń Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¹ Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -чŠøсŠ»Š¾Š²Š¾Š¹ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -чŠøсŠ»Š¾Š²Š¾Š¹ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ Š³Ń€ŃƒŠæŠæы -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Š¤Š˜Šž ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø ŠæŠ¾Š»Šµ ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€Šøя -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¹ ŠøŠ½Ń‚ŠµŃ€ŠæрŠµŃ‚Š°Ń‚Š¾Ń€ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.RE -.PP -ŠŸŠ¾Š»Šµ с Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¼ ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæустыŠ¼, Šø тŠ¾Š³Š“Š° Š“Š»Ń Š²Ń…Š¾Š“Š° ŠæŠ¾Š“ этŠ¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсью ŠæŠ°Ń€Š¾Š»ŃŒ Š½Šµ трŠµŠ±ŃƒŠµŃ‚ся\&. ŠžŠ“Š½Š°ŠŗŠ¾, Š½ŠµŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ŠæрŠøŠ»Š¾Š¶ŠµŠ½Šøя, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ чŠøтŠ°ŃŽŃ‚ фŠ°Š¹Š» -/etc/passwd, Š¼Š¾Š³ŃƒŃ‚ рŠµŃˆŠøть Š½Šµ ŠæŠ¾Š·Š²Š¾Š»ŃŃ‚ŃŒ -\fIŠ»ŃŽŠ±Š¾Š¹\fR -Š“Š¾ŃŃ‚ŃƒŠæ, ŠµŃŠ»Šø ŠæŠ¾Š»Šµ -\fIŠæŠ°Ń€Š¾Š»Ń\fR -ŠæустŠ¾Šµ\&. Š•ŃŠ»Šø ŠæŠ¾Š»Šµ -\fIŠæŠ°Ń€Š¾Š»Ń\fR -сŠ¾Š“ŠµŃ€Š¶Šøт стрŠ¾Ń‡Š½ŃƒŃŽ -\(Fox\(Fc, тŠ¾ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ хрŠ°Š½Šøтся Š² фŠ°Š¹Š»Šµ -\fBshadow\fR(5); Š² фŠ°Š¹Š»Šµ -shadow\fIŠ“Š¾Š»Š¶Š½Š°\fR -Š±Ń‹Ń‚ŃŒ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰Š°Ń стрŠ¾ŠŗŠ°, ŠøŠ½Š°Ń‡Šµ учётŠ½Š°Ń Š·Š°ŠæŠøсь счŠøтŠ°ŠµŃ‚ся Š½ŠµŠ“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾Š¹\&. Š•ŃŠ»Šø Š² ŠæŠ¾Š»Šµ -\fIŠæŠ°Ń€Š¾Š»Ń\fR -сŠ¾Š“ŠµŃ€Š¶Šøтся ŠŗŠ°ŠŗŠ°Ń\-тŠ¾ Š“руŠ³Š°Ń стрŠ¾ŠŗŠ°, тŠ¾ Š¾Š½Š° Š²Š¾ŃŠæрŠøŠ½ŠøŠ¼Š°ŠµŃ‚ся ŠŗŠ°Šŗ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ, сŠ¾Š³Š»Š°ŃŠ½Š¾ фŠ¾Ń€Š¼Š°Ń‚Ńƒ -\fBcrypt\fR(3)\&. -.PP -ŠŸŠ¾Š»Šµ ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€Šøя ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся рŠ°Š·Š»ŠøчŠ½Ń‹Š¼Šø сŠøстŠµŠ¼Š½Ń‹Š¼Šø утŠøŠ»ŠøтŠ°Š¼Šø, тŠ°ŠŗŠøŠ¼Šø ŠŗŠ°Šŗ -\fBfinger\fR(1)\&. -.PP -Š’ ŠæŠ¾Š»Šµ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° хрŠ°Š½Šøтся Š½Š°Ń‡Š°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š±Š¾Ń‡ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlogin\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ эту ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š“Š»Ń устŠ°Š½Š¾Š²ŠŗŠø Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fB$HOME\fR\&. -.PP -Š’ ŠæŠ¾Š»Šµ ŠøŠ½Ń‚ŠµŃ€ŠæрŠµŃ‚Š°Ń‚Š¾Ń€Š° ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø хрŠ°Š½Šøтся Š½Š°Š·Š²Š°Š½ŠøŠµ ŠøŠ½Ń‚ŠµŃ€ŠæрŠµŃ‚Š°Ń‚Š¾Ń€Š° ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæŠµŃ€Š²Š¾Š¹\&. ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlogin\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ эту ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š“Š»Ń устŠ°Š½Š¾Š²ŠŗŠø Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fB$SHELL\fR\&. Š•ŃŠ»Šø этŠ¾ ŠæŠ¾Š»Šµ ŠæустŠ¾Šµ, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -/bin/sh\&. -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¹ фŠ°Š¹Š» с шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¼Šø ŠæŠ°Ń€Š¾Š»ŃŠ¼Šø -.RE -.PP -/etc/passwd\- -.RS 4 -рŠµŠ·ŠµŃ€Š²Š½Š°Ń ŠŗŠ¾ŠæŠøя фŠ°Š¹Š»Š° /etc/passwd -.sp -Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ¾Ń‚ фŠ°Š¹Š» ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Š¼Šø ŠøŠ· ŠŗŠ¾Š¼ŠæŠ»ŠµŠŗтŠ° утŠøŠ»Šøт shadow, Š½Š¾ Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼Šø Šø ŠæŠ°Ń€Š¾Š»ŃŠ¼Šø\&. -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBcrypt\fR(3), -\fBgetent\fR(1), -\fBgetpwnam\fR(3), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBshadow\fR(5), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/ru/man5/porttime.5 b/man/ru/man5/porttime.5 deleted file mode 100644 index 6423615d..00000000 --- a/man/ru/man5/porttime.5 +++ /dev/null @@ -1,98 +0,0 @@ -'\" t -.\" Title: porttime -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "porttime" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -porttime \- фŠ°Š¹Š» с Š²Ń€ŠµŠ¼ŠµŠ½Š°Š¼Šø Š“Š¾ŃŃ‚ŃƒŠæŠ° Šŗ ŠæŠ¾Ń€Ń‚Š°Š¼ -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š¤Š°Š¹Š» -\fIporttime\fR -сŠ¾Š“ŠµŃ€Š¶Šøт сŠæŠøсŠ¾Šŗ устрŠ¾Š¹ŃŃ‚Š² tty, ŠøŠ¼ŠµŠ½Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Šø рŠ°Š·Ń€ŠµŃˆŃ‘Š½Š½Š¾Šµ Š²Ń€ŠµŠ¼Ń Š²Ń…Š¾Š“Š°\&. -.PP -ŠšŠ°Š¶Š“Š°Ń Š·Š°ŠæŠøсь сŠ¾ŃŃ‚Š¾Šøт ŠøŠ· трёх ŠæŠ¾Š»ŠµŠ¹, рŠ°Š·Š“ŠµŠ»Ń‘Š½Š½Ń‹Ń… Š“Š²Š¾ŠµŃ‚Š¾Ń‡ŠøяŠ¼Šø\&. Š’ ŠæŠµŃ€Š²Š¾Š¼ ŠæŠ¾Š»Šµ сŠ¾Š“ŠµŃ€Š¶Šøтся сŠæŠøсŠ¾Šŗ устрŠ¾Š¹ŃŃ‚Š² tty (ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· Š·Š°Šæятую) ŠøŠ»Šø Š·Š²Ń‘Š·Š“Š¾Ń‡ŠŗŠ°, уŠŗŠ°Š·Ń‹Š²Š°ŃŽŃ‰Š°Ń, чтŠ¾ Š²ŃŠµ устрŠ¾Š¹ŃŃ‚Š²Š° tty ŠæŠ¾ŠæŠ°Š“Š°ŃŽŃ‚ ŠæŠ¾Š“ ŠæрŠ°Š²ŠøŠ»Š¾ этŠ¾Š¹ Š·Š°ŠæŠøсŠø\&. Š’Š¾ Š²Ń‚Š¾Ń€Š¾Š¼ ŠæŠ¾Š»Šµ сŠ¾Š“ŠµŃ€Š¶Šøтся сŠæŠøсŠ¾Šŗ ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ (ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· Š·Š°Šæятую) ŠøŠ»Šø Š·Š²Ń‘Š·Š“Š¾Ń‡ŠŗŠ°, уŠŗŠ°Š·Ń‹Š²Š°ŃŽŃ‰Š°Ń, чтŠ¾ Š²ŃŠµ ŠøŠ¼ŠµŠ½Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠæŠ¾ŠæŠ°Š“Š°ŃŽŃ‚ ŠæŠ¾Š“ ŠæрŠ°Š²ŠøŠ»Š¾ этŠ¾Š¹ Š·Š°ŠæŠøсŠø\&. Š’ трŠµŃ‚ŃŒŠµŠ¼ ŠæŠ¾Š»Šµ сŠ¾Š“ŠµŃ€Š¶Šøтся сŠæŠøсŠ¾Šŗ (чŠµŃ€ŠµŠ· Š·Š°Šæятую) Š“Š¾ŠæустŠøŠ¼Š¾Š³Š¾ Š²Ń€ŠµŠ¼ŠµŠ½Šø рŠ°Š±Š¾Ń‚Ń‹\&. -.PP -ŠšŠ°Š¶Š“Š°Ń Š·Š°ŠæŠøсь Š²Ń€ŠµŠ¼ŠµŠ½Šø Š“Š¾ŃŃ‚ŃƒŠæŠ° сŠ¾ŃŃ‚Š¾Šøт ŠøŠ· Š½ŃƒŠ»Ń ŠøŠ»Šø Š±Š¾Š»ŠµŠµ Š“Š½ŠµŠ¹ Š½ŠµŠ“ŠµŠ»Šø, Š¾Š±Š¾Š·Š½Š°Ń‡ŠµŠ½Š½Ń‹Ń… ŠŗŠ°Šŗ -\fISu\fR, -\fIMo\fR, -\fITu\fR, -\fIWe\fR, -\fITh\fR, -\fIFr\fR -Šø -\fISa\fR, Š° тŠ°ŠŗŠ¶Šµ Š²Ń€ŠµŠ¼ŠµŠ½ŠµŠ¼ Š½Š°Ń‡Š°Š»Š° Šø ŠŗŠ¾Š½Ń†Š°, Š·Š°ŠæŠøсŠ°Š½Š½Š¾Š³Š¾ чŠµŃ€ŠµŠ· Š“ŠµŃ„Šøс\&. Š”Š¾ŠŗрŠ°Ń‰ŠµŠ½ŠøŠµ -\fIWk\fR -Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š“Š»Ń Š¾Š±Š¾Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠµŃ€ŠøŠ¾Š“Š° с ŠæŠ¾Š½ŠµŠ“ŠµŠ»ŃŒŠ½ŠøŠŗŠ° ŠæŠ¾ ŠæятŠ½Šøцу, Š° -\fIAl\fR -Š¾Š±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚ ŠŗŠ°Š¶Š“ыŠ¹ Š“ŠµŠ½ŃŒ\&. Š•ŃŠ»Šø Š“ŠµŠ½ŃŒ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся -\fIAl\fR -Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. -.SH "ŠŸŠ Š˜ŠœŠ•Š Š«" -.PP -Š”Š»ŠµŠ“ующŠ°Ń Š·Š°ŠæŠøсь рŠ°Š·Ń€ŠµŃˆŠ°ŠµŃ‚ Š“Š¾ŃŃ‚ŃƒŠæ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ -\fBjfh\fR -с Š»ŃŽŠ±Š¾Š³Š¾ ŠæŠ¾Ń€Ń‚Š° ŠæŠ¾ Š±ŃƒŠ“Š½ŃŠ¼ с 9:00 Š“Š¾ 17:00\&. -.PP -*:jfh:Wk0900\-1700 -.PP -Š”Š»ŠµŠ“ующŠøŠµ Š·Š°ŠæŠøсŠø рŠ°Š·Ń€ŠµŃˆŠ°ŃŽŃ‚ Š“Š¾ŃŃ‚ŃƒŠæ тŠ¾Š»ŃŒŠŗŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ -\fIroot\fR -Šø -\fIoper\fR -с -/dev/console -Š² Š»ŃŽŠ±Š¾Šµ Š²Ń€ŠµŠ¼Ń\&. Š­Ń‚Š¾ ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚, чтŠ¾ фŠ°Š¹Š» -/etc/porttime -Š¾Š±Ń€Š°Š±Š°Ń‚Ń‹Š²Š°ŠµŃ‚ся Š² ŠæŠ¾Ń€ŃŠ“ŠŗŠµ ŠæŠ¾ŃŠ²Š»ŠµŠ½Šøя Š·Š°ŠæŠøсŠµŠ¹ Š² фŠ°Š¹Š»Šµ\&. Š›ŃŽŠ±Š¾Š¹ Š“руŠ³Š¾Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠæŠ¾ŠæŠ°Š“ёт ŠæŠ¾Š“ ŠæрŠ°Š²ŠøŠ»Š¾ Š²Ń‚Š¾Ń€Š¾Š¹ Š·Š°ŠæŠøсŠø, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š½Šµ рŠ°Š·Ń€ŠµŃˆŠ°ŠµŃ‚ Š“Š¾ŃŃ‚ŃƒŠæ Š² Š»ŃŽŠ±Š¾Šµ Š²Ń€ŠµŠ¼Ń\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - console:root,oper:Al0000\-2400 - console:*: - -.fi -.if n \{\ -.RE -.\} -.PP -Š”Š»ŠµŠ“ующŠ°Ń Š·Š°ŠæŠøсь рŠ°Š·Ń€ŠµŃˆŠ°ŠµŃ‚ Š“Š¾ŃŃ‚ŃƒŠæ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ -\fIgames\fR -с Š»ŃŽŠ±Š¾Š³Š¾ ŠæŠ¾Ń€Ń‚Š° Š² Š½ŠµŃ€Š°Š±Š¾Ń‡ŠøŠµ чŠ°ŃŃ‹\&. -.PP -*:games:Wk1700\-0900,SaSu0000\-2400 -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/porttime -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт рŠ°Š·Ń€ŠµŃˆŃ‘Š½Š½Š¾Šµ Š²Ń€ŠµŠ¼Ń рŠ°Š±Š¾Ń‚Ń‹ Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ с Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Ń‹Ń… ŠæŠ¾Ń€Ń‚Š¾Š² -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin\fR(1)\&. diff --git a/man/ru/man5/shadow.5 b/man/ru/man5/shadow.5 deleted file mode 100644 index f33c1c1d..00000000 --- a/man/ru/man5/shadow.5 +++ /dev/null @@ -1,147 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "shadow" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -shadow \- фŠ°Š¹Š» тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š¤Š°Š¹Š» -shadow -сŠ¾Š“ŠµŃ€Š¶Šøт шŠøфрŠ¾Š²Š°Š½Š½Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Šø Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń\&. -.PP -Š­Ń‚Š¾Ń‚ фŠ°Š¹Š» Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š½ŠµŠ“Š¾ŃŃ‚ŃƒŠæŠµŠ½ Š¾Š±Ń‹Ń‡Š½Š¾Š¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ, ŠµŃŠ»Šø Š½ŃƒŠ¶Š½Š¾ Š¾Š±ŠµŃŠæŠµŃ‡Šøть Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.PP -ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° фŠ°Š¹Š»Š° сŠ¾Š“ŠµŃ€Š¶Šøт 9 ŠæŠ¾Š»ŠµŠ¹, рŠ°Š·Š“ŠµŠ»Ń‘Š½Š½Ń‹Ń… Š“Š²Š¾ŠµŃ‚Š¾Ń‡ŠøяŠ¼Šø (\(Fo:\(Fc), рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½Š½Ń‹Ń… Š² сŠ»ŠµŠ“ующŠµŠ¼ ŠæŠ¾Ń€ŃŠ“ŠŗŠµ: -.PP -\fBŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š“Š»Ń Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ\fR -.RS 4 -Š”Š¾Š»Š¶Š½Š¾ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ ŠæрŠ°Š²ŠøŠ»ŃŒŠ½Š¾Šµ ŠøŠ¼Ń учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Š² сŠøстŠµŠ¼Šµ\&. -.RE -.PP -\fBшŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\fR -.RS 4 -ŠŸŠ¾Š“рŠ¾Š±Š½ŠµŠ¹ Š¾ ŠæŠ°Ń€Š¾Š»Šµ сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š² сŠæрŠ°Š²Š¾Ń‡Š½Š¾Š¹ стрŠ°Š½ŠøцŠµ -\fBcrypt\fR(3)\&. -.sp -Š•ŃŠ»Šø ŠæŠ¾Š»Šµ ŠæŠ°Ń€Š¾Š»Ń сŠ¾Š“ŠµŃ€Š¶Šøт стрŠ¾Šŗу, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š½Šµ уŠ“Š¾Š²Š»ŠµŃ‚Š²Š¾Ń€ŃŠµŃ‚ трŠµŠ±Š¾Š²Š°Š½ŠøяŠ¼ -\fBcrypt\fR(3), Š½Š°ŠæрŠøŠ¼ŠµŃ€ сŠ¾Š“ŠµŃ€Š¶Šøт ! ŠøŠ»Šø *, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ сŠ¼Š¾Š¶ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ этŠ¾Ń‚ ŠæŠ°Ń€Š¾Š»ŃŒ unix Š“Š»Ń Š²Ń…Š¾Š“Š° (Š½Š¾ Š¼Š¾Š¶ŠµŃ‚ Š²Š¾Š¹Ń‚Šø Š² сŠøстŠµŠ¼Ńƒ ŠæŠ¾Š“ Š“руŠ³ŠøŠ¼Šø ŠæŠ°Ń€Š¾Š»ŃŠ¼Šø)\&. -.sp -Š­Ń‚Š¾ ŠæŠ¾Š»Šµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæустыŠ¼, тŠ¾ ŠµŃŃ‚ŃŒ Š“Š»Ń уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø Š½Šµ трŠµŠ±ŃƒŠµŃ‚ся Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†Šøя ŠæŠ¾ ŠæŠ°Ń€Š¾Š»ŃŽ\&. ŠžŠ“Š½Š°ŠŗŠ¾, Š½ŠµŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ŠæрŠøŠ»Š¾Š¶ŠµŠ½Šøя, чŠøтŠ°ŃŽŃ‰ŠøŠµ фŠ°Š¹Š» -/etc/shadow, Š¼Š¾Š³ŃƒŃ‚ Š²Š¾Š¾Š±Ń‰Šµ Š¾Ń‚ŠŗŠ°Š·Š°Ń‚ŃŒ Š² Š“Š¾ŃŃ‚ŃƒŠæŠµ, ŠµŃŠ»Šø ŠæŠ¾Š»Šµ ŠæŠ°Ń€Š¾Š»Ń ŠæустŠ¾\&. -.sp -ŠŸŠ¾Š»Šµ ŠæŠ°Ń€Š¾Š»Ń Š¼Š¾Š¶ŠµŃ‚ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с Š²Š¾ŃŠŗŠ»ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾Š³Š¾ Š·Š½Š°ŠŗŠ°, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠ³Š¾, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½\&. ŠžŃŃ‚Š°Š²ŃˆŠøŠµŃŃ сŠøŠ¼Š²Š¾Š»Ń‹ Š² стрŠ¾ŠŗŠµ ŠæрŠµŠ“стŠ°Š²Š»ŃŃŽŃ‚ ŠæŠ¾Š»Šµ ŠæŠ°Ń€Š¾Š»Ń Š“Š¾ ŠµŠ³Š¾ Š±Š»Š¾ŠŗŠøрŠ¾Š²ŠŗŠø\&. -.RE -.PP -\fBŠ“Š°Ń‚Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń\fR -.RS 4 -Š”Š°Ń‚Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń Š² Š“Š½ŃŃ… Š½Š°Ń‡ŠøŠ½Š°Ń с 1 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š°\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ 0 ŠøŠ¼ŠµŠµŃ‚ сŠæŠµŃ†ŠøŠ°Š»ŃŒŠ½Š¾Šµ ŠæрŠµŠ“Š½Š°Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ: Š¾Š½Š¾ уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚, чтŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ сŠ¼ŠµŠ½Šøть ŠæŠ°Ń€Š¾Š»ŃŒ Š² сŠ»ŠµŠ“ующŠøŠ¹ рŠ°Š· ŠæрŠø Š²Ń…Š¾Š“Šµ Š² сŠøстŠµŠ¼Ńƒ\&. -.sp -ŠŸŃƒŃŃ‚Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾Š±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæрŠ¾Š²ŠµŃ€ŠŗŠ° устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń Š²Ń‹ŠŗŠ»ŃŽŃ‡ŠµŠ½Š°\&. -.RE -.PP -\fBŠ¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń\fR -.RS 4 -ŠœŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń Š² Š“Š½ŃŃ…, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š¶Š“Š°Ń‚ŃŒ, чтŠ¾Š±Ń‹ ŠæŠ¾Š¼ŠµŠ½ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.sp -ŠŸŃƒŃŃ‚Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾Š»Ń Šø 0 Š¾Ń‚ŠŗŠ»ŃŽŃ‡Š°ŃŽŃ‚ Š¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń\&. -.RE -.PP -\fBŠ¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń\fR -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń Š² Š“Š½ŃŃ…, ŠæŠ¾ŃŠ»Šµ ŠŗŠ¾Ń‚Š¾Ń€Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ ŠøŠ·Š¼ŠµŠ½Šøть ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.sp -ŠŸŠ¾ ŠæрŠ¾ŃˆŠµŃŃ‚Š²ŠøŠø этŠ¾Š³Š¾ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° Š“Š½ŠµŠ¹ ŠæŠ°Ń€Š¾Š»ŃŒ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠµŃ‰Ń‘ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Ń‹Š¼\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š½ŃƒŠ¶Š½Š¾ ŠæŠ¾ŠæрŠ¾ŃŠøть ŠøŠ·Š¼ŠµŠ½Šøть ŠæŠ°Ń€Š¾Š»ŃŒ ŠæрŠø сŠ»ŠµŠ“ующŠµŠ¼ Š²Ń…Š¾Š“Šµ\&. -.sp -ŠŸŃƒŃŃ‚Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾Š»Ń Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ Š½ŠµŃ‚ Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ срŠ¾ŠŗŠ° Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń, Š½ŠµŃ‚ ŠæŠµŃ€ŠøŠ¾Š“Š° ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾ ŠæŠ°Ń€Š¾Š»Šµ Šø Š½ŠµŃ‚ ŠæŠµŃ€ŠøŠ¾Š“Š° Š½ŠµŠ°ŠŗтŠøŠ²Š½Š¾ŃŃ‚Šø ŠæŠ°Ń€Š¾Š»Ń (сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š“Š°Š»ŠµŠµ)\&. -.sp -Š•ŃŠ»Šø Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń Š¼ŠµŠ½ŃŒŃˆŠµ чŠµŠ¼ Š¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ сŠ¼Š¾Š¶ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Šøть сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.RE -.PP -\fBŠæŠµŃ€ŠøŠ¾Š“ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾ ŠæŠ°Ń€Š¾Š»Šµ\fR -.RS 4 -ŠšŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹ Š“Š¾ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń (сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń) Š²Š¾ Š²Ń€ŠµŠ¼Ń ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ Š²Ń‹Š“Š°Ń‘Ń‚ŃŃ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ\&. -.sp -ŠŸŃƒŃŃ‚Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾Š»Ń Šø 0 Š¾Ń‚ŠŗŠ»ŃŽŃ‡Š°ŃŽŃ‚ ŠæŠµŃ€ŠøŠ¾Š“ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾ ŠæŠ°Ń€Š¾Š»Šµ\&. -.RE -.PP -\fBŠæŠµŃ€ŠøŠ¾Š“ Š½ŠµŠ°ŠŗтŠøŠ²Š½Š¾ŃŃ‚Šø ŠæŠ°Ń€Š¾Š»Ń\fR -.RS 4 -ŠšŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹ ŠæŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń (сŠ¼Š¾Ń‚Ń€ŠøтŠµ Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Ń‹Š¹ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń) Š²Š¾ Š²Ń€ŠµŠ¼Ń ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŃŒ Š²ŃŃ‘ ŠµŃ‰Ń‘ ŠæрŠøŠ½ŠøŠ¼Š°ŠµŃ‚ся (Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š¾Š±Š½Š¾Š²Šøть сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ ŠæрŠø сŠ»ŠµŠ“ующŠµŠ¼ Š²Ń…Š¾Š“Šµ)\&. -.sp -ŠŸŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń Šø ŠøстŠµŃ‡ŠµŠ½Šøя этŠ¾Š³Š¾ ŠæŠµŃ€ŠøŠ¾Š“Š° устŠ°Ń€ŠµŠ²Š°Š½Šøя Š²Ń…Š¾Š“ с тŠµŠŗущŠøŠ¼ ŠæŠ°Ń€Š¾Š»ŠµŠ¼ стŠ°Š½Š¾Š²Šøтся Š½ŠµŠ²Š¾Š·Š¼Š¾Š¶Š½Ń‹Š¼\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š¾Š±Ń€Š°Ń‚Šøться Šŗ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ńƒ\&. -.sp -ŠŸŃƒŃŃ‚Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾Š»Ń Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæŠµŃ€ŠøŠ¾Š“ Š½ŠµŠ°ŠŗтŠøŠ²Š½Š¾ŃŃ‚Šø Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²ŃƒŠµŃ‚\&. -.RE -.PP -\fBŠ“Š°Ń‚Š° ŠøстŠµŃ‡ŠµŠ½Šøя срŠ¾ŠŗŠ° Š“ŠµŠ¹ŃŃ‚Š²Šøя учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\fR -.RS 4 -Š”Š°Ń‚Š° ŠøстŠµŃ‡ŠµŠ½Šøя срŠ¾ŠŗŠ° Š“ŠµŠ¹ŃŃ‚Š²Šøя учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø, уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ся Š² Š“Š½ŃŃ… Š½Š°Ń‡ŠøŠ½Š°Ń с 1 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š°\&. -.sp -Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ устŠ°Ń€ŠµŠ²Š°Š½ŠøŠµ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø Š¾Ń‚Š»ŠøчŠ°ŠµŃ‚ся Š¾Ń‚ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń\&. ŠŸŃ€Šø устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ сŠ¼Š¾Š¶ŠµŃ‚ Š²Š¾Š¹Ń‚Šø Š² сŠøстŠµŠ¼Ńƒ\&. ŠŸŃ€Šø устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ Š¼Š¾Š¶ŠµŃ‚ Š²Š¾Š¹Ń‚Šø Š² сŠøстŠµŠ¼Ńƒ ŠæŠ¾ этŠ¾Š¼Ńƒ ŠæŠ°Ń€Š¾Š»ŃŽ\&. -.sp -ŠŸŃƒŃŃ‚Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾Š±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š½ŠøŠŗŠ¾Š³Š“Š° Š½Šµ устŠ°Ń€ŠµŠ²Š°ŠµŃ‚\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ 0 Š½Šµ Š“Š¾Š»Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ, тŠ°Šŗ ŠŗŠ°Šŗ этŠ¾ Š¼Š¾Š¶ŠµŃ‚ рŠ°ŃŃŠ¼Š°Ń‚Ń€ŠøŠ²Š°Ń‚ŃŒŃŃ ŠŗŠ°Šŗ Š½ŠµŃƒŃŃ‚Š°Ń€ŠµŠ²Š°ŃŽŃ‰Š°Ń учётŠ½Š°Ń Š·Š°ŠæŠøсь ŠøŠ»Šø чтŠ¾ Š·Š°ŠæŠøсь устŠ°Ń€ŠµŠ»Š° 1 яŠ½Š²Š°Ń€Ń 1970 Š³Š¾Š“Š°\&. -.RE -.PP -\fBŠ·Š°Ń€ŠµŠ·ŠµŃ€Š²ŠøрŠ¾Š²Š°Š½Š½Š¾Šµ ŠæŠ¾Š»Šµ\fR -.RS 4 -Š­Ń‚Š¾ ŠæŠ¾Š»Šµ Š·Š°Ń€ŠµŠ·ŠµŃ€Š²ŠøрŠ¾Š²Š°Š½Š¾ Š“Š»Ń ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя Š² Š±ŃƒŠ“ущŠµŠ¼\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow\- -.RS 4 -рŠµŠ·ŠµŃ€Š²Š½Š°Ń ŠŗŠ¾ŠæŠøя фŠ°Š¹Š»Š° /etc/shadow -.sp -Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ¾Ń‚ фŠ°Š¹Š» ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Š¼Šø ŠøŠ· ŠŗŠ¾Š¼ŠæŠ»ŠµŠŗтŠ° утŠøŠ»Šøт shadow, Š½Š¾ Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼Šø Šø ŠæŠ°Ń€Š¾Š»ŃŠ¼Šø\&. -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchage\fR(1), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/ru/man5/suauth.5 b/man/ru/man5/suauth.5 deleted file mode 100644 index 5eced41b..00000000 --- a/man/ru/man5/suauth.5 +++ /dev/null @@ -1,142 +0,0 @@ -'\" t -.\" Title: suauth -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š² -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "suauth" "5" "05/09/2014" "shadow\-utils 4\&.2" "Š¤Š¾Ń€Š¼Š°Ń‚Ń‹ фŠ°Š¹Š»Š¾Š²" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -suauth \- фŠ°Š¹Š» уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ su -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fB/etc/suauth\fR\ 'u -\fB/etc/suauth\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š¤Š°Š¹Š» -/etc/suauth -ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся ŠŗŠ°Š¶Š“ыŠ¹ рŠ°Š· ŠæрŠø Š·Š°ŠæусŠŗŠµ ŠŗŠ¾Š¼Š°Š½Š“ы su\&. ŠžŠ½ Š²Š»ŠøяŠµŃ‚ Š½Š° ŠæŠ¾Š²ŠµŠ“ŠµŠ½ŠøŠµ ŠŗŠ¾Š¼Š°Š½Š“ы su, Š² Š·Š°Š²ŠøсŠøŠ¼Š¾ŃŃ‚Šø Š¾Ń‚: -.sp -.if n \{\ -.RS 4 -.\} -.nf - 1) ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, ŠæрŠ°Š²Š° ŠŗŠ¾Ń‚Š¾Ń€Š¾Š³Š¾ Š½ŃƒŠ¶Š½Š¾ ŠæŠ¾Š»ŃƒŃ‡Šøть с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ su - -.fi -.if n \{\ -.RE -.\} -.PP -2) ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š·Š°ŠæустŠøŠ²ŃˆŠµŠ³Š¾ ŠŗŠ¾Š¼Š°Š½Š“у su (ŠøŠ»Šø Š³Ń€ŃƒŠæŠæы, чŠ»ŠµŠ½Š¾Š¼ ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ Š¾Š½ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ) -.PP -Š¤Š¾Ń€Š¼Š°Ń‚ фŠ°Š¹Š»Š° ŠæŠ¾ŠŗŠ°Š·Š°Š½ Š½ŠøŠ¶Šµ, стрŠ¾ŠŗŠø Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‰ŠøŠµŃŃ с # счŠøтŠ°ŃŽŃ‚ся ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€ŠøŠµŠ¼ Šø ŠøŠ³Š½Š¾Ń€Šøруются; -.sp -.if n \{\ -.RS 4 -.\} -.nf - Š¶ŠµŠ»Š°ŠµŠ¼Ń‹Š¹\-id:Š¶ŠµŠ»Š°ŃŽŃ‰ŠøŠ¹\-id:Š”Š•Š™Š”Š¢Š’Š˜Š• - -.fi -.if n \{\ -.RE -.\} -.PP -Š“Š“Šµ Š¶ŠµŠ»Š°ŠµŠ¼Ń‹Š¹\-id Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ сŠ»Š¾Š²Š¾Š¼ -\fIALL\fR, сŠæŠøсŠŗŠ¾Š¼ ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· Š·Š°Šæятую (\(Fo,\(Fc) ŠøŠ»Šø фрŠ°Š·Ń‹ -\fIALL EXCEPT\fR, ŠæŠ¾ŃŠ»Šµ ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ ŠøŠ“ёт сŠæŠøсŠ¾Šŗ ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠæŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½Š½Ń‹Ń… чŠµŃ€ŠµŠ· \(Fo,\(Fc\&. -.PP -Š¶ŠµŠ»Š°ŃŽŃ‰ŠøŠ¹\-id Š¼Š¾Š¶ŠµŃ‚ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ŃŒ тŠ¾ Š¶Šµ, чтŠ¾ Šø Š¶ŠµŠ»Š°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¹\-id, ŠæŠ»ŃŽŃ Š½Š¾Š²Š¾Šµ сŠ»Š¾Š²Š¾\fIGROUP\fR\&. -\fIALL EXCEPT GROUP\fR -тŠ¾Š¶Šµ Š“Š¾ŠæустŠøŠ¼Š¾\&. ŠŸŠ¾ŃŠ»Šµ -\fIGROUP\fR -уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ся Š¾Š“Š½Š° ŠøŠ»Šø Š±Š¾Š»ŠµŠµ Š½Š°Š·Š²Š°Š½ŠøŠ¹ Š³Ń€ŃƒŠæŠæ, рŠ°Š·Š“ŠµŠ»Ń‘Š½Š½Ń‹Ń… \(Fo,\(Fc\&. ŠŠµŠ“Š¾ŃŃ‚Š°Ń‚Š¾Ń‡Š½Š¾ ŠøŠ¼ŠµŃ‚ŃŒ id ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŠµŠ¹ Š³Ń€ŃƒŠæŠæы, Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Š¾ ŠøŠ¼ŠµŃ‚ŃŒ Š·Š°ŠæŠøсь Š² фŠ°Š¹Š»Šµ -\fB/etc/group\fR(5)\&. -.PP -Š’ ŠæŠ¾Š»Šµ Š”Š•Š™Š”Š¢Š’Š˜Š• Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ Š¾Š“Š½Š¾ ŠøŠ· сŠ»ŠµŠ“ующŠøх Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹: -.PP -\fIDENY\fR -.RS 4 -ŠšŠ¾Š¼Š°Š½Š“Š° su Š¾ŃŃ‚Š°Š½Š°Š²Š»ŠøŠ²Š°ŠµŃ‚ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ, Š“Š°Š¶Šµ Š½Šµ сŠæрŠ°ŃˆŠøŠ²Š°Ń ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.RE -.PP -\fINOPASS\fR -.RS 4 -ŠšŠ¾Š¼Š°Š½Š“Š° su Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ся Š±ŠµŠ· Š·Š°ŠæрŠ¾ŃŠ° ŠæŠ°Ń€Š¾Š»Ń\&. -.RE -.PP -\fIOWNPASS\fR -.RS 4 -Š§Ń‚Š¾Š±Ń‹ усŠæŠµŃˆŠ½Š¾ Š²Ń‹ŠæŠ¾Š»Š½Šøть ŠŗŠ¾Š¼Š°Š½Š“у su, ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š²Š²ŠµŃŃ‚Šø сŠ²Š¾Š¹ сŠ¾Š±ŃŃ‚Š²ŠµŠ½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. -.RE -.PP -Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ тут ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся трŠø ŠæŠ¾Š»Ń, рŠ°Š·Š“ŠµŠ»Ń‘Š½Š½Ń‹Ń… Š“Š²Š¾ŠµŃ‚Š¾Ń‡ŠøяŠ¼Šø\&. ŠŠøŠŗŠ°ŠŗŠøх ŠæрŠ¾Š±ŠµŠ»Š¾Š² Š½Šµ Š“Š¾ŠæусŠŗŠ°ŠµŃ‚ся Š¾ŠŗŠ¾Š»Š¾ Š“Š²Š¾ŠµŃ‚Š¾Ń‡ŠøŠ¹\&. Š¢Š°ŠŗŠ¶Šµ Š·Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ фŠ°Š¹Š» ŠæрŠ¾ŃŠ¼Š°Ń‚Ń€ŠøŠ²Š°ŠµŃ‚ся стрŠ¾ŠŗŠ° Š·Š° стрŠ¾ŠŗŠ¾Š¹, Šø ŠæŠµŃ€Š²Š¾Šµ ŠæŠ¾Š“хŠ¾Š“ящŠµŠµ ŠæрŠ°Š²ŠøŠ»Š¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ Š±ŠµŠ· ŠæрŠ¾Š²ŠµŃ€ŠŗŠø Š¾ŃŃ‚Š°Š²ŃˆŠøхся ŠæрŠ°Š²ŠøŠ»\&. Š­Ń‚Š¾ ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ сŠøстŠµŠ¼Š½Š¾Š¼Ńƒ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Ńƒ Š¾ŃŃƒŃ‰ŠµŃŃ‚Š²Š»ŃŃ‚ŃŒ Š»ŃŽŠ±Š¾Š¹ ŠŗŠ¾Š½Ń‚Ń€Š¾Š»ŃŒ, ŠŗŠ°ŠŗŠ¾Š¹ Š¾Š½ ŠæŠ¾Š¶ŠµŠ»Š°ŠµŃ‚\&. -.SH "ŠŸŠ Š˜ŠœŠ•Š " -.sp -.if n \{\ -.RS 4 -.\} -.nf - # ŠæрŠøŠ¼ŠµŃ€ фŠ°Š¹Š»Š° /etc/suauth - # - # ŠŸŠ°Ń€Š° ŠæрŠøŠ²ŠøŠ»ŠµŠ³ŠøрŠ¾Š²Š°Š½Š½Ń‹Ń… ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ - # Š¼Š¾Š³ŃƒŃ‚ Š²Ń‹ŠæŠ¾Š»Š½Šøть su, чтŠ¾Š±Ń‹ ŠæŠ¾Š»ŃƒŃ‡Šøть ŠæрŠ°Š²Š° суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š²Š²ŠµŠ“я сŠ²Š¾Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ\&. - # - root:chris,birddog:OWNPASS - # - # Š’сŠµ Š¾ŃŃ‚Š°Š»ŃŒŠ½Ń‹Šµ Š½Šµ Š¼Š¾Š³ŃƒŃ‚ Š²Ń‹ŠæŠ¾Š»Š½Šøть su Š“Š»Ń ŠæŠ¾Š»ŃƒŃ‡ŠµŠ½Šøя root, ŠµŃŠ»Šø Š¾Š½Šø - # Š½Šµ чŠ»ŠµŠ½Ń‹ Š³Ń€ŃƒŠæŠæы wheel\&. Š¢Š°Šŗ Š½Š°ŃŃ‚Ń€Š¾ŠµŠ½Š¾ Š² BSD\&. - # - root:ALL EXCEPT GROUP wheel:DENY - # - # Š’Š¾Š·Š¼Š¾Š¶Š½Š¾ учётŠ½Ń‹Š¼Šø Š·Š°ŠæŠøсяŠ¼Šø terry Šø birddog - # Š²Š»Š°Š“ŠµŠµŃ‚ Š¾Š“ŠøŠ½ чŠµŠ»Š¾Š²ŠµŠŗ\&. - # ŠŸŠµŃ€ŠµŃ…Š¾Š“ ŠøŠ· Š¾Š“Š½Š¾Š¹ Š·Š°ŠæŠøсŠø Š² Š“руŠ³ŃƒŃŽ - # Š¼Š¾Š¶Š½Š¾ сŠ“ŠµŠ»Š°Ń‚ŃŒ Š±ŠµŠ· Š·Š°ŠæрŠ¾ŃŠ° ŠæŠ°Ń€Š¾Š»Ń\&. - # - terry:birddog:NOPASS - birddog:terry:NOPASS - # - -.fi -.if n \{\ -.RE -.\} -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/suauth -.RS 4 -.RE -.SH "ŠžŠØŠ˜Š‘ŠšŠ˜ Š Š•ŠŠ›Š˜Š—ŠŠ¦Š˜Š˜" -.PP -ŠœŠ¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠ¾ уŠ³Ń€Š¾Š·\&. ŠŠ½Š°Š»ŠøŠ·Š°Ń‚Š¾Ń€ фŠ°Š¹Š»Š°, Š² чŠ°ŃŃ‚Š½Š¾ŃŃ‚Šø, Š½Šµ ŠæрŠ¾Ń‰Š°ŠµŃ‚ сŠøŠ½Ń‚Š°ŠŗсŠøчŠµŃŠŗŠøх Š¾ŃˆŠøŠ±Š¾Šŗ, Š¾Š¶ŠøŠ“Š°Ń, чтŠ¾ Š½Šµ Š±ŃƒŠ“ŠµŃ‚ Š½ŠµŠ“Š¾ŠæустŠøŠ¼Ń‹Ń… ŠæрŠ¾Š±ŠµŠ»Š¾Š² (ŠŗрŠ¾Š¼Šµ ŠŗŠ°Šŗ Š² Š½Š°Ń‡Š°Š»Šµ Šø ŠŗŠ¾Š½Ń†Šµ стрŠ¾Šŗ) Šø сŠæŠµŃ†ŠøŠ°Š»ŃŒŠ½Ń‹Ń… сŠ»Š¾Š², рŠ°Š·Š“ŠµŠ»ŃŃŽŃ‰Šøх рŠ°Š·Š»ŠøчŠ½Ń‹Šµ Š²ŠµŃ‰Šø\&. -.SH "Š”Š˜ŠŠ“ŠŠžŠ”Š¢Š˜ŠšŠ" -.PP -ŠžŃˆŠøŠ±ŠŗŠø ŠæрŠø Š°Š½Š°Š»ŠøŠ·Šµ фŠ°Š¹Š»Š° Š²Ń‹Š²Š¾Š“ятся с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ -\fBsyslogd\fR(8) -с урŠ¾Š²Š½ŠµŠ¼ ERR срŠµŠ“стŠ²Š° AUTH\&. -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBsu\fR(1)\&. diff --git a/man/ru/man8/chgpasswd.8 b/man/ru/man8/chgpasswd.8 deleted file mode 100644 index 1601b892..00000000 --- a/man/ru/man8/chgpasswd.8 +++ /dev/null @@ -1,203 +0,0 @@ -'\" t -.\" Title: chgpasswd -.\" Author: Thomas K\(/loczko <kloczek@pld.org.pl> -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "chgpasswd" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -chgpasswd \- Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø Š³Ń€ŃƒŠæŠæ Š² ŠæŠ°ŠŗŠµŃ‚Š½Š¾Š¼ рŠµŠ¶ŠøŠ¼Šµ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBchgpasswd\fR\ 'u -\fBchgpasswd\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBchgpasswd\fR -чŠøтŠ°ŠµŃ‚ сŠæŠøсŠ¾Šŗ ŠæŠ°Ń€ \(FoŠ³Ń€ŃƒŠæŠæŠ° ŠæŠ°Ń€Š¾Š»ŃŒ\(Fc ŠøŠ· стŠ°Š½Š“Š°Ń€Ń‚Š½Š¾Š³Š¾ Š²Ń…Š¾Š“Š½Š¾Š³Š¾ ŠæŠ¾Ń‚Š¾ŠŗŠ° Šø Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ сущŠµŃŃ‚Š²ŃƒŃŽŃ‰Šøх Š³Ń€ŃƒŠæŠæŠ°Ń…\&. ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° ŠøŠ¼ŠµŠµŃ‚ Š²ŠøŠ“: -.PP -\fIŠøŠ¼Ń_Š³Ń€ŃƒŠæŠæы\fR:\fIŠæŠ°Ń€Š¾Š»ŃŒ\fR -.PP -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠæŠµŃ€ŠµŠ“Š°Š²Š°ŠµŠ¼Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š² Š²ŠøŠ“Šµ Š¾Š±Ń‹Ń‡Š½Š¾Š³Š¾ тŠµŠŗстŠ° Šø шŠøфруŠµŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ -\fBchgpasswd\fR\&. -.PP -Š”ŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ Š·Š°Š“Š°Š½ Š² ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs, Šø Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø -\fB\-e\fR, -\fB\-m\fR -ŠøŠ»Šø -\fB\-c\fR\&. -.PP -Š”Š°Š½Š½Š°Ń ŠŗŠ¾Š¼Š°Š½Š“Š° ŠæрŠµŠ“Š½Š°Š·Š½Š°Ń‡ŠµŠ½Š° Š“Š»Ń рŠ°Š±Š¾Ń‚Ń‹ Š² ŠŗруŠæŠ½Ń‹Ń… сŠøстŠµŠ¼Š½Ń‹Ń… срŠµŠ“Š°Ń…, Š³Š“Šµ Š·Š° Š¾Š“ŠøŠ½ рŠ°Š· Š·Š°Š²Š¾Š“Šøтся Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠ¾ учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBchgpasswd\fR: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ Š¼ŠµŃ‚Š¾Š“ Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹Šµ Š¼ŠµŃ‚Š¾Š“ы: DES, MD5, NONE Šø SHA256 ŠøŠ»Šø SHA512, ŠµŃŠ»Šø этŠø Š¼ŠµŃ‚Š¾Š“ы ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся libc\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -ŠŸŠµŃ€ŠµŠ“Š°Š²Š°ŠµŠ¼Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š·Š°Š“Š°Š½Ń‹ Š² шŠøфрŠ¾Š²Š°Š½Š½Š¾Š¼ Š²ŠøŠ“Šµ\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя MD5 Š²Š¼ŠµŃŃ‚Š¾ DES, ŠµŃŠ»Šø ŠæŠ°Ń€Š¾Š»Šø ŠæŠµŃ€ŠµŠ“Š°ŃŽŃ‚ся Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¼Šø\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ 0 Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ сŠøстŠµŠ¼Š° Š²Ń‹Š±ŠµŃ€ŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń Š²Ń‹Š±Ń€Š°Š½Š½Š¾Š³Š¾ Š¼ŠµŃ‚Š¾Š“Š° шŠøфрŠ¾Š²Š°Š½Šøя (5000)\&. -.sp -ŠœŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ 1000, Š° Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ 999,999,999\&. -.sp -Š’Ń‹ Š¼Š¾Š¶ŠµŃ‚Šµ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ тŠ¾Š»ŃŒŠŗŠ¾ ŠæрŠø Š¼ŠµŃ‚Š¾Š“Šµ шŠøфрŠ¾Š²Š°Š½Šøя SHA256 ŠøŠ»Šø SHA512\&. -.sp -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Š¼Šø SHA_CRYPT_MIN_ROUNDS Šø SHA_CRYPT_MAX_ROUNDS ŠøŠ· -/etc/login\&.defs\&. -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -ŠŠµ Š·Š°Š±ŃƒŠ“ьтŠµ устŠ°Š½Š¾Š²Šøть ŠæрŠ°Š²Š° ŠøŠ»Šø umask, чтŠ¾Š±Ń‹ Š½Šµ ŠæŠ¾Š·Š²Š¾Š»Šøть чтŠµŠ½ŠøŠµ Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Ń… фŠ°Š¹Š»Š¾Š² Š“руŠ³ŠøŠ¼Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼Šø\&. -.PP -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š²ŠµŃ€Šøть, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Šø Š¼ŠµŃ‚Š¾Š“ шŠøфрŠ¾Š²Š°Š½Šøя сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŠµŃ‚ ŠæŠ¾Š»ŠøтŠøŠŗŠµ сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBENCRYPT_METHOD\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ сŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹ (ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся, ŠµŃŠ»Šø Š°Š»Š³Š¾Ń€ŠøтŠ¼ Š½Šµ уŠŗŠ°Š·Š°Š½ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -\fIDES\fR -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠ±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š½Š¾Š²Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š±ŃƒŠ“ут Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Ń‹ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5, сŠ¾Š²Š¼ŠµŃŃ‚ŠøŠ¼Š¾Š¼Ńƒ с ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¼ Š² Š½Š¾Š²Ń‹Ń… Š²ŠµŃ€ŃŠøях FreeBSD\&. ŠžŠ½ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø Š½ŠµŠ¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½Š¾Š¹ Š“Š»ŠøŠ½Ń‹ Šø ŠøŠ¼ŠµŠµŃ‚ Š±Š¾Š»ŠµŠµ Š“Š»ŠøŠ½Š½ŃƒŃŽ стрŠ¾Šŗу сŠ¾Š»Šø\&. Š£ŃŃ‚Š°Š½Š¾Š²ŠøтŠµ Š² -\fIno\fR, ŠµŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ ŠŗŠ¾ŠæŠøрŠ¾Š²Š°Ń‚ŃŒ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š² Š“руŠ³ŠøŠµ сŠøстŠµŠ¼Ń‹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š½Šµ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŃŽŃ‚ Š½Š¾Š²Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -\fIno\fR\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -ŠøŠ»Šø Š»ŃŽŠ±Ń‹Š¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š·Š°Š“Š°Ń‘Ń‚ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń устŠ°Ń€ŠµŠ»Š°; ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (чŠøсŠ»Š¾), \fBSHA_CRYPT_MAX_ROUNDS\fR (чŠøсŠ»Š¾) -.RS 4 -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBENCRYPT_METHOD\fR -рŠ°Š²Š½Š¾ -\fISHA256\fR -ŠøŠ»Šø -\fISHA512\fR, этŠ° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² SHA, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Ń… Š°Š»Š³Š¾Ń€ŠøтŠ¼Š¾Š¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š½Šµ Š·Š°Š“Š°Š½Š¾ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š£Š²ŠµŠ»ŠøчŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾Š²Ń‹ŃˆŠ°ŠµŃ‚ сŠ»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ ŠæŠ¾Š“Š±Š¾Ń€Š° ŠæŠ°Ń€Š¾Š»Ń ŠæрŠ¾ŃŃ‚Ń‹Š¼ ŠæŠµŃ€ŠµŠ±Š¾Ń€Š¾Š¼\&. ŠŠ¾ Š·Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠæрŠø этŠ¾Š¼ Š“Š»Ń Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ трŠµŠ±ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š½Ń‹Ń… рŠµŃŃƒŃ€ŃŠ¾Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š·Š°Š“Š°Š½Š°, тŠ¾ libc Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (5000)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½Šøя Š“Š¾Š»Š¶Š½Ń‹ Š»ŠµŠ¶Š°Ń‚ŃŒ Š² Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Šµ 1000\-999999999\&. -.sp -Š•ŃŠ»Šø Š·Š°Š“Š°Š½Š¾ ŠŗŠ°ŠŗŠ¾Šµ\-тŠ¾ Š¾Š“Š½Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \(em -\fBSHA_CRYPT_MIN_ROUNDS\fR -ŠøŠ»Šø -\fBSHA_CRYPT_MAX_ROUNDS\fR -\(em тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ этŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š•ŃŠ»Šø -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBgpasswd\fR(1), -\fBgroupadd\fR(8), -\fBlogin.defs\fR(5)\&. diff --git a/man/ru/man8/chpasswd.8 b/man/ru/man8/chpasswd.8 deleted file mode 100644 index efbd9f91..00000000 --- a/man/ru/man8/chpasswd.8 +++ /dev/null @@ -1,206 +0,0 @@ -'\" t -.\" Title: chpasswd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "chpasswd" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -chpasswd \- Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø Š² ŠæŠ°ŠŗŠµŃ‚Š½Š¾Š¼ рŠµŠ¶ŠøŠ¼Šµ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBchpasswd\fR\ 'u -\fBchpasswd\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBchpasswd\fR -чŠøтŠ°ŠµŃ‚ сŠæŠøсŠ¾Šŗ ŠæŠ°Ń€ \(FoŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ\(Fc ŠøŠ· стŠ°Š½Š“Š°Ń€Ń‚Š½Š¾Š³Š¾ Š²Ń…Š¾Š“Š½Š¾Š³Š¾ ŠæŠ¾Ń‚Š¾ŠŗŠ° Šø Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ сущŠµŃŃ‚Š²ŃƒŃŽŃ‰Šøх ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ…\&. ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° ŠøŠ¼ŠµŠµŃ‚ Š²ŠøŠ“: -.PP -\fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR:\fIŠæŠ°Ń€Š¾Š»ŃŒ\fR -.PP -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠæŠµŃ€ŠµŠ“Š°Š²Š°ŠµŠ¼Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š² Š²ŠøŠ“Šµ Š¾Š±Ń‹Ń‡Š½Š¾Š³Š¾ тŠµŠŗстŠ° Šø шŠøфруŠµŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ -\fBchpasswd\fR\&. Š¢Š°ŠŗŠ¶Šµ, ŠµŃŠ»Šø ŠµŃŃ‚ŃŒ срŠ¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²Šøя ŠæŠ°Ń€Š¾Š»Ń, тŠ¾ Š¾Š½ Š±ŃƒŠ“ŠµŃ‚ Š¾Š±Š½Š¾Š²Š»Ń‘Š½\&. -.PP -Š”ŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ Š·Š°Š“Š°Š½ Š² ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -ŠøŠ»Šø -\fBMD5_CRYPT_ENAB\fR -Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs, Šø Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø -\fB\-e\fR, -\fB\-m\fR -ŠøŠ»Šø -\fB\-c\fR\&. -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBchpasswd\fR -сŠ½Š°Ń‡Š°Š»Š° Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ Š²ŃŠµ ŠæŠ°Ń€Š¾Š»Šø Š² ŠæŠ°Š¼ŃŃ‚Šø, Š° Š·Š°Ń‚ŠµŠ¼ Š·Š°ŠæŠøсыŠ²Š°ŠµŃ‚ Š²ŃŠµ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š½Š° Š“ŠøсŠŗ, ŠµŃŠ»Šø Š½Šµ Š±Ń‹Š»Š¾ Š½ŠøŠŗŠ°ŠŗŠøх Š¾ŃˆŠøŠ±Š¾Šŗ\&. -.PP -Š”Š°Š½Š½Š°Ń ŠŗŠ¾Š¼Š°Š½Š“Š° ŠæрŠµŠ“Š½Š°Š·Š½Š°Ń‡ŠµŠ½Š° Š“Š»Ń рŠ°Š±Š¾Ń‚Ń‹ Š² ŠŗруŠæŠ½Ń‹Ń… сŠøстŠµŠ¼Š½Ń‹Ń… срŠµŠ“Š°Ń…, Š³Š“Šµ Š·Š° Š¾Š“ŠøŠ½ рŠ°Š· Š·Š°Š²Š¾Š“Šøтся Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠ¾ учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBchpasswd\fR: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR\ \&\fIŠœŠ•Š¢ŠžŠ”\fR -.RS 4 -Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ Š¼ŠµŃ‚Š¾Š“ Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹Šµ Š¼ŠµŃ‚Š¾Š“ы: DES, MD5, NONE Šø SHA256 ŠøŠ»Šø SHA512, ŠµŃŠ»Šø этŠø Š¼ŠµŃ‚Š¾Š“ы ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся libc\&. -.sp -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€\fB\-c\fR, -\fB\-m\fR -ŠøŠ»Šø -\fB\-e\fR), Š¼ŠµŃ‚Š¾Š“ шŠøфрŠ¾Š²Š°Š½Šøя Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -ŠøŠ»Šø -\fBMD5_CRYPT_ENAB\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/login\&.defs\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -ŠŸŠµŃ€ŠµŠ“Š°Š²Š°ŠµŠ¼Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š·Š°Š“Š°Š½Ń‹ Š² шŠøфрŠ¾Š²Š°Š½Š½Š¾Š¼ Š²ŠøŠ“Šµ\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя MD5 Š²Š¼ŠµŃŃ‚Š¾ DES, ŠµŃŠ»Šø ŠæŠ°Ń€Š¾Š»Šø ŠæŠµŃ€ŠµŠ“Š°ŃŽŃ‚ся Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¼Šø\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fIŠ ŠŠ£ŠŠ”ŠžŠ’\fR -.RS 4 -Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ 0 Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ сŠøстŠµŠ¼Š° Š²Ń‹Š±ŠµŃ€ŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń Š²Ń‹Š±Ń€Š°Š½Š½Š¾Š³Š¾ Š¼ŠµŃ‚Š¾Š“Š° шŠøфрŠ¾Š²Š°Š½Šøя (5000)\&. -.sp -ŠœŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ 1000, Š° Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ 999,999,999\&. -.sp -Š’Ń‹ Š¼Š¾Š¶ŠµŃ‚Šµ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ тŠ¾Š»ŃŒŠŗŠ¾ ŠæрŠø Š¼ŠµŃ‚Š¾Š“Šµ шŠøфрŠ¾Š²Š°Š½Šøя SHA256 ŠøŠ»Šø SHA512\&. -.sp -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Š¼Šø -\fBSHA_CRYPT_MIN_ROUNDS\fR -Šø -\fBSHA_CRYPT_MAX_ROUNDS\fR -Š² -/etc/login\&.defs\&. -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -ŠŠµ Š·Š°Š±ŃƒŠ“ьтŠµ устŠ°Š½Š¾Š²Šøть ŠæрŠ°Š²Š° ŠøŠ»Šø umask, чтŠ¾Š±Ń‹ Š½Šµ ŠæŠ¾Š·Š²Š¾Š»Šøть чтŠµŠ½ŠøŠµ Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Ń… фŠ°Š¹Š»Š¾Š² Š“руŠ³ŠøŠ¼Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼Šø\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBENCRYPT_METHOD\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ сŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹ (ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся, ŠµŃŠ»Šø Š°Š»Š³Š¾Ń€ŠøтŠ¼ Š½Šµ уŠŗŠ°Š·Š°Š½ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -\fIDES\fR -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠ±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š½Š¾Š²Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š±ŃƒŠ“ут Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Ń‹ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5, сŠ¾Š²Š¼ŠµŃŃ‚ŠøŠ¼Š¾Š¼Ńƒ с ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¼ Š² Š½Š¾Š²Ń‹Ń… Š²ŠµŃ€ŃŠøях FreeBSD\&. ŠžŠ½ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø Š½ŠµŠ¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½Š¾Š¹ Š“Š»ŠøŠ½Ń‹ Šø ŠøŠ¼ŠµŠµŃ‚ Š±Š¾Š»ŠµŠµ Š“Š»ŠøŠ½Š½ŃƒŃŽ стрŠ¾Šŗу сŠ¾Š»Šø\&. Š£ŃŃ‚Š°Š½Š¾Š²ŠøтŠµ Š² -\fIno\fR, ŠµŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ ŠŗŠ¾ŠæŠøрŠ¾Š²Š°Ń‚ŃŒ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š² Š“руŠ³ŠøŠµ сŠøстŠµŠ¼Ń‹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š½Šµ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŃŽŃ‚ Š½Š¾Š²Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -\fIno\fR\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -ŠøŠ»Šø Š»ŃŽŠ±Ń‹Š¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š·Š°Š“Š°Ń‘Ń‚ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń устŠ°Ń€ŠµŠ»Š°; ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (чŠøсŠ»Š¾), \fBSHA_CRYPT_MAX_ROUNDS\fR (чŠøсŠ»Š¾) -.RS 4 -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBENCRYPT_METHOD\fR -рŠ°Š²Š½Š¾ -\fISHA256\fR -ŠøŠ»Šø -\fISHA512\fR, этŠ° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² SHA, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Ń… Š°Š»Š³Š¾Ń€ŠøтŠ¼Š¾Š¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š½Šµ Š·Š°Š“Š°Š½Š¾ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š£Š²ŠµŠ»ŠøчŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾Š²Ń‹ŃˆŠ°ŠµŃ‚ сŠ»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ ŠæŠ¾Š“Š±Š¾Ń€Š° ŠæŠ°Ń€Š¾Š»Ń ŠæрŠ¾ŃŃ‚Ń‹Š¼ ŠæŠµŃ€ŠµŠ±Š¾Ń€Š¾Š¼\&. ŠŠ¾ Š·Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠæрŠø этŠ¾Š¼ Š“Š»Ń Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ трŠµŠ±ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š½Ń‹Ń… рŠµŃŃƒŃ€ŃŠ¾Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š·Š°Š“Š°Š½Š°, тŠ¾ libc Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (5000)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½Šøя Š“Š¾Š»Š¶Š½Ń‹ Š»ŠµŠ¶Š°Ń‚ŃŒ Š² Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Šµ 1000\-999999999\&. -.sp -Š•ŃŠ»Šø Š·Š°Š“Š°Š½Š¾ ŠŗŠ°ŠŗŠ¾Šµ\-тŠ¾ Š¾Š“Š½Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \(em -\fBSHA_CRYPT_MIN_ROUNDS\fR -ŠøŠ»Šø -\fBSHA_CRYPT_MAX_ROUNDS\fR -\(em тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ этŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š•ŃŠ»Šø -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBpasswd\fR(1), -\fBnewusers\fR(8), -\fBlogin.defs\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/ru/man8/faillog.8 b/man/ru/man8/faillog.8 deleted file mode 100644 index 395f2258..00000000 --- a/man/ru/man8/faillog.8 +++ /dev/null @@ -1,159 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "faillog" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -faillog \- ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ Š·Š°ŠæŠøсŠø ŠøŠ· фŠ°Š¹Š»Š° faillog ŠøŠ»Šø Š·Š°Š“Š°Ń‘Ń‚ ŠæрŠµŠ“ŠµŠ» Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBfaillog\fR\ 'u -\fBfaillog\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBfaillog\fR -ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ сŠ¾Š“ŠµŃ€Š¶ŠøŠ¼Š¾Šµ Š¶ŃƒŃ€Š½Š°Š»Š° Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ (фŠ°Š¹Š» -/var/log/faillog)\&. Š¢Š°ŠŗŠ¶Šµ Š¾Š½Š° Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š° Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя счётчŠøŠŗŠ¾Š¼ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Šø Šøх Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµŠ¼\&. ŠŸŃ€Šø Š·Š°ŠæусŠŗŠµ -\fBfaillog\fR -Š±ŠµŠ· ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² Š²Ń‹Š²Š¾Š“ятся Š·Š°ŠæŠøсŠø faillog тŠ¾Š»ŃŒŠŗŠ¾ тŠµŃ… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, у ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… ŠøŠ¼ŠµŠµŃ‚ся хŠ¾Ń‚я Š±Ń‹ Š¾Š“Š½Š° Š½ŠµŃƒŠ“Š°Ń‡Š½Š°Ń ŠæŠ¾ŠæытŠŗŠ° Š²Ń…Š¾Š“Š°\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBfaillog\fR: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø faillog Š“Š»Ń Š²ŃŠµŃ… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠøŠ· Š±Š°Š·Ń‹ Š“Š°Š½Š½Ń‹Ń… -faillog\&. -.sp -Š”ŠæŠøсŠ¾Šŗ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š¼Š¾Š¶Š½Š¾ Š¾Š³Ń€Š°Š½ŠøчŠøть с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -\fB\-u\fR\&. -.sp -Š’ рŠµŠ¶ŠøŠ¼Šµ Š²Ń‹Š²Š¾Š“Š° этŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠøŠ²Š°ŠµŃ‚ Š²Ń‹Š²Š¾Š“ сŠæŠøсŠŗŠ¾Š¼ сущŠµŃŃ‚Š²ŃƒŃŽŃ‰Šøх ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, Š½Š¾ ŠæрŠø этŠ¾Š¼ Š“Š»Ń Š½Šøх Š²Ń‹Š²Š¾Š“ятся Š“Š°Š¶Šµ ŠæустыŠµ Š·Š°ŠæŠøсŠø faillog\&. -.sp -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры -\fB\-l\fR, -\fB\-m\fR, -\fB\-r\fR, -\fB\-t\fR -ŠøŠ·Š¼ŠµŠ½ŃŃŽŃ‚ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, Š“Š°Š¶Šµ ŠµŃŠ»Šø Š¾Š½Šø Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Š² сŠøстŠµŠ¼Šµ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń сŠ±Ń€Š¾ŃŠ° Š·Š°ŠæŠøсŠµŠ¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š±Ń‹Š»Šø уŠ“Š°Š»ŠµŠ½Ń‹ ŠøŠ»Šø Š“Š»Ń ŠæрŠµŠ“Š²Š°Ń€ŠøтŠµŠ»ŃŒŠ½Š¾Š¹ устŠ°Š½Š¾Š²ŠŗŠø ŠæŠ¾Š»ŠøтŠøŠŗŠø Š“Š»Ń Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fIŠ”Š•ŠšŠ£ŠŠ”\fR -.RS 4 -Š‘Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь Š½Š° уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ -\fIŠ”Š•ŠšŠ£ŠŠ”\fR -ŠæŠ¾ŃŠ»Šµ Š½ŠµŃƒŠ“Š°Ń‡Š½Š¾Š¹ ŠæŠ¾ŠæытŠŗŠø Š²Ń…Š¾Š“Š°\&. -.sp -Š”Š»Ń этŠ¾Š³Š¾ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° трŠµŠ±ŃƒŠµŃ‚ся ŠæрŠ°Š²Š¾ Š½Š° Š·Š°ŠæŠøсь Š² -/var/log/faillog\&. -.RE -.PP -\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIŠœŠŠšŠ”_Š§Š˜Š”Š›Šž\fR -.RS 4 -Š£ŃŃ‚Š°Š½Š¾Š²Šøть Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° ŠæŠµŃ€ŠµŠ“ Š±Š»Š¾ŠŗŠøрŠ¾Š²ŠŗŠ¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø рŠ°Š²Š½Ń‹Š¼ -\fIŠœŠŠšŠ”_Š§Š˜Š”Š›Šž\fR\&. -.sp -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIŠœŠŠšŠ”_Š§Š˜Š”Š›Šž\fR -рŠ°Š²Š½Š¾ 0, тŠ¾ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° Š½Šµ Š¾Š³Ń€Š°Š½ŠøчŠøŠ²Š°ŠµŃ‚ся\&. -.sp -Š”Š»Ń ŠæрŠµŠ“Š¾Ń‚Š²Ń€Š°Ń‰ŠµŠ½Šøя Š°Ń‚Š°ŠŗŠø Š¾Ń‚ŠŗŠ°Š·Š° Š² Š¾Š±ŃŠ»ŃƒŠ¶ŠøŠ²Š°Š½ŠøŠø Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° у -\fIroot\fR -Š²ŃŠµŠ³Š“Š° Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ рŠ°Š²Š½Š¾ 0\&. -.sp -Š”Š»Ń этŠ¾Š³Š¾ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° трŠµŠ±ŃƒŠµŃ‚ся ŠæрŠ°Š²Š¾ Š½Š° Š·Š°ŠæŠøсь Š² -/var/log/faillog\&. -.RE -.PP -\fB\-r\fR, \fB\-\-reset\fR -.RS 4 -Š”Š±Ń€Š¾ŃŠøть счётчŠøŠŗ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š°\&. -.sp -Š”Š»Ń этŠ¾Š³Š¾ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° трŠµŠ±ŃƒŠµŃ‚ся ŠæрŠ°Š²Š¾ Š½Š° Š·Š°ŠæŠøсь Š² -/var/log/faillog\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIŠ”ŠŠ•Š™\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø faillog Š½Š¾Š²ŠµŠµ чŠµŠ¼ -\fIŠ”ŠŠ•Š™\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fIŠ£Š§ŠŠ¢ŠŠŠÆ Š—ŠŠŸŠ˜Š”Š¬\fR|\fIŠ”Š˜ŠŠŸŠŠ—ŠžŠ\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсь faillog ŠøŠ»Šø ŠøŠ·Š¼ŠµŠ½Šøть счётчŠøŠŗŠø Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Šø Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя (ŠµŃŠ»Šø Š·Š°Š“Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-l\fR, -\fB\-m\fR -ŠøŠ»Šø -\fB\-r\fR) тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń уŠŗŠ°Š·Š°Š½Š½Ń‹Ń… учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹\&. -.sp -ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¼Š¾Š¶Š½Š¾ уŠŗŠ°Š·Š°Ń‚ŃŒ ŠæŠ¾ Š¾Ń‚Š“ŠµŠ»ŃŒŠ½Š¾Š¼Ńƒ ŠøŠ¼ŠµŠ½Šø, чŠøсŠ»Š¾Š²Š¾Š¼Ńƒ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ńƒ ŠøŠ»Šø Š² Š²ŠøŠ“Šµ -\fIŠ”Š˜ŠŠŸŠŠ—ŠžŠŠ\fR -ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. Š¢Š°ŠŗŠ¾Š¹ -\fIŠ”Š˜ŠŠŸŠŠ—ŠžŠ\fR -Š¼Š¾Š¶Š½Š¾ Š·Š°Š“Š°Š²Š°Ń‚ŃŒ Š² Š²ŠøŠ“Šµ Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ Šø Š¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹(\fIUID_ŠœŠ˜Š\-UID_ŠœŠŠšŠ”\fR), Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ (\fI\-UID_ŠœŠŠšŠ”\fR) ŠøŠ»Šø Š¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ (\fIUID_ŠœŠ˜Š\-\fR) Š·Š½Š°Ń‡ŠµŠ½Šøя\&. -.RE -.PP -Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры -\fB\-l\fR, -\fB\-m\fR -ŠøŠ»Šø -\fB\-r\fR -Š½Šµ Š·Š°Š“Š°Š½Ń‹, тŠ¾ -\fBfaillog\fR -ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ Š·Š°ŠæŠøсŠø faillog уŠŗŠ°Š·Š°Š½Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBfaillog\fR -Š²Ń‹Š²Š¾Š“Šøт тŠ¾Š»ŃŒŠŗŠ¾ Š·Š°ŠæŠøсŠø Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ…, ŠæŠ¾ŃŠ»ŠµŠ“Š½ŃŃ ŠæŠ¾ŠæытŠŗŠ° Š²Ń…Š¾Š“Š° ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… Š±Ń‹Š»Š° Š½ŠµŃƒŠ“Š°Ń‡Š½Š¾Š¹\&. Š§Ń‚Š¾Š±Ń‹ уŠ²ŠøŠ“ŠµŃ‚ŃŒ Š·Š°ŠæŠøсь Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šµ, ŠæŠ¾ŃŠ»ŠµŠ“Š½ŃŃ ŠæŠ¾ŠæытŠŗŠ° Š²Ń…Š¾Š“Š° ŠŗŠ¾Ń‚Š¾Ń€Š¾Š³Š¾ Š±Ń‹Š»Š° уŠ“Š°Ń‡Š½Š¾Š¹, Š²Ń‹ Š“Š¾Š»Š¶Š½Ń‹ сŠæŠµŃ†ŠøŠ°Š»ŃŒŠ½Š¾ уŠŗŠ°Š·Š°Ń‚ŃŒ ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -\fB\-u\fR, ŠøŠ»Šø Š“Š»Ń ŠæŠ¾ŠŗŠ°Š·Š° Š²ŃŠµŃ… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ уŠŗŠ°Š·Š°Ń‚ŃŒ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-a\fR\&. -.SH "Š¤ŠŠ™Š›Š«" -.PP -/var/log/faillog -.RS 4 -Š¶ŃƒŃ€Š½Š°Š» Š½ŠµŃƒŠ“Š°Š²ŃˆŠøхся ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin\fR(1), -\fBfaillog\fR(5)\&. diff --git a/man/ru/man8/groupadd.8 b/man/ru/man8/groupadd.8 deleted file mode 100644 index 6d71e43c..00000000 --- a/man/ru/man8/groupadd.8 +++ /dev/null @@ -1,242 +0,0 @@ -'\" t -.\" Title: groupadd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "groupadd" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -groupadd \- сŠ¾Š·Š“Š°Ń‘Ń‚ Š½Š¾Š²ŃƒŃŽ Š³Ń€ŃƒŠæŠæу -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBgroupadd\fR\ 'u -\fBgroupadd\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] \fIŠ³Ń€ŃƒŠæŠæŠ°\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgroupadd\fR -сŠ¾Š·Š“Š°Ń‘Ń‚ Š½Š¾Š²ŃƒŃŽ Š³Ń€ŃƒŠæŠæу сŠ¾Š³Š»Š°ŃŠ½Š¾ уŠŗŠ°Š·Š°Š½Š½Ń‹Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøяŠ¼ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Šø сŠøстŠµŠ¼Š½Ń‹Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøяŠ¼ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. ŠŠ¾Š²Š°Ń Š³Ń€ŃƒŠæŠæŠ° Š±ŃƒŠ“ŠµŃ‚ Š“Š¾Š±Š°Š²Š»ŠµŠ½Š° Š² сŠøстŠµŠ¼Š½Ń‹Šµ фŠ°Š¹Š»Ń‹\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBgroupadd\fR: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Š—Š°Š²ŠµŃ€ŃˆŠøть рŠ°Š±Š¾Ń‚Ńƒ Šø Š²ŠµŃ€Š½ŃƒŃ‚ŃŒ сŠ¾ŃŃ‚Š¾ŃŠ½ŠøŠµ усŠæŠµŃˆŠ½Š¾Š³Š¾ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Šøя, ŠµŃŠ»Šø Š³Ń€ŃƒŠæŠæŠ° уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚\&. Š•ŃŠ»Šø ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š²Š¼ŠµŃŃ‚Šµ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-g\fR -Šø уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ GID уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚, тŠ¾ Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ся Š“руŠ³Š¾Š¹ (уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¹) GID (тŠ¾ ŠµŃŃ‚ŃŒ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-g\fR -ŠøŠ³Š½Š¾Ń€ŠøруŠµŃ‚ся)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -Š§ŠøсŠ»Š¾Š²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š° Š³Ń€ŃƒŠæŠæы (ID)\&. ŠžŠ½Š¾ Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¼, ŠµŃŠ»Šø Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-o\fR\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ Š½ŠµŠ¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¼\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š½Š°ŠøŠ¼ŠµŠ½ŃŒŃˆŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ID Š±Š¾Š»ŃŒŃˆŠµŠµ ŠøŠ»Šø рŠ°Š²Š½Š¾Šµ -\fBGID_MIN\fR -Šø Š±Š¾Š»ŃŒŃˆŠµŠµ чŠµŠ¼ у Š¾ŃŃ‚Š°Š»ŃŒŠ½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š”Š¼Š¾Ń‚Ń€ŠøтŠµ тŠ°ŠŗŠ¶Šµ Š¾ŠæŠøсŠ°Š½ŠøŠµ -\fB\-r\fR -Šø -\fBGID_MAX\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIŠšŠ›Š®Š§\fR=\fIŠ—ŠŠŠ§Š•ŠŠ˜Š•\fR -.RS 4 -Š˜Š·Š¼ŠµŠ½Šøть Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (GID_MIN, GID_MAX Šø Š“руŠ³ŠøŠµ), ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ хрŠ°Š½ŃŃ‚ся Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs\&. ŠœŠ¾Š¶Š½Š¾ уŠŗŠ°Š·Š°Ń‚ŃŒ Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠ¾ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² -\fB\-K\fR\&. -.sp -ŠŸŃ€ŠøŠ¼ŠµŃ€: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \&\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: Š·Š°ŠæŠøсь Š²ŠøŠ“Š° -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR -ŠæŠ¾ŠŗŠ° Š½Šµ рŠ°Š±Š¾Ń‚Š°ŠµŃ‚\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Š Š°Š·Ń€ŠµŃˆŠøть Š“Š¾Š±Š°Š²Š»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы с Š½Šµ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¼ GID\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIŠŸŠŠ ŠžŠ›Š¬\fR -.RS 4 -ŠØŠøфрŠ¾Š²Š°Š½Š½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š¾Š»Ń, ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ фуŠ½ŠŗцŠøя -\fBcrypt\fR(3)\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю ŠæŠ°Ń€Š¾Š»ŃŒ Š¾Ń‚ŠŗŠ»ŃŽŃ‡Ń‘Š½\&. -.sp -\fBŠ—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ:\fR -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š½Šµ рŠµŠŗŠ¾Š¼ŠµŠ½Š“уŠµŃ‚ся, тŠ°Šŗ ŠŗŠ°Šŗ ŠæŠ°Ń€Š¾Š»ŃŒ (ŠøŠ»Šø Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ) Š±ŃƒŠ“ŠµŃ‚ Š²ŠøŠ“ŠøŠ¼ Š“руŠ³ŠøŠ¼Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ Š² сŠæŠøсŠŗŠµ ŠæрŠ¾Ń†ŠµŃŃŠ¾Š²\&. -.sp -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š²ŠµŃ€Šøть, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŠµŃ‚ ŠæŠ¾Š»ŠøтŠøŠŗŠµ сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Š”Š¾Š·Š“Š°Ń‚ŃŒ сŠøстŠµŠ¼Š½ŃƒŃŽ Š³Ń€ŃƒŠæŠæу\&. -.sp -Š§ŠøсŠ»Š¾Š²Ń‹Šµ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ń‹ Š“Š»Ń сŠøстŠµŠ¼Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ Š²Ń‹Š±ŠøрŠ°ŃŽŃ‚ся ŠøŠ· Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Š° -\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR, Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Ń‹Ń… Š² -login\&.defs, Š° Š½Šµ ŠøŠ· -\fBGID_MIN\fR\-\fBGID_MAX\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBGID_MAX\fR (чŠøсŠ»Š¾), \fBGID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæ, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR, -\fBgroupadd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя Š¾Š±Ń‹Ń‡Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBGID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBGID_MAX\fR) рŠ°Š²Š½Š¾ 1000 (сŠ¾Š¾Ń‚Š²\&. 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -\fBSYS_GID_MAX\fR (чŠøсŠ»Š¾), \fBSYS_GID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæ, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR, -\fBgroupadd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя сŠøстŠµŠ¼Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBSYS_GID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&.\fBSYS_GID_MAX\fR) рŠ°Š²Š½Š¾ 101 (сŠ¾Š¾Ń‚Š²\&. -\fBGID_MIN\fR\-1)\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š˜Š¼ŠµŠ½Š° Š³Ń€ŃƒŠæŠæ Š“Š¾Š»Š¶Š½Ń‹ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ сŠ¾ стрŠ¾Ń‡Š½Š¾Š¹ Š±ŃƒŠŗŠ²Ń‹ ŠøŠ»Šø сŠøŠ¼Š²Š¾Š»Š° ŠæŠ¾Š“чёрŠŗŠøŠ²Š°Š½Šøя, Šø Š“Š¾Š»Š¶Š½Ń‹ сŠ¾ŃŃ‚Š¾ŃŃ‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ ŠøŠ· стрŠ¾Ń‡Š½Ń‹Ń… Š±ŃƒŠŗŠ², цŠøфр, сŠøŠ¼Š²Š¾Š»Š¾Š² ŠæŠ¾Š“чёрŠŗŠøŠ²Š°Š½Šøя Šø Š¼ŠøŠ½ŃƒŃ\&. ŠžŠ½Šø Š¼Š¾Š³ŃƒŃ‚ Š·Š°ŠŗŠ°Š½Ń‡ŠøŠ²Š°Ń‚ŃŒŃŃ Š·Š½Š°ŠŗŠ¾Š¼ Š“Š¾Š»Š»Š°Ń€Š°\&. Š­Ń‚Š¾ Š¼Š¾Š¶Š½Š¾ Š¾ŠæŠøсŠ°Ń‚ŃŒ рŠµŠ³ŃƒŠ»ŃŃ€Š½Ń‹Š¼ Š²Ń‹Ń€Š°Š¶ŠµŠ½ŠøŠµŠ¼: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Š˜Š¼ŠµŠ½Š° Š³Ń€ŃƒŠæŠæ Š¼Š¾Š³ŃƒŃ‚ Š±Ń‹Ń‚ŃŒ Š“Š»ŠøŠ½Š¾Š¹ Š½Šµ Š±Š¾Š»ŠµŠµ 16 Š·Š½Š°ŠŗŠ¾Š²\&. -.PP -ŠŠµŠ»ŃŒŠ·Ń Š“Š¾Š±Š°Š²Šøть Š³Ń€ŃƒŠæŠæу NIS ŠøŠ»Šø LDAP\&. Š­Ń‚Š¾ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Š¾ Š“ŠµŠ»Š°Ń‚ŃŒ Š½Š° сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŠµŠ¼ сŠµŃ€Š²ŠµŃ€Šµ\&. -.PP -Š•ŃŠ»Šø ŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Š²Š¾ Š²Š½ŠµŃˆŠ½ŠµŠ¹ Š±Š°Š·Šµ Š“Š°Š½Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ, Š½Š°ŠæрŠøŠ¼ŠµŃ€ Š² NIS ŠøŠ»Šø LDAP, тŠ¾ -\fBgroupadd\fR -Š½Šµ стŠ°Š½ŠµŃ‚ сŠ¾Š·Š“Š°Š²Š°Ń‚ŃŒ Š³Ń€ŃƒŠæŠæу\&. -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgroupadd\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI2\fR -.RS 4 -Š¾ŃˆŠøŠ±ŠŗŠ° Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Ń… ŠŗŠ¾Š¼Š°Š½Š“ы -.RE -.PP -\fI3\fR -.RS 4 -Š½ŠµŠ“Š¾ŠæустŠøŠ¼Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -.RE -.PP -\fI4\fR -.RS 4 -Š½Šµ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¹ GID (ŠµŃŠ»Šø Š½Šµ Š·Š°Š“Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-o\fR) -.RE -.PP -\fI9\fR -.RS 4 -Š½Šµ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Š¾Šµ ŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы -.RE -.PP -\fI10\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» Š³Ń€ŃƒŠæŠæ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/ru/man8/groupdel.8 b/man/ru/man8/groupdel.8 deleted file mode 100644 index 94eee652..00000000 --- a/man/ru/man8/groupdel.8 +++ /dev/null @@ -1,133 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "groupdel" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -groupdel \- уŠ“Š°Š»ŃŠµŃ‚ Š³Ń€ŃƒŠæŠæу -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] \fIŠ“Š Š£ŠŸŠŸŠ\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgroupdel\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ сŠøстŠµŠ¼Š½Ń‹Šµ фŠ°Š¹Š»Ń‹ учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹, уŠ“Š°Š»ŃŃ Š²ŃŠµ Š·Š°ŠæŠøсŠø, Š¾Ń‚Š½Š¾ŃŃŃ‰ŠøŠµŃŃ Šŗ -\fIŠ“Š Š£ŠŸŠŸŠ•\fR\&. Š“Ń€ŃƒŠæŠæŠ° с тŠ°ŠŗŠøŠ¼ ŠøŠ¼ŠµŠ½ŠµŠ¼ Š“Š¾Š»Š¶Š½Š° сущŠµŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBgroupdel\fR: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š’Ń‹ Š½Šµ Š¼Š¾Š¶ŠµŃ‚Šµ уŠ“Š°Š»Šøть Š³Ń€ŃƒŠæŠæу, ŠµŃŠ»Šø Š¾Š½Š° яŠ²Š»ŃŠµŃ‚ся ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š“Š»Ń сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠµŠ³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ уŠ“Š°Š»Šøть ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ уŠ“Š°Š»ŃŃ‚ŃŒ Š³Ń€ŃƒŠæŠæу\&. -.PP -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ ŠæрŠ¾Š²ŠµŃ€Šøть Š²ŃŠµ фŠ°Š¹Š»Š¾Š²Ń‹Šµ сŠøстŠµŠ¼Ń‹, чтŠ¾Š±Ń‹ уŠ±ŠµŠ“Šøться, чтŠ¾ Š½Šµ Š¾ŃŃ‚Š°Š»Š¾ŃŃŒ фŠ°Š¹Š»Š¾Š², ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‰Šøх уŠ“Š°Š»Ń‘Š½Š½Š¾Š¹ Š³Ń€ŃƒŠæŠæŠµ\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgroupdel\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI2\fR -.RS 4 -Š¾ŃˆŠøŠ±ŠŗŠ° Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Ń… ŠŗŠ¾Š¼Š°Š½Š“ы -.RE -.PP -\fI6\fR -.RS 4 -уŠŗŠ°Š·Š°Š½Š½Š°Ń Š³Ń€ŃƒŠæŠæŠ° Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ -.RE -.PP -\fI8\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ уŠ“Š°Š»Šøть ŠæŠµŃ€Š²ŠøчŠ½ŃƒŃŽ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗую Š³Ń€ŃƒŠæŠæу -.RE -.PP -\fI10\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» Š³Ń€ŃƒŠæŠæ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/ru/man8/groupmems.8 b/man/ru/man8/groupmems.8 deleted file mode 100644 index e29eaf0a..00000000 --- a/man/ru/man8/groupmems.8 +++ /dev/null @@ -1,170 +0,0 @@ -'\" t -.\" Title: groupmems -.\" Author: George Kraft, IV -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "groupmems" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -groupmems \- уŠæрŠ°Š²Š»ŃŠµŃ‚ чŠ»ŠµŠ½Š°Š¼Šø ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBgroupmems\fR\ 'u -\fBgroupmems\fR \-a\ \fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR | \-d\ \fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR | [\-g\ \fIŠøŠ¼Ń_Š³Ń€ŃƒŠæŠæы\fR] | \-l | \-p -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgroupmems\fR -ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ уŠæрŠ°Š²Š»ŃŃ‚ŃŒ сŠæŠøсŠŗŠ¾Š¼ чŠ»ŠµŠ½Š¾Š² сŠ²Š¾ŠµŠ¹ Š³Ń€ŃƒŠæŠæы Š½Šµ ŠøŠ¼ŠµŃ ŠæрŠøŠ²ŠøŠ»ŠµŠ³ŠøŠ¹ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgroupmems\fR -рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ Š² сŠøстŠµŠ¼Š°Ń…, Š³Š“Šµ Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń яŠ²Š»ŃŠµŃ‚ся Š³Ń€ŃƒŠæŠæŠ° с ŠøŠ¼ŠµŠ½ŠµŠ¼ сŠ¾Š²ŠæŠ°Š“Š°ŃŽŃ‰ŠøŠ¼ с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (тŠ¾ ŠµŃŃ‚ŃŒ, guest / guest)\&. -.PP -Š¢Š¾Š»ŃŒŠŗŠ¾ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠŗŠ°Šŗ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€ Š¼Š¾Š¶ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ -\fBgroupmems\fR, чтŠ¾Š±Ń‹ ŠøŠ·Š¼ŠµŠ½Šøть сŠæŠøсŠ¾Šŗ чŠ»ŠµŠ½Š¾Š² Š½Šµ сŠ²Š¾ŠµŠ¹ Š³Ń€ŃƒŠæŠæы\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBgroupmems\fR: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR -.RS 4 -Š”Š¾Š±Š°Š²Šøть Š½Š¾Š²Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š³Ń€ŃƒŠæŠæу\&. -.sp -Š•ŃŠ»Šø сущŠµŃŃ‚Š²ŃƒŠµŃ‚ фŠ°Š¹Š» -/etc/gshadow -Šø Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚ Š² фŠ°Š¹Š»Šµ -/etc/gshadow, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½Š° Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR -.RS 4 -Š£Š“Š°Š»Šøть ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ· Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø сущŠµŃŃ‚Š²ŃƒŠµŃ‚ фŠ°Š¹Š» -/etc/gshadow, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š±ŃƒŠ“ŠµŃ‚ уŠ“Š°Š»Ń‘Š½ ŠøŠ· сŠæŠøсŠŗŠ° чŠ»ŠµŠ½Š¾Š² Šø Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø сущŠµŃŃ‚Š²ŃƒŠµŃ‚ фŠ°Š¹Š» -/etc/gshadow -Šø Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚ Š² фŠ°Š¹Š»Šµ -/etc/gshadow, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½Š° Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь\&. -.RE -.PP -\fB\-g\fR, \fB\-\-group\fR\ \&\fIŠøŠ¼Ń_Š³Ń€ŃƒŠæŠæы\fR -.RS 4 -Š”уŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ уŠŗŠ°Š·Š°Ń‚ŃŒ Š³Ń€ŃƒŠæŠæу, Š² ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ Š½ŃƒŠ¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½Šøть сŠæŠøсŠ¾Šŗ чŠ»ŠµŠ½Š¾Š²\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ сŠæŠøсŠ¾Šŗ чŠ»ŠµŠ½Š¾Š² Š³Ń€ŃƒŠæŠæы\&. -.RE -.PP -\fB\-p\fR, \fB\-\-purge\fR -.RS 4 -Š’ычŠøстŠøть Š²ŃŠµŃ… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠøŠ· сŠæŠøсŠŗŠ° чŠ»ŠµŠ½Š¾Š² Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø сущŠµŃŃ‚Š²ŃƒŠµŃ‚ фŠ°Š¹Š» -/etc/gshadow -Šø Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚ Š² фŠ°Š¹Š»Šµ -/etc/gshadow, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½Š° Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -Š˜ŃŠæŠ¾Š»Š½ŃŠµŠ¼Ń‹Š¹ фŠ°Š¹Š» ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ -\fBgroupmems\fR -Š“Š¾Š»Š¶ŠµŠ½ ŠøŠ¼ŠµŃ‚ŃŒ ŠæрŠ°Š²Š° -2770, ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‚ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ -\fIroot\fR -Šø Š³Ń€ŃƒŠæŠæŠµ -\fIgroups\fR\&. Š”ŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€ Š¼Š¾Š¶ŠµŃ‚ Š“Š¾Š±Š°Š²Š»ŃŃ‚ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š² Š³Ń€ŃƒŠæŠæу -\fIgroups\fR, рŠ°Š·Ń€ŠµŃˆŠ°Ń ŠøŠ»Šø Š·Š°ŠæрŠµŃ‰Š°Ń ŠøŠ¼ Š·Š°ŠæусŠŗŠ°Ń‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ńƒ -\fBgroupmems\fR -Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя чŠ»ŠµŠ½ŃŃ‚Š²Š¾Š¼ Š² сŠ²Š¾ŠµŠ¹ Š³Ń€ŃƒŠæŠæŠµ\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - $ groupadd \-r groups - $ chmod 2770 groupmems - $ chown root\&.groups groupmems - $ groupmems \-g groups \-a gk4 - -.fi -.if n \{\ -.RE -.\} -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/ru/man8/groupmod.8 b/man/ru/man8/groupmod.8 deleted file mode 100644 index e61e1420..00000000 --- a/man/ru/man8/groupmod.8 +++ /dev/null @@ -1,205 +0,0 @@ -'\" t -.\" Title: groupmod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "groupmod" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -groupmod \- ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы Š² сŠøстŠµŠ¼Šµ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBgroupmod\fR\ 'u -\fBgroupmod\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] \fIŠ“Š Š£ŠŸŠŸŠ\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBgroupmod\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½ŠøŠµ уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ -\fIŠ“Š Š£ŠŸŠŸŠ«\fR, ŠøŠ·Š¼ŠµŠ½ŃŃ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŃƒŃŽ Š·Š°ŠæŠøсь Š² Š±Š°Š·Šµ Š“Š°Š½Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBgroupmod\fR: -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -Š˜Š¼Ń Š³Ń€ŃƒŠæŠæы Š±ŃƒŠ“ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Š¾ с -\fIŠ“Š Š£ŠŸŠŸŠ\fR -Š½Š° -\fIGID\fR\&. -.sp -Š”ŠµŃŃŃ‚ŠøчŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIGID\fR -Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ Š½ŠµŠ¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¼\&. Š­Ń‚Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¼, ŠµŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-o\fR\&. -.sp -Š£ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… этŠ° Š³Ń€ŃƒŠæŠæŠ° яŠ²Š»ŃŠµŃ‚ся ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹, Š±ŃƒŠ“ŠµŃ‚ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š¾ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŠµŠµ Š¾Š±Š½Š¾Š²Š»ŠµŠ½ŠøŠµ\&. -.sp -Š£ Š²ŃŠµŃ… фŠ°Š¹Š»Š¾Š², ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ŠøŠ¼ŠµŃŽŃ‚ ID стŠ°Ń€Š¾Š¹ Š³Ń€ŃƒŠæŠæы Šø Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š“Š¾Š»Š¶Š°Ń‚ŃŒ ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‚ŃŒ -\fIGROUP\fR, Š½ŃƒŠ¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½Šøть Šøх ID Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ\&. -.sp -ŠŠøŠŗŠ°ŠŗŠøх ŠæрŠ¾Š²ŠµŃ€Š¾Šŗ ŠæŠ¾ -\fBGID_MIN\fR, -\fBGID_MAX\fR, -\fBSYS_GID_MIN\fR -ŠøŠ»Šø -\fBSYS_GID_MAX\fR -ŠøŠ· -/etc/login\&.defs -Š½Šµ ŠæрŠ¾ŠøŠ·Š²Š¾Š“Šøтся\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fIŠŠžŠ’ŠŠÆ_Š“Š Š£ŠŸŠŸŠ\fR -.RS 4 -Š˜Š¼Ń Š³Ń€ŃƒŠæŠæы Š±ŃƒŠ“ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Š¾ с -\fIŠ“Š Š£ŠŸŠŸŠ\fR -Š½Š° -\fIŠŠžŠ’ŠŠÆ_Š“Š Š£ŠŸŠŸŠ\fR\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -ŠŸŃ€Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ŠøŠø с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-g\fR -рŠ°Š·Ń€ŠµŃˆŠ°ŠµŃ‚ся ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ -\fIGID\fR -Š³Ń€ŃƒŠæŠæы Š½Šµ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµŠ¼\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIŠŸŠŠ ŠžŠ›Š¬\fR -.RS 4 -ŠØŠøфрŠ¾Š²Š°Š½Š½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š¾Š»Ń, ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ фуŠ½ŠŗцŠøя -\fBcrypt\fR(3)\&. -.sp -\fBŠ—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ:\fR -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š½Šµ рŠµŠŗŠ¾Š¼ŠµŠ½Š“уŠµŃ‚ся, тŠ°Šŗ ŠŗŠ°Šŗ ŠæŠ°Ń€Š¾Š»ŃŒ (ŠøŠ»Šø Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ) Š±ŃƒŠ“ŠµŃ‚ Š²ŠøŠ“ŠøŠ¼ Š“руŠ³ŠøŠ¼Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ Š² сŠæŠøсŠŗŠµ ŠæрŠ¾Ń†ŠµŃŃŠ¾Š²\&. -.sp -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š²ŠµŃ€Šøть, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŠµŃ‚ ŠæŠ¾Š»ŠøтŠøŠŗŠµ сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBgroupmod\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI2\fR -.RS 4 -Š¾ŃˆŠøŠ±ŠŗŠ° Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Ń… ŠŗŠ¾Š¼Š°Š½Š“ы -.RE -.PP -\fI3\fR -.RS 4 -Š½ŠµŠ“Š¾ŠæустŠøŠ¼Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -.RE -.PP -\fI4\fR -.RS 4 -уŠŗŠ°Š·Š°Š½Š½Š°Ń Š³Ń€ŃƒŠæŠæŠ° Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ -.RE -.PP -\fI6\fR -.RS 4 -уŠŗŠ°Š·Š°Š½Š½Š°Ń Š³Ń€ŃƒŠæŠæŠ° Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ -.RE -.PP -\fI9\fR -.RS 4 -тŠ°ŠŗŠ¾Šµ ŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы уŠ¶Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся -.RE -.PP -\fI10\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» Š³Ń€ŃƒŠæŠæ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/ru/man8/grpck.8 b/man/ru/man8/grpck.8 deleted file mode 100644 index 749b7b11..00000000 --- a/man/ru/man8/grpck.8 +++ /dev/null @@ -1,235 +0,0 @@ -'\" t -.\" Title: grpck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "grpck" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -grpck \- ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ фŠ°Š¹Š»Š¾Š² Š³Ń€ŃƒŠæŠæ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBgrpck\fR\ 'u -\fBgrpck\fR [ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры] [\fIŠ³Ń€ŃƒŠæŠæŠ°\fR\ [\ \fIshadow\fR\ ]] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBgrpck\fR -ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ цŠµŠ»Š¾ŃŃ‚Š½Š¾ŃŃ‚ŃŒ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… Š² сŠøстŠµŠ¼Šµ\&. ŠŸŃ€Š¾Š²ŠµŃ€ŃŃŽŃ‚ся фŠ¾Ń€Š¼Š°Ń‚ Šø ŠæрŠ°Š²ŠøŠ»ŃŒŠ½Š¾ŃŃ‚ŃŒ Š“Š°Š½Š½Ń‹Ń… Š²ŃŠµŃ… Š·Š°ŠæŠøсŠµŠ¹ Š² фŠ°Š¹Š»Š°Ń… -/etc/group -Šø -/etc/gshadow\&. Š’ сŠ»ŃƒŃ‡Š°Šµ Š¾Š±Š½Š°Ń€ŃƒŠ¶ŠµŠ½Šøя Š¾ŃˆŠøŠ±Š¾Šŗ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠæрŠµŠ“Š»Š°Š³Š°ŠµŃ‚ся ŠæŠ¾Š“тŠ²ŠµŃ€Š“Šøть уŠ“Š°Š»ŠµŠ½ŠøŠµ Š·Š°ŠæŠøсŠµŠ¹, ŠøŠ¼ŠµŃŽŃ‰Šøх Š½ŠµŠ²ŠµŃ€Š½Ń‹Š¹ фŠ¾Ń€Š¼Š°Ń‚ ŠøŠ»Šø Š²Š¾ŃŃŃ‚Š°Š½Š¾Š²Š»ŠµŠ½ŠøŠµ ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… Š½ŠµŠ²Š¾Š·Š¼Š¾Š¶Š½Š¾\&. -.PP -Š’Ń‹ŠæŠ¾Š»Š½ŃŃŽŃ‚ся сŠ»ŠµŠ“ующŠøŠµ ŠæрŠ¾Š²ŠµŃ€ŠŗŠø: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠæрŠ°Š²ŠøŠ»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæŠ¾Š»ŠµŠ¹ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Š¾ŃŃ‚ŃŒ Šø ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ ŠøŠ¼ŠµŠ½Šø Š³Ń€ŃƒŠæŠæы -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š° Š³Ń€ŃƒŠæŠæы -(тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń /etc/group) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ сŠæŠøсŠŗŠ° чŠ»ŠµŠ½Š¾Š² -Šø Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€Š¾Š² -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠøŠµ Š·Š°ŠæŠøсŠø Š² фŠ°Š¹Š»Šµ -/etc/gshadow -(Šø -/etc/group -ŠæрŠø ŠæрŠ¾Š²ŠµŃ€ŠŗŠ°Ń… -gshadow) -.RE -.PP -ŠžŃˆŠøŠ±ŠŗŠø Š² ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Šµ ŠæŠ¾Š»ŠµŠ¹ Šø уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Š¾ŃŃ‚Šø ŠøŠ¼Ń‘Š½ Š³Ń€ŃƒŠæŠæ Š½ŠµŠ²Š¾ŃŃŃ‚Š°Š½Š¾Š²ŠøŠ¼Ń‹\&. Š•ŃŠ»Šø Š·Š°ŠæŠøсь сŠ¾Š“ŠµŃ€Š¶Šøт Š½ŠµŠ²ŠµŃ€Š½Š¾Šµ чŠøсŠ»Š¾ ŠæŠ¾Š»ŠµŠ¹, ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠæŠ¾ŠæрŠ¾ŃŃŃ‚ ŠæŠ¾Š“тŠ²ŠµŃ€Š“Šøть уŠ“Š°Š»ŠµŠ½ŠøŠµ Š²ŃŠµŠ¹ стрŠ¾ŠŗŠø\&. Š•ŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¾Ń‚Š²ŠµŃ‚Šøт Š¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾, Š“Š°Š»ŃŒŠ½ŠµŠ¹ŃˆŠ°Ń ŠæрŠ¾Š²ŠµŃ€ŠŗŠ° Š²Ń‹ŠæŠ¾Š»Š½ŃŃ‚ŃŒŃŃ Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. ŠŸŃ€Šø Š¾ŃˆŠøŠ±ŠŗŠµ ŠæŠ¾Š²Ń‚Š¾Ń€ŠµŠ½Šøя ŠøŠ¼ŠµŠ½Šø Š³Ń€ŃƒŠæŠæы тŠ°ŠŗŠ¶Šµ Š²Š¾Š·Š½ŠøŠŗŠ°ŠµŃ‚ Š·Š°ŠæрŠ¾Ń Š½Š° уŠ“Š°Š»ŠµŠ½ŠøŠµ, Š½Š¾ Š² сŠ»ŃƒŃ‡Š°Šµ Š¾Ń‚ŠŗŠ°Š·Š° ŠæрŠ¾Š²ŠµŃ€ŠŗŠ° Š±ŃƒŠ“ŠµŃ‚ ŠæрŠ¾Š“Š¾Š»Š¶ŠµŠ½Š°\&. ŠžŠ±Š¾ Š²ŃŠµŃ… Š¾ŃŃ‚Š°Š»ŃŒŠ½Ń‹Ń… Š¾ŃˆŠøŠ±ŠŗŠ°Ń… Š²Ń‹Š²Š¾Š“Šøтся ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠæрŠµŠ“Š»Š°Š³Š°ŠµŃ‚ся Š·Š°ŠæустŠøть ŠŗŠ¾Š¼Š°Š½Š“у -\fBgroupmod\fR, чтŠ¾Š±Ń‹ ŠøсŠæрŠ°Š²Šøть Š¾ŃˆŠøŠ±Šŗу\&. -.PP -ŠšŠ¾Š¼Š°Š½Š“ы, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ рŠ°Š±Š¾Ń‚Š°ŃŽŃ‚ с фŠ°Š¹Š»Š¾Š¼ -/etc/groupŠø /etc/gshadow, Š½Šµ сŠæŠ¾ŃŠ¾Š±Š½Ń‹ ŠøŠ·Š¼ŠµŠ½Šøть ŠæŠ¾Š²Ń€ŠµŠ¶Š“ёŠ½Š½Ń‹Šµ ŠøŠ»Šø Š“уŠ±Š»ŠøрующŠøŠµŃŃ Š·Š°ŠæŠøсŠø\&. Š’ этŠ¾Š¼ сŠ»ŃƒŃ‡Š°Šµ Š½ŃƒŠ¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ -\fBgrpck\fR -Š“Š»Ń уŠ“Š°Š»ŠµŠ½Šøя ŠøсŠæŠ¾Ń€Ń‡ŠµŠ½Š½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры -\fB\-r\fR, -\fB\-s\fR -Š½Šµ Š¼Š¾Š³ŃƒŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š¾Š“Š½Š¾Š²Ń€ŠµŠ¼ŠµŠ½Š½Š¾\&. -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBgrpck\fR: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Š—Š°ŠæусŠŗŠ°Ń‚ŃŒ ŠŗŠ¾Š¼Š°Š½Š“у -\fBgrpck\fR -Š² рŠµŠ¶ŠøŠ¼Šµ тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń чтŠµŠ½Šøя\&. ŠŸŃ€Šø этŠ¾Š¼ Š½Š° Š²ŃŠµ Š²Š¾ŠæрŠ¾ŃŃ‹ Š¾Š± ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøях устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŠµŃ‚ся Š¾Ń‚Š²ŠµŃ‚ -\fIŠ½ŠµŃ‚\fR -Šø учŠ°ŃŃ‚ŠøŠµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š½Šµ трŠµŠ±ŃƒŠµŃ‚ся\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -ŠžŃ‚сŠ¾Ń€Ń‚ŠøрŠ¾Š²Š°Ń‚ŃŒ Š²ŃŠµ Š·Š°ŠæŠøсŠø Š² фŠ°Š¹Š»Šµ -/etc/groupŠø /etc/gshadow -ŠæŠ¾ чŠøсŠ»Š¾Š²Š¾Š¼Ńƒ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ńƒ Š³Ń€ŃƒŠæŠæы (GID)\&. -.RE -.PP -By default, -\fBgrpck\fR -operates on -/etc/groupand /etc/gshadow\&. The user may select alternate files with the -\fIgroup\fRand \fIshadow\fR parameters\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBgrpck\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI1\fR -.RS 4 -Š¾ŃˆŠøŠ±ŠŗŠ° Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Ń… ŠŗŠ¾Š¼Š°Š½Š“ы -.RE -.PP -\fI2\fR -.RS 4 -ŠµŃŃ‚ŃŒ Š¾Š“Š½Š° ŠøŠ»Šø Š±Š¾Š»ŠµŠµ Š½ŠµŠæрŠ°Š²ŠøŠ»ŃŒŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹ Š³Ń€ŃƒŠæŠæ -.RE -.PP -\fI3\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ Š¾Ń‚Šŗрыть фŠ°Š¹Š» Š³Ń€ŃƒŠæŠæ -.RE -.PP -\fI4\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š» Š³Ń€ŃƒŠæŠæ -.RE -.PP -\fI5\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» Š³Ń€ŃƒŠæŠæ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBgroup\fR(5), -\fBgroupmod\fR(8), -\fBgshadow\fR(5),\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBshadow\fR(5)\&. diff --git a/man/ru/man8/grpconv.8 b/man/ru/man8/grpconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/ru/man8/grpconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/ru/man8/grpunconv.8 b/man/ru/man8/grpunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/ru/man8/grpunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/ru/man8/lastlog.8 b/man/ru/man8/lastlog.8 deleted file mode 100644 index d1176dfb..00000000 --- a/man/ru/man8/lastlog.8 +++ /dev/null @@ -1,105 +0,0 @@ -'\" t -.\" Title: lastlog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "lastlog" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -lastlog \- Š²Ń‹Š²Š¾Š“Šøт Š¾Ń‚чёт Š¾ ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ рŠµŠ³ŠøстрŠ°Ń†ŠøŠø Š² сŠøстŠµŠ¼Šµ Š²ŃŠµŃ… ŠøŠ»Šø уŠŗŠ°Š·Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBlastlog\fR\ 'u -\fBlastlog\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlastlog\fR -уŠæŠ¾Ń€ŃŠ“Š¾Ń‡ŠøŠ²Š°ŠµŃ‚ Šø Š²Ń‹Š²Š¾Š“Šøт сŠ¾Š“ŠµŃ€Š¶ŠøŠ¼Š¾Šµ фŠ°Š¹Š»Š° -/var/log/lastlog, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ сŠ¾Š“ŠµŃ€Š¶Šøт Š“Š°Ń‚Ń‹ ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ³Š¾ Š²Ń…Š¾Š“Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š² сŠøстŠµŠ¼Ńƒ\&. Š’Ń‹Š²Š¾Š“ятся -\fIŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR, -\fIŠæŠ¾Ń€Ń‚\fR -Šø -\fIŠ“Š°Ń‚Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ³Š¾ Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ\fR\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (Š²Ń‹Š·Š¾Š² Š±ŠµŠ· ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š²) ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŃŽŃ‚ся Š·Š°ŠæŠøсŠø фŠ°Š¹Š»Š° lastlog, Š¾Ń‚сŠ¾Ń€Ń‚ŠøрŠ¾Š²Š°Š½Š½Ń‹Šµ сŠ¾Š³Š»Š°ŃŠ½Š¾ рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½Šøю ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š² фŠ°Š¹Š»Šµ -/etc/passwd\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBlastlog\fR: -.PP -\fB\-b\fR, \fB\-\-before\fR\ \&\fIŠ”ŠŠ•Š™\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø lastlog Š·Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠøŠµ -\fIŠ”ŠŠ•Š™\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIŠ”ŠŠ•Š™\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø lastlog Š½Š¾Š²ŠµŠµ чŠµŠ¼ -\fIŠ”ŠŠ•Š™\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fIŠ£Š§ŠŠ¢ŠŠŠÆ Š—ŠŠŸŠ˜Š”Š¬\fR|\fIŠ”Š˜ŠŠŸŠŠ—ŠžŠ\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсь lastlog тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń уŠŗŠ°Š·Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń(ŠµŠ¹)\&. -.sp -ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¼Š¾Š¶Š½Š¾ уŠŗŠ°Š·Š°Ń‚ŃŒ ŠæŠ¾ Š¾Ń‚Š“ŠµŠ»ŃŒŠ½Š¾Š¼Ńƒ ŠøŠ¼ŠµŠ½Šø, чŠøсŠ»Š¾Š²Š¾Š¼Ńƒ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ńƒ ŠøŠ»Šø Š² Š²ŠøŠ“Šµ -\fIŠ”Š˜ŠŠŸŠŠ—ŠžŠŠ\fR -ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. Š¢Š°ŠŗŠ¾Š¹ -\fIŠ”Š˜ŠŠŸŠŠ—ŠžŠ\fR -Š¼Š¾Š¶Š½Š¾ Š·Š°Š“Š°Š²Š°Ń‚ŃŒ Š² Š²ŠøŠ“Šµ Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ Šø Š¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹(\fIUID_ŠœŠ˜Š\-UID_ŠœŠŠšŠ”\fR), Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ (\fI\-UID_ŠœŠŠšŠ”\fR) ŠøŠ»Šø Š¼ŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Š³Š¾ (\fIUID_ŠœŠ˜Š\-\fR) Š·Š½Š°Ń‡ŠµŠ½Šøя\&. -.RE -.PP -Š•ŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½ŠøŠŗŠ¾Š³Š“Š° Š½Šµ рŠµŠ³ŠøстрŠøрŠ¾Š²Š°Š»ŃŃ Š² сŠøстŠµŠ¼Šµ, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠæŠ¾ŠŗŠ°Š·Š°Š½Š¾ сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ -\fI** ŠŠøŠŗŠ¾Š³Š“Š° Š½Šµ Š²Ń…Š¾Š“ŠøŠ» Š² сŠøстŠµŠ¼Ńƒ**\fR -Š²Š¼ŠµŃŃ‚Š¾ Š½Š°Š·Š²Š°Š½Šøя ŠæŠ¾Ń€Ń‚Š° Šø Š“Š°Ń‚Ń‹\&. -.PP -Š‘ŃƒŠ“ут ŠæŠ¾ŠŗŠ°Š·Š°Š½Ń‹ Š·Š°ŠæŠøсŠø тŠ¾Š»ŃŒŠŗŠ¾ Š“Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠøŠ¼ŠµŃŽŃ‰Šøх Š² сŠøстŠµŠ¼Šµ Š“Š°Š½Š½Ń‹Š¹ Š¼Š¾Š¼ŠµŠ½Ń‚\&. Š’ Š¶ŃƒŃ€Š½Š°Š»Šµ Š¼Š¾Š³ŃƒŃ‚ сущŠµŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø Š“Š»Ń уŠ“Š°Š»Ń‘Š½Š½Ń‹Ń… рŠ°Š½ŠµŠµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.SH "Š—ŠŠœŠ•Š§ŠŠŠ˜Š•" -.PP -Š¤Š°Š¹Š» -lastlog -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ рŠµŠ³ŠøстрŠ°Ń†ŠøŠø Š² сŠøстŠµŠ¼Šµ ŠŗŠ°Š¶Š“Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠøŠ¼ŠµŠ½ŃŃ‚ŃŒ Šŗ Š½ŠµŠ¼Ńƒ рŠ¾Ń‚Š°Ń†Šøю Š¶ŃƒŃ€Š½Š°Š»ŃŒŠ½Ń‹Ń… фŠ°Š¹Š»Š¾Š²\&. Š­Ń‚Š¾Ń‚ фŠ°Š¹Š» яŠ²Š»ŃŠµŃ‚ся рŠ°Š·Ń€ŠµŠ¶ŠµŠ½Š½Ń‹Š¼, ŠæŠ¾ŃŃ‚Š¾Š¼Ńƒ ŠµŠ³Š¾ рŠ°Š·Š¼ŠµŃ€ Š½Š° Š“ŠøсŠŗŠµ Š³Š¾Ń€Š°Š·Š“Š¾ Š¼ŠµŠ½ŃŒŃˆŠµ, чŠµŠ¼ ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ ŠŗŠ¾Š¼Š°Š½Š“Š° \(Fo\fBls \-l\fR\(Fc (ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š¼Š¾Š¶ŠµŃ‚ ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒ, чтŠ¾ этŠ¾ Š¾Ń‡ŠµŠ½ŃŒ Š±Š¾Š»ŃŒŃˆŠ¾Š¹ фŠ°Š¹Š», ŠµŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½Šøя ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š² сŠøстŠµŠ¼Šµ Š“Š¾ŃŃ‚ŠøŠ³Š°ŃŽŃ‚ Š±Š¾Š»ŃŒŃˆŠøх Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹)\&. Š§Ń‚Š¾Š±Ń‹ уŠ²ŠøŠ“ŠµŃ‚ŃŒ рŠµŠ°Š»ŃŒŠ½Ń‹Š¹ рŠ°Š·Š¼ŠµŃ€ Š²Š²ŠµŠ“ŠøтŠµ \(Fo\fBls \-s\fR\(Fc\&. -.SH "Š¤ŠŠ™Š›Š«" -.PP -/var/log/lastlog -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт сŠæŠøсŠ¾Šŗ Š·Š°Š²ŠµŃ€ŃˆŃ‘Š½Š½Ń‹Ń… сŠµŠ°Š½ŃŠ¾Š² рŠ°Š±Š¾Ń‚Ń‹ с сŠøстŠµŠ¼Š¾Š¹ -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š‘Š¾Š»ŃŒŃˆŠøŠµ ŠæрŠ¾Š¼ŠµŠ¶ŃƒŃ‚ŠŗŠø Š² Š·Š½Š°Ń‡ŠµŠ½Šøях ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠæрŠøŠ²Š¾Š“ят Šŗ тŠ¾Š¼Ńƒ, чтŠ¾ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° Š½ŠµŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š²Ń€ŠµŠ¼Ń Š½ŠøчŠµŠ³Š¾ Š½Šµ Š²Ń‹Š²Š¾Š“Šøт Š½Š° эŠŗрŠ°Š½ (тŠ¾ ŠµŃŃ‚ŃŒ, ŠµŃŠ»Šø Š² Š±Š°Š·Šµ Š“Š°Š½Š½Ń‹Ń… lastlog Š½ŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ с ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š°Š¼Šø с 170 ŠæŠ¾ 800, тŠ¾ Š²Š¾ Š²Ń€ŠµŠ¼Ń Š¾Š±Ń€Š°Š±Š¾Ń‚ŠŗŠø UID с 171 ŠæŠ¾ 799 ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° ŠŗŠ°Š¶ŠµŃ‚ся ŠæŠ¾Š²ŠøсшŠµŠ¹)\&. diff --git a/man/ru/man8/logoutd.8 b/man/ru/man8/logoutd.8 deleted file mode 100644 index 90bb3c45..00000000 --- a/man/ru/man8/logoutd.8 +++ /dev/null @@ -1,57 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "logoutd" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -logoutd \- ŠŗŠ¾Š½Ń‚Ń€Š¾Š»ŠøруŠµŃ‚ Š²Ń€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ ŠøŠ½Ń‚ŠµŃ€Š²Š°Š»Ń‹ рŠ°Š±Š¾Ń‚Ń‹ Š² сŠøстŠµŠ¼Šµ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlogoutd\fR -ŠŗŠ¾Š½Ń‚Ń€Š¾Š»ŠøруŠµŃ‚ Š²Ń€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя рŠ°Š±Š¾Ń‚Ń‹ Š² сŠøстŠµŠ¼Šµ Šø ŠæŠ¾Ń€Ń‚Ń‹, Š·Š°Š“Š°Š½Š½Ń‹Šµ Š² фŠ°Š¹Š»Šµ -/etc/porttime\&. ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBlogoutd\fR -Š“Š¾Š»Š¶Š½Š° Š·Š°ŠæусŠŗŠ°Ń‚ŃŒŃŃ ŠøŠ· сцŠµŠ½Š°Ń€Šøя -/etc/rc\&. Š¤Š°Š¹Š» -/var/run/utmp -ŠæŠµŃ€ŠøŠ¾Š“ŠøчŠµŃŠŗŠø сŠŗŠ°Š½ŠøруŠµŃ‚ся Šø Š“Š»Ń ŠŗŠ°Š¶Š“Š¾Š³Š¾ ŠøŠ¼ŠµŠ½Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся, рŠ°Š·Ń€ŠµŃˆŠµŠ½Š¾ Š»Šø Š“Š°Š½Š½Š¾Š¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ рŠ°Š±Š¾Ń‚Š°Ń‚ŃŒ Š² Š½Š°ŃŃ‚Š¾ŃŃ‰ŠøŠ¹ Š¼Š¾Š¼ŠµŠ½Ń‚ Š½Š° Š“Š°Š½Š½Š¾Š¼ ŠæŠ¾Ń€Ń‚Ńƒ\&. Š›ŃŽŠ±Š¾Š¹ сŠµŠ°Š½Ń, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š½Š°Ń€ŃƒŃˆŠ°ŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя, Š¾ŠæŠøсŠ°Š½Š½Ń‹Šµ Š² фŠ°Š¹Š»Šµ -/etc/porttime, Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š²ŠµŃ€ŃˆŃ‘Š½\&. -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/porttime -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт рŠ°Š·Ń€ŠµŃˆŃ‘Š½Š½Š¾Šµ Š²Ń€ŠµŠ¼Ń рŠ°Š±Š¾Ń‚Ń‹ Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ с Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Ń‹Ń… ŠæŠ¾Ń€Ń‚Š¾Š² -.RE -.PP -/var/run/utmp -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт сŠæŠøсŠ¾Šŗ рŠ°Š±Š¾Ń‚Š°ŃŽŃ‰Šøх сŠµŠ°Š½ŃŠ¾Š² Š² сŠøстŠµŠ¼Šµ -.RE diff --git a/man/ru/man8/newusers.8 b/man/ru/man8/newusers.8 deleted file mode 100644 index 7246de85..00000000 --- a/man/ru/man8/newusers.8 +++ /dev/null @@ -1,433 +0,0 @@ -'\" t -.\" Title: newusers -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "newusers" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -newusers \- Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ Šø сŠ¾Š·Š“Š°Ń‘Ń‚ Š½Š¾Š²Ń‹Šµ учётŠ½Ń‹Šµ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š² ŠæŠ°ŠŗŠµŃ‚Š½Š¾Š¼ рŠµŠ¶ŠøŠ¼Šµ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBnewusers\fR\ 'u -\fBnewusers\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] [\fIфŠ°Š¹Š»\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBnewusers\fR -чŠøтŠ°ŠµŃ‚ -\fIфŠ°Š¹Š»\fR -(ŠøŠ»Šø ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю стŠ°Š½Š“Š°Ń€Ń‚Š½Ń‹Š¹ Š²Š²Š¾Š“) Šø ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ эту ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š“Š»Ń Š¾Š±Š½Š¾Š²Š»ŠµŠ½Šøя Š³Ń€ŃƒŠæŠæы сущŠµŃŃ‚Š²ŃƒŃŽŃ‰Šøх ŠøŠ»Šø сŠ¾Š·Š“Š°Š½Šøя Š½Š¾Š²Ń‹Ń… учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹\&. ŠšŠ°Š¶Š“Š°Ń стрŠ¾ŠŗŠ° ŠøŠ¼ŠµŠµŃ‚ фŠ¾Ń€Š¼Š°Ń‚ стŠ°Š½Š“Š°Ń€Ń‚Š½Š¾Š³Š¾ фŠ°Š¹Š»Š° ŠæŠ°Ń€Š¾Š»ŠµŠ¹ (сŠ¼Š¾Ń‚Ń€ŠøтŠµ -\fBpasswd\fR(5)) Š·Š° ŠøсŠŗŠ»ŃŽŃ‡ŠµŠ½ŠøŠµŠ¼: -.PP -pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell -.PP -\fIpw_name\fR -.RS 4 -Š˜Š¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -Š­Ń‚Š¾ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠøŠ¼Ń Š½Š¾Š²Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø ŠøŠ¼Ń сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠµŠ³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (ŠøŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, сŠ¾Š·Š“Š°Š½Š½Š¾Š³Š¾ -\fBnewusers\fR -рŠ°Š½ŠµŠµ)\&. Š•ŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ сущŠµŃŃ‚Š²ŃƒŠµŃ‚, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Š° ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøя Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šµ, ŠøŠ»Šø Š¶Šµ сŠ¾Š·Š“Š°Ń‘Ń‚ŃŃ Š½Š¾Š²Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\&. -.RE -.PP -\fIpw_passwd\fR -.RS 4 -Š­Ń‚Š¾ ŠæŠ¾Š»Šµ Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Š¾ Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ ŠŗŠ°Šŗ Š½Š¾Š²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ шŠøфрŠ¾Š²Š°Š½Š½Š¾Š³Š¾ ŠæŠ°Ń€Š¾Š»Ń\&. -.RE -.PP -\fI pw_gid\fR -.RS 4 -Š­Ń‚Š¾ ŠæŠ¾Š»Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя UID ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -Š•ŃŠ»Šø этŠ¾ ŠæŠ¾Š»Šµ ŠæустŠ¾, тŠ¾ ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ -\fBnewusers\fR -Š°Š²Ń‚Š¾Š¼Š°Ń‚ŠøчŠµŃŠŗŠø Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся Š½Š¾Š²Ń‹Š¹ (Š½ŠµŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š½Ń‹Š¹) UID\&. -.sp -Š•ŃŠ»Šø Š² этŠ¾Š¼ ŠæŠ¾Š»Šµ уŠŗŠ°Š·Š°Š½Š¾ чŠøсŠ»Š¾, тŠ¾ Š¾Š½Š¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ UID\&. -.sp -Š•ŃŠ»Šø Š² ŠæŠ¾Š»Šµ сŠ¾Š“ŠµŃ€Š¶Šøтся ŠøŠ¼Ń сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠµŠ³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (ŠøŠ»Šø ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, сŠ¾Š·Š“Š°Š½Š½Š¾Š³Š¾ -\fBnewusers\fR -рŠ°Š½ŠµŠµ), тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ UID уŠŗŠ°Š·Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -Š•ŃŠ»Šø ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ся UID сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠµŠ³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, тŠ¾ у фŠ°Š¹Š»Š¾Š², ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¼Šø Š²Š»Š°Š“ŠµŠ» этŠ¾Ń‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ, Š½ŃƒŠ¶Š½Š¾ Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»Šøть Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š°\&. -.RE -.PP -\fIpw_gid\fR -.RS 4 -Š­Ń‚Š¾ ŠæŠ¾Š»Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ID ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -Š•ŃŠ»Šø Š² этŠ¾Š¼ ŠæŠ¾Š»Šµ сŠ¾Š“ŠµŃ€Š¶Šøтся ŠøŠ¼Ń сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠµŠ¹ Š³Ń€ŃƒŠæŠæы (ŠøŠ»Šø Š³Ń€ŃƒŠæŠæы, сŠ¾Š·Š“Š°Š½Š½Š¾Š¹ -\fBnewusers\fR -рŠ°Š½ŠµŠµ), тŠ¾ Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ ID ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ GID этŠ¾Š¹ Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø Š² этŠ¾Š¼ ŠæŠ¾Š»Šµ сŠ¾Š“ŠµŃ€Š¶Šøтся чŠøсŠ»Š¾, тŠ¾ этŠ¾ чŠøсŠ»Š¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ ŠŗŠ°Šŗ ID ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø с тŠ°ŠŗŠøŠ¼ GID Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½Š° Š½Š¾Š²Š°Ń Š³Ń€ŃƒŠæŠæŠ° с этŠøŠ¼ GID Šø ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -Š•ŃŠ»Šø этŠ¾ ŠæŠ¾Š»Šµ ŠæустŠ¾, тŠ¾ Š½Š¾Š²Š°Ń Š³Ń€ŃƒŠæŠæŠ° Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½Š° с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š° GID Š±ŃƒŠ“ŠµŃ‚ Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½ -\fBnewusers\fR -Š°Š²Ń‚Š¾Š¼Š°Ń‚ŠøчŠµŃŠŗŠø (Š“Š»Ń ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ ID ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Šø GID Š½Š¾Š²Š¾Š¹ Š³Ń€ŃƒŠæŠæы)\&. -.sp -Š•ŃŠ»Šø ŠæŠ¾Š»Šµ сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ¼Ń Š³Ń€ŃƒŠæŠæы, ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ (Šø ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š½Šµ Š±Ń‹Š»Š° сŠ¾Š·Š“Š°Š½Š° -\fBnewusers\fR -рŠ°Š½ŠµŠµ), тŠ¾ Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½Š° Š½Š¾Š²Š°Ń Š³Ń€ŃƒŠæŠæŠ° с уŠŗŠ°Š·Š°Š½Š½Ń‹Š¼ ŠøŠ¼ŠµŠ½ŠµŠ¼, GID Š±ŃƒŠ“ŠµŃ‚ Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½ -\fBnewusers\fR -Š°Š²Ń‚Š¾Š¼Š°Ń‚ŠøчŠµŃŠŗŠø (Š“Š»Ń ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ ID ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Šø GID Š½Š¾Š²Š¾Š¹ Š³Ń€ŃƒŠæŠæы)\&. -.RE -.PP -\fIpw_gecos\fR -.RS 4 -Š­Ń‚Š¾ ŠæŠ¾Š»Šµ ŠŗŠ¾ŠæŠøруŠµŃ‚ся Š² ŠæŠ¾Š»Šµ GECOS Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fIpw_dir\fR -.RS 4 -Š­Ń‚Š¾ ŠæŠ¾Š»Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -Š•ŃŠ»Šø этŠ¾ ŠæŠ¾Š»Šµ уŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ Š½Š° Š½ŠµŃŃƒŃ‰ŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³, тŠ¾ уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ сŠ¾Š·Š“Š°Ń‘Ń‚ŃŃ, ŠµŠ³Š¾ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†ŠµŠ¼ Š½Š°Š·Š½Š°Ń‡Š°ŠµŃ‚ся сŠ¾Š·Š“Š°Š²Š°ŠµŠ¼Ń‹Š¹ ŠøŠ»Šø Š¾Š±Š½Š¾Š²Š»ŃŠµŠ¼Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Šø ŠµŠ³Š¾ ŠæŠµŃ€Š²ŠøчŠ½Š°Ń Š³Ń€ŃƒŠæŠæŠ°\&. -.sp -Š•ŃŠ»Šø ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ся Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠµŠ³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, тŠ¾ ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBnewusers\fR -Š½Šµ ŠæŠµŃ€ŠµŠ¼ŠµŃ‰Š°ŠµŃ‚ ŠøŠ»Šø ŠŗŠ¾ŠæŠøруŠµŃ‚ сŠ¾Š“ŠµŃ€Š¶ŠøŠ¼Š¾Šµ стŠ°Ń€Š¾Š³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° Š² Š½Š¾Š²Š¾Šµ Š¼ŠµŃŃ‚Š¾\&. Š­Ń‚Š¾ Š½ŃƒŠ¶Š½Š¾ Š²Ń‹ŠæŠ¾Š»Š½Šøть Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ\&. -.RE -.PP -\fIpw_shell\fR -.RS 4 -Š’ этŠ¾Š¼ ŠæŠ¾Š»Šµ Š·Š°Š“Š°Ń‘Ń‚ŃŃ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ°Ń Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ°\&. ŠŠøŠŗŠ°ŠŗŠøх ŠæрŠ¾Š²ŠµŃ€Š¾Šŗ ŠæŠ¾Š»Ń Š½Šµ Š“ŠµŠ»Š°ŠµŃ‚ся\&. -.RE -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBnewusers\fR -сŠ½Š°Ń‡Š°Š»Š° ŠæытŠ°ŠµŃ‚ся сŠ¾Š·Š“Š°Ń‚ŃŒ ŠøŠ»Šø ŠøŠ·Š¼ŠµŠ½Šøть Š²ŃŠµŃ… уŠŗŠ°Š·Š°Š½Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, Š° Š·Š°Ń‚ŠµŠ¼ Š·Š°ŠæŠøсŠ°Ń‚ŃŒ этŠø ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² Š±Š°Š·Ń‹ Š“Š°Š½Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠøŠ»Šø Š³Ń€ŃƒŠæŠæ\&. Š•ŃŠ»Šø ŠæрŠ¾ŠøсхŠ¾Š“Šøт Š¾ŃˆŠøŠ±ŠŗŠ° (ŠŗрŠ¾Š¼Šµ Š¾ŃˆŠøŠ±Š¾Šŗ ŠæрŠø ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ Š·Š°ŠæŠøсŠø Š² Š±Š°Š·Ń‹ Š“Š°Š½Š½Ń‹Ń…), тŠ¾ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² Š±Š°Š·Ń‹ Š½Šµ сŠ¾Ń…Ń€Š°Š½ŃŃŽŃ‚ся\&. -.PP -Š”Š°Š½Š½Š°Ń ŠŗŠ¾Š¼Š°Š½Š“Š° ŠæрŠµŠ“Š½Š°Š·Š½Š°Ń‡ŠµŠ½Š° Š“Š»Ń рŠ°Š±Š¾Ń‚Ń‹ Š² ŠŗруŠæŠ½Ń‹Ń… сŠøстŠµŠ¼Š½Ń‹Ń… срŠµŠ“Š°Ń…, Š³Š“Šµ Š·Š° Š¾Š“ŠøŠ½ рŠ°Š· Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ся Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠ¾ учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBnewusers\fR: -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ Š¼ŠµŃ‚Š¾Š“ Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹Šµ Š¼ŠµŃ‚Š¾Š“ы: DES, MD5, NONE Šø SHA256 ŠøŠ»Šø SHA512, ŠµŃŠ»Šø этŠø Š¼ŠµŃ‚Š¾Š“ы ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся libc\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Š”Š¾Š·Š“Š°Ń‚ŃŒ сŠøстŠµŠ¼Š½ŃƒŃŽ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь\&. -.sp -Š”ŠøстŠµŠ¼Š½Ń‹Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø сŠ¾Š·Š“Š°ŃŽŃ‚ся Š±ŠµŠ· ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø Š² -/etc/shadow, Šø Šøх чŠøсŠ»Š¾Š²Ń‹Šµ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ń‹ Š²Ń‹Š±ŠøрŠ°ŃŽŃ‚ся ŠøŠ· Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Š° -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR, Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Š¾Š³Š¾ Š² -login\&.defs, Š° Š½Šµ ŠøŠ· -\fBUID_MIN\fR\-\fBUID_MAX\fR -(этŠ¾ Š¶Šµ ŠŗŠ°ŃŠ°ŠµŃ‚ся Šø чŠ°ŃŃ‚Šø с -\fBGID\fR -ŠæрŠø сŠ¾Š·Š“Š°Š½ŠøŠø Š³Ń€ŃƒŠæŠæ)\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ 0 Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ сŠøстŠµŠ¼Š° Š²Ń‹Š±ŠµŃ€ŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń Š²Ń‹Š±Ń€Š°Š½Š½Š¾Š³Š¾ Š¼ŠµŃ‚Š¾Š“Š° шŠøфрŠ¾Š²Š°Š½Šøя (5000)\&. -.sp -ŠœŠøŠ½ŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ 1000, Š° Š¼Š°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ 999,999,999\&. -.sp -Š’Ń‹ Š¼Š¾Š¶ŠµŃ‚Šµ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ тŠ¾Š»ŃŒŠŗŠ¾ ŠæрŠø Š¼ŠµŃ‚Š¾Š“Šµ шŠøфрŠ¾Š²Š°Š½Šøя SHA256 ŠøŠ»Šø SHA512\&. -.sp -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Š¼Šø SHA_CRYPT_MIN_ROUNDS Šø SHA_CRYPT_MAX_ROUNDS ŠøŠ· -/etc/login\&.defs\&. -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š¤Š°Š¹Š» с Š²Ń…Š¾Š“Š½Ń‹Š¼Šø Š“Š°Š½Š½Ń‹Š¼Šø Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š·Š°Ń‰ŠøщёŠ½, тŠ°Šŗ ŠŗŠ°Šŗ Š² Š½Ń‘Š¼ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ся Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø\&. -.PP -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š²ŠµŃ€Šøть, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Šø Š¼ŠµŃ‚Š¾Š“ шŠøфрŠ¾Š²Š°Š½Šøя сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŠµŃ‚ ŠæŠ¾Š»ŠøтŠøŠŗŠµ сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBENCRYPT_METHOD\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ сŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»ŠµŠ¹ (ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся, ŠµŃŠ»Šø Š°Š»Š³Š¾Ń€ŠøтŠ¼ Š½Šµ уŠŗŠ°Š·Š°Š½ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š’Š¾Š·Š¼Š¾Š¶Š½Ń‹ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -\fIDES\fR -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBMD5_CRYPT_ENAB\fR\&. -.RE -.PP -\fBGID_MAX\fR (чŠøсŠ»Š¾), \fBGID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæ, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR, -\fBgroupadd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя Š¾Š±Ń‹Ń‡Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBGID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBGID_MAX\fR) рŠ°Š²Š½Š¾ 1000 (сŠ¾Š¾Ń‚Š²\&. 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠ±Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š¾Š»Š¶ŠµŠ½ Š±Ń‹Ń‚ŃŒ Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š½Š¾Š²Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š±ŃƒŠ“ут Š·Š°ŃˆŠøфрŠ¾Š²Š°Š½Ń‹ ŠæŠ¾ Š°Š»Š³Š¾Ń€ŠøтŠ¼Ńƒ Š½Š° Š¾ŃŠ½Š¾Š²Šµ MD5, сŠ¾Š²Š¼ŠµŃŃ‚ŠøŠ¼Š¾Š¼Ńƒ с ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¼ Š² Š½Š¾Š²Ń‹Ń… Š²ŠµŃ€ŃŠøях FreeBSD\&. ŠžŠ½ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø Š½ŠµŠ¾Š³Ń€Š°Š½ŠøчŠµŠ½Š½Š¾Š¹ Š“Š»ŠøŠ½Ń‹ Šø ŠøŠ¼ŠµŠµŃ‚ Š±Š¾Š»ŠµŠµ Š“Š»ŠøŠ½Š½ŃƒŃŽ стрŠ¾Šŗу сŠ¾Š»Šø\&. Š£ŃŃ‚Š°Š½Š¾Š²ŠøтŠµ Š² -\fIno\fR, ŠµŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ ŠŗŠ¾ŠæŠøрŠ¾Š²Š°Ń‚ŃŒ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Šµ ŠæŠ°Ń€Š¾Š»Šø Š² Š“руŠ³ŠøŠµ сŠøстŠµŠ¼Ń‹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š½Šµ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŃŽŃ‚ Š½Š¾Š²Ń‹Š¹ Š°Š»Š³Š¾Ń€ŠøтŠ¼\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -\fIno\fR\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBENCRYPT_METHOD\fR -ŠøŠ»Šø Š»ŃŽŠ±Ń‹Š¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š·Š°Š“Š°Ń‘Ń‚ Š°Š»Š³Š¾Ń€ŠøтŠ¼ шŠøфрŠ¾Š²Š°Š½Šøя\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń устŠ°Ń€ŠµŠ»Š°; ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š¾Š»ŃŒ стŠ°Ń€ŠµŠµ этŠ¾Š³Š¾ чŠøсŠ»Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæрŠ¾Ń†ŠµŠ“урŠ° сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š¼ŠµŠ¶Š“у ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøяŠ¼Šø ŠæŠ°Ń€Š¾Š»Ń\&. Š›ŃŽŠ±Š°Ń сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń рŠ°Š½ŠµŠµ Š·Š°Š“Š°Š½Š½Š¾Š³Š¾ срŠ¾ŠŗŠ° Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š° Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (чŠøсŠ»Š¾) -.RS 4 -Š§ŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š·Š° ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š½Š°Ń‡Š½Ń‘Ń‚ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń\&. ŠŃƒŠ»ŠµŠ²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Ń‘Ń‚ŃŃ Š² Š“ŠµŠ½ŃŒ устŠ°Ń€ŠµŠ²Š°Š½Šøя, ŠæрŠø Š¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠø ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, Š²Ń‹Š“Š°Ń‡Š° ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾Ń‚ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ся\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (чŠøсŠ»Š¾), \fBSHA_CRYPT_MAX_ROUNDS\fR (чŠøсŠ»Š¾) -.RS 4 -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBENCRYPT_METHOD\fR -рŠ°Š²Š½Š¾ -\fISHA256\fR -ŠøŠ»Šø -\fISHA512\fR, этŠ° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² SHA, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Ń… Š°Š»Š³Š¾Ń€ŠøтŠ¼Š¾Š¼ шŠøфрŠ¾Š²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ рŠ°ŃƒŠ½Š“Š¾Š² Š½Šµ Š·Š°Š“Š°Š½Š¾ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.sp -Š£Š²ŠµŠ»ŠøчŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾Š²Ń‹ŃˆŠ°ŠµŃ‚ сŠ»Š¾Š¶Š½Š¾ŃŃ‚ŃŒ ŠæŠ¾Š“Š±Š¾Ń€Š° ŠæŠ°Ń€Š¾Š»Ń ŠæрŠ¾ŃŃ‚Ń‹Š¼ ŠæŠµŃ€ŠµŠ±Š¾Ń€Š¾Š¼\&. ŠŠ¾ Š·Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ ŠæрŠø этŠ¾Š¼ Š“Š»Ń Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ трŠµŠ±ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š½Ń‹Ń… рŠµŃŃƒŃ€ŃŠ¾Š²\&. -.sp -Š•ŃŠ»Šø Š½Šµ Š·Š°Š“Š°Š½Š°, тŠ¾ libc Š²Ń‹Š±ŠøрŠ°ŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š° рŠ°ŃƒŠ½Š“Š¾Š² ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (5000)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½Šøя Š“Š¾Š»Š¶Š½Ń‹ Š»ŠµŠ¶Š°Ń‚ŃŒ Š² Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Šµ 1000\-999999999\&. -.sp -Š•ŃŠ»Šø Š·Š°Š“Š°Š½Š¾ ŠŗŠ°ŠŗŠ¾Šµ\-тŠ¾ Š¾Š“Š½Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \(em -\fBSHA_CRYPT_MIN_ROUNDS\fR -ŠøŠ»Šø -\fBSHA_CRYPT_MAX_ROUNDS\fR -\(em тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š¾ этŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.sp -Š•ŃŠ»Šø -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š±Š¾Š»ŃŒŃˆŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (чŠøсŠ»Š¾), \fBSYS_GID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæ, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR, -\fBgroupadd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя сŠøстŠµŠ¼Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBSYS_GID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&.\fBSYS_GID_MAX\fR) рŠ°Š²Š½Š¾ 101 (сŠ¾Š¾Ń‚Š²\&. -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (чŠøсŠ»Š¾), \fBSYS_UID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBSYS_UID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBSYS_UID_MAX\fR) рŠ°Š²Š½Š¾ 101 (сŠ¾Š¾Ń‚Š²\&. -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBUID_MAX\fR (чŠøсŠ»Š¾), \fBUID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя Š¾Š±Ń‹Ń‡Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBUID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBUID_MAX\fR) рŠ°Š²Š½Š¾ 1000 (сŠ¾Š¾Ń‚Š²\&. 60000)\&. -.RE -.PP -\fBUMASK\fR (чŠøсŠ»Š¾) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š°ŃŠŗŠø Š“Š¾ŃŃ‚ŃƒŠæŠ° Š“Š»Ń сŠ¾Š·Š“Š°Š²Š°ŠµŠ¼Ń‹Ń… фŠ°Š¹Š»Š¾Š²\&. Š•ŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½Š¾, тŠ¾ Š¼Š°ŃŠŗŠ° устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŠµŃ‚ся Š² 022\&. -.sp -ŠšŠ¾Š¼Š°Š½Š“ы -\fBuseradd\fR -Šø -\fBnewusers\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ эту Š¼Š°ŃŠŗу Š“Š»Ń устŠ°Š½Š¾Š²ŠŗŠø ŠæрŠ°Š² Š“Š¾ŃŃ‚ŃƒŠæŠ° Šŗ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼Ńƒ ŠŗŠ°Ń‚Š°Š»Š¾Š³Ńƒ, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š¾Š½Šø сŠ¾Š·Š“Š°ŃŽŃ‚\&. -.sp -Š¢Š°ŠŗŠ¶Šµ Š¾Š½Š° ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š¾Š¹ -\fBlogin\fR -Š“Š»Ń Š·Š°Š“Š°Š½Šøя Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ Š·Š½Š°Ń‡ŠµŠ½Šøя umask ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ° Š¼Š°ŃŠŗŠ° Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š° ŠøŠ· ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š¹ стрŠ¾ŠŗŠø GECOS (ŠµŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń -\fBQUOTAS_ENAB\fR) ŠøŠ»Šø уŠŗŠ°Š·Š°Š½ŠøŠµŠ¼ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя с ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š¼ -\fIK\fR, Š² -\fBlimits\fR(5)\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin.defs\fR(5), -\fBpasswd\fR(1), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/ru/man8/nologin.8 b/man/ru/man8/nologin.8 deleted file mode 100644 index 63c11647..00000000 --- a/man/ru/man8/nologin.8 +++ /dev/null @@ -1,51 +0,0 @@ -'\" t -.\" Title: nologin -.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "nologin" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -nologin \- Š²ŠµŠ¶Š»ŠøŠ²Š¾ Š¾Ń‚ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ Š²Š¾ Š²Ń…Š¾Š“Šµ Š² сŠøстŠµŠ¼Ńƒ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBnologin\fR\ 'u -\fBnologin\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBnologin\fR -Š²Ń‹Š“Š°Ń‘Ń‚ сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠµ, чтŠ¾ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š½ŠµŠ“Š¾ŃŃ‚ŃƒŠæŠ½Š° Šø Š·Š°Š²ŠµŃ€ŃˆŠ°ŠµŃ‚ рŠ°Š±Š¾Ń‚Ńƒ с Š½ŠµŠ½ŃƒŠ»ŠµŠ²Ń‹Š¼ ŠŗŠ¾Š“Š¾Š¼ Š²Š¾Š·Š²Ń€Š°Ń‚Š°\&. ŠžŠ½Š° ŠæрŠµŠ“Š½Š°Š·Š½Š°Ń‡ŠµŠ½Š° Š“Š»Ń Š·Š°Š¼ŠµŠ½Ń‹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Š² ŠæŠ¾Š»Šµ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø у Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š½Ń‹Ń… учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹\&. -.PP -Š§Ń‚Š¾Š±Ń‹ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ Š²ŃŠµ учётŠ½Ń‹Šµ Š·Š°ŠæŠøсŠø ŠæŠ¾ŃŠ¼Š¾Ń‚Ń€ŠøтŠµ сŠæрŠ°Š²Š¾Ń‡Š½ŃƒŃŽ стрŠ°Š½Šøцу -\fBnologin\fR(5)\&. -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin\fR(1), -\fBnologin\fR(5)\&. -.SH "Š˜Š”Š¢ŠžŠ Š˜ŠÆ" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBnologin\fR -Š²ŠæŠµŃ€Š²Ń‹Šµ ŠæŠ¾ŃŠ²ŠøŠ»Š°ŃŃŒ Š² BSD 4\&.4\&. diff --git a/man/ru/man8/pwck.8 b/man/ru/man8/pwck.8 deleted file mode 100644 index 39056f22..00000000 --- a/man/ru/man8/pwck.8 +++ /dev/null @@ -1,316 +0,0 @@ -'\" t -.\" Title: pwck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "pwck" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -pwck \- ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ цŠµŠ»Š¾ŃŃ‚Š½Š¾ŃŃ‚ŃŒ фŠ°Š¹Š»Š¾Š² ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBpwck\fR\ 'u -\fBpwck\fR [ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Š° -\fBpwck\fR -ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ цŠµŠ»Š¾ŃŃ‚Š½Š¾ŃŃ‚ŃŒ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… Šø Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø\&. ŠŸŃ€Š¾Š²ŠµŃ€ŃŠµŃ‚ся фŠ¾Ń€Š¼Š°Ń‚ Š²ŃŠµŃ… Š·Š°ŠæŠøсŠµŠ¹ фŠ°Š¹Š»Š¾Š² -/etc/passwd -Šø -/etc/shadow -Šø ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ Š“Š°Š½Š½Ń‹Ń… ŠŗŠ°Š¶Š“Š¾Š³Š¾ ŠæŠ¾Š»Ń\&. Š’ сŠ»ŃƒŃ‡Š°Šµ Š¾Š±Š½Š°Ń€ŃƒŠ¶ŠµŠ½Šøя Š¾ŃˆŠøŠ±Š¾Šŗ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠæрŠµŠ“Š»Š°Š³Š°ŠµŃ‚ся ŠæŠ¾Š“тŠ²ŠµŃ€Š“Šøть уŠ“Š°Š»ŠµŠ½ŠøŠµ Š·Š°ŠæŠøсŠµŠ¹, ŠøŠ¼ŠµŃŽŃ‰Šøх Š½ŠµŠ²ŠµŃ€Š½Ń‹Š¹ фŠ¾Ń€Š¼Š°Ń‚ ŠøŠ»Šø Š²Š¾ŃŃŃ‚Š°Š½Š¾Š²Š»ŠµŠ½ŠøŠµ ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… Š½ŠµŠ²Š¾Š·Š¼Š¾Š¶Š½Š¾\&. -.PP -Š’Ń‹ŠæŠ¾Š»Š½ŃŃŽŃ‚ся сŠ»ŠµŠ“ующŠøŠµ ŠæрŠ¾Š²ŠµŃ€ŠŗŠø: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠæрŠ°Š²ŠøŠ»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæŠ¾Š»ŠµŠ¹ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Š¾ŃŃ‚ŃŒ Šø ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ ŠøŠ¼ŠµŠ½Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Šø Š³Ń€ŃƒŠæŠæы -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾ŃŃ‚ŃŒ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø -.RE -.PP -ŠŸŃ€Š¾Š²ŠµŃ€ŠŗŠø -shadow -Š²Ń‹ŠæŠ¾Š»Š½ŃŃŽŃ‚ся, ŠµŃŠ»Šø уŠŗŠ°Š·Š°Š½ Š²Ń‚Š¾Ń€Š¾Š¹ фŠ°Š¹Š»Š¾Š²Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøŠ»Šø ŠŗŠ¾Š³Š“Š° Š² сŠøстŠµŠ¼Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ фŠ°Š¹Š» -/etc/shadow\&. -.PP -Š’Ń‹ŠæŠ¾Š»Š½ŃŃŽŃ‚ся сŠ»ŠµŠ“ующŠøŠµ ŠæрŠ¾Š²ŠµŃ€ŠŗŠø: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -чтŠ¾ ŠŗŠ°Š¶Š“Š°Ń Š·Š°ŠæŠøсь passwd ŠøŠ¼ŠµŠµŃ‚ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŃƒŃŽ Š·Š°ŠæŠøсь shadow Šø ŠŗŠ°Š¶Š“Š°Ń Š·Š°ŠæŠøсь shadow ŠøŠ¼ŠµŠµŃ‚ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŃƒŃŽ Š·Š°ŠæŠøсь passwd -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ŠæŠ°Ń€Š¾Š»Šø уŠŗŠ°Š·Š°Š½Ń‹ Š² тŠµŠ½ŠµŠ²Š¾Š¼ фŠ°Š¹Š»Šµ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Š·Š°ŠæŠøсŠø shadow сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ ŠŗŠ¾Ń€Ń€ŠµŠŗтŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ ŠæŠ¾Š»ŠµŠ¹ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Š·Š°ŠæŠøсŠø shadow уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹ Š² shadow -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Š“Š°Ń‚Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠµŠ¹ сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń Š½Šµ Š½Š°Ń…Š¾Š“Šøтся Š² Š±ŃƒŠ“ущŠµŠ¼ -.RE -.PP -ŠžŃˆŠøŠ±ŠŗŠø Š² ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Šµ ŠæŠ¾Š»ŠµŠ¹ Šø уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Š¾ŃŃ‚Šø ŠøŠ¼Ń‘Š½ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š½ŠµŠ²Š¾ŃŃŃ‚Š°Š½Š¾Š²ŠøŠ¼Ń‹\&. Š•ŃŠ»Šø Š·Š°ŠæŠøсь сŠ¾Š“ŠµŃ€Š¶Šøт Š½ŠµŠ²ŠµŃ€Š½Š¾Šµ чŠøсŠ»Š¾ ŠæŠ¾Š»ŠµŠ¹, ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠæŠ¾ŠæрŠ¾ŃŃŃ‚ ŠæŠ¾Š“тŠ²ŠµŃ€Š“Šøть уŠ“Š°Š»ŠµŠ½ŠøŠµ Š²ŃŠµŠ¹ Š·Š°ŠæŠøсŠø\&. Š•ŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¾Ń‚Š²ŠµŃ‚Šøт Š¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾, Š“Š°Š»ŃŒŠ½ŠµŠ¹ŃˆŠ°Ń ŠæрŠ¾Š²ŠµŃ€ŠŗŠ° Š²Ń‹ŠæŠ¾Š»Š½ŃŃ‚ŃŒŃŃ Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. ŠŸŃ€Šø Š¾ŃˆŠøŠ±ŠŗŠµ ŠæŠ¾Š²Ń‚Š¾Ń€ŠµŠ½Šøя ŠøŠ¼ŠµŠ½Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń тŠ°ŠŗŠ¶Šµ Š²Š¾Š·Š½ŠøŠŗŠ°ŠµŃ‚ Š·Š°ŠæрŠ¾Ń Š½Š° уŠ“Š°Š»ŠµŠ½ŠøŠµ, Š½Š¾ Š² сŠ»ŃƒŃ‡Š°Šµ Š¾Ń‚ŠŗŠ°Š·Š° ŠæрŠ¾Š²ŠµŃ€ŠŗŠ° Š±ŃƒŠ“ŠµŃ‚ ŠæрŠ¾Š“Š¾Š»Š¶ŠµŠ½Š°\&. ŠžŠ±Š¾ Š²ŃŠµŃ… Š¾ŃŃ‚Š°Š»ŃŒŠ½Ń‹Ń… Š¾ŃˆŠøŠ±ŠŗŠ°Ń… Š²Ń‹Š²Š¾Š“Šøтся ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ ŠæрŠµŠ“Š»Š°Š³Š°ŠµŃ‚ся Š·Š°ŠæустŠøть ŠŗŠ¾Š¼Š°Š½Š“у -\fBusermod\fR, чтŠ¾Š±Ń‹ ŠøсŠæрŠ°Š²Šøть Š¾ŃˆŠøŠ±Šŗу\&. -.PP -ŠšŠ¾Š¼Š°Š½Š“ы, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ рŠ°Š±Š¾Ń‚Š°ŃŽŃ‚ с фŠ°Š¹Š»Š¾Š¼ -/etc/passwd, Š½Šµ Š¼Š¾Š³ŃƒŃ‚ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ ŠæŠ¾Š²Ń€ŠµŠ¶Š“ёŠ½Š½Ń‹Šµ ŠøŠ»Šø Š“уŠ±Š»ŠøрующŠøŠµŃŃ Š·Š°ŠæŠøсŠø\&. ŠšŠ°Šŗ рŠ°Š· Š² этŠ¾Š¼ сŠ»ŃƒŃ‡Š°Šµ Šø Š½ŃƒŠ¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ -\fBpwck\fR -Š“Š»Ń уŠ“Š°Š»ŠµŠ½Šøя ŠøсŠæŠ¾Ń€Ń‡ŠµŠ½Š½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры -\fB\-r\fR, -\fB\-s\fR -Š½Šµ Š¼Š¾Š³ŃƒŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š¾Š“Š½Š¾Š²Ń€ŠµŠ¼ŠµŠ½Š½Š¾\&. -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBpwck\fR: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Š”Š¾Š¾Š±Ń‰Š°Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ Š¾Š± Š¾ŃˆŠøŠ±ŠŗŠ°Ń…\&. ŠŸŃ€ŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š½Šµ трŠµŠ±ŃƒŃŽŃ‚ Š¾Ń‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š½ŠøŠŗŠ°ŠŗŠøх Š“ŠµŠ¹ŃŃ‚Š²ŠøŠ¹, ŠæŠ¾ŠŗŠ°Š·Š°Š½Ń‹ Š½Šµ Š±ŃƒŠ“ут\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½ŃŃ‚ŃŒ ŠŗŠ¾Š¼Š°Š½Š“у -\fBpwck\fR -Š² рŠµŠ¶ŠøŠ¼Šµ \(FoтŠ¾Š»ŃŒŠŗŠ¾ чтŠµŠ½ŠøŠµ\(Fc\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -ŠžŃ‚сŠ¾Ń€Ń‚ŠøрŠ¾Š²Š°Ń‚ŃŒ Š²ŃŠµ Š·Š°ŠæŠøсŠø Š² фŠ°Š¹Š»Š°Ń… -/etc/passwd -Šø -/etc/shadow -ŠæŠ¾ чŠøсŠ»Š¾Š²Š¾Š¼Ńƒ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBpwck\fR -рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ с фŠ°Š¹Š»Š°Š¼Šø -/etc/passwd -Šø -/etc/shadow\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š¼Š¾Š¶ŠµŃ‚ уŠŗŠ°Š·Š°Ń‚ŃŒ Š“руŠ³ŠøŠµ фŠ°Š¹Š»Ń‹ с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² -\fIpasswd\fR -Šø -\fIshadow\fR\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBPASS_MAX_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š¾Š»ŃŒ стŠ°Ń€ŠµŠµ этŠ¾Š³Š¾ чŠøсŠ»Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæрŠ¾Ń†ŠµŠ“урŠ° сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š¼ŠµŠ¶Š“у ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøяŠ¼Šø ŠæŠ°Ń€Š¾Š»Ń\&. Š›ŃŽŠ±Š°Ń сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń рŠ°Š½ŠµŠµ Š·Š°Š“Š°Š½Š½Š¾Š³Š¾ срŠ¾ŠŗŠ° Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š° Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (чŠøсŠ»Š¾) -.RS 4 -Š§ŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š·Š° ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š½Š°Ń‡Š½Ń‘Ń‚ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń\&. ŠŃƒŠ»ŠµŠ²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Ń‘Ń‚ŃŃ Š² Š“ŠµŠ½ŃŒ устŠ°Ń€ŠµŠ²Š°Š½Šøя, ŠæрŠø Š¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠø ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, Š²Ń‹Š“Š°Ń‡Š° ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾Ń‚ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ся\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBpwck\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI1\fR -.RS 4 -Š¾ŃˆŠøŠ±ŠŗŠ° Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Ń… ŠŗŠ¾Š¼Š°Š½Š“ы -.RE -.PP -\fI2\fR -.RS 4 -ŠµŃŃ‚ŃŒ Š¾Š“Š½Š° ŠøŠ»Šø Š±Š¾Š»ŠµŠµ Š·Š°ŠæŠøсŠµŠ¹ с Š½ŠµŠ“Š¾ŠæустŠøŠ¼Ń‹Š¼Šø ŠæŠ°Ń€Š¾Š»ŃŠ¼Šø -.RE -.PP -\fI3\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ Š¾Ń‚Šŗрыть фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -\fI4\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -\fI5\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -\fI6\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ Š¾Ń‚сŠ¾Ń€Ń‚ŠøрŠ¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBusermod\fR(8)\&. diff --git a/man/ru/man8/pwconv.8 b/man/ru/man8/pwconv.8 deleted file mode 100644 index d9c67d99..00000000 --- a/man/ru/man8/pwconv.8 +++ /dev/null @@ -1,192 +0,0 @@ -'\" t -.\" Title: pwconv -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "pwconv" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -pwconv, pwunconv, grpconv, grpunconv \- ŠæрŠµŠ¾Š±Ń€Š°Š·ŃƒŠµŃ‚ ŠæŠ°Ń€Š¾Š»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Šø Š³Ń€ŃƒŠæŠæ Š²/ŠøŠ· Š·Š°Ń‰ŠøщёŠ½Š½ŃƒŃŽ фŠ¾Ń€Š¼Ńƒ -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBpwconv\fR\ 'u -\fBpwconv\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.HP \w'\fBpwunconv\fR\ 'u -\fBpwunconv\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.HP \w'\fBgrpconv\fR\ 'u -\fBgrpconv\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.HP \w'\fBgrpunconv\fR\ 'u -\fBgrpunconv\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBpwconv\fR -сŠ¾Š·Š“Š°Ń‘Ń‚ фŠ°Š¹Š» -\fIshadow\fR -ŠøŠ· фŠ°Š¹Š»Š° -\fIpasswd\fR -Šø Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Š¾ сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠµŠ³Š¾ фŠ°Š¹Š»Š° -\fIshadow\fR\&. -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBpwunconv\fR -сŠ¾Š·Š“Š°Ń‘Ń‚ фŠ°Š¹Š» -\fIpasswd\fR -ŠøŠ· фŠ°Š¹Š»Š¾Š² -\fIpasswd\fR -Šø -\fIshadow\fR, Š° Š·Š°Ń‚ŠµŠ¼ уŠ“Š°Š»ŃŠµŃ‚ фŠ°Š¹Š» -\fIshadow\fR\&. -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBgrpconv\fR -сŠ¾Š·Š“Š°Ń‘Ń‚ фŠ°Š¹Š» -\fIgshadow\fR -ŠøŠ· фŠ°Š¹Š»Š° -\fIgroup\fR -Šø Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Š¾ сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŠµŠ³Š¾ фŠ°Š¹Š»Š° -\fIgshadow\fR\&. -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBgrpunconv\fR -сŠ¾Š·Š“Š°Ń‘Ń‚ фŠ°Š¹Š» -\fIgroup\fR -ŠøŠ· фŠ°Š¹Š»Š¾Š² -\fIgroup\fR -Šø -\fIgshadow\fR, Š° Š·Š°Ń‚ŠµŠ¼ уŠ“Š°Š»ŃŠµŃ‚ фŠ°Š¹Š» -\fIgshadow\fR\&. -.PP -Š­Ń‚Šø чŠµŃ‚Ń‹Ń€Šµ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ рŠ°Š±Š¾Ń‚Š°ŃŽŃ‚ с фŠ°Š¹Š»Š°Š¼Šø Š¾Š±Ń‹Ń‡Š½Ń‹Ń… ŠøŠ»Šø тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Šø Š³Ń€ŃƒŠæŠæ: -/etc/passwd, -/etc/group, -/etc/shadow -Šø -/etc/gshadow\&. -.PP -ŠšŠ°Š¶Š“Š°Ń ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Ń‹Šµ Š±Š»Š¾ŠŗŠøрŠ¾Š²ŠŗŠø ŠæŠµŃ€ŠµŠ“ ŠæрŠµŠ¾Š±Ń€Š°Š·Š¾Š²Š°Š½ŠøяŠ¼Šø\&. ŠšŠ¾Š¼Š°Š½Š“ы -\fBpwconv\fR -Šø -\fBgrpconv\fR -Š²Ń‹ŠæŠ¾Š»Š½ŃŃŽŃ‚ схŠ¾Š¶ŠøŠ¹ ŠæŠ¾Ń€ŃŠ“Š¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²ŠøŠ¹\&. Š”Š½Š°Ń‡Š°Š»Š° уŠ“Š°Š»ŃŃŽŃ‚ся Š·Š°ŠæŠøсŠø ŠøŠ· тŠµŠ½ŠµŠ²Š¾Š³Š¾ фŠ°Š¹Š»Š° ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… Š½ŠµŃ‚ Š² Š³Š»Š°Š²Š½Š¾Š¼ фŠ°Š¹Š»Šµ\&. Š—Š°Ń‚ŠµŠ¼ Š¾Š±Š½Š¾Š²Š»ŃŃŽŃ‚ся Š·Š°ŠæŠøсŠø Š² тŠµŠ½ŠµŠ²Š¾Š¼ фŠ°Š¹Š»Šµ ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š½Šµ сŠ¾Š“ŠµŃ€Š¶Š°Ń‚ \(Fox\(Fc Š²Š¼ŠµŃŃ‚Š¾ ŠæŠ°Ń€Š¾Š»Ń Š² Š³Š»Š°Š²Š½Š¾Š¼ фŠ°Š¹Š»Šµ\&. Š”Š°Š»ŠµŠµ Š“Š¾Š±Š°Š²Š»ŃŃŽŃ‚ся Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²ŃƒŃŽŃ‰ŠøŠµ тŠµŠ½ŠµŠ²Ń‹Šµ Š·Š°ŠæŠøсŠø\&. ŠŠ°ŠŗŠ¾Š½ŠµŃ†, ŠæŠ°Ń€Š¾Š»Šø Š² Š³Š»Š°Š²Š½Š¾Š¼ фŠ°Š¹Š»Šµ Š·Š°Š¼ŠµŠ½ŃŃŽŃ‚ся сŠøŠ¼Š²Š¾Š»Š¾Š¼ \(Fox\(Fc\&. Š”Š°Š½Š½Ń‹Šµ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠŗŠ°Šŗ Š“Š»Ń ŠæŠµŃ€Š²Š¾Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ ŠæрŠµŠ¾Š±Ń€Š°Š·Š¾Š²Š°Š½Šøя, тŠ°Šŗ Šø Š“Š»Ń Š¾Š±Š½Š¾Š²Š»ŠµŠ½Šøя тŠµŠ½ŠµŠ²Š¾Š³Š¾ фŠ°Š¹Š»Š°, ŠµŃŠ»Šø Š³Š»Š°Š²Š½Ń‹Š¹ фŠ°Š¹Š» рŠµŠ“Š°ŠŗтŠøрŠ¾Š²Š°Š»ŃŃ Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ\&. -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBpwconv\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Ń… -\fIPASS_MIN_DAYS\fR, -\fIPASS_MAX_DAYS\fR -Šø -\fIPASS_WARN_AGE\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/login\&.defs -ŠæрŠø Š“Š¾Š±Š°Š²Š»ŠµŠ½ŠøŠø Š½Š¾Š²Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹ Š² фŠ°Š¹Š» -/etc/shadow\&. -.PP -ŠŸŃ€Š¾Š³Ń€Š°Š¼Š¼Ń‹ -\fBpwunconv\fR -Šø -\fBgrpunconv\fR -тŠ°ŠŗŠ¶Šµ Š²Ń‹ŠæŠ¾Š»Š½ŃŃŽŃ‚ схŠ¾Š¶ŠøŠ¹ ŠæŠ¾Ń€ŃŠ“Š¾Šŗ Š“ŠµŠ¹ŃŃ‚Š²ŠøŠ¹\&. ŠŸŠ°Ń€Š¾Š»Šø Š² Š³Š»Š°Š²Š½Š¾Š¼ фŠ°Š¹Š»Šµ Š¾Š±Š½Š¾Š²Š»ŃŃŽŃ‚ся ŠøŠ· тŠµŠ½ŠµŠ²Š¾Š³Š¾ фŠ°Š¹Š»Š°\&. Š—Š°ŠæŠøсŠø, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ сущŠµŃŃ‚Š²ŃƒŃŽŃ‚ Š² Š³Š»Š°Š²Š½Š¾Š¼ фŠ°Š¹Š»Šµ, Š½Š¾ Š½Šµ сущŠµŃŃ‚Š²ŃƒŃŽŃ‚ Š² тŠµŠ½ŠµŠ²Š¾Š¼ фŠ°Š¹Š»Šµ Š¾ŃŃ‚Š°Š²Š»ŃŃŽŃ‚ся ŠŗŠ°Šŗ ŠµŃŃ‚ŃŒ\&. ŠŸŠ¾ Š¾ŠŗŠ¾Š½Ń‡Š°Š½ŠøŠø, тŠµŠ½ŠµŠ²Š¾Š¹ фŠ°Š¹Š» уŠ“Š°Š»ŃŠµŃ‚ся\&. Š˜Š½Ń„Š¾Ń€Š¼Š°Ń†Šøя Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń Š½Šµ учŠøтыŠ²Š°ŠµŃ‚ся ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š¾Š¹ -\fBpwunconv\fR\&. ŠšŠ¾Š½Š²ŠµŃ€Ń‚ŠøруŠµŃ‚ся тŠ¾Š»ŃŒŠŗŠ¾ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾Šµ\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры, ŠæрŠøŠ¼ŠµŠ½ŠøŠ¼Ń‹Šµ Šŗ -\fBpwconv\fR, -\fBpwunconv\fR, -\fBgrpconv\fR -Šø -\fBgrpunconv\fR: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.SH "ŠžŠØŠ˜Š‘ŠšŠ˜ Š Š•ŠŠ›Š˜Š—ŠŠ¦Š˜Š˜" -.PP -ŠžŃˆŠøŠ±ŠŗŠø Š² фŠ°Š¹Š»Š°Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ ŠøŠ»Šø Š³Ń€ŃƒŠæŠæ (тŠøŠæŠ° Š½ŠµŠ²ŠµŃ€Š½Ń‹Ń… ŠøŠ»Šø Š“уŠ±Š»ŠøрующŠøхся Š·Š°ŠæŠøсŠµŠ¹) Š¼Š¾Š³ŃƒŃ‚ Š·Š°Ń†ŠøŠŗŠ»Šøть ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ńƒ ŠøŠ»Šø ŠæрŠ¾ŠøŠ·Š¾Š¹Š“ут ŠŗŠ°ŠŗŠøŠµ\-тŠ¾ Š“руŠ³ŠøŠµ стрŠ°Š½Š½Ń‹Šµ Š²ŠµŃ‰Šø\&. ŠŸŠµŃ€ŠµŠ“ ŠŗŠ¾Š½Š²ŠµŃ€Ń‚Š°Ń†ŠøŠµŠ¹ Š·Š°ŠæустŠøтŠµ -\fBpwck\fR -Šø -\fBgrpck\fR, чтŠ¾Š±Ń‹ ŠøсŠæрŠ°Š²Šøть Š²Š¾Š·Š¼Š¾Š¶Š½Ń‹Šµ Š¾ŃˆŠøŠ±ŠŗŠø\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -Š”Š»ŠµŠ“ующŠ°Ń ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø Š² -/etc/login\&.defs -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠ¾Š²ŠµŠ“ŠµŠ½ŠøŠµ -\fBgrpconv\fR -Šø -\fBgrpunconv\fR: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -Š”Š»ŠµŠ“ующŠ°Ń ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø Š² -/etc/login\&.defs -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠ¾Š²ŠµŠ“ŠµŠ½ŠøŠµ -\fBpwconv\fR: -.PP -\fBPASS_MAX_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š¾Š»ŃŒ стŠ°Ń€ŠµŠµ этŠ¾Š³Š¾ чŠøсŠ»Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæрŠ¾Ń†ŠµŠ“урŠ° сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š¼ŠµŠ¶Š“у ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøяŠ¼Šø ŠæŠ°Ń€Š¾Š»Ń\&. Š›ŃŽŠ±Š°Ń сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń рŠ°Š½ŠµŠµ Š·Š°Š“Š°Š½Š½Š¾Š³Š¾ срŠ¾ŠŗŠ° Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š° Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (чŠøсŠ»Š¾) -.RS 4 -Š§ŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š·Š° ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š½Š°Ń‡Š½Ń‘Ń‚ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń\&. ŠŃƒŠ»ŠµŠ²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Ń‘Ń‚ŃŃ Š² Š“ŠµŠ½ŃŒ устŠ°Ń€ŠµŠ²Š°Š½Šøя, ŠæрŠø Š¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠø ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, Š²Ń‹Š“Š°Ń‡Š° ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾Ń‚ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ся\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBgrpck\fR(8), -\fBlogin.defs\fR(5), -\fBpwck\fR(8)\&. diff --git a/man/ru/man8/pwunconv.8 b/man/ru/man8/pwunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/ru/man8/pwunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/ru/man8/sulogin.8 b/man/ru/man8/sulogin.8 deleted file mode 100644 index b508ef9c..00000000 --- a/man/ru/man8/sulogin.8 +++ /dev/null @@ -1,114 +0,0 @@ -'\" t -.\" Title: sulogin -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "sulogin" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -sulogin \- Single\-user login -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.PP -\fBsulogin\fR -[\fItty\-device\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -The -\fBsulogin\fR -command is invoked by -\fBinit\fR -prior to allowing the user access to the system when in single user mode\&. This feature may only be available on certain systems where -\fBinit\fR -has been modified accordingly, or where the -/etc/inittab -has an entry for a single user login\&. -.PP -The user is prompted -.PP -Type control\-d to proceed with normal startup, (or give root password for system maintenance): -.PP -Input and output will be performed with the standard file descriptors unless the optional device name argument is provided\&. -.PP -If the user enters the correct root password, a login session is initiated\&. When -\fIEOF\fR -is pressed instead, the system enters multi\-user mode\&. -.PP -After the user exits the single\-user shell, or presses -\fIEOF\fR, the system begins the initialization process required to enter multi\-user mode\&. -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -This command can only be used if -\fBinit\fR -has been modified to call -\fBsulogin\fR -instead of -/bin/sh, or if the user has set the -\fIinittab\fR -to support a single user login\&. For example, the line: -.PP -co:s:respawn:/etc/sulogin /dev/console -.PP -should execute the sulogin command in single user mode\&. -.PP -As complete an environment as possible is created\&. However, various devices may be unmounted or uninitialized and many of the user commands may be unavailable or nonfunctional as a result\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBENV_HZ\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя HZ ŠæрŠø Š²Ń…Š¾Š“Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² сŠøстŠµŠ¼Ńƒ\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ с -\fIHZ=\fR\&. ŠžŠ±Ń‹Ń‡Š½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š»Ń Linux \(em -\fIHZ=100\fR\&. -.RE -.PP -\fBENV_TZ\fR (стрŠ¾ŠŗŠ°) -.RS 4 -Š•ŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒŃŃ Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя TZ ŠæрŠø Š²Ń…Š¾Š“Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ рŠ°Š²Š½Š¾ ŠøŠ¼ŠµŠ½Šø чŠ°ŃŠ¾Š²Š¾Š³Š¾ ŠæŠ¾ŃŃŠ°, Š½Š°Ń‡ŠøŠ½Š°ŃŽŃ‰ŠµŠ³Š¾ŃŃ -\fITZ=\fR -(Š½Š°ŠæрŠøŠ¼ŠµŃ€, -\fITZ=CST6CDT\fR), ŠøŠ»Šø ŠæŠ¾Š»Š½Š¾Š¼Ńƒ ŠæутŠø Šŗ фŠ°Š¹Š»Ńƒ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø чŠ°ŃŠ¾Š²Š¾Š³Š¾ ŠæŠ¾ŃŃŠ° (Š½Š°ŠæрŠøŠ¼ŠµŃ€, -/etc/tzname)\&. -.sp -Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ¾Š»Š½Ń‹Š¹ Šæуть, Š½Š¾ фŠ°Š¹Š» Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ ŠøŠ»Šø Š½ŠµŠ“Š¾ŃŃ‚ŃƒŠæŠµŠ½ Š“Š»Ń чтŠµŠ½Šøя, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю: -\fITZ=CST6CDT\fR\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBlogin\fR(1), -\fBsh\fR(1), -\fBinit\fR(8)\&. diff --git a/man/ru/man8/useradd.8 b/man/ru/man8/useradd.8 deleted file mode 100644 index df88d6a1..00000000 --- a/man/ru/man8/useradd.8 +++ /dev/null @@ -1,737 +0,0 @@ -'\" t -.\" Title: useradd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "useradd" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -useradd \- рŠµŠ³ŠøстрŠøруŠµŃ‚ Š½Š¾Š²Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š¾ Š½Š¾Š²Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] \fIŠ£Š§ŠŠ¢ŠŠŠÆ_Š—ŠŠŸŠ˜Š”Š¬\fR -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠŸŃ€Šø Š·Š°ŠæусŠŗŠµ Š±ŠµŠ· ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -\fB\-D\fR -ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBuseradd\fR -сŠ¾Š·Š“Š°Ń‘Ń‚ Š½Š¾Š²ŃƒŃŽ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠøŠ· ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Šø сŠøстŠµŠ¼Š½Ń‹Šµ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. Š’ Š·Š°Š²ŠøсŠøŠ¼Š¾ŃŃ‚Šø Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø, ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBuseradd\fR -Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ сŠøстŠµŠ¼Š½Ń‹Šµ фŠ°Š¹Š»Ń‹, Š° тŠ°ŠŗŠ¶Šµ Š¼Š¾Š¶ŠµŃ‚ сŠ¾Š·Š“Š°Ń‚ŃŒ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š½Š¾Š²Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Šø сŠŗŠ¾ŠæŠøрŠ¾Š²Š°Ń‚ŃŒ Š½Š°Ń‡Š°Š»ŃŒŠ½Ń‹Šµ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾ŠµŠŗ\&. -.PP -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, Š“Š»Ń Š½Š¾Š²Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń тŠ°ŠŗŠ¶Šµ сŠ¾Š·Š“Š°Ń‘Ń‚ŃŃ Š³Ń€ŃƒŠæŠæŠ° (сŠ¼Š¾Ń‚Ń€ŠøтŠµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры -\fB\-g\fR, -\fB\-N\fR, -\fB\-U\fR -Šø -\fBUSERGROUPS_ENAB\fR)\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBuseradd\fR: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR \fIŠ‘ŠŠ—ŠžŠ’Š«Š™_ŠšŠŠ¢ŠŠ›ŠžŠ“\fR -.RS 4 -Š‘Š°Š·Š¾Š²Ń‹Š¹ сŠøстŠµŠ¼Š½Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠµŃŠ»Šø Š“руŠ³Š¾Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š½Šµ уŠŗŠ°Š·Š°Š½ с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -\fB\-d\fR\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIŠ‘ŠŠ—ŠžŠ’Š«Š™_ŠšŠŠ¢ŠŠ›ŠžŠ“\fR -Š¾Š±ŃŠŠµŠ“ŠøŠ½ŃŠµŃ‚ся с ŠøŠ¼ŠµŠ½ŠµŠ¼ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. Š•ŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-m\fR, тŠ¾ -\fIŠ‘ŠŠ—ŠžŠ’Š«Š™_ŠšŠŠ¢ŠŠ›ŠžŠ“\fR -Š“Š¾Š»Š¶ŠµŠ½ сущŠµŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.sp -Š•ŃŠ»Šø этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBuseradd\fR -Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š±Š°Š·Š¾Š²Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³, уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ Š² ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBHOME\fR -Š² фŠ°Š¹Š»Šµ -/etc/default/useradd -ŠøŠ½Š°Ń‡Šµ -/home -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю)\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fIŠšŠžŠœŠœŠ•ŠŠ¢ŠŠ Š˜Š™\fR -.RS 4 -Š›ŃŽŠ±Š°Ń тŠµŠŗстŠ¾Š²Š°Ń стрŠ¾ŠŗŠ°\&. ŠžŠ±Ń‹Ń‡Š½Š¾, Š·Š“ŠµŃŃŒ ŠŗŠ¾Ń€Š¾Ń‚ŠŗŠ¾ Š¾ŠæŠøсыŠ²Š°ŠµŃ‚ся учётŠ½Š°Ń Š·Š°ŠæŠøсь, Šø Š² Š½Š°ŃŃ‚Š¾ŃŃ‰ŠµŠµ Š²Ń€ŠµŠ¼Ń ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠŗŠ°Šŗ ŠæŠ¾Š»Šµ Š“Š»Ń ŠøŠ¼ŠµŠ½Šø Šø фŠ°Š¼ŠøŠ»ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\-dir\fR \fIŠ”ŠžŠœŠŠØŠŠ˜Š™_ŠšŠŠ¢ŠŠ›ŠžŠ“\fR -.RS 4 -Š”Š»Ń сŠ¾Š·Š“Š°Š²Š°ŠµŠ¼Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ ŠŗŠ°Ń‚Š°Š»Š¾Š³ -\fIŠ”ŠžŠœŠŠØŠŠ˜Š™_ŠšŠŠ¢ŠŠ›ŠžŠ“\fR -Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, этŠ¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾Š»ŃƒŃ‡Š°ŠµŃ‚ся Š¾Š±ŃŠŠµŠ“ŠøŠ½ŠµŠ½ŠøŠµŠ¼ -\fIŠ˜ŠœŠ•ŠŠ˜\fR -ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń с -\fIŠ‘ŠŠ—ŠžŠ’Š«Šœ_ŠšŠŠ¢ŠŠ›ŠžŠ“ŠžŠœ\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠŗŠ°Šŗ ŠøŠ¼Ń Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. ŠšŠ°Ń‚Š°Š»Š¾Š³ -\fIŠ”ŠžŠœŠŠØŠŠ˜Š™_ŠšŠŠ¢ŠŠ›ŠžŠ“\fR -Š½ŠµŠ¾Š±ŃŠ·Š°Ń‚ŠµŠ»ŃŒŠ½Š¾ Š“Š¾Š»Š¶ŠµŠ½ сущŠµŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ, Š½Š¾ Š½Šµ Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½, ŠµŃŠ»Šø ŠµŠ³Š¾ Š½ŠµŃ‚\&. -.RE -.PP -\fB\-D\fR, \fB\-\-defaults\fR -.RS 4 -Š”Š¼Š¾Ń‚Ń€ŠøтŠµ Š“Š°Š»ŠµŠµ Š² ŠæŠ¾Š“рŠ°Š·Š“ŠµŠ»Šµ \(FoŠ˜Š·Š¼ŠµŠ½ŠµŠ½ŠøŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\(Fc\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR \fIŠ”ŠŠ¢Š_Š£Š”Š¢ŠŠ Š•Š’ŠŠŠ˜ŠÆ\fR -.RS 4 -Š”Š°Ń‚Š°, ŠŗŠ¾Š³Š“Š° учётŠ½Š°Ń Š·Š°ŠæŠøсь ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°\&. Š”Š°Ń‚Š° Š·Š°Š“Š°Ń‘Ń‚ŃŃ Š² фŠ¾Ń€Š¼Š°Ń‚Šµ -\fIŠ“Š“Š“Š“\-ŠœŠœ\-Š”Š”\fR\&. -.sp -Š•ŃŠ»Šø этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBuseradd\fR -Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š“Š°Ń‚Ńƒ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, уŠŗŠ°Š·Š°Š½Š½ŃƒŃŽ Š² ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBEXPIRE\fR -Š² фŠ°Š¹Š»Šµ -/etc/default/useradd, ŠøŠ½Š°Ń‡Šµ Šæустую стрŠ¾Šŗу (Š±ŠµŠ· устŠ°Ń€ŠµŠ²Š°Š½Šøя, ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю)\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIŠ”ŠŠ•Š™\fR -.RS 4 -Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 0, тŠ¾ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±Š»Š¾ŠŗŠøруŠµŃ‚ся срŠ°Š·Ńƒ ŠæŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń, Š° ŠæрŠø Š·Š½Š°Ń‡ŠµŠ½ŠøŠø \-1 Š“Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся\&. -.sp -Š•ŃŠ»Šø этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBuseradd\fR -Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ срŠ¾Šŗ Š½ŠµŠ°ŠŗтŠøŠ²Š½Š¾ŃŃ‚Šø ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ Š² ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBINACTIVE\fR -Š² фŠ°Š¹Š»Šµ -/etc/default/useradd -ŠøŠ»Šø \-1 (ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIŠ“Š Š£ŠŸŠŸŠ\fR -.RS 4 -Š˜Š¼Ń ŠøŠ»Šø чŠøсŠ»Š¾Š²Š¾Š¹ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š“Ń€ŃƒŠæŠæŠ° с тŠ°ŠŗŠøŠ¼ ŠøŠ¼ŠµŠ½ŠµŠ¼ Š“Š¾Š»Š¶Š½Š° сущŠµŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. Š˜Š“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ Š³Ń€ŃƒŠæŠæы Š“Š¾Š»Š¶ŠµŠ½ уŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒ Š½Š° уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŃŽŃ‰ŃƒŃŽ Š³Ń€ŃƒŠæŠæу\&. -.sp -Š•ŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½, тŠ¾ ŠæŠ¾Š²ŠµŠ“ŠµŠ½ŠøŠµ -\fBuseradd\fR -Š·Š°Š²ŠøсŠøт Š¾Ń‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBUSERGROUPS_ENAB\fR -Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ этŠ¾Š¹ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ рŠ°Š²Š½Š¾ -\fIyes\fR -(ŠøŠ»Šø Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-U/\-\-user\-group\fR), тŠ¾ Š“Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½Š° Š³Ń€ŃƒŠæŠæŠ° с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠŗŠ°Šŗ ŠµŠ³Š¾ ŠøŠ¼Ń Š“Š»Ń Š²Ń…Š¾Š“Š°\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ рŠ°Š²Š½Š¾ -\fIno\fR -(ŠøŠ»Šø Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-N/\-\-no\-user\-group\fR), тŠ¾ useradd устŠ°Š½Š¾Š²Šøт ŠæŠµŃ€Š²ŠøчŠ½ŃƒŃŽ Š³Ń€ŃƒŠæŠæу Š½Š¾Š²Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń рŠ°Š²Š½Š¾Š¹ Š·Š½Š°Ń‡ŠµŠ½Šøю ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBGROUP\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/default/useradd, ŠøŠ»Šø 100 (ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю)\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIŠ“Š Š£ŠŸŠŸŠ1\fR[\fI,Š“Š Š£ŠŸŠŸŠ2,\&...\fR[\fI,Š“Š Š£ŠŸŠŸŠN\fR]]] -.RS 4 -Š”ŠæŠøсŠ¾Šŗ Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Ń… Š³Ń€ŃƒŠæŠæ, Š² ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… чŠøсŠ»Šøтся ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\&. ŠŸŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ Š¾ŃŃƒŃ‰ŠµŃŃ‚Š²Š»ŃŠµŃ‚ся чŠµŃ€ŠµŠ· Š·Š°Šæятую, Š±ŠµŠ· ŠæрŠ¾Š¼ŠµŠ¶ŃƒŃ‚Š¾Ń‡Š½Ń‹Ń… ŠæрŠ¾Š±ŠµŠ»Š¾Š²\&. ŠŠ° уŠŗŠ°Š·Š°Š½Š½Ń‹Šµ Š³Ń€ŃƒŠæŠæы Š“ŠµŠ¹ŃŃ‚Š²ŃƒŃŽŃ‚ тŠµ Š¶Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя, чтŠ¾ Šø Š“Š»Ń Š³Ń€ŃƒŠæŠæы уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Šµ -\fB\-g\fR\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š²Ń…Š¾Š“Šøт тŠ¾Š»ŃŒŠŗŠ¾ Š² Š½Š°Ń‡Š°Š»ŃŒŠ½ŃƒŃŽ Š³Ń€ŃƒŠæŠæу\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-k\fR, \fB\-\-skel\fR\ \&\fIŠšŠŠ¢ŠŠ›ŠžŠ“_ŠØŠŠ‘Š›ŠžŠŠžŠ’\fR -.RS 4 -ŠšŠ°Ń‚Š°Š»Š¾Š³ с шŠ°Š±Š»Š¾Š½Š°Š¼Šø, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ сŠ¾Š“ŠµŃ€Š¶Šøт фŠ°Š¹Š»Ń‹ Šø ŠŗŠ°Ń‚Š°Š»Š¾Š³Šø Š“Š»Ń ŠŗŠ¾ŠæŠøрŠ¾Š²Š°Š½Šøя Š² Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠæрŠø сŠ¾Š·Š“Š°Š½ŠøŠø Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° ŠŗŠ¾Š¼Š°Š½Š“Š¾Š¹ -\fBuseradd\fR\&. -.sp -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-m\fR -(ŠøŠ»Šø -\fB\-\-create\-home\fR)\&. -.sp -Š•ŃŠ»Šø этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³ шŠ°Š±Š»Š¾Š½Š¾Š² Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBSKEL\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/default/useradd, ŠøŠ»Šø рŠ°Š²ŠµŠ½ -/etc/skel -(ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю)\&. -.sp -Š•ŃŠ»Šø Š²Š¾Š·Š¼Š¾Š¶Š½Š¾, Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ся ŠŗŠ¾ŠæŠøрŠ¾Š²Š°Š½ŠøŠµ ACL Šø рŠ°ŃŃˆŠøрŠµŠ½Š½Ń‹Ń… Š°Ń‚Ń€ŠøŠ±ŃƒŃ‚Š¾Š²\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIŠšŠ›Š®Š§\fR=\fIŠ—ŠŠŠ§Š•ŠŠ˜Š•\fR -.RS 4 -Š—Š°Š¼ŠµŠ½ŃŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю ŠøŠ· фŠ°Š¹Š»Š° -/etc/login\&.defs -(\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBUMASK\fR, -\fBPASS_MAX_DAYS\fR -Šø Š“руŠ³Šøх)\&. - -ŠŸŃ€ŠøŠ¼ŠµŃ€: -\fB\-K\fR\ \&\fIPASS_MAX_DAYS\fR=\fI\-1\fR -Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ ŠæрŠø сŠ¾Š·Š“Š°Š½ŠøŠø сŠøстŠµŠ¼Š½Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø, чтŠ¾Š±Ń‹ Š²Ń‹ŠŗŠ»ŃŽŃ‡Šøть устŠ°Ń€ŠµŠ²Š°Š½ŠøŠµ ŠæŠ°Ń€Š¾Š»Ń, Š“Š°Š¶Šµ ŠµŃŠ»Šø сŠøстŠµŠ¼Š½Š°Ń учётŠ½Š°Ń Š·Š°ŠæŠøсь Š²Š¾Š¾Š±Ń‰Šµ Š½Šµ ŠøŠ¼ŠµŠµŃ‚ ŠæŠ°Ń€Š¾Š»Ń\&. ŠœŠ¾Š¶Š½Š¾ уŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-K\fR -Š½ŠµŃŠŗŠ¾Š»ŃŒŠŗŠ¾ рŠ°Š·, Š½Š°ŠæрŠøŠ¼ŠµŃ€: -\fB\-K\fR\ \&\fIUID_MIN\fR=\fI100\fR\ \&\fB\-K\fR\ \&\fIUID_MAX\fR=\fI499\fR -.RE -.PP -\fB\-l\fR, \fB\-\-no\-log\-init\fR -.RS 4 -ŠŠµ Š“Š¾Š±Š°Š²Š»ŃŃ‚ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š±Š°Š·Ń‹ Š“Š°Š½Š½Ń‹Ń… lastlog Šø faillog\&. -.sp -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š±Š°Š·Š°Ń… Š“Š°Š½Š½Ń‹Ń… lastlog Šø faillog сŠ±Ń€Š°ŃŃ‹Š²Š°ŃŽŃ‚ся Š²Š¾ ŠøŠ·Š±ŠµŠ¶Š°Š½ŠøŠµ ŠæŠ¾Š²Ń‚Š¾Ń€Š½Š¾Š³Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя Š·Š°ŠæŠøсŠø, Š¾ŃŃ‚Š°Š²ŃˆŠµŠ¹ŃŃ Š¾Ń‚ рŠ°Š½ŠµŠµ уŠ“Š°Š»Ń‘Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fB\-m\fR, \fB\-\-create\-home\fR -.RS 4 -Š”Š¾Š·Š“Š°Ń‚ŃŒ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, ŠµŃŠ»Šø Š¾Š½ Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚\&. Š¤Š°Š¹Š»Ń‹ Šø ŠŗŠ°Ń‚Š°Š»Š¾Š³Šø, сŠ¾Š“ŠµŃ€Š¶Š°Ń‰ŠøŠµŃŃ Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ шŠ°Š±Š»Š¾Š½Š¾Š² (ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š¼Š¾Š¶Š½Š¾ уŠŗŠ°Š·Š°Ń‚ŃŒ с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° the -\fB\-k\fR -option), Š±ŃƒŠ“ут сŠŗŠ¾ŠæŠøрŠ¾Š²Š°Š½Ń‹ Š² Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. -.sp -ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю, ŠµŃŠ»Šø этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ уŠŗŠ°Š·Š°Š½ Šø Š½Šµ Š·Š°Š“Š°Š½Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń -\fBCREATE_HOME\fR, Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š½Šµ сŠ¾Š·Š“Š°Ń‘Ń‚ŃŃ\&. -.RE -.PP -\fB\-M\fR -.RS 4 -ŠŠµ сŠ¾Š·Š“Š°Š²Š°Ń‚ŃŒ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š“Š°Š¶Šµ ŠµŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ сŠøстŠµŠ¼Š½Š¾Š¹ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs -(\fBCREATE_HOME\fR) рŠ°Š²Š½Š¾ -\fIyes\fR\&. -.RE -.PP -\fB\-N\fR, \fB\-\-no\-user\-group\fR -.RS 4 -ŠŠµ сŠ¾Š·Š“Š°Š²Š°Ń‚ŃŒ Š³Ń€ŃƒŠæŠæу с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠŗŠ°Šŗ у ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š½Š¾ Š“Š¾Š±Š°Š²Šøть ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š³Ń€ŃƒŠæŠæу, Š·Š°Š“Š°Š½Š½ŃƒŃŽ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-g\fR -ŠøŠ»Šø ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBGROUP\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/default/useradd\&. -.sp -ŠŸŠ¾Š²ŠµŠ“ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-g\fR, -\fB\-N\fR -Šø -\fB\-U\fR) Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBUSERGROUPS_ENAB\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/login\&.defs\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -Š Š°Š·Ń€ŠµŃˆŠøть сŠ¾Š·Š“Š°Š½ŠøŠµ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø с уŠ¶Šµ ŠøŠ¼ŠµŃŽŃ‰ŠøŠ¼ŃŃ (Š½Šµ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¼) UID\&. -.sp -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-u\fR\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIŠŸŠŠ ŠžŠ›Š¬\fR -.RS 4 -ŠØŠøфрŠ¾Š²Š°Š½Š½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š¾Š»Ń, ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ фуŠ½ŠŗцŠøя -\fBcrypt\fR(3)\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю ŠæŠ°Ń€Š¾Š»ŃŒ Š¾Ń‚ŠŗŠ»ŃŽŃ‡Ń‘Š½\&. -.sp -\fBŠ—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ:\fR -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š½Šµ рŠµŠŗŠ¾Š¼ŠµŠ½Š“уŠµŃ‚ся, тŠ°Šŗ ŠŗŠ°Šŗ ŠæŠ°Ń€Š¾Š»ŃŒ (ŠøŠ»Šø Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ) Š±ŃƒŠ“ŠµŃ‚ Š²ŠøŠ“ŠøŠ¼ Š“руŠ³ŠøŠ¼Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ Š² сŠæŠøсŠŗŠµ ŠæрŠ¾Ń†ŠµŃŃŠ¾Š²\&. -.sp -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š²ŠµŃ€Šøть, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŠµŃ‚ ŠæŠ¾Š»ŠøтŠøŠŗŠµ сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Š”Š¾Š·Š“Š°Ń‚ŃŒ сŠøстŠµŠ¼Š½ŃƒŃŽ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь\&. -.sp -Š”ŠøстŠµŠ¼Š½Ń‹Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Šø сŠ¾Š·Š“Š°ŃŽŃ‚ся Š±ŠµŠ· ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†ŠøŠø Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø Š² -/etc/shadow, Šø Šøх чŠøсŠ»Š¾Š²Ń‹Šµ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Ń‹ Š²Ń‹Š±ŠøрŠ°ŃŽŃ‚ся ŠøŠ· Š“ŠøŠ°ŠæŠ°Š·Š¾Š½Š° -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR, Š¾ŠæрŠµŠ“ŠµŠ»Ń‘Š½Š½Š¾Š³Š¾ Š² -/etc/login\&.defs, Š° Š½Šµ ŠøŠ· -\fBUID_MIN\fR\-\fBUID_MAX\fR -(этŠ¾ Š¶Šµ ŠŗŠ°ŃŠ°ŠµŃ‚ся Šø чŠ°ŃŃ‚Šø с -\fBGID\fR -ŠæрŠø сŠ¾Š·Š“Š°Š½ŠøŠø Š³Ń€ŃƒŠæŠæ)\&. -.sp -Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ -\fBuseradd\fR -Š½Šµ сŠ¾Š·Š“Š°Ń‘Ń‚ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š“Š»Ń Š“Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š½ŠµŠ·Š°Š²ŠøсŠøŠ¼Š¾ Š¾Ń‚ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š² -/etc/login\&.defs -(\fBCREATE_HOME\fR)\&. Š•ŃŠ»Šø Š²Ń‹ хŠ¾Ń‚ŠøтŠµ сŠ¾Š·Š“Š°Ń‚ŃŒ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š“Š»Ń сŠøстŠµŠ¼Š½Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø уŠŗŠ°Š¶ŠøтŠµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-m\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fIŠžŠ‘ŠžŠ›ŠžŠ§ŠšŠ\fR -.RS 4 -Š˜Š¼Ń рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю этŠ¾ ŠæŠ¾Š»Šµ ŠæустŠ¾, чтŠ¾ Š²Ń‹Š·Ń‹Š²Š°ŠµŃ‚ Š²Ń‹Š±Š¾Ń€ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю сŠ¾Š³Š»Š°ŃŠ½Š¾ Š·Š½Š°Ń‡ŠµŠ½Šøю ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBSHELL\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/default/useradd, ŠøŠ»Šø ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæустŠ°Ń стрŠ¾ŠŗŠ°\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -Š§ŠøсŠ»Š¾Š²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (ID)\&. ŠžŠ½Š¾ Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¼, ŠµŃŠ»Šø Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-o\fR\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ Š½ŠµŠ¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¼\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š½Š°ŠøŠ¼ŠµŠ½ŃŒŃˆŠµŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ID Š±Š¾Š»ŃŒŃˆŠµŠµ ŠøŠ»Šø рŠ°Š²Š½Š¾Šµ -\fBUID_MIN\fR -Šø Š±Š¾Š»ŃŒŃˆŠµŠµ чŠµŠ¼ у Š¾ŃŃ‚Š°Š»ŃŒŠ½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š”Š¼Š¾Ń‚Ń€ŠøтŠµ тŠ°ŠŗŠ¶Šµ Š¾ŠæŠøсŠ°Š½ŠøŠµ -\fB\-r\fR -Šø -\fBUID_MAX\fR\&. -.RE -.PP -\fB\-U\fR, \fB\-\-user\-group\fR -.RS 4 -Š”Š¾Š·Š“Š°Ń‚ŃŒ Š³Ń€ŃƒŠæŠæу с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼ чтŠ¾ Šø у ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Šø Š“Š¾Š±Š°Š²Šøть ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² эту Š³Ń€ŃƒŠæŠæу\&. -.sp -ŠŸŠ¾Š²ŠµŠ“ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю (ŠµŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-g\fR, -\fB\-N\fR -Šø -\fB\-U\fR) Š¾ŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ся ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBUSERGROUPS_ENAB\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ SELinux Š“Š»Ń рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. ŠŸŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю этŠ¾ ŠæŠ¾Š»Šµ ŠæустŠ¾, чтŠ¾ Š·Š°ŃŃ‚Š°Š²Š»ŃŠµŃ‚ сŠøстŠµŠ¼Ńƒ Š²Ń‹Š±Ń€Š°Ń‚ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń SELinux ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. -.RE -.SS "Š˜Š·Š¼ŠµŠ½ŠµŠ½ŠøŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠ¹ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю" -.PP -ŠŸŃ€Šø Š·Š°ŠæусŠŗŠµ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ тŠ¾Š»ŃŒŠŗŠ¾ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-D\fR -ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBuseradd\fR -ŠæŠ¾ŠŗŠ°Š·Ń‹Š²Š°ŠµŃ‚ тŠµŠŗущŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. Š•ŃŠ»Šø ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š° Š·Š°ŠæусŠŗŠ°ŠµŃ‚ся с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-D\fR -Š²Š¼ŠµŃŃ‚Šµ с Š“руŠ³ŠøŠ¼Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼Šø, тŠ¾ -\fBuseradd\fR -Š¾Š±Š½Š¾Š²Š»ŃŠµŃ‚ Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю этŠøх уŠŗŠ°Š·Š°Š½Š½Ń‹Ń… ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š²\&. Š˜Š·Š¼ŠµŠ½ŃŠµŠ¼Ń‹Šµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры: -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR \fIŠ‘ŠŠ—ŠžŠ’Š«Š™_ŠšŠŠ¢ŠŠ›ŠžŠ“\fR -.RS 4 -ŠŠ°Ń‡Š°Š»ŃŒŠ½Š°Ń чŠ°ŃŃ‚ŃŒ ŠæутŠø Š½Š¾Š²Š¾Š³Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š˜Š¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ Š“Š¾Š±Š°Š²Š»ŠµŠ½Š¾ Š² ŠŗŠ¾Š½ŠµŃ† -\fIŠ”ŠžŠœŠŠØŠŠ•Š“Šž_ŠšŠŠ¢ŠŠ›ŠžŠ“Š\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя ŠøŠ¼ŠµŠ½Šø Š½Š¾Š²Š¾Š³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°, ŠµŃŠ»Šø ŠæрŠø сŠ¾Š·Š“Š°Š½ŠøŠø Š½Š¾Š²Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø Š½Šµ уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-d\fR\&. -.sp -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBHOME\fR -Š² фŠ°Š¹Š»Šµ -/etc/default/useradd\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR \fIŠ”ŠŠ¢Š_Š£Š”Š¢ŠŠ Š•Š’ŠŠŠ˜ŠÆ\fR -.RS 4 -Š”Š°Ń‚Š°, ŠŗŠ¾Š³Š“Š° учётŠ½Š°Ń Š·Š°ŠæŠøсь ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°\&. -.sp -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBEXPIRE\fR -Š² фŠ°Š¹Š»Šµ -/etc/default/useradd\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIŠ”ŠŠ•Š™\fR -.RS 4 -Š§ŠøсŠ»Š¾ Š“Š½ŠµŠ¹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š¹Ń‚Šø ŠæŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń, ŠæŠµŃ€ŠµŠ“ тŠµŠ¼ ŠŗŠ°Šŗ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°\&. -.sp -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBINACTIVE\fR -Š² фŠ°Š¹Š»Šµ -/etc/default/useradd\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIŠ“Š Š£ŠŸŠŸŠ\fR -.RS 4 -Š˜Š¼Ń Š³Ń€ŃƒŠæŠæы ŠøŠ»Šø ID Š½Š¾Š²Š¾Š¹ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (ŠµŃŠ»Šø ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся -\fB\-N/\-\-no\-user\-group\fR -ŠøŠ»Šø ŠŗŠ¾Š³Š“Š° Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBUSERGROUPS_ENAB\fR -рŠ°Š²Š½Š¾ -\fIno\fR -(фŠ°Š¹Š» -/etc/login\&.defs)\&. Š“Ń€ŃƒŠæŠæŠ° с уŠŗŠ°Š·Š°Š½Š½Ń‹Š¼ ŠøŠ¼ŠµŠ½ŠµŠ¼ Š“Š¾Š»Š¶Š½Š° сущŠµŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ, Š° Š“Š»Ń чŠøсŠ»Š¾Š²Š¾Š³Š¾ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š° Š³Ń€ŃƒŠæŠæы Š“Š¾Š»Š¶Š½Š° Š±Ń‹Ń‚ŃŒ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰Š°Ń Š·Š°ŠæŠøсь\&. -.sp -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBGROUP\fR -Š² фŠ°Š¹Š»Šµ -/etc/default/useradd\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fIŠžŠ‘ŠžŠ›ŠžŠ§ŠšŠ\fR -.RS 4 -Š˜Š¼Ń Š½Š¾Š²Š¾Š¹ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ -\fBSHELL\fR -Š² фŠ°Š¹Š»Šµ -/etc/default/useradd\&. -.RE -.SH "Š—ŠŠœŠ•Š§ŠŠŠ˜ŠÆ" -.PP -Š”ŠøстŠµŠ¼Š½Ń‹Š¹ Š°Š“Š¼ŠøŠ½ŠøстрŠ°Ń‚Š¾Ń€ сŠ°Š¼ рŠµŃˆŠ°ŠµŃ‚, ŠŗŠ°ŠŗŠøŠµ фŠ°Š¹Š»Ń‹ Š½ŃƒŠ¶Š½Š¾ ŠæŠ¾Š»Š¾Š¶Šøть Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³ -/etc/skel/ -(ŠøŠ»Šø Š² Š»ŃŽŠ±Š¾Š¹ Š“руŠ³Š¾Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ шŠ°Š±Š»Š¾Š½Š¾Š², уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ Š² -/etc/default/useradd -ŠøŠ»Šø Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ)\&. -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -ŠŠµŠ»ŃŒŠ·Ń Š“Š¾Š±Š°Š²Šøть ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š³Ń€ŃƒŠæŠæу NIS ŠøŠ»Šø LDAP\&. Š­Ń‚Š¾ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Š¾ Š“ŠµŠ»Š°Ń‚ŃŒ Š½Š° сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŃŽŃ‰ŠµŠ¼ сŠµŃ€Š²ŠµŃ€Šµ\&. -.PP -Š¢Š°ŠŗŠ¶Šµ, ŠµŃŠ»Šø ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Š²Š¾ Š²Š½ŠµŃˆŠ½ŠµŠ¹ Š±Š°Š·Šµ Š“Š°Š½Š½Ń‹Ń… тŠ°ŠŗŠ¾Š¹ ŠŗŠ°Šŗ NIS ŠøŠ»Šø LDAP, тŠ¾ -\fBuseradd\fR -Š½Šµ стŠ°Š½ŠµŃ‚ сŠ¾Š·Š“Š°Š²Š°Ń‚ŃŒ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -Š˜Š¼ŠµŠ½Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š“Š¾Š»Š¶Š½Ń‹ Š½Š°Ń‡ŠøŠ½Š°Ń‚ŃŒŃŃ сŠ¾ стрŠ¾Ń‡Š½Š¾Š¹ Š±ŃƒŠŗŠ²Ń‹ ŠøŠ»Šø сŠøŠ¼Š²Š¾Š»Š° ŠæŠ¾Š“чёрŠŗŠøŠ²Š°Š½Šøя, Šø Š“Š¾Š»Š¶Š½Ń‹ сŠ¾ŃŃ‚Š¾ŃŃ‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ ŠøŠ· стрŠ¾Ń‡Š½Ń‹Ń… Š±ŃƒŠŗŠ², цŠøфр, сŠøŠ¼Š²Š¾Š»Š¾Š² ŠæŠ¾Š“чёрŠŗŠøŠ²Š°Š½Šøя Šø Š¼ŠøŠ½ŃƒŃ\&. ŠžŠ½Šø Š¼Š¾Š³ŃƒŃ‚ Š·Š°ŠŗŠ°Š½Ń‡ŠøŠ²Š°Ń‚ŃŒŃŃ Š·Š½Š°ŠŗŠ¾Š¼ Š“Š¾Š»Š»Š°Ń€Š°\&. Š­Ń‚Š¾ Š¼Š¾Š¶Š½Š¾ Š¾ŠæŠøсŠ°Ń‚ŃŒ рŠµŠ³ŃƒŠ»ŃŃ€Š½Ń‹Š¼ Š²Ń‹Ń€Š°Š¶ŠµŠ½ŠøŠµŠ¼: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Š˜Š¼ŠµŠ½Š° ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Š¼Š¾Š³ŃƒŃ‚ Š±Ń‹Ń‚ŃŒ Š“Š»ŠøŠ½Š¾Š¹ Š½Šµ Š±Š¾Š»ŠµŠµ 32 Š·Š½Š°ŠŗŠ¾Š²\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBCREATE_HOME\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚, Š“Š¾Š»Š¶ŠµŠ½ Š»Šø сŠ¾Š·Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š“Š»Ń Š½Š¾Š²Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š­Ń‚Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń Š½Šµ Š²Š»ŠøяŠµŃ‚ Š½Š° сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ Šø Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š° ŠøŠ· ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø\&. -.RE -.PP -\fBGID_MAX\fR (чŠøсŠ»Š¾), \fBGID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæ, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR, -\fBgroupadd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя Š¾Š±Ń‹Ń‡Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBGID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBGID_MAX\fR) рŠ°Š²Š½Š¾ 1000 (сŠ¾Š¾Ń‚Š²\&. 60000)\&. -.RE -.PP -\fBMAIL_DIR\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠŸŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. Š”Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½ŃƒŠ¶ŠµŠ½ Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¼ ящŠøŠŗŠ¾Š¼ ŠæрŠø ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠø ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠæрŠø сŠ±Š¾Ń€ŠŗŠµ\&. -.RE -.PP -\fBMAIL_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½ŠøŠµ ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Ń… фŠ°Š¹Š»Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¾Ń‚Š½Š¾ŃŠøтŠµŠ»ŃŒŠ½Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. -.RE -.PP -ŠŸŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ -\fBMAIL_DIR\fR -Šø -\fBMAIL_FILE\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š°Š¼Šø -\fBuseradd\fR, -\fBusermod\fR -Šø -\fBuserdel\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя, ŠæŠµŃ€ŠµŠ¼ŠµŃ‰ŠµŠ½Šøя ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBMAIL_CHECK_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š¾Š½Šø тŠ°ŠŗŠ¶Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -\fBPASS_MAX_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š¾Š»ŃŒ стŠ°Ń€ŠµŠµ этŠ¾Š³Š¾ чŠøсŠ»Š°, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæрŠ¾Ń†ŠµŠ“урŠ° сŠ¼ŠµŠ½Ń‹ ŠæŠ°Ń€Š¾Š»Ń\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ чŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š¼ŠµŠ¶Š“у ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøяŠ¼Šø ŠæŠ°Ń€Š¾Š»Ń\&. Š›ŃŽŠ±Š°Ń сŠ¼ŠµŠ½Š° ŠæŠ°Ń€Š¾Š»Ń рŠ°Š½ŠµŠµ Š·Š°Š“Š°Š½Š½Š¾Š³Š¾ срŠ¾ŠŗŠ° Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š° Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, тŠ¾ ŠæрŠµŠ“ŠæŠ¾Š»Š°Š³Š°ŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ \-1 (тŠ¾ ŠµŃŃ‚ŃŒ Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (чŠøсŠ»Š¾) -.RS 4 -Š§ŠøсŠ»Š¾ Š“Š½ŠµŠ¹ Š·Š° ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š½Š°Ń‡Š½Ń‘Ń‚ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š¾Š± устŠ°Ń€ŠµŠ²Š°Š½ŠøŠø ŠæŠ°Ń€Š¾Š»Ń\&. ŠŃƒŠ»ŠµŠ²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¾Š·Š½Š°Ń‡Š°ŠµŃ‚, чтŠ¾ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Ń‘Ń‚ŃŃ Š² Š“ŠµŠ½ŃŒ устŠ°Ń€ŠµŠ²Š°Š½Šøя, ŠæрŠø Š¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Š¾Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠø ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š²Ń‹Š“Š°Š²Š°Ń‚ŃŒŃŃ Š½Šµ Š±ŃƒŠ“ŠµŃ‚\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š½Šµ Š·Š°Š“Š°Š½Š¾, Š²Ń‹Š“Š°Ń‡Š° ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½Šøя Š¾Ń‚ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ся\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (чŠøсŠ»Š¾), \fBSYS_GID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² Š³Ń€ŃƒŠæŠæ, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR, -\fBgroupadd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя сŠøстŠµŠ¼Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBSYS_GID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&.\fBSYS_GID_MAX\fR) рŠ°Š²Š½Š¾ 101 (сŠ¾Š¾Ń‚Š²\&. -\fBGID_MIN\fR\-1)\&. -.RE -.PP -\fBSYS_UID_MAX\fR (чŠøсŠ»Š¾), \fBSYS_UID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBSYS_UID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBSYS_UID_MAX\fR) рŠ°Š²Š½Š¾ 101 (сŠ¾Š¾Ń‚Š²\&. -\fBUID_MIN\fR\-1)\&. -.RE -.PP -\fBUID_MAX\fR (чŠøсŠ»Š¾), \fBUID_MIN\fR (чŠøсŠ»Š¾) -.RS 4 -Š”ŠøŠ°ŠæŠ°Š·Š¾Š½ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŠ¼Ń‹Š¹ Š² ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š°Ń… -\fBuseradd\fR -ŠøŠ»Šø -\fBnewusers\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя Š¾Š±Ń‹Ń‡Š½Ń‹Ń… ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń -\fBUID_MIN\fR -(сŠ¾Š¾Ń‚Š²\&. -\fBUID_MAX\fR) рŠ°Š²Š½Š¾ 1000 (сŠ¾Š¾Ń‚Š²\&. 60000)\&. -.RE -.PP -\fBUMASK\fR (чŠøсŠ»Š¾) -.RS 4 -Š—Š°Š“Š°Ń‘Ń‚ Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š¼Š°ŃŠŗŠø Š“Š¾ŃŃ‚ŃƒŠæŠ° Š“Š»Ń сŠ¾Š·Š“Š°Š²Š°ŠµŠ¼Ń‹Ń… фŠ°Š¹Š»Š¾Š²\&. Š•ŃŠ»Šø Š½Šµ уŠŗŠ°Š·Š°Š½Š¾, тŠ¾ Š¼Š°ŃŠŗŠ° устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŠµŃ‚ся Š² 022\&. -.sp -ŠšŠ¾Š¼Š°Š½Š“ы -\fBuseradd\fR -Šø -\fBnewusers\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ эту Š¼Š°ŃŠŗу Š“Š»Ń устŠ°Š½Š¾Š²ŠŗŠø ŠæрŠ°Š² Š“Š¾ŃŃ‚ŃƒŠæŠ° Šŗ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼Ńƒ ŠŗŠ°Ń‚Š°Š»Š¾Š³Ńƒ, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š¾Š½Šø сŠ¾Š·Š“Š°ŃŽŃ‚\&. -.sp -Š¢Š°ŠŗŠ¶Šµ Š¾Š½Š° ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š¾Š¹ -\fBlogin\fR -Š“Š»Ń Š·Š°Š“Š°Š½Šøя Š½Š°Ń‡Š°Š»ŃŒŠ½Š¾Š³Š¾ Š·Š½Š°Ń‡ŠµŠ½Šøя umask ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ° Š¼Š°ŃŠŗŠ° Š¼Š¾Š¶ŠµŃ‚ Š±Ń‹Ń‚ŃŒ ŠæŠµŃ€ŠµŠ¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Š° ŠøŠ· ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š¹ стрŠ¾ŠŗŠø GECOS (ŠµŃŠ»Šø устŠ°Š½Š¾Š²Š»ŠµŠ½Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń -\fBQUOTAS_ENAB\fR) ŠøŠ»Šø уŠŗŠ°Š·Š°Š½ŠøŠµŠ¼ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя с ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€Š¾Š¼ -\fIK\fR, Š² -\fBlimits\fR(5)\&. -.RE -.PP -\fBUSERGROUPS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Š½Š¾Š²Šŗу Š³Ń€ŃƒŠæŠæы Š±ŠøтŠ¾Š² umask рŠ°Š²Š½Š¾Š¹ Š±ŠøтŠ°Š¼ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° (ŠæрŠøŠ¼ŠµŃ€: 022 \-> 002, 077 \-> 007) Š“Š»Ń Š½Šµ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠµŃŠ»Šø uid рŠ°Š²ŠµŠ½ gid Šø ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń сŠ¾Š²ŠæŠ°Š“Š°ŠµŃ‚ с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ -\fBuserdel\fR -уŠ“Š°Š»ŃŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗую Š³Ń€ŃƒŠæŠæу, ŠµŃŠ»Šø Š² Š½ŠµŠ¹ Š½ŠµŃ‚ Š±Š¾Š»ŃŒŃˆŠµ чŠ»ŠµŠ½Š¾Š², Š° -\fBuseradd\fR -ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю сŠ¾Š·Š“Š°Ń‘Ń‚ Š³Ń€ŃƒŠæŠæу с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/default/useradd -.RS 4 -Š·Š½Š°Ń‡ŠµŠ½Šøя ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю Š“Š»Ń сŠ¾Š·Š“Š°Š²Š°ŠµŠ¼Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø -.RE -.PP -/etc/skel/ -.RS 4 -ŠŗŠ°Ń‚Š°Š»Š¾Š³, сŠ¾Š“ŠµŃ€Š¶Š°Ń‰ŠøŠ¹ фŠ°Š¹Š»Ń‹ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBuseradd\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI1\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -\fI2\fR -.RS 4 -Š¾ŃˆŠøŠ±ŠŗŠ° Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Ń… ŠŗŠ¾Š¼Š°Š½Š“ы -.RE -.PP -\fI3\fR -.RS 4 -Š½ŠµŠ“Š¾ŠæустŠøŠ¼Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -.RE -.PP -\fI4\fR -.RS 4 -тŠ°ŠŗŠ¾Š¹ UID уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ (Šø Š½Šµ Š·Š°Š“Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-o\fR) -.RE -.PP -\fI6\fR -.RS 4 -уŠŗŠ°Š·Š°Š½Š½Š°Ń Š³Ń€ŃƒŠæŠæŠ° Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ -.RE -.PP -\fI9\fR -.RS 4 -ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ -.RE -.PP -\fI10\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» Š³Ń€ŃƒŠæŠæ -.RE -.PP -\fI12\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ сŠ¾Š·Š“Š°Ń‚ŃŒ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ -.RE -.PP -\fI14\fR -.RS 4 -can\*(Aqt update SELinux user mapping -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/ru/man8/userdel.8 b/man/ru/man8/userdel.8 deleted file mode 100644 index 227da9fd..00000000 --- a/man/ru/man8/userdel.8 +++ /dev/null @@ -1,293 +0,0 @@ -'\" t -.\" Title: userdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "userdel" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -userdel \- уŠ“Š°Š»ŃŠµŃ‚ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь Šø фŠ°Š¹Š»Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBuserdel\fR\ 'u -\fBuserdel\fR [ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры] \fIŠ£Š§ŠŠ¢ŠŠŠÆ_Š—ŠŠŸŠ˜Š”Š¬\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBuserdel\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ сŠøстŠµŠ¼Š½Ń‹Šµ фŠ°Š¹Š»Ń‹ учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹, уŠ“Š°Š»ŃŃ Š²ŃŠµ Š·Š°ŠæŠøсŠø, Š¾Ń‚Š½Š¾ŃŃŃ‰ŠøŠµŃŃ Šŗ уŠŗŠ°Š·Š°Š½Š½Š¾Š¼Ńƒ -\fIŠøŠ¼ŠµŠ½Šø_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\fR\&. Š—Š°Š“Š°Š½Š½Š°Ń учётŠ½Š°Ń Š·Š°ŠæŠøсь Š“Š¾Š»Š¶Š½Š° сущŠµŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBuserdel\fR: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Š” этŠøŠ¼ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±ŃƒŠ“ŠµŃ‚ уŠ“Š°Š»ŠµŠ½Š°, Š“Š°Š¶Šµ ŠµŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š² этŠ¾Ń‚ Š¼Š¾Š¼ŠµŠ½Ń‚ рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ Š² сŠøстŠµŠ¼Šµ\&. ŠžŠ½ тŠ°ŠŗŠ¶Šµ Š·Š°ŃŃ‚Š°Š²Š»ŃŠµŃ‚ -\fBuserdel\fR -уŠ“Š°Š»Šøть Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Šø ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ящŠøŠŗ, Š“Š°Š¶Šµ ŠµŃŠ»Šø Š“руŠ³Š¾Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ тŠ¾Ń‚ Š¶Šµ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ ŠøŠ»Šø ŠµŃŠ»Šø ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ящŠøŠŗ Š½Šµ ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Šøт Š“Š°Š½Š½Š¾Š¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ\&. Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBUSERGROUPS_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR -Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs -Šø ŠµŃŠ»Šø сущŠµŃŃ‚Š²ŃƒŠµŃ‚ Š³Ń€ŃƒŠæŠæŠ° с ŠøŠ¼ŠµŠ½ŠµŠ¼ уŠ“Š°Š»ŃŠµŠ¼Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, тŠ¾ этŠ¾ Š³Ń€ŃƒŠæŠæŠ° Š±ŃƒŠ“ŠµŃ‚ уŠ“Š°Š»ŠµŠ½Š°, Š“Š°Š¶Šµ ŠµŃŠ»Šø Š¾Š½Š° Š²ŃŃ‘ ŠµŃ‰Ń‘ яŠ²Š»ŃŠµŃ‚ся ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæŠ¾Š¹ Š“руŠ³Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -\fIŠ—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ:\fR -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š¾ŠæŠ°ŃŠ½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ; Š¾Š½ Š¼Š¾Š¶ŠµŃ‚ ŠæрŠøŠ²ŠµŃŃ‚Šø сŠøстŠµŠ¼Ńƒ Š² Š½ŠµŃ€Š°Š±Š¾Ń‡ŠµŠµ сŠ¾ŃŃ‚Š¾ŃŠ½ŠøŠµ\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\fR -.RS 4 -Š¤Š°Š¹Š»Ń‹ Š² Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼ ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ут уŠ“Š°Š»ŠµŠ½Ń‹ Š²Š¼ŠµŃŃ‚Šµ с сŠ°Š¼ŠøŠ¼ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¼ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š¾Š¼ Šø ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¼ ящŠøŠŗŠ¾Š¼\&. ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ фŠ°Š¹Š»Ń‹, рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½Š½Ń‹Šµ Š² Š“руŠ³Šøх фŠ°Š¹Š»Š¾Š²Ń‹Ń… сŠøстŠµŠ¼Š°Ń…, Š½ŃƒŠ¶Š½Š¾ ŠøсŠŗŠ°Ń‚ŃŒ Šø уŠ“Š°Š»ŃŃ‚ŃŒ Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ\&. -.sp -Š˜Š¼Ń фŠ°Š¹Š»Š° ŠæŠ¾Ń‡Ń‚Š¾Š²Š¾Š³Š¾ ящŠøŠŗŠ° Š·Š°Š“Š°Ń‘Ń‚ŃŃ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBMAIL_DIR\fR -Š² фŠ°Š¹Š»Šµ -login\&.defs\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR -.RS 4 -Š£Š“Š°Š»ŃŠµŃ‚ Š²ŃŠµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠµ сŠ¾ŠæŠ¾ŃŃ‚Š°Š²Š»ŠµŠ½Šøя SELinux Š“Š»Ń учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBMAIL_DIR\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠŸŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. Š”Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½ŃƒŠ¶ŠµŠ½ Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¼ ящŠøŠŗŠ¾Š¼ ŠæрŠø ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠø ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠæрŠø сŠ±Š¾Ń€ŠŗŠµ\&. -.RE -.PP -\fBMAIL_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½ŠøŠµ ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Ń… фŠ°Š¹Š»Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¾Ń‚Š½Š¾ŃŠøтŠµŠ»ŃŒŠ½Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. -.RE -.PP -ŠŸŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ -\fBMAIL_DIR\fR -Šø -\fBMAIL_FILE\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š°Š¼Šø -\fBuseradd\fR, -\fBusermod\fR -Šø -\fBuserdel\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя, ŠæŠµŃ€ŠµŠ¼ŠµŃ‰ŠµŠ½Šøя ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBMAIL_CHECK_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š¾Š½Šø тŠ°ŠŗŠ¶Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -\fBUSERDEL_CMD\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ńƒ, ŠŗŠ¾Ń‚Š¾Ń€Š°Ń Š±ŃƒŠ“ŠµŃ‚ Š·Š°ŠæущŠµŠ½Š° ŠæрŠø уŠ“Š°Š»ŠµŠ½ŠøŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. ŠžŠ½Š° Š“Š¾Š»Š¶Š½Š° уŠ“Š°Š»ŃŃ‚ŃŒ Š»ŃŽŠ±Ń‹Šµ Š·Š°Š“Š°Š½Šøя at/cron/ŠæŠµŃ‡Š°Ń‚Šø уŠ“Š°Š»ŃŠµŠ¼Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (ŠæŠµŃ€ŠµŠ“Š°Ń‘Ń‚ŃŃ Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ ŠæŠµŃ€Š²Š¾Š³Š¾ Š°Ń€Š³ŃƒŠ¼ŠµŠ½Ń‚Š°)\&. -.sp -Š’Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŠ¼Ń‹Š¹ сцŠµŠ½Š°Ń€ŠøŠµŠ¼ ŠŗŠ¾Š“ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½Šøя Š½Šµ учŠøтыŠ²Š°ŠµŃ‚ся\&. -.sp -Š’Š¾Ń‚ ŠæрŠ¾ŃŃ‚Š¾Š¹ сцŠµŠ½Š°Ń€ŠøŠ¹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ уŠ“Š°Š»ŃŠµŃ‚ Š·Š°Š“Š°Š½Šøя ŠæŠµŃ‡Š°Ń‚Šø, cron Šø at: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# ŠæрŠ¾Š²ŠµŃ€Šøть Š²ŃŠµ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Ń‹Šµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚ры -if [ $# != 1 ]; then - echo "Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ŠøŠµ: $0 ŠøŠ¼Ń_ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń" - exit 1 -fi - -# уŠ“Š°Š»Šøть Š·Š°Š“Š°Š½Šøя cron -crontab \-r \-u $1 - -# уŠ“Š°Š»Šøть Š·Š°Š“Š°Š½Šøя at -# Š—Š°Š¼ŠµŃ‚ŠøŠ¼, чтŠ¾ этŠ¾ уŠ“Š°Š»Šøт Š²ŃŠµ Š·Š°Š“Š°Š½Šøя с уŠŗŠ°Š·Š°Š½Š½Ń‹Š¼ UID, -# Š“Š°Š¶Šµ ŠµŃŠ»Šø Š¾Š½ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š“Š»Ń Š“руŠ³Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# уŠ“Š°Š»Šøть Š·Š°Š“Š°Š½Šøя ŠæŠµŃ‡Š°Ń‚Šø -lprm $1 - -# Š²ŃŃ‘ -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (Š»Š¾Š³ŠøчŠµŃŠŗŠøŠ¹) -.RS 4 -Š’ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Š½Š¾Š²Šŗу Š³Ń€ŃƒŠæŠæы Š±ŠøтŠ¾Š² umask рŠ°Š²Š½Š¾Š¹ Š±ŠøтŠ°Š¼ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° (ŠæрŠøŠ¼ŠµŃ€: 022 \-> 002, 077 \-> 007) Š“Š»Ń Š½Šµ суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹, ŠµŃŠ»Šø uid рŠ°Š²ŠµŠ½ gid Šø ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń сŠ¾Š²ŠæŠ°Š“Š°ŠµŃ‚ с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы\&. -.sp -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ -\fBuserdel\fR -уŠ“Š°Š»ŃŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗую Š³Ń€ŃƒŠæŠæу, ŠµŃŠ»Šø Š² Š½ŠµŠ¹ Š½ŠµŃ‚ Š±Š¾Š»ŃŒŃˆŠµ чŠ»ŠµŠ½Š¾Š², Š° -\fBuseradd\fR -ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю сŠ¾Š·Š“Š°Ń‘Ń‚ Š³Ń€ŃƒŠæŠæу с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "Š’ŠžŠ—Š’Š ŠŠ©ŠŠ•ŠœŠ«Š• Š—ŠŠŠ§Š•ŠŠ˜ŠÆ" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBuserdel\fR -Š·Š°Š²ŠµŃ€ŃˆŠ°Ń рŠ°Š±Š¾Ń‚Ńƒ, Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ сŠ»ŠµŠ“ующŠøŠµ Š·Š½Š°Ń‡ŠµŠ½Šøя: -.PP -\fI0\fR -.RS 4 -усŠæŠµŃˆŠ½Š¾Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠµ -.RE -.PP -\fI1\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -\fI2\fR -.RS 4 -Š¾ŃˆŠøŠ±ŠŗŠ° Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Ń… ŠŗŠ¾Š¼Š°Š½Š“ы -.RE -.PP -\fI6\fR -.RS 4 -уŠŗŠ°Š·Š°Š½Š½Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚ -.RE -.PP -\fI8\fR -.RS 4 -ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ сŠµŠ¹Ń‡Š°Ń рŠ°Š±Š¾Ń‚Š°ŠµŃ‚ Š² сŠøстŠµŠ¼Šµ -.RE -.PP -\fI10\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠøŠ·Š¼ŠµŠ½Šøть фŠ°Š¹Š» Š³Ń€ŃƒŠæŠæ -.RE -.PP -\fI12\fR -.RS 4 -Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ уŠ“Š°Š»Šøть Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBuserdel\fR -Š½Šµ ŠæŠ¾Š·Š²Š¾Š»Šøт уŠ“Š°Š»Šøть учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь, ŠµŃŠ»Šø ŠµŃŃ‚ŃŒ Š·Š°ŠæущŠµŠ½Š½Ń‹Šµ ŠæрŠ¾Ń†ŠµŃŃŃ‹, ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‰ŠøŠµ Š“Š°Š½Š½Š¾Š¹ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. Š’ этŠ¾Š¼ сŠ»ŃƒŃ‡Š°Šµ Š²Ń‹ Š¼Š¾Š¶ŠµŃ‚Šµ уŠ“Š°Š»Šøть этŠø ŠæрŠ¾Ń†ŠµŃŃŃ‹ ŠøŠ»Šø Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь, Š° Š·Š°Ń‚ŠµŠ¼ уŠ“Š°Š»Šøть учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь\&. Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-f\fR, тŠ¾ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±ŃƒŠ“ŠµŃ‚ уŠ“Š°Š»ŠµŠ½Š° Š½ŠµŃŠ¼Š¾Ń‚Ń€Ń Š½Šø Š½Š° чтŠ¾\&. -.PP -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ ŠæрŠ¾Š²ŠµŃ€Šøть Š²ŃŠµ фŠ°Š¹Š»Š¾Š²Ń‹Šµ сŠøстŠµŠ¼Ń‹, чтŠ¾Š±Ń‹ уŠ±ŠµŠ“Šøться, чтŠ¾ Š½Šµ Š¾ŃŃ‚Š°Š»Š¾ŃŃŒ фŠ°Š¹Š»Š¾Š², ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‰Šøх этŠ¾Š¼Ńƒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŽ\&. -.PP -ŠŠµŠ»ŃŒŠ·Ń уŠ“Š°Š»Šøть NIS Š°Ń‚Ń€ŠøŠ±ŃƒŃ‚Ń‹ ŠŗŠ»ŠøŠµŠ½Ń‚Š° NIS\&. Š­Ń‚Š¾ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Š¾ сŠ“ŠµŠ»Š°Ń‚ŃŒ Š½Š° NIS сŠµŃ€Š²ŠµŃ€Šµ\&. -.PP -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ -\fBUSERGROUPS_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR -Š² фŠ°Š¹Š»Šµ -/etc/login\&.defs, тŠ¾ -\fBuserdel\fR -уŠ“Š°Š»Šøт Š³Ń€ŃƒŠæŠæу с ŠøŠ¼ŠµŠ½ŠµŠ¼ ŠŗŠ°Šŗ у ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š§Ń‚Š¾Š±Ń‹ ŠøŠ·Š±ŠµŠ¶Š°Ń‚ŃŒ рŠ°ŃŃŠ¾Š³Š»Š°ŃŠ¾Š²Š°Š½Š½Š¾ŃŃ‚Šø Š² Š±Š°Š·Š°Ń… Š“Š°Š½Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ Šø ŠæŠ°Ń€Š¾Š»ŠµŠ¹, -\fBuserdel\fR -ŠæрŠ¾Š²ŠµŃ€Šøт, чтŠ¾ Š“Š°Š½Š½Š°Ń Š³Ń€ŃƒŠæŠæŠ° Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š² ŠŗŠ°Ń‡ŠµŃŃ‚Š²Šµ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š“Š»Ń Š“руŠ³Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Šø Š²Ń‹Š“Š°ŃŃ‚ ŠæрŠµŠ“уŠæрŠµŠ¶Š“ŠµŠ½ŠøŠµ Š±ŠµŠ· уŠ“Š°Š»ŠµŠ½Šøя, ŠµŃŠ»Šø тŠ°ŠŗŠ¾Šµ сŠ»ŃƒŃ‡Šøтся\&. ŠŸŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-f\fR -ŠæŠ¾Š¼Š¾Š¶ŠµŃ‚ уŠ“Š°Š»Šøть Š³Ń€ŃƒŠæŠæу Š² Š»ŃŽŠ±Š¾Š¼ сŠ»ŃƒŃ‡Š°Šµ\&. -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBlogin.defs\fR(5), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/ru/man8/usermod.8 b/man/ru/man8/usermod.8 deleted file mode 100644 index 1b17e38e..00000000 --- a/man/ru/man8/usermod.8 +++ /dev/null @@ -1,436 +0,0 @@ -'\" t -.\" Title: usermod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "usermod" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -usermod \- ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBusermod\fR\ 'u -\fBusermod\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] \fIŠ£Š§ŠŠ¢ŠŠŠÆ_Š—ŠŠŸŠ˜Š”Š¬\fR -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBusermod\fR -ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ сŠøстŠµŠ¼Š½Ń‹Šµ фŠ°Š¹Š»Ń‹ учётŠ½Ń‹Ń… Š·Š°ŠæŠøсŠµŠ¹ сŠ¾Š³Š»Š°ŃŠ½Š¾ ŠæŠµŃ€ŠµŠ“Š°Š½Š½Ń‹Š¼ Š² ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠµ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š°Š¼\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ы -\fBusermod\fR: -.PP -\fB\-a\fR, \fB\-\-append\fR -.RS 4 -Š”Š¾Š±Š°Š²Šøть ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½ŃƒŃŽ Š³Ń€ŃƒŠæŠæу(ы)\&. Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ Š²Š¼ŠµŃŃ‚Šµ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-G\fR\&. -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fIŠšŠžŠœŠœŠ•ŠŠ¢ŠŠ Š˜Š™\fR -.RS 4 -ŠŠ¾Š²Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾Š»Ń ŠŗŠ¾Š¼Š¼ŠµŠ½Ń‚Š°Ń€Šøя Š² фŠ°Š¹Š»Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøх ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. ŠžŠ±Ń‹Ń‡Š½Š¾ ŠµŠ³Š¾ ŠøŠ·Š¼ŠµŠ½ŃŃŽŃ‚ с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ -\fBchfn\fR(1)\&. -.RE -.PP -\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_DIR\fR -.RS 4 -Š”Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ Š½Š¾Š²Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.sp -Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-m\fR, тŠ¾ сŠ¾Š“ŠµŃ€Š¶ŠøŠ¼Š¾Šµ тŠµŠŗущŠµŠ³Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° Š±ŃƒŠ“ŠµŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŃ‰ŠµŠ½Š¾ Š² Š½Š¾Š²Ń‹Š¹ Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š±ŃƒŠ“ŠµŃ‚ сŠ¾Š·Š“Š°Š½, ŠµŃŠ»Šø Š¾Š½ ŠµŃ‰Ń‘ Š½Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR \fIŠ”ŠŠ¢Š_Š£Š”Š¢ŠŠ Š•Š’ŠŠŠ˜ŠÆ\fR -.RS 4 -Š”Š°Ń‚Š°, ŠŗŠ¾Š³Š“Š° учётŠ½Š°Ń Š·Š°ŠæŠøсь ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š½Š°\&. Š”Š°Ń‚Š° Š·Š°Š“Š°Ń‘Ń‚ŃŃ Š² фŠ¾Ń€Š¼Š°Ń‚Šµ -\fIŠ“Š“Š“Š“\-ŠœŠœ\-Š”Š”\fR\&. -.sp -ŠŸŃƒŃŃ‚Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ Š°Ń€Š³ŃƒŠ¼ŠµŠ½Ń‚Š° -\fIŠ”ŠŠ¢Š_Š£Š”Š¢ŠŠ Š•Š’ŠŠŠ˜ŠÆ\fR -Š¾Ń‚ŠŗŠ»ŃŽŃ‡Š°ŠµŃ‚ устŠ°Ń€ŠµŠ²Š°Š½ŠøŠµ учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø\&. -.sp -Š”Š»Ń этŠ¾Š³Š¾ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° трŠµŠ±ŃƒŠµŃ‚ся фŠ°Š¹Š» -/etc/shadow\&. ŠŸŃ€Šø Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²ŠøŠø Š² -/etc/shadow -сŠ¾Š·Š“Š°Ń‘Ń‚ŃŃ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Š°Ń Š·Š°ŠæŠøсь\&. -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIŠ”ŠŠ•Š™\fR -.RS 4 -ŠšŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ Š“Š½ŠµŠ¹, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š¹Ń‚Šø ŠæŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń, чтŠ¾Š±Ń‹ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Š»Š°ŃŃŒ Š½Š°Š²ŃŠµŠ³Š“Š°\&. -.sp -Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½Š¾ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 0, тŠ¾ учётŠ½Š°Ń Š·Š°ŠæŠøсь Š±Š»Š¾ŠŗŠøруŠµŃ‚ся срŠ°Š·Ńƒ ŠæŠ¾ŃŠ»Šµ устŠ°Ń€ŠµŠ²Š°Š½Šøя ŠæŠ°Ń€Š¾Š»Ń, Š° ŠæрŠø Š·Š½Š°Ń‡ŠµŠ½ŠøŠø \-1 Š“Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся\&. -.sp -Š”Š»Ń этŠ¾Š³Š¾ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° трŠµŠ±ŃƒŠµŃ‚ся фŠ°Š¹Š» -/etc/shadow\&. ŠŸŃ€Šø Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²ŠøŠø Š² -/etc/shadow -сŠ¾Š·Š“Š°Ń‘Ń‚ŃŃ Š½ŠµŠ¾Š±Ń…Š¾Š“ŠøŠ¼Š°Ń Š·Š°ŠæŠøсь\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIŠ“Š Š£ŠŸŠŸŠ\fR -.RS 4 -Š˜Š¼Ń ŠøŠ»Šø чŠøсŠ»Š¾Š²Š¾Š¹ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ Š½Š¾Š²Š¾Š¹ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæы ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š“Ń€ŃƒŠæŠæŠ° с тŠ°ŠŗŠøŠ¼ ŠøŠ¼ŠµŠ½ŠµŠ¼ Š“Š¾Š»Š¶Š½Š° сущŠµŃŃ‚Š²Š¾Š²Š°Ń‚ŃŒ\&. -.sp -Š’сŠµ фŠ°Š¹Š»Ń‹ Š² Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼ ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Š²ŃˆŠøŠµ ŠæрŠµŠ“ыŠ“ущŠµŠ¹ ŠæŠµŃ€Š²ŠøчŠ½Š¾Š¹ Š³Ń€ŃƒŠæŠæŠµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń, Š±ŃƒŠ“ут ŠæрŠøŠ½Š°Š“Š»ŠµŠ¶Š°Ń‚ŃŒ Š½Š¾Š²Š¾Š¹ Š³Ń€ŃƒŠæŠæŠµ\&. -.sp -Š“Ń€ŃƒŠæŠæŠ¾Š²Š¾Š³Š¾ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° фŠ°Š¹Š»Š¾Š² Š²Š½Šµ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° Š½ŃƒŠ¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½Šøть Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ\&. -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIŠ“Š Š£ŠŸŠŸŠ1\fR[\fI,Š“Š Š£ŠŸŠŸŠ2,\&...\fR[\fI,Š“Š Š£ŠŸŠŸŠN\fR]]] -.RS 4 -Š”ŠæŠøсŠ¾Šŗ Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Ń… Š³Ń€ŃƒŠæŠæ, Š² ŠŗŠ¾Ń‚Š¾Ń€Ń‹Ń… чŠøсŠ»Šøтся ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ\&. ŠŸŠµŃ€ŠµŃ‡ŠøсŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ Š¾ŃŃƒŃ‰ŠµŃŃ‚Š²Š»ŃŠµŃ‚ся чŠµŃ€ŠµŠ· Š·Š°Šæятую, Š±ŠµŠ· ŠæрŠ¾Š¼ŠµŠ¶ŃƒŃ‚Š¾Ń‡Š½Ń‹Ń… ŠæрŠ¾Š±ŠµŠ»Š¾Š²\&. ŠŠ° уŠŗŠ°Š·Š°Š½Š½Ń‹Šµ Š³Ń€ŃƒŠæŠæы Š“ŠµŠ¹ŃŃ‚Š²ŃƒŃŽŃ‚ тŠµ Š¶Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя, чтŠ¾ Šø Š“Š»Ń Š³Ń€ŃƒŠæŠæы уŠŗŠ°Š·Š°Š½Š½Š¾Š¹ Š² ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Šµ -\fB\-g\fR\&. -.sp -Š•ŃŠ»Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ \(em чŠ»ŠµŠ½ Š³Ń€ŃƒŠæŠæы, ŠŗŠ¾Ń‚Š¾Ń€Š¾Š¹ Š² уŠŗŠ°Š·Š°Š½Š½Š¾Š¼ сŠæŠøсŠŗŠµ Š½ŠµŃ‚, тŠ¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ уŠ“Š°Š»ŃŠµŃ‚ся ŠøŠ· этŠ¾Š¹ Š³Ń€ŃƒŠæŠæы\&. Š¢Š°ŠŗŠ¾Šµ ŠæŠ¾Š²ŠµŠ“ŠµŠ½ŠøŠµ Š¼Š¾Š¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½Šøть с ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š° -\fB\-a\fR, ŠæрŠø уŠŗŠ°Š·Š°Š½ŠøŠø ŠŗŠ¾Ń‚Š¾Ń€Š¾Š³Š¾ Šŗ уŠ¶Šµ ŠøŠ¼ŠµŃŽŃ‰ŠµŠ¼ŃƒŃŃ сŠæŠøсŠŗу Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š“Š¾Š±Š°Š²Š»ŃŠµŃ‚ся сŠæŠøсŠ¾Šŗ уŠŗŠ°Š·Š°Š½Š½Ń‹Ń… Š“Š¾ŠæŠ¾Š»Š½ŠøтŠµŠ»ŃŒŠ½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.RE -.PP -\fB\-l\fR, \fB\-\-login\fR\ \&\fIŠŠžŠ’ŠžŠ•_Š˜ŠœŠÆ\fR -.RS 4 -Š˜Š¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š±ŃƒŠ“ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Š¾ с -\fIŠ˜ŠœŠÆ\fR -Š½Š° -\fIŠŠžŠ’ŠžŠ•_Š˜ŠœŠÆ\fR\&. Š‘Š¾Š»ŃŒŃˆŠµ Š½ŠøчŠµŠ³Š¾ Š½Šµ Š¼ŠµŠ½ŃŠµŃ‚ся\&. Š’ чŠ°ŃŃ‚Š½Š¾ŃŃ‚Šø, Š²ŠµŃ€Š¾ŃŃ‚Š½Š¾, Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Š¾ ŠøŠ¼Ń Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° Šø ŠæŠ¾Ń‡Ń‚Š¾Š²Š¾Š³Š¾ ящŠøŠŗŠ°, чтŠ¾Š±Ń‹ Š¾Ń‚Ń€Š°Š·Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠµ ŠøŠ¼ŠµŠ½Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fB\-L\fR, \fB\-\-lock\fR -.RS 4 -Š—Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š­Ń‚Š¾ Š“ŠµŠ»Š°ŠµŃ‚ся ŠæŠ¾Š¼ŠµŃ‰ŠµŠ½ŠøŠµŠ¼ сŠøŠ¼Š²Š¾Š»Š° \(Fo!\(Fc Š² Š½Š°Ń‡Š°Š»Š¾ шŠøфрŠ¾Š²Š°Š½Š½Š¾Š³Š¾ ŠæŠ°Ń€Š¾Š»Ń, чтŠ¾Š±Ń‹ ŠæрŠøŠ²Š¾Š“Šøт Šŗ Š±Š»Š¾ŠŗŠøрŠ¾Š²ŠŗŠµ ŠæŠ°Ń€Š¾Š»Ń\&. ŠŠµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š²Š¼ŠµŃŃ‚Šµ с -\fB\-p\fR -ŠøŠ»Šø -\fB\-U\fR\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: ŠµŃŠ»Šø Š²Ń‹ хŠ¾Ń‚ŠøтŠµ Š·Š°Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь (Š½Šµ тŠ¾Š»ŃŒŠŗŠ¾ Š“Š¾ŃŃ‚ŃƒŠæ ŠæŠ¾ ŠæŠ°Ń€Š¾Š»ŃŽ), тŠ°ŠŗŠ¶Šµ устŠ°Š½Š¾Š²ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIEXPIRE_DATE\fR -Š² -\fI1\fR\&. -.RE -.PP -\fB\-m\fR, \fB\-\-move\-home\fR -.RS 4 -ŠŸŠµŃ€ŠµŠ¼ŠµŃŃ‚Šøть сŠ¾Š“ŠµŃ€Š¶ŠøŠ¼Š¾Šµ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° Š² Š½Š¾Š²Š¾Šµ Š¼ŠµŃŃ‚Š¾\&. -.sp -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š¼Š¾Š¶Š½Š¾ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ тŠ¾Š»ŃŒŠŗŠ¾ с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-d\fR -(ŠøŠ»Šø -\fB\-\-home\fR)\&. -.sp -ŠšŠ¾Š¼Š°Š½Š“Š° -\fBusermod\fR -ŠæытŠ°ŠµŃ‚ся ŠøŠ·Š¼ŠµŠ½Šøть Š²Š»Š°Š“ŠµŠ»ŃŒŃ†ŠµŠ² фŠ°Š¹Š»Š¾Š² Šø ŠŗŠ¾ŠæŠøруŠµŃ‚ ŠæрŠ°Š²Š°, ACL Šø рŠ°ŃŃˆŠøрŠµŠ½Š½Ń‹Šµ Š°Ń‚Ń€ŠøŠ±ŃƒŃ‚Ń‹, Š½Š¾ ŠæŠ¾ŃŠ»Šµ Š½ŠµŃ‘ Š²ŃŃ‘ рŠ°Š²Š½Š¾ Š¼Š¾Š³ŃƒŃ‚ ŠæŠ¾Ń‚Ń€ŠµŠ±Š¾Š²Š°Ń‚ŃŒŃŃ Š½ŠµŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ ручŠ½Ń‹Šµ Š“ŠµŠ¹ŃŃ‚Š²Šøя\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -ŠŸŃ€Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ŠøŠø с ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€Š¾Š¼ -\fB\-u\fR, этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ уŠŗŠ°Š·Ń‹Š²Š°Ń‚ŃŒ Š½Šµ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¹ чŠøсŠ»Š¾Š²Š¾Š¹ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIŠŸŠŠ ŠžŠ›Š¬\fR -.RS 4 -ŠØŠøфрŠ¾Š²Š°Š½Š½Š¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ°Ń€Š¾Š»Ń, ŠŗŠ¾Ń‚Š¾Ń€Š¾Šµ Š²Š¾Š·Š²Ń€Š°Ń‰Š°ŠµŃ‚ фуŠ½ŠŗцŠøя -\fBcrypt\fR(3)\&. -.sp -\fBŠ—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ:\fR -Š­Ń‚Š¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ Š½Šµ рŠµŠŗŠ¾Š¼ŠµŠ½Š“уŠµŃ‚ся, тŠ°Šŗ ŠŗŠ°Šŗ ŠæŠ°Ń€Š¾Š»ŃŒ (ŠøŠ»Šø Š½Šµ шŠøфрŠ¾Š²Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š¾Š»ŃŒ) Š±ŃƒŠ“ŠµŃ‚ Š²ŠøŠ“ŠøŠ¼ Š“руŠ³ŠøŠ¼Šø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŠ¼ Š² сŠæŠøсŠŗŠµ ŠæрŠ¾Ń†ŠµŃŃŠ¾Š²\&. -.sp -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ ŠæрŠ¾Š²ŠµŃ€Šøть, чтŠ¾ ŠæŠ°Ń€Š¾Š»ŃŒ сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŃƒŠµŃ‚ ŠæŠ¾Š»ŠøтŠøŠŗŠµ сŠøстŠµŠ¼Š½Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fIŠžŠ‘ŠžŠ›ŠžŠ§ŠšŠ\fR -.RS 4 -Š˜Š¼Ń Š½Š¾Š²Š¾Š¹ рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø Š·Š°Š“Š°Ń‚ŃŒ ŠæустŠ¾Šµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ, тŠ¾ Š±ŃƒŠ“ŠµŃ‚ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½Š° рŠµŠ³ŠøстрŠ°Ń†ŠøŠ¾Š½Š½Š°Ń Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠ° ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю\&. -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -ŠŠ¾Š²Ń‹Š¹ чŠøсŠ»Š¾Š²Š¾Š¹ ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń (UID)\&. -.sp -ŠžŠ½Š¾ Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ уŠ½ŠøŠŗŠ°Š»ŃŒŠ½Ń‹Š¼, ŠµŃŠ»Šø Š½Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-o\fR\&. Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ Š“Š¾Š»Š¶Š½Š¾ Š±Ń‹Ń‚ŃŒ Š½ŠµŠ¾Ń‚Ń€ŠøцŠ°Ń‚ŠµŠ»ŃŒŠ½Ń‹Š¼\&. -.sp -Š”Š»Ń ŠæŠ¾Ń‡Ń‚Š¾Š²Š¾Š³Š¾ ящŠøŠŗŠ° Šø Š²ŃŠµŃ… фŠ°Š¹Š»Š¾Š², ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¼Šø Š²Š»Š°Š“ŠµŠµŃ‚ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ Šø ŠŗŠ¾Ń‚Š¾Ń€Ń‹Šµ рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½Ń‹ Š² ŠµŠ³Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ¼ ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ, ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° фŠ°Š¹Š»Š° Š±ŃƒŠ“ŠµŃ‚ ŠøŠ·Š¼ŠµŠ½Ń‘Š½ Š°Š²Ń‚Š¾Š¼Š°Ń‚ŠøчŠµŃŠŗŠø\&. -.sp -Š”Š»Ń фŠ°Š¹Š»Š¾Š², рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½Š½Ń‹Ń… Š²Š½Šµ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°, ŠøŠ“ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń‚Š¾Ń€ Š½ŃƒŠ¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ\&. -.sp -ŠŠøŠŗŠ°ŠŗŠøх ŠæрŠ¾Š²ŠµŃ€Š¾Šŗ ŠæŠ¾ -\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBSYS_UID_MIN\fR -ŠøŠ»Šø -\fBSYS_UID_MAX\fR -ŠøŠ· -/etc/login\&.defs -Š½Šµ ŠæрŠ¾ŠøŠ·Š²Š¾Š“Šøтся\&. -.RE -.PP -\fB\-U\fR, \fB\-\-unlock\fR -.RS 4 -Š Š°Š·Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š­Ń‚Š¾ Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ся уŠ“Š°Š»ŠµŠ½ŠøŠµŠ¼ сŠøŠ¼Š²Š¾Š»Š° \(Fo!\(Fc ŠøŠ· Š½Š°Ń‡Š°Š»Š° шŠøфрŠ¾Š²Š°Š½Š½Š¾Š³Š¾ ŠæŠ°Ń€Š¾Š»Ń\&. ŠŠµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠ¹Ń‚Šµ этŠ¾Ń‚ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š²Š¼ŠµŃŃ‚Šµ с -\fB\-p\fR -ŠøŠ»Šø -\fB\-L\fR\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: ŠµŃŠ»Šø Š²Ń‹ хŠ¾Ń‚ŠøтŠµ рŠ°Š·Š±Š»Š¾ŠŗŠøрŠ¾Š²Š°Ń‚ŃŒ учётŠ½ŃƒŃŽ Š·Š°ŠæŠøсь (Š½Šµ тŠ¾Š»ŃŒŠŗŠ¾ Š“Š¾ŃŃ‚ŃƒŠæ ŠæŠ¾ ŠæŠ°Ń€Š¾Š»ŃŽ), тŠ°ŠŗŠ¶Šµ устŠ°Š½Š¾Š²ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fIEXPIRE_DATE\fR -(Š½Š°ŠæрŠøŠ¼ŠµŃ€, Š² to -\fI99999\fR -ŠøŠ»Šø рŠ°Š²Š½Ń‹Š¼ Š·Š½Š°Ń‡ŠµŠ½Šøю -\fBEXPIRE\fR -ŠøŠ· фŠ°Š¹Š»Š° -/etc/default/useradd)\&. -.RE -.PP -\fB\-v\fR, \fB\-\-add\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate uids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-V\fR, \fB\-\-del\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate uids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-uids\fR -and -\fB\-\-add\-sub\-uids\fR -are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-w\fR, \fB\-\-add\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate gids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-W\fR, \fB\-\-del\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate gids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-gids\fR -and -\fB\-\-add\-sub\-gids\fR -are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -ŠŠ¾Š²Ń‹Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ SELinux Š“Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š³Š¾ Š²Ń…Š¾Š“Š°\&. -.sp -ŠŸŃ€Šø ŠæустŠ¾Š¼ Š·Š½Š°Ń‡ŠµŠ½ŠøŠø -\fISEUSER\fR -ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Šµ сŠ¾ŠæŠ¾ŃŃ‚Š°Š²Š»ŠµŠ½ŠøŠµ SELinux Š“Š»Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń -\fILOGIN\fR -уŠ“Š°Š»ŃŠµŃ‚ся (ŠµŃŠ»Šø ŠµŃŃ‚ŃŒ)\&. -.RE -.SH "ŠŸŠ Š•Š”ŠžŠ”Š¢Š•Š Š•Š–Š•ŠŠ˜ŠÆ" -.PP -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ уŠ±ŠµŠ“Šøться, чтŠ¾ Š¾Ń‚ уŠŗŠ°Š·Š°Š½Š½Š¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š½Šµ Š·Š°ŠæущŠµŠ½Š¾ Š½ŠøŠŗŠ°ŠŗŠøх ŠæрŠ¾Ń†ŠµŃŃŠ¾Š², ŠµŃŠ»Šø ŠæрŠø Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½ŠøŠø этŠ¾Š¹ ŠŗŠ¾Š¼Š°Š½Š“ы ŠøŠ·Š¼ŠµŠ½ŃŠµŃ‚ся чŠøсŠ»Š¾Š²Š¾Š¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠøŠ¹ ID, ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń ŠøŠ»Šø Š“Š¾Š¼Š°ŃˆŠ½ŠøŠ¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š’ Linux ŠŗŠ¾Š¼Š°Š½Š“Š° -\fBusermod\fR -Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ тŠ°Šŗую ŠæрŠ¾Š²ŠµŃ€Šŗу, Š½Š¾ Š½Š° Š“руŠ³Šøх Š°Ń€Ń…ŠøтŠµŠŗтурŠ°Ń… ŠæрŠ¾Š²ŠµŃ€ŃŠµŃ‚ся тŠ¾Š»ŃŒŠŗŠ¾ ŠæрŠøсутстŠ²ŠøŠµ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š² сŠøстŠµŠ¼Šµ сŠ¾Š³Š»Š°ŃŠ½Š¾ Š“Š°Š½Š½Ń‹Š¼ utmp\&. -.PP -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ Š²Ń€ŃƒŃ‡Š½ŃƒŃŽ ŠøŠ·Š¼ŠµŠ½Šøть Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° Š²ŃŠµŃ… фŠ°Š¹Š»Š¾Š² -\fBcrontab\fR -ŠøŠ»Šø Š·Š°Š“Š°Š½ŠøŠ¹ -\fBat\fR\&. -.PP -Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ сŠ“ŠµŠ»Š°Ń‚ŃŒ Š²ŃŠµ ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя NIS Š½Š° сŠµŃ€Š²ŠµŃ€Šµ NIS сŠ°Š¼Š¾ŃŃ‚Š¾ŃŃ‚ŠµŠ»ŃŒŠ½Š¾\&. -.SH "ŠŠŠ”Š¢Š ŠžŠ™ŠšŠ" -.PP -ŠŠ° рŠ°Š±Š¾Ń‚Ńƒ этŠ¾Š³Š¾ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š° Š²Š»Šøяют сŠ»ŠµŠ“ующŠøŠµ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· -/etc/login\&.defs: -.PP -\fBMAIL_DIR\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠŸŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ŠŗŠ°Ń‚Š°Š»Š¾Š³\&. Š”Š°Š½Š½Ń‹Š¹ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½ŃƒŠ¶ŠµŠ½ Š“Š»Ń уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¼ ящŠøŠŗŠ¾Š¼ ŠæрŠø ŠøŠ·Š¼ŠµŠ½ŠµŠ½ŠøŠø ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½ŠøŠø учётŠ½Š¾Š¹ Š·Š°ŠæŠøсŠø ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. Š•ŃŠ»Šø ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ Š½Šµ Š·Š°Š“Š°Š½, тŠ¾ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŠµŃ‚ся Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ уŠŗŠ°Š·Š°Š½Š½Š¾Šµ ŠæрŠø сŠ±Š¾Ń€ŠŗŠµ\&. -.RE -.PP -\fBMAIL_FILE\fR (стрŠ¾ŠŗŠ°) -.RS 4 -ŠžŠæрŠµŠ“ŠµŠ»ŃŠµŃ‚ рŠ°ŃŠæŠ¾Š»Š¾Š¶ŠµŠ½ŠøŠµ ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Ń… фŠ°Š¹Š»Š¾Š² ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń Š¾Ń‚Š½Š¾ŃŠøтŠµŠ»ŃŒŠ½Š¾ Š“Š¾Š¼Š°ŃˆŠ½ŠµŠ³Š¾ ŠŗŠ°Ń‚Š°Š»Š¾Š³Š°\&. -.RE -.PP -ŠŸŠµŃ€ŠµŠ¼ŠµŠ½Š½Ń‹Šµ -\fBMAIL_DIR\fR -Šø -\fBMAIL_FILE\fR -ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся ŠŗŠ¾Š¼Š°Š½Š“Š°Š¼Šø -\fBuseradd\fR, -\fBusermod\fR -Šø -\fBuserdel\fR -Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя, ŠæŠµŃ€ŠµŠ¼ŠµŃ‰ŠµŠ½Šøя ŠøŠ»Šø уŠ“Š°Š»ŠµŠ½Šøя ŠæŠ¾Ń‡Ń‚Ń‹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\&. -.PP -Š•ŃŠ»Šø Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ -\fBMAIL_CHECK_ENAB\fR -рŠ°Š²Š½Š¾ -\fIyes\fR, тŠ¾ Š¾Š½Šø тŠ°ŠŗŠ¶Šµ ŠøсŠæŠ¾Š»ŃŒŠ·ŃƒŃŽŃ‚ся Š“Š»Ń Š¾ŠæрŠµŠ“ŠµŠ»ŠµŠ½Šøя ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š¾Š¹ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fBMAIL\fR\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (чŠøсŠ»Š¾) -.RS 4 -ŠœŠ°ŠŗсŠøŠ¼Š°Š»ŃŒŠ½Š¾Šµ ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š·Š°ŠæŠøсŠø Š¾ Š³Ń€ŃƒŠæŠæŠµ\&. ŠŸŃ€Šø Š“Š¾ŃŃ‚ŠøŠ¶ŠµŠ½Šøя Š¼Š°ŠŗсŠøŠ¼ŃƒŠ¼Š° Š·Š°Š²Š¾Š“Šøтся Š½Š¾Š²Š°Ń Š·Š°ŠæŠøсь Š³Ń€ŃƒŠæŠæы (стрŠ¾ŠŗŠ°) Š² -/etc/group -(с тŠµŠ¼ Š¶Šµ ŠøŠ¼ŠµŠ½ŠµŠ¼, ŠæŠ°Ń€Š¾Š»ŠµŠ¼ Šø тŠµŠ¼ Š¶Šµ GID)\&. -.sp -Š—Š½Š°Ń‡ŠµŠ½ŠøŠµ ŠæŠ¾ уŠ¼Š¾Š»Ń‡Š°Š½Šøю рŠ°Š²Š½Š¾ 0, Š¾Š·Š½Š°Ń‡Š°ŃŽŃ‰ŠµŠµ, чтŠ¾ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š½Š° ŠŗŠ¾Š»ŠøчŠµŃŃ‚Š²Š¾ чŠ»ŠµŠ½Š¾Š² Š² Š³Ń€ŃƒŠæŠæŠµ Š½ŠµŃ‚\&. -.sp -Š”Š°Š½Š½Š°Ń Š²Š¾Š·Š¼Š¾Š¶Š½Š¾ŃŃ‚ŃŒ (рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæы) ŠæŠ¾Š·Š²Š¾Š»ŃŠµŃ‚ Š¾Š³Ń€Š°Š½ŠøчŠøть Š“Š»ŠøŠ½Ńƒ стрŠ¾Šŗ Š² фŠ°Š¹Š»Šµ Š³Ń€ŃƒŠæŠæ\&. Š­Ń‚Š¾ ŠæŠ¾Š»ŠµŠ·Š½Š¾ Š“Š»Ń Š¾Š³Ń€Š°Š½ŠøчŠµŠ½Šøя Š“Š»ŠøŠ½Ń‹ стрŠ¾Šŗ Š³Ń€ŃƒŠæŠæ NIS Š² 1024 сŠøŠ¼Š²Š¾Š»Š°\&. -.sp -Š•ŃŠ»Šø Š²Š°Š¼ Š½ŃƒŠ¶Š½Š¾ тŠ°ŠŗŠ¾Šµ Š¾Š³Ń€Š°Š½ŠøчŠµŠ½ŠøŠµ, уŠŗŠ°Š¶ŠøтŠµ Š·Š½Š°Ń‡ŠµŠ½ŠøŠµ 25\&. -.sp -Š—Š°Š¼ŠµŃ‡Š°Š½ŠøŠµ: рŠ°Š·Š“ŠµŠ»ŠµŠ½ŠøŠµ Š³Ń€ŃƒŠæŠæ ŠæŠ¾Š“Š“ŠµŃ€Š¶ŠøŠ²Š°ŠµŃ‚ся Š½Šµ Š²ŃŠµŠ¼Šø ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š°Š¼Šø (Š“Š°Š¶Šµ Š² Š½Š°Š±Š¾Ń€Šµ ŠøŠ½ŃŃ‚Ń€ŃƒŠ¼ŠµŠ½Ń‚Š¾Š² Shadow)\&. Š’Ń‹ Š½Šµ Š“Š¾Š»Š¶Š½Ń‹ ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ эту ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ, ŠµŃŠ»Šø Š²Š°Š¼ Š“ŠµŠ¹ŃŃ‚Š²ŠøтŠµŠ»ŃŒŠ½Š¾ этŠ¾ Š½ŠµŠ½ŃƒŠ¶Š½Š¾\&. -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/login\&.defs -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠŗŠ¾Š½Ń„ŠøŠ³ŃƒŃ€Š°Ń†Šøю ŠæŠ¾Š“сŠøстŠµŠ¼Ń‹ тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/ru/man8/vigr.8 b/man/ru/man8/vigr.8 deleted file mode 100644 index ff72d7ae..00000000 --- a/man/ru/man8/vigr.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/vipw.8 diff --git a/man/ru/man8/vipw.8 b/man/ru/man8/vipw.8 deleted file mode 100644 index b061389d..00000000 --- a/man/ru/man8/vipw.8 +++ /dev/null @@ -1,132 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/09/2014 -.\" Manual: ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹ -.\" Source: shadow-utils 4.2 -.\" Language: Russian -.\" -.TH "vipw" "8" "05/09/2014" "shadow\-utils 4\&.2" "ŠšŠ¾Š¼Š°Š½Š“ы уŠæрŠ°Š²Š»ŠµŠ½Šøя сŠøстŠµŠ¼Š¾Š¹" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "ŠŠŠ—Š’ŠŠŠ˜Š•" -vipw, vigr \- ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‚ рŠµŠ“Š°ŠŗтŠøрŠ¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ ŠæŠ°Ń€Š¾Š»ŠµŠ¹, Š³Ń€ŃƒŠæŠæ, тŠµŠ½ŠµŠ²Ń‹Ń… ŠæŠ°Ń€Š¾Š»ŠµŠ¹ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹ ŠøŠ»Šø Š³Ń€ŃƒŠæŠæ\&. -.SH "Š”Š˜ŠŠ¢ŠŠšŠ”Š˜Š”" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fIŠæŠ°Ń€Š°Š¼ŠµŃ‚ры\fR] -.SH "ŠžŠŸŠ˜Š”ŠŠŠ˜Š•" -.PP -Š” ŠæŠ¾Š¼Š¾Ń‰ŃŒŃŽ ŠæрŠ¾Š³Ń€Š°Š¼Š¼ -\fBvipw\fR -Šø -\fBvigr\fR -Š¼Š¾Š¶Š½Š¾ ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ фŠ°Š¹Š»Ń‹ -/etc/passwd -Šø -/etc/group, сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠµŠ½Š½Š¾\&. Š•ŃŠ»Šø уŠŗŠ°Š·Š°Š½ ŠæŠ°Ń€Š°Š¼ŠµŃ‚Ń€ -\fB\-s\fR, тŠ¾ Š±ŃƒŠ“ут рŠµŠ“Š°ŠŗтŠøрŠ¾Š²Š°Ń‚ŃŒŃŃ тŠµŠ½ŠµŠ²Ń‹Šµ Š²ŠµŃ€ŃŠøŠø этŠøх фŠ°Š¹Š»Š¾Š², -/etc/shadow -Šø -/etc/gshadow, сŠ¾Š¾Ń‚Š²ŠµŃ‚стŠ²ŠµŠ½Š½Š¾\&. ŠŠ° Š²Ń€ŠµŠ¼Ń рŠ°Š±Š¾Ń‚Ń‹ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ устŠ°Š½Š°Š²Š»ŠøŠ²Š°ŃŽŃ‚ Š±Š»Š¾ŠŗŠøрŠ¾Š²Šŗу Š“Š»Ń ŠæрŠµŠ“Š¾Ń‚Š²Ń€Š°Ń‰ŠµŠ½Šøя ŠæŠ¾Š²Ń€ŠµŠ¶Š“ŠµŠ½Šøя фŠ°Š¹Š»Š°\&. ŠŸŃ€Šø Š²Ń‹Š±Š¾Ń€Šµ рŠµŠ“Š°ŠŗтŠ¾Ń€Š° ŠæрŠ¾Š³Ń€Š°Š¼Š¼Ń‹ сŠ½Š°Ń‡Š°Š»Š° ŠæрŠ¾Š²ŠµŃ€ŃŃŽŃ‚ ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½ŃƒŃŽ Š¾ŠŗруŠ¶ŠµŠ½Šøя -\fB$VISUAL\fR, Š·Š°Ń‚ŠµŠ¼ -\fB$EDITOR\fR, Šø ŠµŃŠ»Šø Š½ŠøчŠµŠ³Š¾ Š½Šµ Š½Š°Š¹Š“ŠµŠ½Š¾, Š·Š°ŠæусŠŗŠ°ŃŽŃ‚ стŠ°Š½Š“Š°Ń€Ń‚Š½Ń‹Š¹ рŠµŠ“Š°ŠŗтŠ¾Ń€ -\fBvi\fR(1)\&. -.SH "ŠŸŠŠ ŠŠœŠ•Š¢Š Š«" -.PP -ŠŸŠ°Ń€Š°Š¼ŠµŃ‚ры ŠŗŠ¾Š¼Š°Š½Š“ -\fBvipw\fR -Šø -\fBvigr\fR: -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -Š ŠµŠ“Š°ŠŗтŠøрŠ¾Š²Š°Ń‚ŃŒ Š±Š°Š·Ńƒ Š“Š°Š½Š½Ń‹Ń… Š³Ń€ŃƒŠæŠæ\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ŠŸŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ ŠŗрŠ°Ń‚Šŗую сŠæрŠ°Š²Šŗу Šø Š·Š°ŠŗŠ¾Š½Ń‡Šøть рŠ°Š±Š¾Ń‚Ńƒ\&. -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -Š ŠµŠ“Š°ŠŗтŠøрŠ¾Š²Š°Ń‚ŃŒ Š±Š°Š·Ńƒ Š“Š°Š½Š½Ń‹Ń… passwd\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -ŠŠµ Š²Ń‹Š²Š¾Š“Šøть сŠ¾Š¾Š±Ń‰ŠµŠ½ŠøŠ¹ ŠæрŠø рŠ°Š±Š¾Ń‚Šµ\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fIŠšŠŠ¢_CHROOT\fR -.RS 4 -Š’Ń‹ŠæŠ¾Š»Š½Šøть ŠøŠ·Š¼ŠµŠ½ŠµŠ½Šøя Š² ŠŗŠ°Ń‚Š°Š»Š¾Š³Šµ -\fIŠšŠŠ¢_CHROOT\fR -Šø ŠøсŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŃŒ фŠ°Š¹Š»Ń‹ Š½Š°ŃŃ‚Ń€Š¾Š¹ŠŗŠø ŠøŠ· ŠŗŠ°Ń‚Š°Š»Š¾Š³Š° -\fIŠšŠŠ¢_CHROOT\fR\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -Š ŠµŠ“Š°ŠŗтŠøрŠ¾Š²Š°Ń‚ŃŒ Š±Š°Š·Ńƒ Š“Š°Š½Š½Ń‹Ń… shadow ŠøŠ»Šø gshadow\&. -.RE -.SH "ŠžŠšŠ Š£Š–Š•ŠŠ˜Š•" -.PP -\fBVISUAL\fR -.RS 4 -Š ŠµŠ“Š°ŠŗтŠ¾Ń€, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š±ŃƒŠ“ŠµŃ‚ Š²Ń‹Š·Š²Š°Š½\&. -.RE -.PP -\fBEDITOR\fR -.RS 4 -Š ŠµŠ“Š°ŠŗтŠ¾Ń€, ŠŗŠ¾Ń‚Š¾Ń€Ń‹Š¹ Š±ŃƒŠ“ŠµŃ‚ Š²Ń‹Š·Š²Š°Š½, ŠµŃŠ»Šø Š½Šµ Š·Š°Š“Š°Š½Š° ŠæŠµŃ€ŠµŠ¼ŠµŠ½Š½Š°Ń -\fBVISUAL\fR\&. -.RE -.SH "Š¤ŠŠ™Š›Š«" -.PP -/etc/group -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/gshadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ Š³Ń€ŃƒŠæŠæŠ°Ń… -.RE -.PP -/etc/passwd -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.PP -/etc/shadow -.RS 4 -сŠ¾Š“ŠµŃ€Š¶Šøт Š·Š°Ń‰ŠøщŠ°ŠµŠ¼ŃƒŃŽ ŠøŠ½Ń„Š¾Ń€Š¼Š°Ń†Šøю Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŃ… -.RE -.SH "Š”ŠœŠžŠ¢Š Š˜Š¢Š• Š¢ŠŠšŠ–Š•" -.PP -\fBvi\fR(1), -\fBgroup\fR(5), -\fBgshadow\fR(5), -\fBpasswd\fR(5), , -\fBshadow\fR(5)\&. diff --git a/man/shadow.5.xml b/man/shadow.5.xml index 3b2f44a3..5d20511a 100644 --- a/man/shadow.5.xml +++ b/man/shadow.5.xml @@ -115,7 +115,7 @@ any access at all if the password field is empty. </para> <para> - A password field which starts with a exclamation mark means + A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked. @@ -133,7 +133,7 @@ </para> <para> The value 0 has a special meaning, which is that the user - should change her pasword the next time she will log in the + should change her password the next time she will log in the system. </para> <para> @@ -228,7 +228,7 @@ </para> <para> Note that an account expiration differs from a password - expiration. In case of an acount expiration, the user shall + expiration. In case of an account expiration, the user shall not be allowed to login. In case of a password expiration, the user is not allowed to login using her password. </para> diff --git a/man/su.1.xml b/man/su.1.xml index 15502e3c..24143c38 100644 --- a/man/su.1.xml +++ b/man/su.1.xml @@ -191,7 +191,7 @@ <para>The shell that will be invoked.</para> <para> The invoked shell is chosen from (highest priority first): - <!--This should be an orderedlist, but lists inside another + <!--This should be an ordered list, but lists inside another list does not work well with current docbook. - nekral - 2009.06.03 --> <variablelist> diff --git a/man/suauth.5.xml b/man/suauth.5.xml index dff366a5..97ef6d1c 100644 --- a/man/suauth.5.xml +++ b/man/suauth.5.xml @@ -81,7 +81,7 @@ <!-- .RS --> <literallayout remap='.nf'> - 1) the user su is targetting + 1) the user su is targeting </literallayout> <!-- .fi --> <para> @@ -106,13 +106,13 @@ <para> from-id is formatted the same as to-id except the extra word - <emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT + <emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> appears one or more group names, delimited by ",". It is not sufficient to have primary group id of the relevant group, an entry in <citerefentry><refentrytitle>/etc/group</refentrytitle> - <manvolnum>5</manvolnum></citerefentry> is neccessary. + <manvolnum>5</manvolnum></citerefentry> is necessary. </para> <para> diff --git a/man/subgid.5.xml b/man/subgid.5.xml index f7b4b50b..ffdb7d80 100644 --- a/man/subgid.5.xml +++ b/man/subgid.5.xml @@ -57,7 +57,7 @@ </para> <itemizedlist mark='bullet'> <listitem> - <para>login name</para> + <para>login name or UID</para> </listitem> <listitem> <para>numerical subordinate group ID</para> @@ -77,6 +77,13 @@ Multiple ranges may be specified per user. </para> + <para> + When large number of entries (10000-100000 or more) are defined in + <filename>/etc/subgid</filename>, parsing performance penalty will + become noticeable. In this case it is recommended to use UIDs + instead of login names. Benchmarks have shown speed-ups up to 20x. + </para> + </refsect1> <refsect1 id='files'> diff --git a/man/subuid.5.xml b/man/subuid.5.xml index a833f57f..2890661d 100644 --- a/man/subuid.5.xml +++ b/man/subuid.5.xml @@ -57,7 +57,7 @@ </para> <itemizedlist mark='bullet'> <listitem> - <para>login name</para> + <para>login name or UID</para> </listitem> <listitem> <para>numerical subordinate user ID</para> @@ -77,6 +77,13 @@ Multiple ranges may be specified per user. </para> + <para> + When large number of entries (10000-100000 or more) are defined in + <filename>/etc/subuid</filename>, parsing performance penalty will + become noticeable. In this case it is recommended to use UIDs + instead of login names. Benchmarks have shown speed-ups up to 20x. + </para> + </refsect1> <refsect1 id='files'> diff --git a/man/sv/Makefile.in b/man/sv/Makefile.in deleted file mode 100644 index 68fded5c..00000000 --- a/man/sv/Makefile.in +++ /dev/null @@ -1,737 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@USE_PAM_TRUE@am__append_2 = $(man_nopam) -DIST_COMMON = $(srcdir)/../generate_translations.mak \ - $(srcdir)/../generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am -subdir = man/sv -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/sv -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ - -# 2012.01.28 - activate manpages with more than 50% translated messages -man_MANS = man1/chage.1 man1/chsh.1 man1/expiry.1 man5/faillog.5 \ - man8/faillog.8 man3/getspnam.3 man8/groupadd.8 man8/groupdel.8 \ - man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ - man5/gshadow.5 man8/lastlog.8 man8/logoutd.8 man1/newgrp.1 \ - man8/nologin.8 man1/passwd.1 man5/passwd.5 man8/pwck.8 \ - man1/sg.1 man3/shadow.3 man5/suauth.5 man8/userdel.8 \ - man8/vigr.8 man8/vipw.8 $(am__append_1) -man_nopam = \ - man5/limits.5 \ - man5/porttime.5 - -EXTRA_DIST = $(man_MANS) man1/id.1 $(am__append_2) -LANG = $(notdir $(CURDIR)) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/sv/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/sv/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man3: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man3dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.3[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ - done; } - -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man3dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.3[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-am - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man3 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ - uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - clean-local cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man3 install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-man3 uninstall-man5 uninstall-man8 - - -@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in -@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml -@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml ../po/$(LANG).po -@ENABLE_REGENERATE_MAN_TRUE@ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@ -@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^<refentry .*\)>:\1 lang="$(LANG)">:' $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^<!-- SHADOW-CONFIG-HERE -->/<!ENTITY % config SYSTEM "config.xml">%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(<!DOCTYPE .*docbookx.dtd"\)>/\1 [<!ENTITY % config SYSTEM "config.xml">%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/sv/man1/chage.1 b/man/sv/man1/chage.1 deleted file mode 100644 index d031bb6a..00000000 --- a/man/sv/man1/chage.1 +++ /dev/null @@ -1,184 +0,0 @@ -'\" t -.\" Title: chage -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Anv\(:andarkommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "CHAGE" "1" "09-05-2014" "shadow\-utils 4\&.2" "Anv\(:andarkommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -chage \- \(:andra \(oaldringsinformation f\(:or anv\(:andarl\(:osenord -.SH "SYNOPSIS" -.HP \w'\fBchage\fR\ 'u -\fBchage\fR [\fIflaggor\fR] \fIINLOGGNINGSNAMN\fR -.SH "BESKRIVNING" -.PP -The -\fBchage\fR -command changes the number of days between password changes and the date of the last password change\&. This information is used by the system to determine when a user must change his/her password\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBchage\fR -\(:ar: -.PP -\fB\-d\fR, \fB\-\-lastday\fR\ \&\fISISTA_DAG\fR -.RS 4 -Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. -.RE -.PP -\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIUTG\(oANGSDATUM\fR -.RS 4 -Set the date or number of days since January 1, 1970 on which the user\*(Aqs account will no longer be accessible\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. -.sp -Passing the number -\fI\-1\fR -as the -\fIEXPIRE_DATE\fR -will remove an account expiration date\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIINAKTIV\fR -.RS 4 -Set the number of days of inactivity after a password has expired before the account is locked\&. The -\fIINACTIVE\fR -option is the number of days of inactivity\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. -.sp -Passing the number -\fI\-1\fR -as the -\fIINACTIVE\fR -will remove an account\*(Aqs inactivity\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -Visa kontots \(oaldringsinformation -.RE -.PP -\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAGAR\fR -.RS 4 -S\(:atter minimalt antal dagar mellan l\(:osenords\(:andringar till -\fIMIN_DAGAR\fR\&. Ett nollv\(:arde f\(:or detta f\(:alt betyder att anv\(:andaren kan \(:andra sitt l\(:osenord n\(:ar som helst\&. -.RE -.PP -\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAGAR\fR -.RS 4 -Set the maximum number of days during which a password is valid\&. When -\fIMAX_DAYS\fR -plus -\fILAST_DAY\fR -is less than the current day, the user will be required to change his/her password before being able to use his/her account\&. This occurrence can be planned for in advance by use of the -\fB\-W\fR -option, which provides the user with advance warning\&. -.sp -Passing the number -\fI\-1\fR -as -\fIMAX_DAYS\fR -will remove checking a password\*(Aqs validity\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIVARN_DAGAR\fR -.RS 4 -Set the number of days of warning before a password change is required\&. The -\fIWARN_DAYS\fR -option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire\&. -.RE -.PP -If none of the options are selected, -\fBchage\fR -operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of -\fI[ ]\fR -marks\&. -.SH "NOTERA" -.PP -Programmet -\fBchage\fR -kr\(:aver att en skuggl\(:osenordsfil finns tillg\(:anglig\&. -.PP -The -\fBchage\fR -command is restricted to the root user, except for the -\fB\-l\fR -option, which may be used by an unprivileged user to determine when his/her password or account is due to expire\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.SH "AVSLUTNINGSV\(:ARDEN" -.PP -Kommandot -\fBchage\fR -avslutas med f\(:oljande v\(:arden: -.PP -\fI0\fR -.RS 4 -lyckad -.RE -.PP -\fI1\fR -.RS 4 -\(oatkomst nekad -.RE -.PP -\fI2\fR -.RS 4 -ogiltig kommandosyntax -.RE -.PP -\fI15\fR -.RS 4 -kan inte hitta skuggl\(:osenordsfilen -.RE -.SH "SE OCKS\(oA" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/sv/man1/chsh.1 b/man/sv/man1/chsh.1 deleted file mode 100644 index 5e1c5ca0..00000000 --- a/man/sv/man1/chsh.1 +++ /dev/null @@ -1,121 +0,0 @@ -'\" t -.\" Title: chsh -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Anv\(:andarkommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "CHSH" "1" "09-05-2014" "shadow\-utils 4\&.2" "Anv\(:andarkommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -chsh \- \(:andra inloggningsskal -.SH "SYNOPSIS" -.HP \w'\fBchsh\fR\ 'u -\fBchsh\fR [\fIflaggor\fR] [\fIINLOGGNINGSNAMN\fR] -.SH "BESKRIVNING" -.PP -The -\fBchsh\fR -command changes the user login shell\&. This determines the name of the user\*(Aqs initial login command\&. A normal user may only change the login shell for her own account; the superuser may change the login shell for any account\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBchsh\fR -\(:ar: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISKAL\fR -.RS 4 -The name of the user\*(Aqs new login shell\&. Setting this field to blank causes the system to select the default login shell\&. -.RE -.PP -If the -\fB\-s\fR -option is not selected, -\fBchsh\fR -operates in an interactive fashion, prompting the user with the current login shell\&. Enter the new value to change the shell, or leave the line blank to use the current one\&. The current shell is displayed between a pair of -\fI[ ]\fR -marks\&. -.SH "NOTERA" -.PP -The only restriction placed on the login shell is that the command name must be listed in -/etc/shells, unless the invoker is the superuser, and then any value may be added\&. An account with a restricted login shell may not change her login shell\&. For this reason, placing -/bin/rsh -in -/etc/shells -is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell back to its original value\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBCHSH_AUTH\fR (boolean) -.RS 4 -If -\fIyes\fR, the -\fBchsh\fR -program will require authentication before making any changes, unless run by the superuser\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will not be translated\&. -.sp -If the string contains -\fI%s\fR, this will be replaced by the user\*(Aqs name\&. -.RE -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shells -.RS 4 -Lista p\(oa giltiga inloggningsskal\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBchfn\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/sv/man1/expiry.1 b/man/sv/man1/expiry.1 deleted file mode 100644 index 868344f5..00000000 --- a/man/sv/man1/expiry.1 +++ /dev/null @@ -1,74 +0,0 @@ -'\" t -.\" Title: expiry -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Anv\(:andarkommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "EXPIRY" "1" "09-05-2014" "shadow\-utils 4\&.2" "Anv\(:andarkommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -expiry \- kontrollera och uppr\(:atth\(oall policy f\(:or l\(:osenordsutg\(oang -.SH "SYNOPSIS" -.HP \w'\fBexpiry\fR\ 'u -\fBexpiry\fR \fIoption\fR -.SH "BESKRIVNING" -.PP -The -\fBexpiry\fR -command checks (\fB\-c\fR) the current password expiration and forces (\fB\-f\fR) changes when required\&. It is callable as a normal user command\&. -.SH "FLAGGOR" -.PP -The options which apply to the -\fBexpiry\fR -command are: -.PP -\fB\-c\fR, \fB\-\-check\fR -.RS 4 -Check the password expiration of the current user\&. -.RE -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -Force a password change if the current user has an expired password\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/sv/man1/groups.1 b/man/sv/man1/groups.1 deleted file mode 100644 index ea3050f8..00000000 --- a/man/sv/man1/groups.1 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Anv\(:andarkommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "GROUPS" "1" "09-05-2014" "shadow\-utils 4\&.2" "Anv\(:andarkommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -groups \- visa aktuella gruppnamn -.SH "SYNOPSIS" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIanv\(:andare\fR] -.SH "BESKRIVNING" -.PP -The -\fBgroups\fR -command displays the current group names or ID values\&. If the value does not have a corresponding entry in -/etc/group, the value will be displayed as the numerical group value\&. The optional -\fIuser\fR -parameter will display the groups for the named -\fIuser\fR\&. -.SH "NOTERA" -.PP -Systems which do not support concurrent group sets will have the information from -/etc/group -reported\&. The user must use -\fBnewgrp\fR -or -\fBsg\fR -to change his current real and effective group ID\&. -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/sv/man1/id.1 b/man/sv/man1/id.1 deleted file mode 100644 index 585286ee..00000000 --- a/man/sv/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Anv\(:andarkommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "ID" "1" "09-05-2014" "shadow\-utils 4\&.2" "Anv\(:andarkommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -id \- display current user and group ID names -.SH "SYNOPSIS" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "BESKRIVNING" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/sv/man1/newgrp.1 b/man/sv/man1/newgrp.1 deleted file mode 100644 index 757b8fd5..00000000 --- a/man/sv/man1/newgrp.1 +++ /dev/null @@ -1,98 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Anv\(:andarkommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "NEWGRP" "1" "09-05-2014" "shadow\-utils 4\&.2" "Anv\(:andarkommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -newgrp \- logga in i en ny grupp -.SH "SYNOPSIS" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIgrupp\fR] -.SH "BESKRIVNING" -.PP -The -\fBnewgrp\fR -command is used to change the current group ID during a login session\&. If the optional -\fB\-\fR -flag is given, the user\*(Aqs environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged\&. -.PP -\fBnewgrp\fR -changes the current real group ID to the named group, or to the default group listed in -/etc/passwd -if no group name is given\&. -\fBnewgrp\fR -also tries to add the group to the user groupset\&. If not root, the user will be prompted for a password if she does not have a password (in -/etc/shadow -if this user has an entry in the shadowed password file, or in -/etc/passwd -otherwise) and the group does, or if the user is not listed as a member and the group has a password\&. The user will be denied access if the group password is empty and the user is not listed as a member\&. -.PP -If there is an entry for this group in -/etc/gshadow, then the list of members and the password of this group will be taken from this file, otherwise, the entry in -/etc/group -is considered\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -S\(:aker gruppkontoinformation\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/sv/man1/passwd.1 b/man/sv/man1/passwd.1 deleted file mode 100644 index 5bb854ee..00000000 --- a/man/sv/man1/passwd.1 +++ /dev/null @@ -1,360 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Anv\(:andarkommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "PASSWD" "1" "09-05-2014" "shadow\-utils 4\&.2" "Anv\(:andarkommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -passwd \- \(:andra anv\(:andarl\(:osenord -.SH "SYNOPSIS" -.HP \w'\fBpasswd\fR\ 'u -\fBpasswd\fR [\fIflaggor\fR] [\fIINLOGGNINGSNAMN\fR] -.SH "BESKRIVNING" -.PP -The -\fBpasswd\fR -command changes passwords for user accounts\&. A normal user may only change the password for his/her own account, while the superuser may change the password for any account\&. -\fBpasswd\fR -also changes the account or associated password validity period\&. -.SS "L\(:osenords\(:andringar" -.PP -The user is first prompted for his/her old password, if one is present\&. This password is then encrypted and compared against the stored password\&. The user has only one chance to enter the correct password\&. The superuser is permitted to bypass this step so that forgotten passwords may be changed\&. -.PP -Efter att l\(:osenordet har matats in kontrolleras l\(:osenordets \(oaldringsinformation f\(:or att se om anv\(:andaren till\(oats att \(:andra l\(:osenord f\(:or tillf\(:allet\&. Om inte, nekar -\fBpasswd\fR -att \(:andra l\(:osenordet och avslutas\&. -.PP -Anv\(:andaren fr\(oagas sedan tv\(oa g\(oanger efter ett ers\(:attande l\(:osenord\&. Den andra inmatningen j\(:amf\(:ors mot den f\(:orsta och b\(oada m\(oaste st\(:amma \(:overens f\(:or att l\(:osenordet ska \(:andras\&. -.PP -Sedan testas l\(:osenordet f\(:or sin komplexitet\&. Som en allm\(:an riktlinje b\(:or l\(:osenord inneh\(oalla 6 till 8 tecken och inkluderas ett eller flera tecken fr\(oan var och en av f\(:oljande punkter: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -gemena bokst\(:aver ur alfabetet -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -siffrorna 0 till 9 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -skiljetecken -.RE -.PP -T\(:ank p\(oa att inte inkludera systemets standardtecken f\(:or radering eller d\(:oda\&. -\fBpasswd\fR -kommer att neka alla l\(:osenord som inte har l\(:amplig komplexitet\&. -.SS "Tips f\(:or anv\(:andarl\(:osenord" -.PP -The security of a password depends upon the strength of the encryption algorithm and the size of the key space\&. The legacy -\fIUNIX\fR -System encryption method is based on the NBS DES algorithm\&. More recent methods are now recommended (see -\fBENCRYPT_METHOD\fR)\&. The size of the key space depends upon the randomness of the password which is selected\&. -.PP -Problem i l\(:osenordss\(:akerheten brukar normalt komma fr\(oan slarvigt valda l\(:osenord eller hantering\&. Av denna anledning b\(:or du inte v\(:alja ett l\(:osenord som finns i en ordbok eller som m\(oaste skrivas ner\&. L\(:osenordet b\(:or heller inte vara ett korrekt namn, ditt personnummer, f\(:odelsedatum eller gatuadress\&. Dessa kan anv\(:andas som gissningar f\(:or att ta sig in i systemet\&. -.PP -You can find advices on how to choose a strong password on http://en\&.wikipedia\&.org/wiki/Password_strength -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBpasswd\fR -\(:ar: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Denna flagga kan endast anv\(:andas med -\fB\-S\fR -och g\(:or att status visas f\(:or alla anv\(:andare\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR -.RS 4 -Ta bort en anv\(:andares l\(:osenord (g\(:or det blankt)\&. Detta \(:ar ett snabbt s\(:att att inaktivera ett l\(:osenord f\(:or ett konto\&. Det kommer att ta bort det angivna kontots l\(:osenord\&. -.RE -.PP -\fB\-e\fR, \fB\-\-expire\fR -.RS 4 -L\(:osenordet f\(:or ett konto s\(:atts omedelbart som utg\(oanget\&. Detta kan tvinga en anv\(:andare att \(:andra sitt l\(:osenord vid n\(:asta inloggningsf\(:ors\(:ok\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINAKTIV\fR -.RS 4 -Denna flagga anv\(:ands f\(:or att inaktivera ett konto efter att l\(:osenordet har varit utg\(oanget i ett antal dagar\&. Efter att ett anv\(:andarkonto har haft ett utg\(oanget l\(:osenord i -\fIINAKTIV\fR -dagar f\(oar anv\(:andaren inte l\(:angre logga in med detta konto\&. -.RE -.PP -\fB\-k\fR, \fB\-\-keep\-tokens\fR -.RS 4 -Indicate password change should be performed only for expired authentication tokens (passwords)\&. The user wishes to keep their non\-expired tokens as before\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\fR -.RS 4 -Lock the password of the named account\&. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a \(aa!\(aa at the beginning of the password)\&. -.sp -Note that this does not disable the account\&. The user may still be able to login using another authentication token (e\&.g\&. an SSH key)\&. To disable the account, administrators should use -\fBusermod \-\-expiredate 1\fR -(this set the account\*(Aqs expire date to Jan 2, 1970)\&. -.sp -Users with a locked password are not allowed to change their password\&. -.RE -.PP -\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR -.RS 4 -S\(:atter minimalt antal dagar mellan l\(:osenords\(:andringar till -\fIMIN_DAGAR\fR\&. Ett nollv\(:arde f\(:or detta f\(:alt betyder att anv\(:andaren kan \(:andra sitt l\(:osenord n\(:ar som helst\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Tyst l\(:age\&. -.RE -.PP -\fB\-r\fR, \fB\-\-repository\fR\ \&\fIF\(:ORR\(oAD\fR -.RS 4 -change password in -\fIREPOSITORY\fR -repository -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-S\fR, \fB\-\-status\fR -.RS 4 -Display account status information\&. The status information consists of 7 fields\&. The first field is the user\*(Aqs login name\&. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P)\&. The third field gives the date of the last password change\&. The next four fields are the minimum age, maximum age, warning period, and inactivity period for the password\&. These ages are expressed in days\&. -.RE -.PP -\fB\-u\fR, \fB\-\-unlock\fR -.RS 4 -Unlock the password of the named account\&. This option re\-enables a password by changing the password back to its previous value (to the value before using the -\fB\-l\fR -option)\&. -.RE -.PP -\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIVARN_DAGAR\fR -.RS 4 -S\(:atter antalet dagar f\(:or varning f\(:ore ett l\(:osenord beh\(:over \(:andras\&. Flaggan -\fIVARN_DAGAR\fR -\(:ar antalet dagar f\(:ore anv\(:andaren varnas om att l\(:osenordet \(:ar p\(oa v\(:ag att bli utg\(oanget\&. -.RE -.PP -\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAGAR\fR -.RS 4 -S\(:atter maximalt antal dagar som ett l\(:osenord ska vara giltigt\&. Efter -\fIMAX_DAGAR\fR -kr\(:avs det att l\(:osenordet \(:andras\&. -.RE -.SH "T\(:ANK P\(oA" -.PP -Password complexity checking may vary from site to site\&. The user is urged to select a password as complex as he or she feels comfortable with\&. -.PP -Users may not be able to change their password on a system if NIS is enabled and they are not logged into the NIS server\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)\&. -.sp -It can take one of these values: -\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -Note: this parameter overrides the -\fBMD5_CRYPT_ENAB\fR -variable\&. -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to -\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to -\fIno\fR -if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is -\fIno\fR\&. -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -This variable is deprecated\&. You should use -\fBENCRYPT_METHOD\fR\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (boolean) -.RS 4 -Enable additional checks upon password changes\&. -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (boolean) -.RS 4 -Warn about weak passwords (but still allow them) if you are root\&. -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (number) -.RS 4 -Maximum number of attempts to change password if rejected (too easy)\&. -.RE -.PP -\fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) -.RS 4 -Number of significant characters in the password for crypt()\&. -\fBPASS_MAX_LEN\fR -is 8 by default\&. Don\*(Aqt change unless your crypt() is better\&. This is ignored if -\fBMD5_CRYPT_ENAB\fR -set to -\fIyes\fR\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -When -\fBENCRYPT_METHOD\fR -is set to -\fISHA256\fR -or -\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. -.sp -With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&. -.sp -If not specified, the libc will choose the default number of rounds (5000)\&. -.sp -The values must be inside the 1000\-999,999,999 range\&. -.sp -If only one of the -\fBSHA_CRYPT_MIN_ROUNDS\fR -or -\fBSHA_CRYPT_MAX_ROUNDS\fR -values is set, then this value will be used\&. -.sp -If -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. -.RE -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "AVSLUTNINGSV\(:ARDEN" -.PP -Kommandot -\fBpasswd\fR -avslutas med f\(:oljande v\(:arden: -.PP -\fI0\fR -.RS 4 -lyckad -.RE -.PP -\fI1\fR -.RS 4 -\(oatkomst nekad -.RE -.PP -\fI2\fR -.RS 4 -ogiltig kombination av flaggor -.RE -.PP -\fI3\fR -.RS 4 -ov\(:antat fel, ingenting har genomf\(:orts -.RE -.PP -\fI4\fR -.RS 4 -ov\(:antat fel, filen -passwd -saknas -.RE -.PP -\fI5\fR -.RS 4 -Filen -passwd -\(:ar upptagen, f\(:ors\(:ok igen -.RE -.PP -\fI6\fR -.RS 4 -ogiltigt argument till flagga -.RE -.SH "SE OCKS\(oA" -.PP -\fBchpasswd\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBlogin.defs\fR(5),\fBusermod\fR(8)\&. diff --git a/man/sv/man1/sg.1 b/man/sv/man1/sg.1 deleted file mode 100644 index 9ceef495..00000000 --- a/man/sv/man1/sg.1 +++ /dev/null @@ -1,97 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Anv\(:andarkommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "SG" "1" "09-05-2014" "shadow\-utils 4\&.2" "Anv\(:andarkommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -sg \- k\(:or kommando med annat grupp\-id -.SH "SYNOPSIS" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [grupp\ [\-c]\ kommando] -.SH "BESKRIVNING" -.PP -The -\fBsg\fR -command works similar to -\fBnewgrp\fR -but accepts a command\&. The command will be executed with the -/bin/sh -shell\&. With most shells you may run -\fBsg\fR -from, you need to enclose multi\-word commands in quotes\&. Another difference between -\fBnewgrp\fR -and -\fBsg\fR -is that some shells treat -\fBnewgrp\fR -specially, replacing themselves with a new instance of a shell that -\fBnewgrp\fR -creates\&. This doesn\*(Aqt happen with -\fBsg\fR, so upon exit from a -\fBsg\fR -command you are returned to your previous group ID\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -Enable "syslog" logging of -\fBsg\fR -activity\&. -.RE -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -S\(:aker gruppkontoinformation\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/sv/man3/getspnam.3 b/man/sv/man3/getspnam.3 deleted file mode 100644 index cd473da3..00000000 --- a/man/sv/man3/getspnam.3 +++ /dev/null @@ -1 +0,0 @@ -.so man3/shadow.3 diff --git a/man/sv/man3/shadow.3 b/man/sv/man3/shadow.3 deleted file mode 100644 index e528a9c6..00000000 --- a/man/sv/man3/shadow.3 +++ /dev/null @@ -1,239 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Biblioteksanrop -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "SHADOW" "3" "09-05-2014" "shadow\-utils 4\&.2" "Biblioteksanrop" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -shadow, getspnam \- encrypted password file routines -.SH "SYNTAX" -.PP -\fI#include <shadow\&.h>\fR -.PP -\fIstruct spwd *getspent();\fR -.PP -\fIstruct spwd *getspnam(char\fR\fI*name\fR\fI);\fR -.PP -\fIvoid setspent();\fR -.PP -\fIvoid endspent();\fR -.PP -\fIstruct spwd *fgetspent(FILE\fR\fI*fp\fR\fI);\fR -.PP -\fIstruct spwd *sgetspent(char\fR\fI*cp\fR\fI);\fR -.PP -\fIint putspent(struct spwd\fR\fI*p,\fR\fIFIL\fR\fI*fp\fR\fI);\fR -.PP -\fIint lckpwdf();\fR -.PP -\fIint ulckpwdf();\fR -.SH "BESKRIVNING" -.PP -\fIshadow\fR -manipulates the contents of the shadow password file, -/etc/shadow\&. The structure in the -\fI#include\fR -file is: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct spwd { - char *sp_namp; /* user login name */ - char *sp_pwdp; /* encrypted password */ - long int sp_lstchg; /* last password change */ - long int sp_min; /* days until change allowed\&. */ - long int sp_max; /* days before change required */ - long int sp_warn; /* days warning for expiration */ - long int sp_inact; /* days before account inactive */ - long int sp_expire; /* date when account expires */ - unsigned long int sp_flag; /* reserved for future use */ -} - -.fi -.if n \{\ -.RE -.\} -.PP -Betydelsen av varje f\(:alt \(:ar: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_namp \- pointer to null\-terminated user name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_pwdp \- pointer to null\-terminated password -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_lstchg \- days since Jan 1, 1970 password was last changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_min \- days before which password may not be changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_max \- days after which password must be changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_warn \- days before password is to expire that user is warned of pending password expiration -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_inact \- days after password expires that account is considered inactive and disabled -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_expire \- days since Jan 1, 1970 when account will be disabled -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_flag \- reserverat f\(:or framtida anv\(:andning -.RE -.SH "BESKRIVNING" -.PP -\fIgetspent\fR, -\fIgetspname\fR, -\fIfgetspent\fR, and -\fIsgetspent\fR -each return a pointer to a -\fIstruct spwd\fR\&. -\fIgetspent\fR -returns the next entry from the file, and -\fIfgetspent\fR -returns the next entry from the given stream, which is assumed to be a file of the proper format\&. -\fIsgetspent\fR -returns a pointer to a -\fIstruct spwd\fR -using the provided string as input\&. -\fIgetspnam\fR -searches from the current position in the file for an entry matching -\fIname\fR\&. -.PP -\fIsetspent\fR -and -\fIendspent\fR -may be used to begin and end, respectively, access to the shadow password file\&. -.PP -The -\fIlckpwdf\fR -and -\fIulckpwdf\fR -routines should be used to insure exclusive access to the -/etc/shadow -file\&. -\fIlckpwdf\fR -attempts to acquire a lock using -\fIpw_lock\fR -for up to 15 seconds\&. It continues by attempting to acquire a second lock using -\fIspw_lock\fR -for the remainder of the initial 15 seconds\&. Should either attempt fail after a total of 15 seconds, -\fIlckpwdf\fR -returns \-1\&. When both locks are acquired 0 is returned\&. -.SH "DIAGNOSTIK" -.PP -Routines return NULL if no more entries are available or if an error occurs during processing\&. Routines which have -\fIint\fR -as the return value return 0 for success and \-1 for failure\&. -.SH "T\(:ANK P\(oA" -.PP -These routines may only be used by the superuser as access to the shadow password file is restricted\&. -.SH "FILER" -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBgetpwent\fR(3), -\fBshadow\fR(5)\&. diff --git a/man/sv/man5/faillog.5 b/man/sv/man5/faillog.5 deleted file mode 100644 index 781f9a16..00000000 --- a/man/sv/man5/faillog.5 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Filformat och konversioner -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "FAILLOG" "5" "09-05-2014" "shadow\-utils 4\&.2" "Filformat och konversioner" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -faillog \- login failure logging file -.SH "BESKRIVNING" -.PP -/var/log/faillog -maintains a count of login failures and the limits for each account\&. -.PP -The file contains fixed length records, indexed by numerical UID\&. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on which the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure\&. -.PP -Strukturen f\(:or filen \(:ar: -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct faillog { - short fail_cnt; - short fail_max; - char fail_line[12]; - time_t fail_time; - long fail_locktime; -}; -.fi -.if n \{\ -.RE -.\} -.SH "FILER" -.PP -/var/log/faillog -.RS 4 -Failure logging file\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBfaillog\fR(8) diff --git a/man/sv/man5/gshadow.5 b/man/sv/man5/gshadow.5 deleted file mode 100644 index 6a627fa9..00000000 --- a/man/sv/man5/gshadow.5 +++ /dev/null @@ -1,101 +0,0 @@ -'\" t -.\" Title: gshadow -.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Filformat och konversioner -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "GSHADOW" "5" "09-05-2014" "shadow\-utils 4\&.2" "Filformat och konversioner" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -gshadow \- skuggad gruppfil -.SH "BESKRIVNING" -.PP -/etc/gshadow -contains the shadowed information for group accounts\&. -.PP -Denna fil f\(oar inte vara l\(:asbar av vanliga anv\(:andare om l\(:osenordss\(:akerheten ska uppr\(:atth\(oallas\&. -.PP -Each line of this file contains the following colon\-separated fields: -.PP -\fBgruppnamn\fR -.RS 4 -It must be a valid group name, which exist on the system\&. -.RE -.PP -\fBkrypterat l\(:osenord\fR -.RS 4 -Referera till -\fBcrypt\fR(3) -f\(:or detaljer om hur denna str\(:ang tolkas\&. -.sp -If the password field contains some string that is not a valid result of -\fBcrypt\fR(3), for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password)\&. -.sp -The password is used when an user who is not a member of the group wants to gain the permissions of this group (see -\fBnewgrp\fR(1))\&. -.sp -This field may be empty, in which case only the group members can gain the group permissions\&. -.sp -A password field which starts with a exclamation mark means that the password is locked\&. The remaining characters on the line represent the password field before the password was locked\&. -.sp -This password supersedes any password specified in -/etc/group\&. -.RE -.PP -\fBadministrators\fR -.RS 4 -It must be a comma\-separated list of user names\&. -.sp -Administrators can change the password or the members of the group\&. -.sp -Administrators also have the same permissions as the members (see below)\&. -.RE -.PP -\fBmembers\fR -.RS 4 -It must be a comma\-separated list of user names\&. -.sp -Members can access the group without being prompted for a password\&. -.sp -You should use the same list of users as in -/etc/group\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -S\(:aker gruppkontoinformation\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBgpasswd\fR(5), -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBgrpconv\fR(8), -\fBnewgrp\fR(1)\&. diff --git a/man/sv/man5/limits.5 b/man/sv/man5/limits.5 deleted file mode 100644 index ee1677af..00000000 --- a/man/sv/man5/limits.5 +++ /dev/null @@ -1,274 +0,0 @@ -'\" t -.\" Title: limits -.\" Author: Luca Berra -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Filformat och konversioner -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "LIMITS" "5" "09-05-2014" "shadow\-utils 4\&.2" "Filformat och konversioner" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -limits \- definition av resursbegr\(:ansningar -.SH "BESKRIVNING" -.PP -The -\fIlimits\fR -file (/etc/limits -by default or LIMITS_FILE defined -config\&.h) describes the resource limits you wish to impose\&. It should be owned by root and readable by root account only\&. -.PP -By default no quota is imposed on \*(Aqroot\*(Aq\&. In fact, there is no way to impose limits via this procedure to root\-equiv accounts (accounts with UID 0)\&. -.PP -Varje rad beskriver en begr\(:ansning f\(:or anv\(:andaren i formatet: -.PP -\fIuser LIMITS_STRING\fR -.PP -or in the form: -.PP -\fI@group LIMITS_STRING\fR -.PP -The -\fILIMITS_STRING\fR -is a string of a concatenated list of resource limits\&. Each limit consists of a letter identifier followed by a numerical limit\&. -.PP -De giltiga identifierarna \(:ar: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -A: maximal adressrymd (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -C: max core file size (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -D: maximal datastorlek (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -F: maximal filstorlek (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -K: file creation mask, set by -\fBumask\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -I: max nice value (0\&.\&.39 which translates to 20\&.\&.\-19) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -L: maximalt antal inloggningar f\(:or denna anv\(:andare -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -M: max locked\-in\-memory address space (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -N: maximalt antal \(:oppna filer -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -O: max real time priority -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -P: processprioritet, inst\(:alld av -\fBsetpriority\fR(2)\&. -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -R: max resident set size (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -S: maximal stackstorlek (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -T: maximal processortid (MIN) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -U: maximalt antal processer -.RE -.PP -For example, -\fIL2D2048N5\fR -is a valid -\fILIMITS_STRING\fR\&. For reading convenience, the following entries are equivalent: -.sp -.if n \{\ -.RS 4 -.\} -.nf - username L2D2048N5 - username L2 D2048 N5 - -.fi -.if n \{\ -.RE -.\} -.PP -Be aware that after -\fIusername\fR -the rest of the line is considered a limit string, thus comments are not allowed\&. A invalid limits string will be rejected (not considered) by the -\fBlogin\fR -program\&. -.PP -The default entry is denoted by username "\fI*\fR"\&. If you have multiple -\fIdefault\fR -entries in your -\fILIMITS_FILE\fR, then the last one will be used as the default entry\&. -.PP -The limits specified in the form "\fI@group\fR" apply to the members of the specified -\fIgroup\fR\&. -.PP -If more than one line with limits for an user exist, only the first line for this user will be considered\&. -.PP -If no lines are specified for an user, the last -\fI@group\fR -line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user\&. -.PP -To completely disable limits for a user, a single dash "\fI\-\fR" will do\&. -.PP -To disable a limit for a user, a single dash "\fI\-\fR" can be used instead of the numerical value for this limit\&. -.PP -Also, please note that all limit settings are set PER LOGIN\&. They are not global, nor are they permanent\&. Perhaps global limits will come, but for now this will have to do ;) -.SH "FILER" -.PP -/etc/limits -.RS 4 -.RE -.SH "SE OCKS\(oA" -.PP -\fBlogin\fR(1), -\fBsetpriority\fR(2), -\fBsetrlimit\fR(2)\&. diff --git a/man/sv/man5/passwd.5 b/man/sv/man5/passwd.5 deleted file mode 100644 index 81a31dad..00000000 --- a/man/sv/man5/passwd.5 +++ /dev/null @@ -1,179 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Filformat och konversioner -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "PASSWD" "5" "09-05-2014" "shadow\-utils 4\&.2" "Filformat och konversioner" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -passwd \- l\(:osenordsfilen -.SH "BESKRIVNING" -.PP -/etc/passwd -inneh\(oaller en rad f\(:or varje anv\(:andarkonto men sju f\(:alt separerade med kolontecken (\(rq:\(rq)\&. Dessa f\(:alt \(:ar: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -inloggningsnamn -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -valfritt krypterat l\(:osenord -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numeriskt anv\(:andar\-id -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -numeriskt grupp\-id -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -anv\(:andarnamn eller kommentarsf\(:alt -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -anv\(:andarens hemkatalog -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -optional user command interpreter -.RE -.PP -The encrypted password field may be blank, in which case no password is required to authenticate as the specified login name\&. However, some applications which read the -/etc/passwd -file may decide not to permit -\fIany\fR -access at all if the -\fIpassword\fR -field is blank\&. If the -\fIpassword\fR -field is a lower\-case -\(rqx\(rq, then the encrypted password is actually stored in the -\fBshadow\fR(5) -file instead; there -\fImust\fR -be a corresponding line in the -/etc/shadow -file, or else the user account is invalid\&. If the -\fIpassword\fR -field is any other string, then it will be treated as an encrypted password, as specified by -\fBcrypt\fR(3)\&. -.PP -The comment field is used by various system utilities, such as -\fBfinger\fR(1)\&. -.PP -The home directory field provides the name of the initial working directory\&. The -\fBlogin\fR -program uses this information to set the value of the -\fB$HOME\fR -environmental variable\&. -.PP -The command interpreter field provides the name of the user\*(Aqs command language interpreter, or the name of the initial program to execute\&. The -\fBlogin\fR -program uses this information to set the value of the -\fB$SHELL\fR -environmental variable\&. If this field is empty, it defaults to the value -/bin/sh\&. -.SH "FILER" -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -optional encrypted password file -.RE -.PP -/etc/passwd\- -.RS 4 -Backup file for /etc/passwd\&. -.sp -Note that this file is used by the tools of the shadow toolsuite, but not by all user and password management tools\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBcrypt\fR(3), -\fBgetent\fR(1), -\fBgetpwnam\fR(3), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBshadow\fR(5), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/sv/man5/porttime.5 b/man/sv/man5/porttime.5 deleted file mode 100644 index 2ac29be7..00000000 --- a/man/sv/man5/porttime.5 +++ /dev/null @@ -1,96 +0,0 @@ -'\" t -.\" Title: porttime -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Filformat och konversioner -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "PORTTIME" "5" "09-05-2014" "shadow\-utils 4\&.2" "Filformat och konversioner" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -porttime \- port access time file -.SH "BESKRIVNING" -.PP -\fIporttime\fR -inneh\(oaller en lista av tty\-enheter, anv\(:andarnamn och till\(oatna inloggningstider\&. -.PP -Each entry consists of three colon separated fields\&. The first field is a comma separated list of tty devices, or an asterisk to indicate that all tty devices are matched by this entry\&. The second field is a comma separated list of user names, or an asterisk to indicated that all user names are matched by this entry\&. The third field is a comma separated list of permitted access times\&. -.PP -Each access time entry consists of zero or more days of the week, abbreviated -\fISu\fR, -\fIMo\fR, -\fITu\fR, -\fIWe\fR, -\fITh\fR, -\fIFr\fR, and -\fISa\fR, followed by a pair of times separated by a hyphen\&. The abbreviation -\fIWk\fR -may be used to represent Monday thru Friday, and -\fIAl\fR -may be used to indicate every day\&. If no days are given, -\fIAl\fR -is assumed\&. -.SH "EXEMPEL" -.PP -F\(:oljande post till\(oater \(oatkomst f\(:or anv\(:andaren -\fBjfh\fR -p\(oa varje port under veckodagar fr\(oan 09\&.00 till 17\&.00\&. -.PP -*:jfh:Wk0900\-1700 -.PP -De f\(:oljande posterna till\(oater \(oatkomst endast till anv\(:andarna -\fIroot\fR -och -\fIoper\fR -p\(oa -/dev/console -n\(:ar som helst\&. Detta illustrerar hur filen -/etc/porttime -\(:ar en ordnad lista f\(:or \(oatkomsttider\&. Alla andra anv\(:andare skulle matcha den andra poster, vilken inte till\(oater n\(oagon \(oatkomst oavsett tid\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - console:root,oper:Al0000\-2400 - console:*: - -.fi -.if n \{\ -.RE -.\} -.PP -F\(:olajnde post till\(oater \(oatkomst f\(:or anv\(:andaren -\fIgames\fR -p\(oa valfri port men inte under arbetstid\&. -.PP -*:games:Wk1700\-0900,SaSu0000\-2400 -.SH "FILER" -.PP -/etc/porttime -.RS 4 -Fil som inneh\(oaller port\(oatkomst -.RE -.SH "SE OCKS\(oA" -.PP -\fBlogin\fR(1)\&. diff --git a/man/sv/man5/suauth.5 b/man/sv/man5/suauth.5 deleted file mode 100644 index 3734a1f9..00000000 --- a/man/sv/man5/suauth.5 +++ /dev/null @@ -1,146 +0,0 @@ -'\" t -.\" Title: suauth -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Filformat och konversioner -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "SUAUTH" "5" "09-05-2014" "shadow\-utils 4\&.2" "Filformat och konversioner" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -suauth \- detaljerad kontrollfil f\(:or su -.SH "SYNOPSIS" -.HP \w'\fB/etc/suauth\fR\ 'u -\fB/etc/suauth\fR -.SH "BESKRIVNING" -.PP -The file -/etc/suauth -is referenced whenever the su command is called\&. It can change the behaviour of the su command, based upon: -.sp -.if n \{\ -.RS 4 -.\} -.nf - 1) the user su is targetting - -.fi -.if n \{\ -.RE -.\} -.PP -2) the user executing the su command (or any groups he might be a member of) -.PP -Filen \(:ar i f\(:oljande format, med de rader som inleds med # behandlas som kommentarsrader och ignoreras; -.sp -.if n \{\ -.RS 4 -.\} -.nf - till\-id:fr\(oan\-id:\(oATG\(:ARD - -.fi -.if n \{\ -.RE -.\} -.PP -Where to\-id is either the word -\fIALL\fR, a list of usernames delimited by "," or the words -\fIALL EXCEPT\fR -followed by a list of usernames delimited by ","\&. -.PP -fr\(oan\-id \(:ar formaterad p\(oa samma s\(:att som till\-id f\(:orutom att det extra ordet -\fIGROUP\fR -k\(:anns igen\&. -\fIALL EXCEPT GROUP\fR -\(:ar helt giltigt ocks\(oa\&. Efterf\(:oljande till -\fIGROUP\fR -kan vara ett eller flera gruppnamn, separerade med ","\&. Det \(:ar inte tillr\(:ackligt att ha prim\(:art grupp\-id f\(:or den relevanta gruppen, en post i -\fB/etc/group\fR(5) -\(:ar n\(:odv\(:andigt\&. -.PP -\(oAtg\(:arden kan endast vara en av f\(:oljande f\(:or n\(:arvarande st\(:odda flaggor\&. -.PP -\fIDENY\fR -.RS 4 -F\(:ors\(:oket att anv\(:anda su stoppades f\(:ore ett l\(:osenord har efterfr\(oagats\&. -.RE -.PP -\fINOPASS\fR -.RS 4 -F\(:ors\(:oket att anv\(:anda su lyckades helt automatiskt; inget l\(:osenord har efterfr\(oagats\&. -.RE -.PP -\fIOWNPASS\fR -.RS 4 -F\(:or att su\-kommandot ska lyckas m\(oaste anv\(:andaren mata in sitt egna l\(:osenord\&. De blir fr\(oagade att g\(:ora detta\&. -.RE -.PP -Note there are three separate fields delimited by a colon\&. No whitespace must surround this colon\&. Also note that the file is examined sequentially line by line, and the first applicable rule is used without examining the file further\&. This makes it possible for a system administrator to exercise as fine control as he or she wishes\&. -.SH "EXEMPEL" -.sp -.if n \{\ -.RS 4 -.\} -.nf - # exempelfil f\(:or /etc/suauth - # - # Ett par priviligerade anv\(:andarnamn som - # kan su till root med sina egna l\(:osenord\&. - # - root:bosse,birddog:OWNPASS - # - # Alla andra kan inte su till root om de inte finns - # gruppen wheel\&. Det \(:ar s\(oa BSD g\(:or saker\&. - # - root:ALL EXCEPT GROUP wheel:DENY - # - # Kanske terry och birddog \(:ar konton som - # \(:ags av samma person\&. - # Tillg\(oang kan ges mellan dem utan - # l\(:osenord\&. - # - terry:birddog:NOPASS - birddog:terry:NOPASS - # - -.fi -.if n \{\ -.RE -.\} -.SH "FILER" -.PP -/etc/suauth -.RS 4 -.RE -.SH "FEL" -.PP -There could be plenty lurking\&. The file parser is particularly unforgiving about syntax errors, expecting no spurious whitespace (apart from beginning and end of lines), and a specific token delimiting different things\&. -.SH "DIAGNOSTIK" -.PP -An error parsing the file is reported using -\fBsyslogd\fR(8) -as level ERR on facility AUTH\&. -.SH "SE OCKS\(oA" -.PP -\fBsu\fR(1)\&. diff --git a/man/sv/man8/faillog.8 b/man/sv/man8/faillog.8 deleted file mode 100644 index b0186650..00000000 --- a/man/sv/man8/faillog.8 +++ /dev/null @@ -1,165 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "FAILLOG" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -faillog \- display faillog records or set login failure limits -.SH "SYNOPSIS" -.HP \w'\fBfaillog\fR\ 'u -\fBfaillog\fR [\fIflaggor\fR] -.SH "BESKRIVNING" -.PP -\fBfaillog\fR -displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When -\fBfaillog\fR -is run without arguments, it only displays the faillog records of the users who had a login failure\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBfaillog\fR -\(:ar: -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Display (or act on) faillog records for all users having an entry in the -faillog -database\&. -.sp -The range of users can be restricted with the -\fB\-u\fR -option\&. -.sp -In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&. -.sp -With the -\fB\-l\fR, -\fB\-m\fR, -\fB\-r\fR, -\fB\-t\fR -options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR -.RS 4 -Lock account for -\fISEC\fR -seconds after failed login\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR -.RS 4 -Set the maximum number of login failures after the account is disabled to -\fIMAX\fR\&. -.sp -Selecting a -\fIMAX\fR -value of 0 has the effect of not placing a limit on the number of failed logins\&. -.sp -The maximum failure count should always be 0 for -\fIroot\fR -to prevent a denial of services attack against the system\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-r\fR, \fB\-\-reset\fR -.RS 4 -Reset the counters of login failures\&. -.sp -Write access to -/var/log/faillog -is required for this option\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAGAR\fR -.RS 4 -Display faillog records more recent than -\fIDAYS\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -Display faillog record or maintains failure counters and limits (if used with -\fB\-l\fR, -\fB\-m\fR -or -\fB\-r\fR -options) only for the specified user(s)\&. -.sp -The users can be specified by a login name, a numerical user ID, or a -\fIRANGE\fR -of users\&. This -\fIRANGE\fR -of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. -.RE -.PP -When none of the -\fB\-l\fR, -\fB\-m\fR, or -\fB\-r\fR -options are used, -\fBfaillog\fR -displays the faillog record of the specified user(s)\&. -.SH "T\(:ANK P\(oA" -.PP -\fBfaillog\fR -only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the -\fB\-u\fR -flag, or print out all users with the -\fB\-a\fR -flag\&. -.SH "FILER" -.PP -/var/log/faillog -.RS 4 -Failure logging file\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBlogin\fR(1), -\fBfaillog\fR(5)\&. diff --git a/man/sv/man8/groupadd.8 b/man/sv/man8/groupadd.8 deleted file mode 100644 index cf778905..00000000 --- a/man/sv/man8/groupadd.8 +++ /dev/null @@ -1,248 +0,0 @@ -'\" t -.\" Title: groupadd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "GROUPADD" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -groupadd \- skapa en ny grupp -.SH "SYNOPSIS" -.HP \w'\fBgroupadd\fR\ 'u -\fBgroupadd\fR [\fIflaggor\fR] \fIgrupp\fR -.SH "BESKRIVNING" -.PP -The -\fBgroupadd\fR -command creates a new group account using the values specified on the command line plus the default values from the system\&. The new group will be entered into the system files as needed\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBgroupadd\fR -\(:ar: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -This option causes the command to simply exit with success status if the specified group already exists\&. When used with -\fB\-g\fR, and the specified GID already exists, another (unique) GID is chosen (i\&.e\&. -\fB\-g\fR -is turned off)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -The numerical value of the group\*(Aqs ID\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to -\fBGID_MIN\fR -and greater than every other group\&. -.sp -See also the -\fB\-r\fR -option and the -\fBGID_MAX\fR -description\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fINYCKEL\fR=\fIV\(:ARDE\fR -.RS 4 -\(oAsidos\(:atter standardv\(:arden i -/etc/login\&.defs -(GID_MIN, GID_MAX och andra)\&. Flera flaggor av -\fB\-K\fR -kan anges\&. -.sp -Example: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \& -\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR -.sp -Notera: -\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR -fungerar \(:annu inte\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -This option permits to add a group with a non\-unique GID\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIL\(:OSENORD\fR -.RS 4 -The encrypted password, as returned by -\fBcrypt\fR(3)\&. The default is to disable the password\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -Create a system group\&. -.sp -The numeric identifiers of new system groups are chosen in the -\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR -range, defined in -login\&.defs, instead of -\fBGID_MIN\fR\-\fBGID_MAX\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of regular groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBGID_MIN\fR -(resp\&. -\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -Range of group IDs used for the creation of system groups by -\fBuseradd\fR, -\fBgroupadd\fR, or -\fBnewusers\fR\&. -.sp -The default value for -\fBSYS_GID_MIN\fR -(resp\&. -\fBSYS_GID_MAX\fR) is 101 (resp\&. -\fBGID_MIN\fR\-1)\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -S\(:aker gruppkontoinformation\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.SH "T\(:ANK P\(oA" -.PP -Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]? -.PP -Groupnames may only be up to 16 characters long\&. -.PP -You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&. -.PP -If the groupname already exists in an external group database such as NIS or LDAP, -\fBgroupadd\fR -will deny the group creation request\&. -.SH "AVSLUTNINGSV\(:ARDEN" -.PP -Kommandot -\fBgroupadd\fR -avslutas med f\(:oljande v\(:arden: -.PP -\fI0\fR -.RS 4 -lyckad -.RE -.PP -\fI2\fR -.RS 4 -ogiltig kommandosyntax -.RE -.PP -\fI3\fR -.RS 4 -ogiltigt argument till flagga -.RE -.PP -\fI4\fR -.RS 4 -GID inte unikt (n\(:ar -\fB\-o\fR -inte anv\(:ands) -.RE -.PP -\fI9\fR -.RS 4 -gruppnamn inte unikt -.RE -.PP -\fI10\fR -.RS 4 -kan inte uppdatera gruppfilen -.RE -.SH "SE OCKS\(oA" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/sv/man8/groupdel.8 b/man/sv/man8/groupdel.8 deleted file mode 100644 index fafdcefe..00000000 --- a/man/sv/man8/groupdel.8 +++ /dev/null @@ -1,136 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "GROUPDEL" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -groupdel \- ta bort en grupp -.SH "SYNOPSIS" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fIflaggor\fR] \fIGRUPP\fR -.SH "BESKRIVNING" -.PP -The -\fBgroupdel\fR -command modifies the system account files, deleting all entries that refer to -\fIGROUP\fR\&. The named group must exist\&. -.SH "FLAGGOR" -.PP -The options which apply to the -\fBgroupdel\fR -command are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "T\(:ANK P\(oA" -.PP -Du f\(oar inte ta bort den prim\(:ara gruppen f\(:or n\(oagon existerande anv\(:andare\&. Du m\(oaste ta bort anv\(:andaren innan du tar bort gruppen\&. -.PP -You should manually check all file systems to ensure that no files remain owned by this group\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -S\(:aker gruppkontoinformation\&. -.RE -.SH "AVSLUTNINGSV\(:ARDEN" -.PP -Kommandot -\fBgroupdel\fR -avslutas med f\(:oljande v\(:arden: -.PP -\fI0\fR -.RS 4 -lyckad -.RE -.PP -\fI2\fR -.RS 4 -ogiltig kommandosyntax -.RE -.PP -\fI6\fR -.RS 4 -angiven grupp finns inte -.RE -.PP -\fI8\fR -.RS 4 -kan inte ta bort anv\(:andarens prim\(:ara grupp -.RE -.PP -\fI10\fR -.RS 4 -kan inte uppdatera gruppfilen -.RE -.SH "SE OCKS\(oA" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/sv/man8/groupmems.8 b/man/sv/man8/groupmems.8 deleted file mode 100644 index ea596ffb..00000000 --- a/man/sv/man8/groupmems.8 +++ /dev/null @@ -1,180 +0,0 @@ -'\" t -.\" Title: groupmems -.\" Author: George Kraft, IV -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "GROUPMEMS" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -groupmems \- administrera medlemmar av en anv\(:andares prim\(:ara grupp -.SH "SYNOPSIS" -.HP \w'\fBgroupmems\fR\ 'u -\fBgroupmems\fR \-a\ \fIanv\(:andarnamn\fR | \-d\ \fIanv\(:andarnamn\fR | [\-g\ \fIgruppnamn\fR] | \-l | \-p -.SH "BESKRIVNING" -.PP -The -\fBgroupmems\fR -command allows a user to administer his/her own group membership list without the requirement of superuser privileges\&. The -\fBgroupmems\fR -utility is for systems that configure its users to be in their own name sake primary group (i\&.e\&., guest / guest)\&. -.PP -Only the superuser, as administrator, can use -\fBgroupmems\fR -to alter the memberships of other groups\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBgroupmems\fR -\(:ar: -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser_name\fR -.RS 4 -Add an user to the group membership list\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser_name\fR -.RS 4 -Ta bort en anv\(:andare fr\(oan gruppen medlemslista\&. -.sp -If the -/etc/gshadow -file exist, the user will be removed from the list of members and administrators of the group\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-g\fR, \fB\-\-group\fR\ \&\fIgroup_name\fR -.RS 4 -The superuser can specify which group membership list to modify\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -Lista gruppens medlemslista\&. -.RE -.PP -\fB\-p\fR, \fB\-\-purge\fR -.RS 4 -Rensa alla anv\(:andare fr\(oan gruppens medlemslista\&. -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "SETUP" -.PP -The -\fBgroupmems\fR -executable should be in mode -2770 -as user -\fIroot\fR -and in group -\fIgroups\fR\&. The system administrator can add users to group -\fIgroups\fR -to allow or disallow them using the -\fBgroupmems\fR -utility to manage their own group membership list\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - $ groupadd \-r groups - $ chmod 2770 groupmems - $ chown root\&.groups groupmems - $ groupmems \-g groups \-a gk4 - -.fi -.if n \{\ -.RE -.\} -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -s\(:aker gruppkontoinformation -.RE -.SH "SE OCKS\(oA" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/sv/man8/groupmod.8 b/man/sv/man8/groupmod.8 deleted file mode 100644 index 565f2e25..00000000 --- a/man/sv/man8/groupmod.8 +++ /dev/null @@ -1,209 +0,0 @@ -'\" t -.\" Title: groupmod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "GROUPMOD" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -groupmod \- \(:andra en gruppdefinition p\(oa systemet -.SH "SYNOPSIS" -.HP \w'\fBgroupmod\fR\ 'u -\fBgroupmod\fR [\fIflaggor\fR] \fIGRUPP\fR -.SH "BESKRIVNING" -.PP -The -\fBgroupmod\fR -command modifies the definition of the specified -\fIGROUP\fR -by modifying the appropriate entry in the group database\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBgroupmod\fR -\(:ar: -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -The group ID of the given -\fIGROUP\fR -will be changed to -\fIGID\fR\&. -.sp -The value of -\fIGID\fR -must be a non\-negative decimal integer\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. -.sp -Users who use the group as primary group will be updated to keep the group as their primary group\&. -.sp -Any files that have the old group ID and must continue to belong to -\fIGROUP\fR, must have their group ID changed manually\&. -.sp -No checks will be performed with regard to the -\fBGID_MIN\fR, -\fBGID_MAX\fR, -\fBSYS_GID_MIN\fR, or -\fBSYS_GID_MAX\fR -from -/etc/login\&.defs\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fINY_GRUPP\fR -.RS 4 -The name of the group will be changed from -\fIGROUP\fR -to -\fINEW_GROUP\fR -name\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -When used with the -\fB\-g\fR -option, allow to change the group -\fIGID\fR -to a non\-unique value\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIL\(:OSENORD\fR -.RS 4 -Det krypterade l\(:osenordet, som returneras av -\fBcrypt\fR(3)\&. -.sp -\fBNote:\fR -This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. -.sp -You should make sure the password respects the system\*(Aqs password policy\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -S\(:aker gruppkontoinformation\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.SH "AVSLUTNINGSV\(:ARDEN" -.PP -Kommandot -\fBgroupmod\fR -avslutas med f\(:oljande v\(:arden: -.PP -\fI0\fR -.RS 4 -lyckad -.RE -.PP -\fI2\fR -.RS 4 -ogiltig kommandosyntax -.RE -.PP -\fI3\fR -.RS 4 -ogiltigt argument till flagga -.RE -.PP -\fI4\fR -.RS 4 -angiven grupp finns inte -.RE -.PP -\fI6\fR -.RS 4 -angiven grupp finns inte -.RE -.PP -\fI9\fR -.RS 4 -gruppnamnet anv\(:ands redan -.RE -.PP -\fI10\fR -.RS 4 -kan inte uppdatera gruppfilen -.RE -.SH "SE OCKS\(oA" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/sv/man8/grpck.8 b/man/sv/man8/grpck.8 deleted file mode 100644 index 6861cbcb..00000000 --- a/man/sv/man8/grpck.8 +++ /dev/null @@ -1,241 +0,0 @@ -'\" t -.\" Title: grpck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "GRPCK" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -grpck \- validera integriteten f\(:or gruppfiler -.SH "SYNOPSIS" -.HP \w'\fBgrpck\fR\ 'u -\fBgrpck\fR [flaggor] [\fIgrupp\fR\ [\ \fIshadow\fR\ ]] -.SH "BESKRIVNING" -.PP -The -\fBgrpck\fR -command verifies the integrity of the groups information\&. It checks that all entries in -/etc/groupand /etc/gshadow -have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. -.PP -Kontroller g\(:ors f\(:or att validera att varje post har: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -korrekt antal f\(:alt -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a unique and valid group name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid group identifier -(/etc/group only) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a valid list of members -and administrators -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a corresponding entry in the -/etc/gshadow -file (respectively -/etc/group -for the -gshadow -checks) -.RE -.PP -The checks for correct number of fields and unique group name are fatal\&. If an entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warnings and the user is encouraged to run the -\fBgroupmod\fR -command to correct the error\&. -.PP -The commands which operate on the -/etc/groupand /etc/gshadow files -are not able to alter corrupted or duplicated entries\&. -\fBgrpck\fR -should be used in those circumstances to remove the offending entries\&. -.SH "FLAGGOR" -.PP -The -\fB\-r\fR -and -\fB\-s\fR -options cannot be combined\&. -.PP -The options which apply to the -\fBgrpck\fR -command are: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Execute the -\fBgrpck\fR -command in read\-only mode\&. This causes all questions regarding changes to be answered -\fIno\fR -without user intervention\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Sort entries in -/etc/groupand /etc/gshadow -by GID\&. -.RE -.PP -By default, -\fBgrpck\fR -operates on -/etc/groupand /etc/gshadow\&. The user may select alternate files with the -\fIgroup\fRand \fIshadow\fR parameters\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -S\(:aker gruppkontoinformation\&. -.RE -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.SH "AVSLUTNINGSV\(:ARDEN" -.PP -Kommandot -\fBgrpck\fR -avslutas med f\(:oljande v\(:arden: -.PP -\fI0\fR -.RS 4 -lyckad -.RE -.PP -\fI1\fR -.RS 4 -ogiltig kommandosyntax -.RE -.PP -\fI2\fR -.RS 4 -en eller flera felaktiga grupposter -.RE -.PP -\fI3\fR -.RS 4 -kan inte \(:oppna gruppfiler -.RE -.PP -\fI4\fR -.RS 4 -kan inte l\(oasa gruppfiler -.RE -.PP -\fI5\fR -.RS 4 -kan inte uppdatera gruppfiler -.RE -.SH "SE OCKS\(oA" -.PP -\fBgroup\fR(5), -\fBgroupmod\fR(8), -\fBgshadow\fR(5),\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBshadow\fR(5)\&. diff --git a/man/sv/man8/lastlog.8 b/man/sv/man8/lastlog.8 deleted file mode 100644 index 110d6d6f..00000000 --- a/man/sv/man8/lastlog.8 +++ /dev/null @@ -1,109 +0,0 @@ -'\" t -.\" Title: lastlog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "LASTLOG" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -lastlog \- reports the most recent login of all users or of a given user -.SH "SYNOPSIS" -.HP \w'\fBlastlog\fR\ 'u -\fBlastlog\fR [\fIflaggor\fR] -.SH "BESKRIVNING" -.PP -\fBlastlog\fR -formats and prints the contents of the last login log -/var/log/lastlog -file\&. The -\fIlogin\-name\fR, -\fIport\fR, and -\fIlast login time\fR -will be printed\&. The default (no flags) causes lastlog entries to be printed, sorted by their order in -/etc/passwd\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBlastlog\fR -\(:ar: -.PP -\fB\-b\fR, \fB\-\-before\fR\ \&\fIDAGAR\fR -.RS 4 -Print only lastlog records older than -\fIDAYS\fR\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAGAR\fR -.RS 4 -Print the lastlog records more recent than -\fIDAYS\fR\&. -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -Print the lastlog record of the specified user(s)\&. -.sp -The users can be specified by a login name, a numerical user ID, or a -\fIRANGE\fR -of users\&. This -\fIRANGE\fR -of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. -.RE -.PP -If the user has never logged in the message -\fI** Never logged in**\fR -will be displayed instead of the port and time\&. -.PP -Only the entries for the current users of the system will be displayed\&. Other entries may exist for users that were deleted previously\&. -.SH "NOTERA" -.PP -The -lastlog -file is a database which contains info on the last login of each user\&. You should not rotate it\&. It is a sparse file, so its size on the disk is usually much smaller than the one shown by "\fBls \-l\fR" (which can indicate a really big file if you have in -passwd -users with a high UID)\&. You can display its real size with "\fBls \-s\fR"\&. -.SH "FILER" -.PP -/var/log/lastlog -.RS 4 -Databastider f\(:or tidigare anv\(:andarinloggningar\&. -.RE -.SH "T\(:ANK P\(oA" -.PP -Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i\&.e\&. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171\-799)\&. diff --git a/man/sv/man8/logoutd.8 b/man/sv/man8/logoutd.8 deleted file mode 100644 index db61b665..00000000 --- a/man/sv/man8/logoutd.8 +++ /dev/null @@ -1,57 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "LOGOUTD" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -logoutd \- enforce login time restrictions -.SH "SYNOPSIS" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "BESKRIVNING" -.PP -\fBlogoutd\fR -enforces the login time and port restrictions specified in -/etc/porttime\&. -\fBlogoutd\fR -should be started from -/etc/rc\&. The -/var/run/utmp -file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time\&. Any login session which is violating the restrictions in -/etc/porttime -is terminated\&. -.SH "FILER" -.PP -/etc/porttime -.RS 4 -Fil som inneh\(oaller port\(oatkomst -.RE -.PP -/var/run/utmp -.RS 4 -Lista p\(oa aktuella inloggningssessioner\&. -.RE diff --git a/man/sv/man8/nologin.8 b/man/sv/man8/nologin.8 deleted file mode 100644 index d31a509d..00000000 --- a/man/sv/man8/nologin.8 +++ /dev/null @@ -1,51 +0,0 @@ -'\" t -.\" Title: nologin -.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "NOLOGIN" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -nologin \- v\(:agra sn\(:allt en inloggning -.SH "SYNOPSIS" -.HP \w'\fBnologin\fR\ 'u -\fBnologin\fR -.SH "BESKRIVNING" -.PP -The -\fBnologin\fR -command displays a message that an account is not available and exits non\-zero\&. It is intended as a replacement shell field for accounts that have been disabled\&. -.PP -F\(:or att inaktivera alla inloggningar, unders\(:ok -\fBnologin\fR(5)\&. -.SH "SE OCKS\(oA" -.PP -\fBlogin\fR(1), -\fBnologin\fR(5)\&. -.SH "HISTORY" -.PP -The -\fBnologin\fR -command appearred in BSD 4\&.4\&. diff --git a/man/sv/man8/pwck.8 b/man/sv/man8/pwck.8 deleted file mode 100644 index 17fffbd9..00000000 --- a/man/sv/man8/pwck.8 +++ /dev/null @@ -1,323 +0,0 @@ -'\" t -.\" Title: pwck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "PWCK" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -pwck \- validera integriteten f\(:or l\(:osenordsfiler -.SH "SYNOPSIS" -.HP \w'\fBpwck\fR\ 'u -\fBpwck\fR [flaggor] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] -.SH "BESKRIVNING" -.PP -The -\fBpwck\fR -command verifies the integrity of the users and authentication information\&. It checks that all entries in -/etc/passwd -and -/etc/shadow -have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. -.PP -Kontroller g\(:ors f\(:or att validera att varje post har: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -korrekt antal f\(:alt -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a unique and valid user name -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -en giltig identifierare f\(:or anv\(:andare och grupp -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -en giltig prim\(:ar grupp -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -en giltig hemkatalog -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ett giltigt inloggningsskal -.RE -.PP -shadow -checks are enabled when a second file parameter is specified or when -/etc/shadow -exists on the system\&. -.PP -These checks are the following: -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -every passwd entry has a matching shadow entry, and every shadow entry has a matching passwd entry -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -passwords are specified in the shadowed file -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -shadow entries have the correct number of fields -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -shadow entries are unique in shadow -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -the last password changes are not in the future -.RE -.PP -The checks for correct number of fields and unique user name are fatal\&. If the entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated user name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warning and the user is encouraged to run the -\fBusermod\fR -command to correct the error\&. -.PP -The commands which operate on the -/etc/passwd -file are not able to alter corrupted or duplicated entries\&. -\fBpwck\fR -should be used in those circumstances to remove the offending entry\&. -.SH "FLAGGOR" -.PP -The -\fB\-r\fR -and -\fB\-s\fR -options cannot be combined\&. -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBpwck\fR -\(:ar: -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Report errors only\&. The warnings which do not require any action from the user won\*(Aqt be displayed\&. -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Starta kommandot -\fBpwck\fR -i skrivskyddat l\(:age\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -Sorterar poster i -/etc/passwd -och -/etc/shadow -efter UID\&. -.RE -.PP -By default, -\fBpwck\fR -operates on the files -/etc/passwd -and -/etc/shadow\&. The user may select alternate files with the -\fIpasswd\fR -and -\fIshadow\fR -parameters\&. -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -The maximum number of days a password may be used\&. If the password is older than this, a password change will be forced\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -The minimum number of days allowed between password changes\&. Any password changes attempted sooner than this will be rejected\&. If not specified, \-1 will be assumed (which disables the restriction)\&. -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -The number of days warning given before a password expires\&. A zero means warning is given only upon the day of expiration, a negative value means no warning is given\&. If not specified, no warning will be provided\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.SH "AVSLUTNINGSV\(:ARDEN" -.PP -Kommandot -\fBpwck\fR -avslutas med f\(:oljande v\(:arden: -.PP -\fI0\fR -.RS 4 -lyckad -.RE -.PP -\fI1\fR -.RS 4 -ogiltig kommandosyntax -.RE -.PP -\fI2\fR -.RS 4 -en eller flera felaktiga l\(:osenordsposter -.RE -.PP -\fI3\fR -.RS 4 -kan inte \(:oppna l\(:osenordsfiler -.RE -.PP -\fI4\fR -.RS 4 -kan inte l\(oasa l\(:osenordsfiler -.RE -.PP -\fI5\fR -.RS 4 -kan inte uppdatera l\(:osenordsfiler -.RE -.PP -\fI6\fR -.RS 4 -can\*(Aqt sort password files -.RE -.SH "SE OCKS\(oA" -.PP -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBusermod\fR(8)\&. diff --git a/man/sv/man8/userdel.8 b/man/sv/man8/userdel.8 deleted file mode 100644 index f7b3ebda..00000000 --- a/man/sv/man8/userdel.8 +++ /dev/null @@ -1,298 +0,0 @@ -'\" t -.\" Title: userdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "USERDEL" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -userdel \- ta bort ett anv\(:andarkonto och relaterade filer -.SH "SYNOPSIS" -.HP \w'\fBuserdel\fR\ 'u -\fBuserdel\fR [flaggor] \fIINLOGGNINGSNAMN\fR -.SH "BESKRIVNING" -.PP -The -\fBuserdel\fR -command modifies the system account files, deleting all entries that refer to the user name -\fILOGIN\fR\&. The named user must exist\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandot -\fBuserdel\fR -\(:ar: -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -This option forces the removal of the user account, even if the user is still logged in\&. It also forces -\fBuserdel\fR -to remove the user\*(Aqs home directory and mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user\&. If -\fBUSERGROUPS_ENAB\fR -is defined to -\fIyes\fR -in -/etc/login\&.defs -and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user\&. -.sp -\fINotera:\fR -Denna flagga \(:ar farlig och kan g\(:ora att ditt system f\(:ors\(:atts i ett inkonsistent tillst\(oand\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\fR -.RS 4 -Files in the user\*(Aqs home directory will be removed along with the home directory itself and the user\*(Aqs mail spool\&. Files located in other file systems will have to be searched for and deleted manually\&. -.sp -The mail spool is defined by the -\fBMAIL_DIR\fR -variable in the -login\&.defs -file\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR -.RS 4 -Remove any SELinux user mapping for the user\*(Aqs login\&. -.RE -.SH "CONFIGURATION" -.PP -The following configuration variables in -/etc/login\&.defs -change the behavior of this tool: -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&. -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -Defines the location of the users mail spool files relatively to their home directory\&. -.RE -.PP -The -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -variables are used by -\fBuseradd\fR, -\fBusermod\fR, and -\fBuserdel\fR -to create, move, or delete the user\*(Aqs mail spool\&. -.PP -If -\fBMAIL_CHECK_ENAB\fR -is set to -\fIyes\fR, they are also used to define the -\fBMAIL\fR -environment variable\&. -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in -/etc/group -(with the same name, same password, and same GID)\&. -.sp -The default value is 0, meaning that there are no limits in the number of members in a group\&. -.sp -This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. -.sp -If you need to enforce such limit, you can use 25\&. -.sp -Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. -.RE -.PP -\fBUSERDEL_CMD\fR (string) -.RS 4 -If defined, this command is run when removing a user\&. It should remove any at/cron/print jobs etc\&. owned by the user to be removed (passed as the first argument)\&. -.sp -The return code of the script is not taken into account\&. -.sp -Here is an example script, which removes the user\*(Aqs cron, at and print jobs: -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# Check for the required argument\&. -if [ $# != 1 ]; then - echo "Usage: $0 username" - exit 1 -fi - -# Remove cron jobs\&. -crontab \-r \-u $1 - -# Remove at jobs\&. -# Note that it will remove any jobs owned by the same UID, -# even if it was shared by a different username\&. -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# Remove print jobs\&. -lprm $1 - -# All done\&. -exit 0 - -.fi -.if n \{\ -.RE -.\} -.sp -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&. -.sp -If set to -\fIyes\fR, -\fBuserdel\fR -will remove the user\*(Aqs group if it contains no more members, and -\fBuseradd\fR -will create by default a group with the name of the user\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow password suite configuration\&. -.RE -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "AVSLUTNINGSV\(:ARDEN" -.PP -Kommandot -\fBuserdel\fR -avslutas med f\(:oljande v\(:arden: -.PP -\fI0\fR -.RS 4 -lyckad -.RE -.PP -\fI1\fR -.RS 4 -kan inte uppdatera l\(:osenordsfilen -.RE -.PP -\fI2\fR -.RS 4 -ogiltig kommandosyntax -.RE -.PP -\fI6\fR -.RS 4 -angiven anv\(:andare finns inte -.RE -.PP -\fI8\fR -.RS 4 -anv\(:andaren \(:ar f\(:or n\(:arvarande inloggad -.RE -.PP -\fI10\fR -.RS 4 -kan inte uppdatera gruppfilen -.RE -.PP -\fI12\fR -.RS 4 -kan inte ta bort hemkatalogen -.RE -.SH "T\(:ANK P\(oA" -.PP -\fBuserdel\fR -will not allow you to remove an account if there are running processes which belong to this account\&. In that case, you may have to kill those processes or lock the user\*(Aqs password or account and remove the account later\&. The -\fB\-f\fR -option can force the deletion of this account\&. -.PP -You should manually check all file systems to ensure that no files remain owned by this user\&. -.PP -Du f\(oar inte ta bort n\(oagra NIS\-attribut p\(oa en NIS\-klient\&. Detta m\(oaste genomf\(:oras p\(oa NIS\-servern\&. -.PP -If -\fBUSERGROUPS_ENAB\fR -is defined to -\fIyes\fR -in -/etc/login\&.defs, -\fBuserdel\fR -will delete the group with the same name as the user\&. To avoid inconsistencies in the passwd and group databases, -\fBuserdel\fR -will check that this group is not used as a primary group for another user, and will just warn without deleting the group otherwise\&. The -\fB\-f\fR -option can force the deletion of this group\&. -.SH "SE OCKS\(oA" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBlogin.defs\fR(5), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/sv/man8/vigr.8 b/man/sv/man8/vigr.8 deleted file mode 100644 index ff72d7ae..00000000 --- a/man/sv/man8/vigr.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/vipw.8 diff --git a/man/sv/man8/vipw.8 b/man/sv/man8/vipw.8 deleted file mode 100644 index 16d09292..00000000 --- a/man/sv/man8/vipw.8 +++ /dev/null @@ -1,137 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 09-05-2014 -.\" Manual: Systemhanteringskommandon -.\" Source: shadow-utils 4.2 -.\" Language: Swedish -.\" -.TH "VIPW" "8" "09-05-2014" "shadow\-utils 4\&.2" "Systemhanteringskommandon" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAMN" -vipw, vigr \- redigera l\(:osenordet, grupp, skuggl\(:osenord eller skuggruppfil -.SH "SYNOPSIS" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fIflaggor\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fIflaggor\fR] -.SH "BESKRIVNING" -.PP -The -\fBvipw\fR -and -\fBvigr\fR -commands edits the files -/etc/passwd -and -/etc/group, respectively\&. With the -\fB\-s\fR -flag, they will edit the shadow versions of those files, -/etc/shadow -and -/etc/gshadow, respectively\&. The programs will set the appropriate locks to prevent file corruption\&. When looking for an editor, the programs will first try the environment variable -\fB$VISUAL\fR, then the environment variable -\fB$EDITOR\fR, and finally the default editor, -\fBvi\fR(1)\&. -.SH "FLAGGOR" -.PP -Flaggorna som g\(:aller f\(:or kommandona -\fBvipw\fR -och -\fBvigr\fR -\(:ar: -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -Redigera gruppdatabasen\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -Visa hj\(:alpmeddelande och avsluta\&. -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -Redigera l\(:osenordsdatabasen\&. -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -Tyst l\(:age\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -Redigera shadow\- eller gshadow\-databasen\&. -.RE -.SH "ENVIRONMENT" -.PP -\fBVISUAL\fR -.RS 4 -Editor to be used\&. -.RE -.PP -\fBEDITOR\fR -.RS 4 -Editor to be used if -\fBVISUAL\fR -is not set\&. -.RE -.SH "FILER" -.PP -/etc/group -.RS 4 -Gruppkontoinformation\&. -.RE -.PP -/etc/gshadow -.RS 4 -S\(:aker gruppkontoinformation\&. -.RE -.PP -/etc/passwd -.RS 4 -Anv\(:andarkontoinformation\&. -.RE -.PP -/etc/shadow -.RS 4 -S\(:aker anv\(:andarkontoinformation\&. -.RE -.SH "SE OCKS\(oA" -.PP -\fBvi\fR(1), -\fBgroup\fR(5), -\fBgshadow\fR(5) -, -\fBpasswd\fR(5), , -\fBshadow\fR(5)\&. diff --git a/man/tr/Makefile.in b/man/tr/Makefile.in deleted file mode 100644 index 8c940256..00000000 --- a/man/tr/Makefile.in +++ /dev/null @@ -1,640 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/tr -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/tr -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = \ - man1/chage.1 \ - man1/chfn.1 \ - man8/groupadd.8 \ - man8/groupdel.8 \ - man8/groupmod.8 \ - man1/login.1 \ - man1/passwd.1 \ - man5/passwd.5 \ - man5/shadow.5 \ - man1/su.1 \ - man8/useradd.8 \ - man8/userdel.8 \ - man8/usermod.8 - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/tr/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/tr/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man5 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man5 \ - uninstall-man8 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/useradd.8.xml b/man/useradd.8.xml index d697d487..8d56301c 100644 --- a/man/useradd.8.xml +++ b/man/useradd.8.xml @@ -307,7 +307,7 @@ </para> Example: <option>-K</option> <replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> can be used when creating system account to turn off password - ageing, even though system account has no password at all. + aging, even though system account has no password at all. Multiple <option>-K</option> options can be specified, e.g.: <option>-K</option> <replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>  <option>-K</option> <replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable> @@ -326,7 +326,7 @@ </para> <para> By default, the user's entries in the lastlog and faillog - databases are resetted to avoid reusing the entry from a previously + databases are reset to avoid reusing the entry from a previously deleted user. </para> </listitem> @@ -351,7 +351,7 @@ </varlistentry> <varlistentry> <term> - <option>-M</option> + <option>-M</option>, <option>--no-create-home</option> </term> <listitem> <para> @@ -433,7 +433,7 @@ </para> <para> Note that <command>useradd</command> will not create a home - directory for such an user, regardless of the default setting + directory for such a user, regardless of the default setting in <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). You have to specify the <option>-m</option> options if you want a home directory for a diff --git a/man/usermod.8.xml b/man/usermod.8.xml index e1ffdfb7..daf7ad3c 100644 --- a/man/usermod.8.xml +++ b/man/usermod.8.xml @@ -481,8 +481,7 @@ not executing any processes when this command is being executed if the user's numerical user ID, the user's name, or the user's home directory is being changed. <command>usermod</command> checks this - on Linux, but only check if the user is logged in according to utmp - on other architectures. + on Linux. On other platforms it only uses utmp to check if the user is logged in. </para> <para> You must change the owner of any <command>crontab</command> files or diff --git a/man/zh_CN/Makefile.in b/man/zh_CN/Makefile.in deleted file mode 100644 index 49d9c665..00000000 --- a/man/zh_CN/Makefile.in +++ /dev/null @@ -1,740 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@USE_PAM_FALSE@am__append_1 = $(man_nopam) -@USE_PAM_TRUE@am__append_2 = $(man_nopam) -DIST_COMMON = $(srcdir)/../generate_translations.mak \ - $(srcdir)/../generate_mans.mak $(srcdir)/Makefile.in \ - $(srcdir)/Makefile.am -subdir = man/zh_CN -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@/zh_CN -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = man1/chage.1 man1/chfn.1 man8/chgpasswd.8 man8/chpasswd.8 \ - man1/chsh.1 man1/expiry.1 man5/faillog.5 man8/faillog.8 \ - man3/getspnam.3 man1/gpasswd.1 man8/groupadd.8 man8/groupdel.8 \ - man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ - man8/grpconv.8 man8/grpunconv.8 man5/gshadow.5 man8/lastlog.8 \ - man1/login.1 man5/login.defs.5 man8/logoutd.8 man1/newgrp.1 \ - man8/newusers.8 man8/nologin.8 man1/passwd.1 man5/passwd.5 \ - man8/pwck.8 man8/pwconv.8 man8/pwunconv.8 man1/sg.1 \ - man3/shadow.3 man5/shadow.5 man1/su.1 man5/suauth.5 \ - man8/useradd.8 man8/userdel.8 man8/usermod.8 man8/vigr.8 \ - man8/vipw.8 $(am__append_1) -man_nopam = \ - man5/limits.5 \ - man5/login.access.5 \ - man5/porttime.5 - -EXTRA_DIST = $(man_MANS) man1/id.1 man8/sulogin.8 $(am__append_2) -LANG = $(notdir $(CURDIR)) -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam -@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow -@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb -@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids -@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids -CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/zh_CN/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/zh_CN/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; -$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak: - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man3: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man3dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.3[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ - done; } - -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man3dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.3[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -@ENABLE_REGENERATE_MAN_FALSE@clean-local: -clean: clean-am - -clean-am: clean-generic clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man3 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ - uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - clean-local cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man3 install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags-am uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-man3 uninstall-man5 uninstall-man8 - - -@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in -@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml -@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml ../po/$(LANG).po -@ENABLE_REGENERATE_MAN_TRUE@ xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@ -@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^<refentry .*\)>:\1 lang="$(LANG)">:' $@ - -@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml -@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^<!-- SHADOW-CONFIG-HERE -->/<!ENTITY % config SYSTEM "config.xml">%config;/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ else \ -@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(<!DOCTYPE .*docbookx.dtd"\)>/\1 [<!ENTITY % config SYSTEM "config.xml">%config;]>/' $< > $@; \ -@ENABLE_REGENERATE_MAN_TRUE@ fi - -@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml -@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ -@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ -@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ -@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< - -@ENABLE_REGENERATE_MAN_TRUE@clean-local: -@ENABLE_REGENERATE_MAN_TRUE@ for d in man1 man3 man5 man8; do [ -d $$d ] && rmdir $$d; done - -#$(man_MANS): -# @echo you need to run configure with --enable-man to generate man pages -# @false - -@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 - -@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 - -@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/man/zh_CN/man1/chage.1 b/man/zh_CN/man1/chage.1 deleted file mode 100644 index 3a969b02..00000000 --- a/man/zh_CN/man1/chage.1 +++ /dev/null @@ -1,176 +0,0 @@ -'\" t -.\" Title: chage -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "CHAGE" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -chage \- ę›“ę”¹ē”ØꈷåƆē čæ‡ęœŸäæ”ęÆ -.SH "大ēŗ²" -.HP \w'\fBchage\fR\ 'u -\fBchage\fR [\fI选锹\fR] \fIē™»å½•\fR -.SH "ꏏčæ°" -.PP -The -\fBchage\fR -command changes the number of days between password changes and the date of the last password change\&. This information is used by the system to determine when a user must change his/her password\&. -.SH "选锹" -.PP -\fBchage\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-d\fR, \fB\-\-lastday\fR\ \&\fILAST_DAY\fR -.RS 4 -Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. -.RE -.PP -\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -Set the date or number of days since January 1, 1970 on which the user\*(Aqs account will no longer be accessible\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. -.sp -\fIEXPIRE_DATE\fR -č®¾ē½®äøŗ -\fI\-1\fR -会ē§»é™¤č“¦ęˆ·ēš„čæ‡ęœŸę—„ꜟ怂 -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -Set the number of days of inactivity after a password has expired before the account is locked\&. The -\fIINACTIVE\fR -option is the number of days of inactivity\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. -.sp -\fIINACTIVE\fR -č®¾ē½®äøŗ -\fI\-1\fR -会ē§»é™¤č“¦ęˆ·ē¦ē”ØåŠŸčƒ½ć€‚ -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -ēŽ°å®žč“¦ęˆ·å¹“龄äæ”ęÆ怂 -.RE -.PP -\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR -.RS 4 -åœØåƆē ę›“ę”¹ä¹‹é—“ēš„ęœ€å°å¤©ę•°č®¾ē½®äøŗ -\fIMIN_DAYS\fRć€‚ę­¤å­—ę®µäø­ēš„ 0 值č”Øē¤ŗē”ØꈷåÆ仄åœØä»»ä½•ę—¶é—“ę›“ę”¹å…¶åƆē ć€‚ -.RE -.PP -\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR -.RS 4 -Set the maximum number of days during which a password is valid\&. When -\fIMAX_DAYS\fR -plus -\fILAST_DAY\fR -is less than the current day, the user will be required to change his/her password before being able to use his/her account\&. This occurrence can be planned for in advance by use of the -\fB\-W\fR -option, which provides the user with advance warning\&. -.sp -\fIMAX_DAYS\fR -č®¾ē½®äøŗ -\fI\-1\fR -会ē§»é™¤åƆē ęœ‰ę•ˆę€§ę£€ęŸ„怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR -.RS 4 -Set the number of days of warning before a password change is required\&. The -\fIWARN_DAYS\fR -option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire\&. -.RE -.PP -å¦‚ęžœę²”ęœ‰é€‰ę‹©ä»»ä½•é€‰é”¹ļ¼Œ\fBchage\fR -会čæ›å…„äŗ¤äŗ’ęؔ式ļ¼Œä»„ę‰€ęœ‰å­—ę®µēš„å½“å‰å€¼ęē¤ŗē”Øęˆ·ć€‚č¾“å…„äø€äøŖę–°å€¼åÆä»„ę›“ę”¹čæ™äŗ›å­—ꮵļ¼Œęˆ–者ē•™ē©ŗä½æē”Øå½“å‰å€¼ć€‚å½“å‰å€¼å‡ŗēŽ°åœØ -\fI[ ]\fR -ꠇ记åÆ¹é‡Œć€‚ -.SH "ę³Øꄏ" -.PP -\fBchage\fR -éœ€č¦ęœ‰äø€äøŖ影子åƆē ę–‡ä»¶ę‰åÆē”Ø怂 -.PP -åŖ꜉ root ꉍåÆ仄ä½æē”Ø -\fBchage\fRļ¼Œäø€äøŖē‰¹ę®Šęƒ…况ę˜Æ -\fB\-l\fR -选锹ļ¼Œē”Øę„č®©éžē‰¹ęƒē”Øęˆ·č§‰å¾—č‡Ŗå·±ēš„åƆē ęˆ–č“¦ęˆ·ä½•ę—¶čæ‡ęœŸć€‚ -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "退å‡ŗ值" -.PP -\fBchage\fR -å‘½ä»¤ęœ‰å¦‚äø‹é€€å‡ŗ值ļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI1\fR -.RS 4 -ꝃ限äøå¤Ÿ -.RE -.PP -\fI2\fR -.RS 4 -ꗠꕈēš„命令čÆ­ę³• -.RE -.PP -\fI15\fR -.RS 4 -ę— ę³•ę‰¾åˆ°å½±å­åƆē ę–‡ä»¶ -.RE -.SH "å‚č§" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man1/chfn.1 b/man/zh_CN/man1/chfn.1 deleted file mode 100644 index 15692677..00000000 --- a/man/zh_CN/man1/chfn.1 +++ /dev/null @@ -1,161 +0,0 @@ -'\" t -.\" Title: chfn -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "CHFN" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -chfn \- ę›“ę”¹ēœŸåå’Œäæ”ęÆ -.SH "大ēŗ²" -.HP \w'\fBchfn\fR\ 'u -\fBchfn\fR [\fI选锹\fR] [\fIē™»å½•\fR] -.SH "ꏏčæ°" -.PP -The -\fBchfn\fR -command changes user fullname, office room number, office phone number, and home phone number information for a user\*(Aqs account\&. This information is typically printed by -\fBfinger\fR(1) -and similar programs\&. A normal user may only change the fields for her own account, subject to the restrictions in -/etc/login\&.defs\&. (The default configuration is to prevent users from changing their fullname\&.) The superuser may change any field for any account\&. Additionally, only the superuser may use the -\fB\-o\fR -option to change the undefined portions of the GECOS field\&. -.PP -These fields must not contain any colons\&. Except for the -\fIother\fR -field, they should not contain any comma or equal sign\&. It is also recommended to avoid non\-US\-ASCII characters, but this is only enforced for the phone numbers\&. The -\fIother\fR -field is used to store accounting information used by other applications\&. -.SH "选锹" -.PP -\fBchfn\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fIFULL_NAME\fR -.RS 4 -ę›“ę”¹ē”Øꈷēš„å…Ø名 -.RE -.PP -\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fIHOME_PHONE\fR -.RS 4 -Change the user\*(Aqs home phone number\&. -.RE -.PP -\fB\-o\fR, \fB\-\-other\fR\ \&\fIOTHER\fR -.RS 4 -Change the user\*(Aqs other GECOS information\&. This field is used to store accounting information used by other applications, and can be changed only by a superuser\&. -.RE -.PP -\fB\-r\fR, \fB\-\-room\fR\ \&\fIROOM_NUMBER\fR -.RS 4 -Change the user\*(Aqs room number\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-u\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fIWORK_PHONE\fR -.RS 4 -Change the user\*(Aqs office phone number\&. -.RE -.PP -If none of the options are selected, -\fBchfn\fR -operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of -\fB[ ]\fR -marks\&. Without options, -\fBchfn\fR -prompts for the current user account\&. -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBCHFN_AUTH\fR (boolean) -.RS 4 -å¦‚ęžœäøŗ -\fIyes\fRļ¼Œ\fBchfn\fR -čæ›č”Œä»»ä½•ę›“ę”¹å‰éƒ½č¦č¦ę±‚č®¤čƁļ¼Œé™¤éžē”±č¶…ēŗ§ē”Øꈷčæč”Œć€‚ -.RE -.PP -\fBCHFN_RESTRICT\fR (string) -.RS 4 -This parameter specifies which values in the -\fIgecos\fR -field of the -/etc/passwd -file may be changed by regular users using the -\fBchfn\fR -program\&. It can be any combination of letters -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR, for Full name, Room number, Work phone, and Home phone, respectively\&. For backward compatibility, -\fIyes\fR -is equivalent to -\fIrwh\fR -and -\fIno\fR -is equivalent to -\fIfrwh\fR\&. If not specified, only the superuser can make any changes\&. The most restrictive setting is better achieved by not installing -\fBchfn\fR -SUID\&. -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -ę­¤å­—ē¬¦äø²ē”ØäŗŽęē¤ŗč¾“å…„åƆē ć€‚é»˜č®¤ę˜Æ "Password: "ļ¼Œęˆ–者ēæ»čƑäŗ†ēš„ē»“ęžœ(걉čÆ­äø­ēæ»čƑäøŗäŗ†\(lqåƆē ļ¼š\(rq)ć€‚å¦‚ęžœč®¾ē½®äŗ†ę­¤å˜é‡ļ¼Œęē¤ŗäøä¼šč¢«ēæ»čÆ‘ć€‚ -.sp -å¦‚ęžœå­—ē¬¦äø²åŒ…含 -\fI%s\fRļ¼Œå°†ä¼šč¢«ē”Øęˆ·åę›æę¢ć€‚ -.RE -.SH "ꖇ件" -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBchsh\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/zh_CN/man1/chsh.1 b/man/zh_CN/man1/chsh.1 deleted file mode 100644 index 8eeecd0b..00000000 --- a/man/zh_CN/man1/chsh.1 +++ /dev/null @@ -1,119 +0,0 @@ -'\" t -.\" Title: chsh -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "CHSH" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -chsh \- ę›“ę”¹ē™»å½• shell -.SH "大ēŗ²" -.HP \w'\fBchsh\fR\ 'u -\fBchsh\fR [\fI选锹\fR] [\fIē™»å½•\fR] -.SH "ꏏčæ°" -.PP -The -\fBchsh\fR -command changes the user login shell\&. This determines the name of the user\*(Aqs initial login command\&. A normal user may only change the login shell for her own account; the superuser may change the login shell for any account\&. -.SH "选锹" -.PP -\fBchsh\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -ē”Øꈷēš„ę–°ē™»å½• shell ēš„名ē§°ć€‚å°†ę­¤å­—ę®µč®¾ē½®äøŗē©ŗä¼šč®©ē³»ē»Ÿé€‰ę‹©é»˜č®¤ēš„ē™»å½• shell怂 -.RE -.PP -If the -\fB\-s\fR -option is not selected, -\fBchsh\fR -operates in an interactive fashion, prompting the user with the current login shell\&. Enter the new value to change the shell, or leave the line blank to use the current one\&. The current shell is displayed between a pair of -\fI[ ]\fR -marks\&. -.SH "ę³Øꄏ" -.PP -The only restriction placed on the login shell is that the command name must be listed in -/etc/shells, unless the invoker is the superuser, and then any value may be added\&. An account with a restricted login shell may not change her login shell\&. For this reason, placing -/bin/rsh -in -/etc/shells -is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell back to its original value\&. -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBCHSH_AUTH\fR (boolean) -.RS 4 -å¦‚ęžœ -\fIyes\fRļ¼Œ\fBchsh\fR -ē؋åŗåœØåšä»»ä½•ę›“ę”¹ä¹‹å‰éƒ½ä¼šč¦ę±‚č®¤čƁļ¼Œé™¤éžę˜Æ仄超ēŗ§ē”Øꈷčŗ«ä»½čæč”Œēš„怂 -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -ę­¤å­—ē¬¦äø²ē”ØäŗŽęē¤ŗč¾“å…„åƆē ć€‚é»˜č®¤ę˜Æ "Password: "ļ¼Œęˆ–者ēæ»čƑäŗ†ēš„ē»“ęžœ(걉čÆ­äø­ēæ»čƑäøŗäŗ†\(lqåƆē ļ¼š\(rq)ć€‚å¦‚ęžœč®¾ē½®äŗ†ę­¤å˜é‡ļ¼Œęē¤ŗäøä¼šč¢«ēæ»čÆ‘ć€‚ -.sp -å¦‚ęžœå­—ē¬¦äø²åŒ…含 -\fI%s\fRļ¼Œå°†ä¼šč¢«ē”Øęˆ·åę›æę¢ć€‚ -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shells -.RS 4 -åÆē”Øēš„ē™»å½• shell ēš„列č”Ø怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "å‚č§" -.PP -\fBchfn\fR(1), -\fBlogin.defs\fR(5), -\fBpasswd\fR(5)\&. diff --git a/man/zh_CN/man1/expiry.1 b/man/zh_CN/man1/expiry.1 deleted file mode 100644 index ee1cbfb9..00000000 --- a/man/zh_CN/man1/expiry.1 +++ /dev/null @@ -1,73 +0,0 @@ -'\" t -.\" Title: expiry -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "EXPIRY" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -expiry \- check and enforce password expiration policy -.SH "大ēŗ²" -.HP \w'\fBexpiry\fR\ 'u -\fBexpiry\fR \fI选锹\fR -.SH "ꏏčæ°" -.PP -The -\fBexpiry\fR -command checks (\fB\-c\fR) the current password expiration and forces (\fB\-f\fR) changes when required\&. It is callable as a normal user command\&. -.SH "选锹" -.PP -\fBexpiry\fR -选锹åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-c\fR, \fB\-\-check\fR -.RS 4 -Check the password expiration of the current user\&. -.RE -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -å¦‚ęžœē”ØꈷåƆē čæ‡ęœŸļ¼Œåˆ™å¼ŗ制ē”Øꈷäæ®ę”¹åƆē ć€‚ -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBpasswd\fR(5), -\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man1/gpasswd.1 b/man/zh_CN/man1/gpasswd.1 deleted file mode 100644 index 152b104f..00000000 --- a/man/zh_CN/man1/gpasswd.1 +++ /dev/null @@ -1,228 +0,0 @@ -'\" t -.\" Title: gpasswd -.\" Author: Rafal Maszkowski -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "GPASSWD" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -gpasswd \- ē®”ē†å‘˜ /etc/group 和 /etc/gshadow -.SH "大ēŗ²" -.HP \w'\fBgpasswd\fR\ 'u -\fBgpasswd\fR [\fI选锹\fR] \fIgroup\fR -.SH "ꏏčæ°" -.PP -The -\fBgpasswd\fR -command is used to administer -/etc/group, and /etc/gshadow\&. Every group can have -administrators, -members and a password\&. -.PP -System administrators can use the -\fB\-A\fR -option to define group administrator(s) and the -\fB\-M\fR -option to define members\&. They have all rights of group administrators and members\&. -.PP -\fBgpasswd\fR -called by -a group administrator -with a group name only prompts for the new password of the -\fIgroup\fR\&. -.PP -If a password is set the members can still use -\fBnewgrp\fR(1) -without a password, and non\-members must supply the password\&. -.SS "čÆ·ę³Øꄏē»„åƆē " -.PP -Group passwords are an inherent security problem since more than one person is permitted to know the password\&. However, groups are a useful tool for permitting co\-operation between different users\&. -.SH "选锹" -.PP -除äŗ† -\fB\-A\fR -和 -\fB\-M\fR -选锹ļ¼Œå…¶å®ƒé€‰é”¹äøčƒ½č”合ä½æē”Ø怂 -.PP -\fBgpasswd\fR -åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser\fR -.RS 4 -向名äøŗ -\fIgroup\fR -ēš„ē»„äø­ę·»åŠ ē”Øꈷ -\fIuser\fR怂 -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser\fR -.RS 4 -从名äøŗ -\fIgroup\fR -ēš„ē»„äø­ē§»é™¤ē”Øꈷ -\fIuser\fR怂 -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-Q\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-r\fR, \fB\-\-remove\-password\fR -.RS 4 -Remove the password from the named -\fIgroup\fR\&. The group password will be empty\&. Only group members will be allowed to use -\fBnewgrp\fR -to join the named -\fIgroup\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-restrict\fR -.RS 4 -Restrict the access to the named -\fIgroup\fR\&. The group password is set to "!"\&. Only group members with a password will be allowed to use -\fBnewgrp\fR -to join the named -\fIgroup\fR\&. -.RE -.PP -\fB\-A\fR, \fB\-\-administrators\fR\ \&\fIuser\fR,\&.\&.\&. -.RS 4 -č®¾ē½®ęœ‰ē®”ē†ęƒé™ēš„ē”Øęˆ·åˆ—č”Ø怂 -.RE -.PP -\fB\-M\fR, \fB\-\-members\fR\ \&\fIuser\fR,\&.\&.\&. -.RS 4 -č®¾ē½®ē»„ęˆå‘˜åˆ—č”Ø怂 -.RE -.SH "CAVEATS" -.PP -This tool only operates on the -/etc/groupand /etc/gshadow files\&. -Thus you cannot change any NIS or LDAP group\&. This must be performed on the corresponding server\&. -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -čæ™å®šä¹‰äŗ†ē³»ē»ŸåŠ åƆåƆē ēš„é»˜č®¤ē®—ę³•(å¦‚ęžœę²”ęœ‰åœØå‘½ä»¤č”ŒäøŠęŒ‡å®šē®—ę³•)怂 -.sp -åÆ仄ä½æē”Ø如äø‹å€¼ļ¼š\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -ę³Øꄏļ¼Œę­¤å‚ę•°ä¼šč¦†ē›– -\fBMD5_CRYPT_ENAB\fR -å˜é‡ć€‚ -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -č”Øē¤ŗåƆē ę˜Æ否åæ…é”»ä½æē”ØåŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å¦‚ęžœč®¾äøŗ -\fIyes\fRļ¼Œę–°åƆē å°†ä½æē”ØåÆä»„å’Œę–°ē‰ˆ FreeBSD 兼容ēš„åŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å®ƒę”Æꌁꗠ限é•æåŗ¦ēš„åƆē ä»„åŠę›“é•æēš„ē›å­—ē¬¦äø²ć€‚å¦‚ęžœę‚Øéœ€č¦å°†åŠ åƆēš„åƆē å¤åˆ¶åˆ°å…¶å®ƒäøē†č§£ę–°ē®—ę³•ēš„ē³»ē»Ÿļ¼Œč®¾ē½®äøŗ -\fIno\fRć€‚é»˜č®¤å€¼ę˜Æ -\fIno\fR怂 -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -ę­¤å˜é‡å·²ē»åŗŸå¼ƒć€‚ę‚Øåŗ”čÆ„ä½æē”Ø -\fBENCRYPT_METHOD\fR怂 -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -\fBENCRYPT_METHOD\fR -č®¾äøŗ -\fISHA256\fR -ꈖ -\fISHA512\fR -ę—¶ļ¼Œę­¤é”¹ē”®å®šåŠ åƆē®—ę³•é»˜č®¤ä½æē”Ø SHA č½®č½¬ę•°ē›®(å½“č½®č½¬ę•°ę²”ęœ‰é€ščæ‡å‘½ä»¤č”ŒęŒ‡å®šę—¶)怂 -.sp -ä½æē”Øå¾ˆå¤šč½®č½¬ļ¼Œä¼šč®©ęš“力ē “č§£ę›“åŠ å›°éš¾ć€‚ä½†ę˜Æéœ€č¦ę³Øꄏļ¼Œč®¤čƁē”Øęˆ·ę—¶ä¹Ÿä¼šéœ€č¦ę›“å¤šēš„ CPU 资ęŗć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œlibc ä¼šé€‰ę‹©é»˜č®¤ēš„č½®č½¬ę•°(5000)怂 -.sp -值åæ…é”»åœØ 1000 \- 999,999,999 ä¹‹é—“ć€‚ -.sp -å¦‚ęžœåŖč®¾ē½®äŗ†äø€äøŖ -\fBSHA_CRYPT_MIN_ROUNDS\fR -ꈖ -\fBSHA_CRYPT_MAX_ROUNDS\fR -值ļ¼Œå°±ä¼šä½æē”Øčæ™äøŖå€¼ć€‚ -.sp -å¦‚ęžœ -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fRļ¼Œå°†ä¼šä½æē”Ø大ēš„é‚£äøŖ怂 -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBnewgrp\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBgrpck\fR(8), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/groups.1 b/man/zh_CN/man1/groups.1 deleted file mode 100644 index 6a503a9b..00000000 --- a/man/zh_CN/man1/groups.1 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: groups -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "GROUPS" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -groups \- ēŽ°å®žå½“前ē»„名 -.SH "大ēŗ²" -.HP \w'\fBgroups\fR\ 'u -\fBgroups\fR [\fIē”Øꈷ\fR] -.SH "ꏏčæ°" -.PP -The -\fBgroups\fR -command displays the current group names or ID values\&. If the value does not have a corresponding entry in -/etc/group, the value will be displayed as the numerical group value\&. The optional -\fIuser\fR -parameter will display the groups for the named -\fIuser\fR\&. -.SH "ę³Øꄏ" -.PP -Systems which do not support concurrent group sets will have the information from -/etc/group -reported\&. The user must use -\fBnewgrp\fR -or -\fBsg\fR -to change his current real and effective group ID\&. -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBnewgrp\fR(1), -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2)\&. diff --git a/man/zh_CN/man1/id.1 b/man/zh_CN/man1/id.1 deleted file mode 100644 index 8e72b0f2..00000000 --- a/man/zh_CN/man1/id.1 +++ /dev/null @@ -1,60 +0,0 @@ -'\" t -.\" Title: id -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "ID" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -id \- display current user and group ID names -.SH "大ēŗ²" -.HP \w'\fBid\fR\ 'u -\fBid\fR [\-a] -.SH "ꏏčæ°" -.PP -The -\fBid\fR -command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in -/etc/passwd -or -/etc/group, the value will be displayed without the corresponding name\&. The optional -\fB\-a\fR -flag will display the group set on systems which support multiple concurrent group membership\&. -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBgetgid\fR(2), -\fBgetgroups\fR(2), -\fBgetuid\fR(2) diff --git a/man/zh_CN/man1/login.1 b/man/zh_CN/man1/login.1 deleted file mode 100644 index 010eaae4..00000000 --- a/man/zh_CN/man1/login.1 +++ /dev/null @@ -1,481 +0,0 @@ -'\" t -.\" Title: login -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "LOGIN" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -login \- åœØē³»ē»ŸäøŠåÆåŠØ回čƝ -.SH "大ēŗ²" -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIäø»ęœŗ\fR] [\fIē”Øęˆ·å\fR] [\fIENV=VAR\fR...] -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] [\-h\ \fIäø»ęœŗ\fR] \-f \fIē”Øęˆ·å\fR -.HP \w'\fBlogin\fR\ 'u -\fBlogin\fR [\-p] \-r\ \fIäø»ęœŗ\fR -.SH "ꏏčæ°" -.PP -The -\fBlogin\fR -program is used to establish a new session with the system\&. It is normally invoked automatically by responding to the -\fIlogin:\fR -prompt on the user\*(Aqs terminal\&. -\fBlogin\fR -may be special to the shell and may not be invoked as a sub\-process\&. When called from a shell, -\fBlogin\fR -should be executed as -\fBexec login\fR -which will cause the user to exit from the current shell (and thus will prevent the new logged in user to return to the session of the caller)\&. Attempting to execute -\fBlogin\fR -from any shell but the login shell will produce an error message\&. -.PP -The user is then prompted for a password, where appropriate\&. Echoing is disabled to prevent revealing the password\&. Only a small number of password failures are permitted before -\fBlogin\fR -exits and the communications link is severed\&. -.PP -If password aging has been enabled for your account, you may be prompted for a new password before proceeding\&. You will be forced to provide your old password and the new password before continuing\&. Please refer to -\fBpasswd\fR(1) -for more information\&. -.PP -After a successful login, you will be informed of any system messages and the presence of mail\&. You may turn off the printing of the system message file, -/etc/motd, by creating a zero\-length file -\&.hushlogin -in your login directory\&. The mail message will be one of "\fIYou have new mail\&.\fR", "\fIYou have mail\&.\fR", or "\fINo Mail\&.\fR" according to the condition of your mailbox\&. -.PP -Your user and group ID will be set according to their values in the -/etc/passwd -file\&. The value for -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$PATH\fR, -\fB$LOGNAME\fR, and -\fB$MAIL\fR -are set according to the appropriate fields in the password entry\&. Ulimit, umask and nice values may also be set according to entries in the GECOS field\&. -.PP -On some installations, the environmental variable -\fB$TERM\fR -will be initialized to the terminal type on your tty line, as specified in -/etc/ttytype\&. -.PP -å‘½ä»¤č§£é‡Šå™Øēš„åˆå§‹åŒ–č„šęœ¬ä¹ŸåÆčƒ½ę‰§č”Œć€‚čÆ·å‚č€ƒę‰‹å†Œäø­ē›øåŗ”ēš„ē« čŠ‚ę„čŽ·å–å…³äŗŽę­¤åŠŸčƒ½ēš„ꛓ多äæ”ęÆ怂 -.PP -åœØē™»å½• shell äø­ä»„ē¬¬äø€äøŖ字ē¬¦ę˜Æ\(lq*\(rqꠇę³Øēš„ę˜Æ子ē³»ē»Ÿē™»å½•ć€‚ē»™å®šēš„äø»ē›®å½•å°†č¢«ē”ØäŗŽē”Øęˆ·å®žé™…ē™»å½•ēš„ꖰꖇ件ē³»ē»Ÿēš„ę ¹ć€‚ -.PP -The -\fBlogin\fR -program is NOT responsible for removing users from the utmp file\&. It is the responsibility of -\fBgetty\fR(8) -and -\fBinit\fR(8) -to clean up apparent ownership of a terminal session\&. If you use -\fBlogin\fR -from the shell prompt without -\fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&. -.SH "选锹" -.PP -\fB\-f\fR -.RS 4 -äøč¦ę‰§č”Œč®¤čƁļ¼Œē”Øęˆ·å·²ē»é¢„认čƁčæ‡ć€‚ -.sp -ę³Øꄏļ¼šę­¤ę—¶ļ¼Œ\fIusername\fR -ę˜Æå¼ŗ制ēš„怂 -.RE -.PP -\fB\-h\fR -.RS 4 -ę­¤ē™»å½•ēš„čæœē؋äø»ęœŗåć€‚ -.RE -.PP -\fB\-p\fR -.RS 4 -äæē•™ēŽÆå¢ƒć€‚ -.RE -.PP -\fB\-r\fR -.RS 4 -äøŗ rlogin (čæœē؋ē™»å½•)ę‰§č”Œ autologin (č‡ŖåŠØē™»å½•)åč®®ć€‚ -.RE -.PP -\fB\-r\fR, -\fB\-h\fR -and -\fB\-f\fR -åŖčƒ½ē”ØäŗŽ root ä½æē”Ø -\fBlogin\fR -ꗶ怂 -.SH "CAVEATS" -.PP -ę­¤ē‰ˆęœ¬ēš„ -\fBlogin\fR -ęœ‰å¾ˆå¤šē¼–čƑ选锹ļ¼ŒåŖ꜉äø€éƒØ分åÆ仄åœØ任何ē«™ē‚¹ä½æē”Ø怂 -.PP -ꖇ件ēš„位ē½®ē”±ē³»ē»Ÿé…ē½®å†³å®šć€‚ -.PP -The -\fBlogin\fR -program is NOT responsible for removing users from the utmp file\&. It is the responsibility of -\fBgetty\fR(8) -and -\fBinit\fR(8) -to clean up apparent ownership of a terminal session\&. If you use -\fBlogin\fR -from the shell prompt without -\fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&. -.PP -As with any program, -\fBlogin\fR\*(Aqs appearance can be faked\&. If non\-trusted users have physical access to a machine, an attacker could use this to obtain the password of the next person coming to sit in front of the machine\&. Under Linux, the SAK mechanism can be used by users to initiate a trusted path and prevent this kind of attack\&. -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBCONSOLE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œęˆ–者ę˜ÆåŒ…å«č®¾å¤‡å(ę²”č”Œäø€äøŖ)ēš„ꖇ件ēš„å®Œę•“č·Æ径名ļ¼Œęˆ–者ę˜Æ\(lq:\(rq分隔ēš„č®¾å¤‡ååˆ—č”Øć€‚å°†åŖ会åœØčæ™å†™č®¾å¤‡äøŠå…č®ø root ē™»å½•ć€‚ -.sp -å¦‚ęžœę²”ęœ‰å®šä¹‰ļ¼ŒåÆ仄åœØä»»ä½•č®¾å¤‡äøŠä½æē”Ø root怂 -.sp -ęŒ‡å®šēš„č®¾å¤‡ę—¶äøåø¦ /dev/ 前ē¼€ć€‚ -.RE -.PP -\fBCONSOLE_GROUPS\fR (string) -.RS 4 -åœØęŽ§åˆ¶å°ē™»å½•ę—¶ļ¼Œę·»åŠ åˆ°ē”Øęˆ·é™„åŠ ē»„集äø­ēš„ē»„列č”Ø(就如 CONSOLE ꉀē”®å®šēš„)ć€‚é»˜č®¤ę˜Æꗠ怂 -ä½æē”Øę—¶éœ€č¦ę³Øꄏļ¼ščæ™åÆčƒ½ä½æē”Øęˆ·čŽ·å–čæ™äŗ›ē»„ēš„ę°øä¹…ęƒé™ļ¼Œē”šč‡³ē™»å½•åˆ°ēš„äøę˜Æę­¤ęŽ§åˆ¶å°ę—¶ć€‚ -.RE -.PP -\fBDEFAULT_HOME\fR (boolean) -.RS 4 -å¦‚ęžœäøčƒ½ cd 到äø»ē›®å½•ę—¶ļ¼ŒčÆ“ę˜Žę˜Æ否允č®øē™»å½•ć€‚é»˜č®¤ę˜Æå¦ć€‚ -.sp -å¦‚ęžœč®¾ē½®äøŗ -\fIyes\fRļ¼Œå¦‚ęžœäøčƒ½ cd 到äø»ē›®å½•ę—¶ļ¼Œē”Øęˆ·å°†ä¼šē™»å½•åˆ°ę ¹ē›®å½•(/)怂 -.RE -.PP -\fBENV_HZ\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œå°†ä¼šē”ØäŗŽåœØē”Øꈷē™»å½•ę—¶å®šä¹‰ HZ ēŽÆå¢ƒå˜é‡ć€‚å€¼åæ…锻仄 -\fIHZ=\fR -å¼€å¤“ć€‚Linux äøŠēš„åøøē”Ø值ę˜Æ -\fIHZ=100\fR怂 -.RE -.PP -\fBENV_PATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œå®ƒå°†ē”ØäŗŽåœØē”Øꈷē™»å½•ę—¶å®šä¹‰ TZ ēŽÆå¢ƒå˜é‡ć€‚ę­¤å€¼åÆ仄ę˜Æ仄 -\fITZ=\fR -开夓ēš„ę—¶åŒŗ名(例如 -\fITZ=CST6CDT\fR)ļ¼Œęˆ–者ę˜ÆåŒ…å«ę—¶åŒŗč§„åˆ™ēš„ę–‡ä»¶å®Œę•“č·Æ径(例如 -/etc/tzname)怂 -.sp -å¦‚ęžœå°†å®Œę•“č·Æå¾„ęŒ‡å®šäøŗäŗ†äø€äøŖäøå­˜åœØꈖäøåÆčÆ»ēš„ꖇ件ļ¼Œåˆ™é»˜č®¤ä½æē”Ø -\fITZ=CST6CDT\fR怂 -.RE -.PP -\fBENVIRON_FILE\fR (string) -.RS 4 -å¦‚ęžœę­¤ę–‡ä»¶å­˜åœØļ¼Œå¹¶äø”åÆčÆ»ļ¼Œå°†ä¼šä»Žäø­čƻ取ē™»å½•ēŽÆå¢ƒć€‚ę‰€ęœ‰č”Œéƒ½åæ…é”»ę˜Æ name=value ēš„ę ¼å¼ć€‚ -.sp -仄 # 开夓ēš„č”Œå°†č§†äøŗę³Ø释ļ¼Œå¹¶č¢«åæ½ē•„怂 -.RE -.PP -\fBERASECHAR\fR (number) -.RS 4 -ē»ˆē«Æę“¦é™¤å­—ē¬¦ (\fI010\fR -= backspace, -\fI0177\fR -= DEL)怂 -.sp -ę­¤å€¼åÆ仄ä½æē”Ø前ē¼€\(lq0\(rqč”Øē¤ŗ八čæ›åˆ¶ļ¼Œ\(lq0x\(rqč”Øē¤ŗ十六čæ›åˆ¶ć€‚ -.RE -.PP -\fBFAIL_DELAY\fR (number) -.RS 4 -ē™»å½•å¤±č“„后ļ¼Œē­‰å¾…多少ē§’ę‰å†å…č®øē™»å½•ć€‚ -.RE -.PP -\fBFAILLOG_ENAB\fR (boolean) -.RS 4 -允č®øē™»å½•å¹¶ę˜¾ē¤ŗ -/var/log/faillog -ē™»å½•å¤±č“„äæ”ęÆ怂 -.RE -.PP -\fBFAKE_SHELL\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œ\fBlogin\fR -å°†ę‰§č”Œę­¤ shell 而äøę˜ÆåœØ -/etc/passwd -äø­ęŒ‡å®šēš„ē”Øꈷ shell怂 -.RE -.PP -\fBFTMP_FILE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰ļ¼Œē™»å½•å¤±č“„会仄 utmp ę ¼å¼č®°å½•åœØꭤꖇ件äø­ć€‚ -.RE -.PP -\fBHUSHLOGIN_FILE\fR (string) -.RS 4 -If defined, this file can inhibit all the usual chatter during the login sequence\&. If a full pathname is specified, then hushed mode will be enabled if the user\*(Aqs name or shell are found in the file\&. If not a full pathname, then hushed mode will be enabled if the file exists in the user\*(Aqs home directory\&. -.RE -.PP -\fBISSUE_FILE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œę­¤ę–‡ä»¶å°†åœØęÆę¬”ēš„ē™»å½•ęē¤ŗ之前ēŽ°å®žć€‚ -.RE -.PP -\fBKILLCHAR\fR (number) -.RS 4 -ē»ˆē«Æ KILL 字ē¬¦ (\fI025\fR -= CTRL/U)怂 -.sp -ę­¤å€¼åÆ仄ä½æē”Ø前ē¼€\(lq0\(rqč”Øē¤ŗ八čæ›åˆ¶ļ¼Œ\(lq0x\(rqč”Øē¤ŗ十六čæ›åˆ¶ć€‚ -.RE -.PP -\fBLASTLOG_ENAB\fR (boolean) -.RS 4 -允č®øč®°å½•å’Œę˜¾ē¤ŗ /var/log/lastlog ē™»å½•ę—¶é—“äæ”ęÆ怂 -.RE -.PP -\fBLOGIN_RETRIES\fR (number) -.RS 4 -åƆē é”™čÆÆę—¶ļ¼Œé‡čƕēš„ęœ€å¤§ę¬”ꕰ怂 -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -ę­¤å­—ē¬¦äø²ē”ØäŗŽęē¤ŗč¾“å…„åƆē ć€‚é»˜č®¤ę˜Æ "Password: "ļ¼Œęˆ–者ēæ»čƑäŗ†ēš„ē»“ęžœ(걉čÆ­äø­ēæ»čƑäøŗäŗ†\(lqåƆē ļ¼š\(rq)ć€‚å¦‚ęžœč®¾ē½®äŗ†ę­¤å˜é‡ļ¼Œęē¤ŗäøä¼šč¢«ēæ»čÆ‘ć€‚ -.sp -å¦‚ęžœå­—ē¬¦äø²åŒ…含 -\fI%s\fRļ¼Œå°†ä¼šč¢«ē”Øęˆ·åę›æę¢ć€‚ -.RE -.PP -\fBLOGIN_TIMEOUT\fR (number) -.RS 4 -ęœ€å¤§ē™»å½•ę—¶é—“(仄ē§’äøŗ单位)怂 -.RE -.PP -\fBLOG_OK_LOGINS\fR (boolean) -.RS 4 -允č®øč®°å½•ęˆåŠŸē™»å½•ć€‚ -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (boolean) -.RS 4 -åœØč®°å½•åˆ°ē™»å½•å¤±č“„ę—¶ļ¼Œå…č®øč®°å½•ęœŖēŸ„ē”Øęˆ·åć€‚ -.sp -ę³Øꄏļ¼šå¦‚ęžœē”Øꈷäøå°åæƒå°†åƆē č¾“å…„到äŗ†ē™»å½•åäø­ļ¼Œč®°å½•ęœŖēŸ„ē”Øęˆ·ååÆčƒ½ę˜Æäø€äøŖ安å…Øéšę‚£ć€‚ -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolean) -.RS 4 -åÆē”Øē™»å½•ę—¶ę£€ęŸ„和ēŽ°å®žé‚®ē®±ēŠ¶ę€ć€‚ -.sp -å¦‚ęžœ shell ēš„åÆåŠØę–‡ä»¶å·²ē»ę£€ęŸ„äŗ†é‚®ä»¶("mailx \-e" ęˆ–č€…å…¶å®ƒåŒåŠŸčƒ½ēš„å·„具)ļ¼Œę‚Øåŗ”čÆ„ē¦ē”Øå®ƒć€‚ -.RE -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -邮ē®±ē›®å½•ć€‚äæ®ę”¹ęˆ–删除ē”Øęˆ·č“¦ęˆ·ę—¶éœ€č¦å¤„ē†é‚®ē®±ļ¼Œå¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œå°†ä½æē”Øē¼–čÆ‘ę—¶ęŒ‡å®šēš„é»˜č®¤å€¼ć€‚ -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -定义ē”Øęˆ·é‚®ē®±ę–‡ä»¶ēš„位ē½®(ē›øåƹäŗŽäø»ē›®å½•)怂 -.RE -.PP -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -变量ē”± -\fBuseradd\fRļ¼Œ\fBusermod\fR -和 -\fBuserdel\fR -ē”ØäŗŽåˆ›å»ŗ态ē§»åŠØęˆ–åˆ é™¤ē”Øęˆ·é‚®ē®±ć€‚ -.PP -å¦‚ęžœ -\fBMAIL_CHECK_ENAB\fR -č®¾ē½®äøŗ -\fIyes\fRļ¼Œå®ƒä»¬ä¹Ÿč¢«ē”ØäŗŽå®šä¹‰ -\fBMAIL\fR -ēŽÆå¢ƒå˜é‡ć€‚ -.PP -\fBMOTD_FILE\fR (string) -.RS 4 -If defined, ":" delimited list of "message of the day" files to be displayed upon login\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (string) -.RS 4 -If defined, name of file whose presence will inhibit non\-root logins\&. The contents of this file should be a message indicating why logins are inhibited\&. -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (boolean) -.RS 4 -Enable checking of time restrictions specified in -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (boolean) -.RS 4 -Enable setting of resource limits from -/etc/limits -and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. -.RE -.PP -\fBTTYGROUP\fR (string), \fBTTYPERM\fR (string) -.RS 4 -The terminal permissions: the login tty will be owned by the -\fBTTYGROUP\fR -group, and the permissions will be set to -\fBTTYPERM\fR\&. -.sp -By default, the ownership of the terminal is set to the user\*(Aqs primary group and the permissions are set to -\fI0600\fR\&. -.sp -\fBTTYGROUP\fR -can be either the name of a group or a numeric group identifier\&. -.sp -If you have a -\fBwrite\fR -program which is "setgid" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620\&. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (string) -.RS 4 -If defined, file which maps tty line to TERM environment parameter\&. Each line of the file is in a format something like "vt100 tty01"\&. -.RE -.PP -\fBULIMIT\fR (number) -.RS 4 -默认 -\fBulimit\fR -å€¼ć€‚ -.RE -.PP -\fBUMASK\fR (number) -.RS 4 -ꖇ件ęؔ式创å»ŗꎩē åˆå§‹åŒ–äøŗę­¤å€¼ć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼ŒęŽ©ē åˆå§‹åŒ–äøŗ 022怂 -.sp -\fBuseradd\fR -和 -\fBnewusers\fR -ä½æē”Øꭤꎩē č®¾ē½®å®ƒä»¬åˆ›å»ŗēš„ē”Øꈷäø»ē›®å½•ēš„ęØ”å¼ć€‚ -.sp -ä¹Ÿč¢« -\fBlogin\fR -ē”ØäŗŽęŒ‡å®šē”Øꈷēš„初始 umask怂ę³Øꄏļ¼Œę­¤ęŽ©ē åÆä»„č¢«ē”Øꈷēš„ GECOS č”Œč¦†ē›–(å½“č®¾ē½®äŗ† -\fBQUOTAS_ENAB\fR -ę—¶)ļ¼Œä¹ŸåÆä»„č¢«åø¦ -\fIK\fR -ꌇē¤ŗē¬¦ēš„ -\fBlimits\fR(5) -定义ēš„é™åˆ¶å€¼č¦†ē›–怂 -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -å¦‚ęžœ uid 和 gid ē›ø同ļ¼Œē”Øęˆ·åå’Œäø»ē”Øęˆ·åä¹Ÿē›ø同ļ¼Œä½æ非 root ē»„ēš„ē»„ꎩē ä½å’Œå±žäø»ä½ē›ø同 (如ļ¼š022 \-> 002, 077 \-> 007)怂 -.sp -å¦‚ęžœč®¾ē½®äøŗ -\fIyes\fRļ¼Œå¦‚ęžœē»„äø­ę²”ęœ‰ęˆå‘˜äŗ†ļ¼Œ\fBuserdel\fR -将ē§»é™¤ę­¤ē”Øꈷē»„ļ¼Œ\fBuseradd\fR -创å»ŗē”Øęˆ·ę—¶ļ¼Œä¹Ÿä¼šåˆ›å»ŗäø€äøŖ同名ēš„é»˜č®¤ē»„怂 -.RE -.SH "ꖇ件" -.PP -/var/run/utmp -.RS 4 -当前ē™»å½•ä¼ščƝēš„列č”Ø怂 -.RE -.PP -/var/log/wtmp -.RS 4 -先前ēš„ē™»å½•ä¼ščƝ列č”Ø怂 -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/motd -.RS 4 -System message of the day file\&. -.RE -.PP -/etc/nologin -.RS 4 -é˜»ę­¢éž root ē”Øꈷē™»å½•ć€‚ -.RE -.PP -/etc/ttytype -.RS 4 -ē»ˆē«Æē±»åž‹åˆ—č”Ø怂 -.RE -.PP -$HOME/\&.hushlogin -.RS 4 -é˜»ę­¢ēŽ°å®žē³»ē»Ÿäæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "å‚č§" -.PP -\fBmail\fR(1), -\fBpasswd\fR(1), -\fBsh\fR(1), -\fBsu\fR(1), -\fBlogin.defs\fR(5), -\fBnologin\fR(5), -\fBpasswd\fR(5), -\fBsecuretty\fR(5), -\fBgetty\fR(8)\&. diff --git a/man/zh_CN/man1/newgrp.1 b/man/zh_CN/man1/newgrp.1 deleted file mode 100644 index 81da7fa1..00000000 --- a/man/zh_CN/man1/newgrp.1 +++ /dev/null @@ -1,98 +0,0 @@ -'\" t -.\" Title: newgrp -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "NEWGRP" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -newgrp \- ē™»å½•åˆ°äø€äøŖꖰē»„ -.SH "大ēŗ²" -.HP \w'\fBnewgrp\fR\ 'u -\fBnewgrp\fR [\-] [\fIgroup\fR] -.SH "ꏏčæ°" -.PP -The -\fBnewgrp\fR -command is used to change the current group ID during a login session\&. If the optional -\fB\-\fR -flag is given, the user\*(Aqs environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged\&. -.PP -\fBnewgrp\fR -changes the current real group ID to the named group, or to the default group listed in -/etc/passwd -if no group name is given\&. -\fBnewgrp\fR -also tries to add the group to the user groupset\&. If not root, the user will be prompted for a password if she does not have a password (in -/etc/shadow -if this user has an entry in the shadowed password file, or in -/etc/passwd -otherwise) and the group does, or if the user is not listed as a member and the group has a password\&. The user will be denied access if the group password is empty and the user is not listed as a member\&. -.PP -If there is an entry for this group in -/etc/gshadow, then the list of members and the password of this group will be taken from this file, otherwise, the entry in -/etc/group -is considered\&. -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -允č®ø\(lqsyslog\(rqč®°å½• -\fBsg\fR -ēš„ę“»åŠØ怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBsu\fR(1), -\fBsg\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/passwd.1 b/man/zh_CN/man1/passwd.1 deleted file mode 100644 index f106a78d..00000000 --- a/man/zh_CN/man1/passwd.1 +++ /dev/null @@ -1,347 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "PASSWD" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -passwd \- ę›“ę”¹ē”ØꈷåƆē  -.SH "大ēŗ²" -.HP \w'\fBpasswd\fR\ 'u -\fBpasswd\fR [\fI选锹\fR] [\fIē™»å½•\fR] -.SH "ꏏčæ°" -.PP -\fBpasswd\fR -命令ē”Øę„ę›“ę”¹ē”Øꈷ蓦ꈷēš„åƆē ć€‚ꙮ通ē”Øęˆ·é€šåøøåŖę›“ę”¹å…¶č‡Ŗå·±č“¦ęˆ·ēš„åƆē ļ¼Œč€Œč¶…ēŗ§ē”ØꈷåÆä»„ę›“ę”¹ä»»ä½•č“¦ęˆ·ēš„åƆē ć€‚\fBpasswd\fR -ä¹Ÿę›“ę”¹č“¦ęˆ·ęˆ–ē›ø关ēš„åƆē ęœ‰ę•ˆęœŸć€‚ -.SS "åƆē ę›“ę”¹" -.PP -å¦‚ęžœęœ‰ę—§åƆē ļ¼Œé¦–å…ˆęē¤ŗē”Øęˆ·č¾“å…„ę—§åƆē ć€‚加åƆčæ™äøŖåƆē ē„¶åŽå’Œå­˜å‚Øēš„åƆē čæ›č”ŒęÆ”č¾ƒć€‚ē”ØꈷåŖ꜉äø€ę¬”ęœŗä¼šč¾“å…„ę­£ē”®åƆē ć€‚允č®ø超ēŗ§ē”Øꈷē•„čæ‡čæ™äøŖę­„éŖ¤ļ¼Œä»„ä¾æę›“ę”¹åæ˜č®°äŗ†ēš„åƆē ć€‚ -.PP -č¾“å…„äŗ†åƆē ä¹‹åŽļ¼Œä¼šę£€ęŸ„åƆē å¹“龄äæ”ęÆļ¼Œä»„ęŸ„ēœ‹ę­¤ę—¶ę˜Æ否允č®øē”Øęˆ·ę›“ę”¹åƆē ć€‚å¦‚ęžœäøå…č®øļ¼Œ\fBpasswd\fR -ꋒē»ę›“ę”¹åƆē ļ¼Œē„¶åŽé€€å‡ŗ怂 -.PP -ꏐē¤ŗē”Øęˆ·č¾“å…„äø¤ę¬”ꖰåƆē ć€‚ē¬¬äŗŒę¬”和ē¬¬äø€ę¬”čæ›č”ŒęÆ”č¾ƒļ¼Œå¹¶äø”éœ€č¦ē›øåŒę‰čƒ½ę›“ę”¹åƆē ć€‚ -.PP -ē„¶åŽļ¼Œęµ‹čƕåƆē ēš„č“Ÿč“£ē؋åŗ¦ć€‚äø€čˆ¬ę„č®²ļ¼ŒåƆē åŗ”čƄ包含 6 到 8 位字ē¬¦ļ¼Œä»Žäø‹č¾¹ēš„äø€äøŖęˆ–å¤šäøŖ集合äø­é€‰ę‹©ļ¼š -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -小写字ęƍ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ę•°å­— 0 到 9 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ꠇē‚¹ē¬¦å· -.RE -.PP -åæ…锻要ē•™ę„äøčƒ½åŒ…含ē³»ē»Ÿé»˜č®¤ēš„ę“¦é™¤å’Œę€ę­»å­—ē¬¦ć€‚\fBpasswd\fR -ä¼šę‹’ē»å¤ę‚åŗ¦äøę»”č¶³č¦ę±‚ēš„åƆē ć€‚ -.SS "关äŗŽē”ØꈷåƆē ēš„ꏐē¤ŗ" -.PP -åƆē ēš„安å…Øę€§ä¾čµ–äŗŽåŠ åƆē®—ę³•ēš„å¼ŗåŗ¦å’ŒåƆ钄ē©ŗé—“ēš„å¤§å°ć€‚ę—§ēš„ -\fIUNIX\fR -ē³»ē»ŸåŠ åƆē®—ę³•åŸŗäŗŽ NBS DES ē®—ę³•ć€‚ęŽØ荐ä½æē”Øꛓꖰēš„ē®—ę³•(ęŸ„ēœ‹ -\fBENCRYPT_METHOD\fR)怂åƆ钄ē©ŗé—“ēš„å¤§å°ä¾čµ–äŗŽé€‰ę‹©ēš„åƆē ēš„随ęœŗꀧ怂 -.PP -ē”±äŗŽē²—åæƒåœ°ęˆ–处ē†é€‰ę‹©åƆē ļ¼Œä¼šå±åŠåƆē ēš„安å…Ø怂ē”±äŗŽčæ™äøŖ原因ļ¼Œę‚Øäøåŗ”čÆ„é€‰ę‹©å‡ŗēŽ°åœØčƍå…øäø­ęˆ–者åæ…é”»č¦å†™äø‹ę„ę‰čƒ½č®°ä½ēš„åƆē ć€‚åƆē ä¹Ÿäøåŗ”čÆ„ę˜Æäø€äøŖåå­—ć€č®øåÆčÆå·ć€ē”Ÿę—„ęˆ–č€…č”—é“å·ć€‚ę‰€ęœ‰čæ™äŗ›åÆ仄ē”ØäŗŽēŒœęµ‹ę„ęŸå®³ē³»ē»Ÿå®‰å…Ø怂 -.PP -ę‚ØåÆ仄åœØåœØ http://zh\&.wikipedia\&.org/zh\-cn/åƆē å¼ŗåŗ¦ ę‰¾åˆ°ę€Žę ·é€‰ę‹©å¼ŗ壮åƆē ēš„å»ŗ议怂 -.SH "选锹" -.PP -\fBpasswd\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -ę­¤é€‰é”¹åŖčƒ½å’Œ -\fB\-S\fR -äø€čµ·ä½æē”Øļ¼Œę„ę˜¾ē¤ŗꉀ꜉ē”Øꈷēš„ēŠ¶ę€ć€‚ -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR -.RS 4 -删除ē”ØꈷåƆē (č®©å®ƒäøŗē©ŗ)怂čæ™ę˜Æē¦ē”Øäø€äøŖē”ØꈷåƆē ēš„åæ«é€Ÿę–¹ę³•ć€‚å®ƒå°†č®¾ē½®ē»™å‡ŗ名ē§°ēš„č“¦ęˆ·ć€‚ -.RE -.PP -\fB\-e\fR, \fB\-\-expire\fR -.RS 4 -让äø€äøŖ蓦ꈷēš„åƆē ē«‹å³čæ‡ęœŸć€‚čæ™åÆ仄å¼ŗ制äø€äøŖē”Øꈷäø‹ę¬”ē™»å½•ę—¶ę›“ę”¹åƆē ć€‚ -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -ę­¤é€‰é”¹ē”ØäŗŽåœØåƆē čæ‡ęœŸäø€å®šå¤©ę•°ä¹‹åŽē¦ē”Øč“¦ęˆ·ć€‚äø€äøŖē”Øꈷ蓦ꈷåƆē å·²ē»čæ‡ęœŸ -\fIINACTIVE\fR -天之后ļ¼Œē”Øęˆ·å°†äøčƒ½å†ē™»å½•čæ›č“¦ęˆ·ć€‚ -.RE -.PP -\fB\-k\fR, \fB\-\-keep\-tokens\fR -.RS 4 -č”Øē¤ŗåƆē ę›“ę”¹åŖåŗ”čÆ„å› äøŗ认čƁ口令(åƆē )čæ‡ęœŸę›“ę”¹ć€‚ē”ØꈷåøŒęœ›äæęŒä»–们尚ęœŖčæ‡ęœŸēš„å£ä»¤ć€‚ -.RE -.PP -\fB\-l\fR, \fB\-\-lock\fR -.RS 4 -é”å®šęŒ‡å®šč“¦ęˆ·ēš„åƆē ć€‚ę­¤é€‰é”¹é€ščæ‡å°†åƆē ę›“ę”¹äøŗäø€äøŖäøåÆčƒ½äøŽåŠ åƆ值匹配ēš„å€¼ę„ē¦ē”Ø(它åœØåƆē å¼€å¤“ę·»åŠ äø€äøŖ\(lq!\(rq)怂 -.sp -ę³Øꄏļ¼Œčæ™å¹¶ę²”꜉ē¦ē”Øę­¤č“¦ęˆ·ć€‚ē”Øęˆ·ä»ē„¶åÆ仄通čæ‡å…¶å®ƒč®¤čÆę–¹å¼(如 SSH åƆē )ę„ē™»å½•ć€‚要ē¦ē”Øꭤ蓦ꈷļ¼Œē®”ē†å‘˜éœ€č¦ä½æē”Ø -\fBusermod \-\-expiredate 1\fR -(č®¾ē½®č“¦ęˆ·ēš„čæ‡ęœŸę—¶é—“äøŗ1970幓1꜈2ę—„)怂 -.sp -č¢«é”å®šäŗ†åƆē ēš„ē”Øꈷäøå…č®øę›“ę”¹åƆē ć€‚ -.RE -.PP -\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR -.RS 4 -åœØåƆē ę›“ę”¹ä¹‹é—“ēš„ęœ€å°å¤©ę•°č®¾ē½®äøŗ -\fIMIN_DAYS\fRć€‚ę­¤å­—ę®µäø­ēš„ 0 值č”Øē¤ŗē”ØꈷåÆ仄åœØä»»ä½•ę—¶é—“ę›“ę”¹å…¶åƆē ć€‚ -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -安静ęØ”å¼ć€‚ -.RE -.PP -\fB\-r\fR, \fB\-\-repository\fR\ \&\fIREPOSITORY\fR -.RS 4 -åœØ -\fIREPOSITORY\fR -äø­ę›“ę”¹åƆē  -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-S\fR, \fB\-\-status\fR -.RS 4 -ę˜¾ē¤ŗ蓦ꈷēŠ¶ę€äæ”ęÆ怂ēŠ¶ę€äæ”ęÆ包含 7 äøŖå­—ę®µć€‚é¦–äøŖå­—ę®µę˜Æē”Øꈷēš„ē™»å½•åļ¼Œē¬¬äŗŒäøŖå­—ę®µč”Øē¤ŗē”Øꈷ蓦ꈷę˜Æ否已ē»é”å®šåƆē (L)ć€ę²”ęœ‰åƆē  (NP)ꈖ者åƆē åÆē”Ø(P)ļ¼Œē¬¬äø‰äøŖå­—ę®µē»™å‡ŗęœ€åŽäø€ę¬”ę›“ę”¹åƆē ēš„ę—„ęœŸć€‚ęŽ„äø‹ę„ēš„å››äøŖå­—ę®µåˆ†åˆ«ę˜ÆåƆē ēš„ęœ€å°å¹“é¾„ć€ęœ€å¤§å¹“é¾„ć€č­¦å‘ŠęœŸå’Œē¦ē”Øꜟ怂čæ™äŗ›å¹“龄仄天äøŗå•ä½č®”ē®—怂 -.RE -.PP -\fB\-u\fR, \fB\-\-unlock\fR -.RS 4 -č§£é”ęŒ‡å®šē”Øꈷēš„åƆē ć€‚ę­¤ę“ä½œé€ščæ‡å°†åƆē ę”¹å›žå…ˆå‰å€¼(ę”¹å›žä½æē”Ø -\fB\-l\fR -之前ēš„值)重ꖰåÆē”ØåƆē ć€‚ -.RE -.PP -\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR -.RS 4 -č®¾ē½®åœØč¦ę±‚ę›“ę”¹åƆē ä¹‹å‰č­¦å‘Šēš„å¤©ę•°ć€‚\fIWARN_DAYS\fR -选锹ę˜ÆåœØåƆē čæ‡ęœŸä¹‹å‰ęå‰č­¦å‘Šēš„å¤©ę•°ć€‚ -.RE -.PP -\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR -.RS 4 -č®¾ē½®åƆē ä»ē„¶ęœ‰ę•ˆēš„ęœ€å¤§å¤©ę•°ć€‚\fIMAX_DAYS\fR -之后ļ¼ŒåƆē ä¼šč¦ę±‚ę›“ę”¹ć€‚ -.RE -.SH "CAVEATS" -.PP -åƆē å¤ę‚ę€§ę£€ęŸ„åœØęƏ台ęœŗå™Øé—“äøåŒć€‚ē”Øꈷåŗ”čÆ„é€‰ę‹©é€‚åˆēš„å°½é‡å¤ę‚ēš„åƆē ć€‚ -.PP -åœØåÆåŠØäŗ† NIS ēš„ē³»ē»ŸäøŠļ¼Œå¦‚ęžœę²”꜉ē™»å½• NIS ęœåŠ”å™Øļ¼Œē”Øęˆ·ęˆ–č®øäøčƒ½ę›“ę”¹č‡Ŗå·±ēš„åƆē ć€‚ -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -čæ™å®šä¹‰äŗ†ē³»ē»ŸåŠ åƆåƆē ēš„é»˜č®¤ē®—ę³•(å¦‚ęžœę²”ęœ‰åœØå‘½ä»¤č”ŒäøŠęŒ‡å®šē®—ę³•)怂 -.sp -åÆ仄ä½æē”Ø如äø‹å€¼ļ¼š\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -ę³Øꄏļ¼Œę­¤å‚ę•°ä¼šč¦†ē›– -\fBMD5_CRYPT_ENAB\fR -å˜é‡ć€‚ -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -č”Øē¤ŗåƆē ę˜Æ否åæ…é”»ä½æē”ØåŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å¦‚ęžœč®¾äøŗ -\fIyes\fRļ¼Œę–°åƆē å°†ä½æē”ØåÆä»„å’Œę–°ē‰ˆ FreeBSD 兼容ēš„åŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å®ƒę”Æꌁꗠ限é•æåŗ¦ēš„åƆē ä»„åŠę›“é•æēš„ē›å­—ē¬¦äø²ć€‚å¦‚ęžœę‚Øéœ€č¦å°†åŠ åƆēš„åƆē å¤åˆ¶åˆ°å…¶å®ƒäøē†č§£ę–°ē®—ę³•ēš„ē³»ē»Ÿļ¼Œč®¾ē½®äøŗ -\fIno\fRć€‚é»˜č®¤å€¼ę˜Æ -\fIno\fR怂 -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -ę­¤å˜é‡å·²ē»åŗŸå¼ƒć€‚ę‚Øåŗ”čÆ„ä½æē”Ø -\fBENCRYPT_METHOD\fR怂 -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (boolean) -.RS 4 -åƹåƆē ę›“ę”¹åÆē”Øé™„åŠ ę£€ęŸ„ć€‚ -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (boolean) -.RS 4 -å¦‚ęžœę˜Æ rootļ¼Œč­¦å‘Šå¼±åƆē ļ¼Œä½†ę˜Æ仍ē„¶å…č®øä½æē”Ø怂 -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (number) -.RS 4 -åÆ仄尝čÆ•ę›“ę”¹åƆē ēš„ęœ€å¤§ę¬”ꕰ(å¤Ŗå®¹ę˜“)怂 -.RE -.PP -\fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) -.RS 4 -crypt() ēš„ęœ‰ę•ˆå­—ē¬¦ä½ę•°ć€‚\fBPASS_MAX_LEN\fR -默认ę˜Æ 8ļ¼Œé™¤éžę‚Øč‡Ŗå·±ēš„ crypt() ę›“å„½ļ¼Œå¦åˆ™äøč¦ę›“ę”¹ć€‚å¦‚ęžœ -\fBMD5_CRYPT_ENAB\fR -č®¾äøŗ -\fIyes\fRļ¼Œä¼šč¢«åæ½ē•„怂 -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -\fBENCRYPT_METHOD\fR -č®¾äøŗ -\fISHA256\fR -ꈖ -\fISHA512\fR -ę—¶ļ¼Œę­¤é”¹ē”®å®šåŠ åƆē®—ę³•é»˜č®¤ä½æē”Ø SHA č½®č½¬ę•°ē›®(å½“č½®č½¬ę•°ę²”ęœ‰é€ščæ‡å‘½ä»¤č”ŒęŒ‡å®šę—¶)怂 -.sp -ä½æē”Øå¾ˆå¤šč½®č½¬ļ¼Œä¼šč®©ęš“力ē “č§£ę›“åŠ å›°éš¾ć€‚ä½†ę˜Æéœ€č¦ę³Øꄏļ¼Œč®¤čƁē”Øęˆ·ę—¶ä¹Ÿä¼šéœ€č¦ę›“å¤šēš„ CPU 资ęŗć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œlibc ä¼šé€‰ę‹©é»˜č®¤ēš„č½®č½¬ę•°(5000)怂 -.sp -值åæ…é”»åœØ 1000 \- 999,999,999 ä¹‹é—“ć€‚ -.sp -å¦‚ęžœåŖč®¾ē½®äŗ†äø€äøŖ -\fBSHA_CRYPT_MIN_ROUNDS\fR -ꈖ -\fBSHA_CRYPT_MAX_ROUNDS\fR -值ļ¼Œå°±ä¼šä½æē”Øčæ™äøŖå€¼ć€‚ -.sp -å¦‚ęžœ -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fRļ¼Œå°†ä¼šä½æē”Ø大ēš„é‚£äøŖ怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "退å‡ŗ值" -.PP -\fBpasswd\fR -命令退å‡ŗļ¼Œå¹¶čæ”回如äø‹å€¼ļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI1\fR -.RS 4 -ꝃ限äøå¤Ÿ -.RE -.PP -\fI2\fR -.RS 4 -ꗠꕈēš„选锹ē»„合 -.RE -.PP -\fI3\fR -.RS 4 -ę„å¤–ēš„å¤±č“„ļ¼Œä»€ä¹ˆä¹Ÿę²”ęœ‰åšć€‚ -.RE -.PP -\fI4\fR -.RS 4 -ę„å¤–ēš„å¤±č“„ļ¼Œpasswd -ꖇ件äø¢å¤± -.RE -.PP -\fI5\fR -.RS 4 -passwd -ꖇ件åæ™ļ¼ŒčƷ重čƕ -.RE -.PP -\fI6\fR -.RS 4 -ē»™äŗ†é€‰é”¹äø€äøŖꗠꕈēš„å‚ę•° -.RE -.SH "å‚č§" -.PP -\fBchpasswd\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBlogin.defs\fR(5),\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man1/sg.1 b/man/zh_CN/man1/sg.1 deleted file mode 100644 index b4c40fda..00000000 --- a/man/zh_CN/man1/sg.1 +++ /dev/null @@ -1,95 +0,0 @@ -'\" t -.\" Title: sg -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "SG" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -sg \- 仄äøåŒēš„ē»„ ID ę‰§č”Œå‘½ä»¤ -.SH "大ēŗ²" -.HP \w'\fBsg\fR\ 'u -\fBsg\fR [\-] [ē»„\ [\-c]\ 命令] -.SH "ꏏčæ°" -.PP -\fBsg\fR -命令ē±»ä¼¼äŗŽ -\fBnewgrp\fRļ¼Œä½†ę˜ÆåÆä»„ęŽ„å—äø€äøŖå‘½ä»¤ć€‚čæ™äøŖ命令将会ä½æē”Ø -/bin/sh -shell ę„ę‰§č”Œć€‚åƹäŗŽę‚ØåÆ仄ä½æē”Ø -\fBsg\fR -åÆåŠØēš„å¤šę•° shellļ¼Œę‚Øéœ€č¦å°†å¤šäøŖčƍēš„命令ē”Øå¼•å·å¼•čµ·ę„ć€‚\fBnewgrp\fR -和 -\fBsg\fR -之闓ēš„另外äø€äøŖäøåŒē‚¹ę˜ÆꟐäŗ› shell åƹ -\fBnewgrp\fR -꜉ē‰¹ę®Šåƹ待ļ¼Œä¼šä½æē”Ø -\fBnewgrp\fR -创å»ŗēš„äø€äøŖꖰēš„ shell 实例ę›æę¢č‡Ŗčŗ«ć€‚čæ™äøä¼šå‘ē”ŸåœØ -\fBsg\fR -čŗ«äøŠļ¼Œę‰€ä»„从 -\fBsg\fR -退å‡ŗ后ļ¼Œę‚Ø会čæ”回到先前ēš„ē»„ ID怂 -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -允č®ø\(lqsyslog\(rqč®°å½• -\fBsg\fR -ēš„ę“»åŠØ怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBid\fR(1), -\fBlogin\fR(1), -\fBnewgrp\fR(1), -\fBsu\fR(1), -\fBgpasswd\fR(1), -\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/su.1 b/man/zh_CN/man1/su.1 deleted file mode 100644 index c83ea8f6..00000000 --- a/man/zh_CN/man1/su.1 +++ /dev/null @@ -1,425 +0,0 @@ -'\" t -.\" Title: su -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē”Øęˆ·å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "SU" "1" "2014-05-09" "shadow\-utils 4\&.2" "ē”Øęˆ·å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -su \- ę›“ę”¹ē”Øꈷ ID ꈖꈐäøŗ超ēŗ§ē”Øꈷ -.SH "大ēŗ²" -.HP \w'\fBsu\fR\ 'u -\fBsu\fR [\fI选锹\fR] [\fIē”Øęˆ·å\fR] -.SH "ꏏčæ°" -.PP -\fBsu\fR -ē”ØäŗŽč®©ē”ØꈷåœØē™»å½•ęœŸé—“å˜ęˆå¦å¤–äø€äøŖē”Øęˆ·ć€‚åŽč¾¹äøåø¦ -\fBusername\fR -ä½æē”Øę—¶ļ¼Œ\fBsu\fR -é»˜č®¤ä¼šå˜ęˆč¶…ēŗ§ē”Øęˆ·ć€‚åÆ选ēš„选锹 -\fB\-\fRļ¼ŒåÆ仄ē”ØäŗŽęä¾›äø€äøŖē±»ä¼¼äŗŽē”Øꈷē›“ꎄē™»å½•ēš„ēŽÆ境ļ¼Œē”ØꈷåÆčƒ½ęœŸęœ›ę˜Æčæ™ę ·ēš„怂 -.PP -é™„åŠ å‚ę•°åÆ仄åœØē”Øęˆ·åä¹‹åŽęä¾›ļ¼Œčæ™ę—¶ļ¼Œå°†ä¼šęŠŠä»–ä»¬ęä¾›ē»™ē”Øꈷēš„ē™»å½• shell怂ē‰¹åˆ«åœ°ļ¼Œå‚ę•° -\fB\-c\fR -将会ä½æäø‹äø€äøŖå‚ę•°č¢«å¤šę•°å‘½ä»¤č§£é‡Šå™Ø视äøŗå‘½ä»¤ć€‚čæ™äøŖå‘½ä»¤ä¼šč¢« -/etc/passwd -äø­äøŗē›®ę ‡ē”Øęˆ·ęŒ‡å®šēš„ shell ę‰§č”Œć€‚ -.PP -ę‚ØåÆ仄ä½æē”Ø -\fB\-\-\fR -å‚ę•°å°† -\fBsu\fR -é€‰é”¹å’Œęä¾›ē»™ shell ēš„å‚ę•°åˆ†éš”å¼€ę„怂 -.PP -å¦‚ęžœåˆé€‚ļ¼Œå°†ęē¤ŗē”Øęˆ·č¾“å…„äø€äøŖåƆē ć€‚č¾“å…„ꗠꕈēš„åƆē ä¼šäŗ§ē”Ÿäø€äøŖ错čÆÆ궈ęÆ怂ꉀ꜉ēš„尝čƕļ¼Œę— č®ŗęˆåŠŸčæ˜ę˜Æå¤±č“„ļ¼Œéƒ½ä¼šč¢«č®°å½•ļ¼Œä»„ę£€ęµ‹åƹē³»ē»Ÿēš„껄ē”Ø怂 -.PP -当前ēŽÆ境会传递ē»™ę–° shell怂åƹäŗŽę™®é€šē”Øꈷļ¼Œ\fB$PATH\fR -ēš„值重ē½®äøŗ -/bin:/usr/binļ¼Œč€ŒåƹäŗŽč¶…ēŗ§ē”Øęˆ·åˆ™ę˜Æ -/sbin:/bin:/usr/sbin:/usr/bin怂čæ™ä¼šéš -/etc/login\&.defs -äø­ēš„ -\fBENV_PATH\fR -和 -\fBENV_SUPATH\fR -å€¼ę”¹å˜ć€‚ -.PP -åœØē™»å½• shell äø­ä»„ē¬¬äø€äøŖ字ē¬¦ę˜Æ\(lq*\(rqꠇę³Øēš„ę˜Æ子ē³»ē»Ÿē™»å½•ć€‚ē»™å®šēš„äø»ē›®å½•å°†č¢«ē”ØäŗŽē”Øęˆ·å®žé™…ē™»å½•ēš„ꖰꖇ件ē³»ē»Ÿēš„ę ¹ć€‚ -.SH "选锹" -.PP -\fBsu\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-c\fR, \fB\-\-command\fR\ \&\fICOMMAND\fR -.RS 4 -通čæ‡ä½æē”Ø其 -\fB\-c\fR -选锹ļ¼ŒęŒ‡å®šäø€äøŖē”± shell čæč”Œēš„å‘½ä»¤ć€‚ -.sp -The executed command will have no controlling terminal\&. This option cannot be used to execute interactive programs which need a controlling TTY\&. -.RE -.PP -\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR -.RS 4 -ęä¾›äø€äøŖē±»ä¼¼äŗŽē”Øꈷē›“ꎄē™»å½•ēš„ēŽÆ境ļ¼Œē”ØꈷåÆčƒ½ä¼šåøŒęœ›čæ™ę ·ć€‚ -.sp -When -\fB\-\fR -is used, it must be specified before any -\fBusername\fR\&. For portability it is recommended to use it as last option, before any -\fBusername\fR\&. The other forms (\fB\-l\fR -and -\fB\-\-login\fR) do not have this restriction\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -将ä½æē”Øēš„ shell怂 -.sp -ä½æē”Øēš„ shell åœØ如äø‹äø­é€‰ę‹©(高优先ēŗ§åœØ前)ļ¼š.PP -.RS 4 -通čæ‡ \-\-shell ęŒ‡å®šēš„ shell怂 -.RE -.PP -.RS 4 -å¦‚ęžœä½æē”Øäŗ† -\fB\-\-preserve\-environment\fRļ¼Œshell 将ē”± -\fB$SHELL\fR -ēŽÆå¢ƒå˜é‡ęŒ‡å®šć€‚ -.RE -.PP -.RS 4 -åœØ -/etc/passwd -ēš„ē›øåŗ”锹äø­äøŗē›®ę ‡ē”Øęˆ·ęŒ‡å®šēš„ shell怂 -.RE -.PP -.RS 4 -å¦‚ęžœę— ę³•é€ščæ‡ä»„äøŠåŠžę³•ę‰¾åˆ°äø€äøŖ shellļ¼Œåˆ™ä½æē”Ø -/bin/sh怂 -.RE -.sp -å¦‚ęžœē›®ę ‡ē”Øꈷēš„ shell ę˜Æęœ‰é™åˆ¶ēš„(即ļ¼Œ/etc/passwd -äø­ē”Øęˆ·é”¹äø­ēš„ shell å­—ę®µę²”ęœ‰åœØ -/etc/shells -äø­åˆ—å‡ŗ)ļ¼Œé‚£ä¹ˆ -\fB\-\-shell\fR -é€‰é”¹ęˆ– -\fB$SHELL\fR -ēŽÆ境变量äøä¼šåø¦å…„蓦ꈷļ¼Œé™¤éž -\fBsu\fR -ę˜Æč¢« root 调ē”Øēš„怂 -.RE -.PP -\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR -.RS 4 -äæē•™å½“前ēŽÆ境ļ¼Œé™¤éžļ¼š.PP -\fB$PATH\fR -.RS 4 -ę ¹ę® -/etc/login\&.defs -äø­ēš„ -\fBENV_PATH\fR -or -\fBENV_SUPATH\fR -é€‰é”¹é‡č®¾ (čƷ往äø‹ēœ‹) -.RE -.PP -\fB$IFS\fR -.RS 4 -å¦‚ęžœå·²ē»č®¾ē½®äŗ†ļ¼Œé‡č®¾ -\(lq<space><tab><newline>\(rq怂 -.RE -.sp -å¦‚ęžœē”Øꈷēš„ shell 受限ļ¼Œę­¤é€‰é”¹ę— ę•ˆ (除非ę˜Æ root 调ē”Øēš„ -\fBsu\fR)怂 -.sp -ę³Øꄏļ¼ŒēŽÆ境ēš„é»˜č®¤č”Œäøŗ如äø‹ļ¼š.PP -.RS 4 -The -\fB$HOME\fR, -\fB$SHELL\fR, -\fB$USER\fR, -\fB$LOGNAME\fR, -\fB$PATH\fR, 和 -\fB$IFS\fR -čæ™äŗ›ēŽÆå¢ƒå˜é‡ä¼šč¢«é‡ē½®ć€‚ -.RE -.PP -.RS 4 -å¦‚ęžœę²”ęœ‰ä½æē”Ø -\fB\-\-login\fRļ¼Œå¤åˆ¶ēŽÆ境ļ¼ŒäøŠčæ°å‡ äøŖå˜é‡é™¤å¤–ć€‚ -.RE -.PP -.RS 4 -å¦‚ęžœä½æē”Øäŗ† -\fB\-\-login\fRļ¼Œå¦‚ęžœč®¾ē½®äŗ† -\fB$TERM\fR, -\fB$COLORTERM\fR, -\fB$DISPLAY\fR -和 -\fB$XAUTHORITY\fRļ¼Œčæ™äŗ›ēŽÆå¢ƒå˜é‡ä¹Ÿä¼šč¢«é‡ē½®ć€‚ -.RE -.PP -.RS 4 -å¦‚ęžœä½æē”Øäŗ† -\fB\-\-login\fRļ¼ŒēŽÆ境变量 -\fB$TZ\fR, -\fB$HZ\fR, and -\fB$MAIL\fR -ä¹Ÿä¼šę ¹ę® -/etc/login\&.defs -äø­ēš„选锹 -\fBENV_TZ\fR, -\fBENV_HZ\fR, -\fBMAIL_DIR\fR -和 -\fBMAIL_FILE\fR -重ē½® (čÆ·ēœ‹äø‹č¾¹)怂 -.RE -.PP -.RS 4 -å¦‚ęžœä½æē”Øäŗ† -\fB\-\-login\fRļ¼Œå…¶å®ƒēŽÆ境变量åÆčƒ½ä¼šę ¹ę® -\fBENVIRON_FILE\fR -ę–‡ä»¶ę„č®¾ē½®(čÆ·ēœ‹äø‹č¾¹)怂 -.RE -.RE -.SH "CAVEATS" -.PP -ę­¤ē‰ˆęœ¬ēš„ -\fBsu\fR -ęœ‰å¾ˆå¤šē¼–čƑ选锹ļ¼ŒåœØꟐäŗ›ęœŗå™ØäøŠļ¼ŒåÆčƒ½åŖä½æē”Øäŗ†å…¶äø­ēš„äø€éƒØåˆ†ć€‚ -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBCONSOLE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œęˆ–者ę˜ÆåŒ…å«č®¾å¤‡å(ę²”č”Œäø€äøŖ)ēš„ꖇ件ēš„å®Œę•“č·Æ径名ļ¼Œęˆ–者ę˜Æ\(lq:\(rq分隔ēš„č®¾å¤‡ååˆ—č”Øć€‚å°†åŖ会åœØčæ™å†™č®¾å¤‡äøŠå…č®ø root ē™»å½•ć€‚ -.sp -å¦‚ęžœę²”ęœ‰å®šä¹‰ļ¼ŒåÆ仄åœØä»»ä½•č®¾å¤‡äøŠä½æē”Ø root怂 -.sp -ęŒ‡å®šēš„č®¾å¤‡ę—¶äøåø¦ /dev/ 前ē¼€ć€‚ -.RE -.PP -\fBCONSOLE_GROUPS\fR (string) -.RS 4 -åœØęŽ§åˆ¶å°ē™»å½•ę—¶ļ¼Œę·»åŠ åˆ°ē”Øęˆ·é™„åŠ ē»„集äø­ēš„ē»„列č”Ø(就如 CONSOLE ꉀē”®å®šēš„)ć€‚é»˜č®¤ę˜Æꗠ怂 -ä½æē”Øę—¶éœ€č¦ę³Øꄏļ¼ščæ™åÆčƒ½ä½æē”Øęˆ·čŽ·å–čæ™äŗ›ē»„ēš„ę°øä¹…ęƒé™ļ¼Œē”šč‡³ē™»å½•åˆ°ēš„äøę˜Æę­¤ęŽ§åˆ¶å°ę—¶ć€‚ -.RE -.PP -\fBDEFAULT_HOME\fR (boolean) -.RS 4 -å¦‚ęžœäøčƒ½ cd 到äø»ē›®å½•ę—¶ļ¼ŒčÆ“ę˜Žę˜Æ否允č®øē™»å½•ć€‚é»˜č®¤ę˜Æå¦ć€‚ -.sp -å¦‚ęžœč®¾ē½®äøŗ -\fIyes\fRļ¼Œå¦‚ęžœäøčƒ½ cd 到äø»ē›®å½•ę—¶ļ¼Œē”Øęˆ·å°†ä¼šē™»å½•åˆ°ę ¹ē›®å½•(/)怂 -.RE -.PP -\fBENV_HZ\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œå°†ä¼šē”ØäŗŽåœØē”Øꈷē™»å½•ę—¶å®šä¹‰ HZ ēŽÆå¢ƒå˜é‡ć€‚å€¼åæ…锻仄 -\fIHZ=\fR -å¼€å¤“ć€‚Linux äøŠēš„åøøē”Ø值ę˜Æ -\fIHZ=100\fR怂 -.RE -.PP -\fBENVIRON_FILE\fR (string) -.RS 4 -å¦‚ęžœę­¤ę–‡ä»¶å­˜åœØļ¼Œå¹¶äø”åÆčÆ»ļ¼Œå°†ä¼šä»Žäø­čƻ取ē™»å½•ēŽÆå¢ƒć€‚ę‰€ęœ‰č”Œéƒ½åæ…é”»ę˜Æ name=value ēš„ę ¼å¼ć€‚ -.sp -仄 # 开夓ēš„č”Œå°†č§†äøŗę³Ø释ļ¼Œå¹¶č¢«åæ½ē•„怂 -.RE -.PP -\fBENV_PATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œå®ƒå°†ē”ØäŗŽåœØē”Øꈷē™»å½•ę—¶å®šä¹‰ TZ ēŽÆå¢ƒå˜é‡ć€‚ę­¤å€¼åÆ仄ę˜Æ仄 -\fITZ=\fR -开夓ēš„ę—¶åŒŗ名(例如 -\fITZ=CST6CDT\fR)ļ¼Œęˆ–者ę˜ÆåŒ…å«ę—¶åŒŗč§„åˆ™ēš„ę–‡ä»¶å®Œę•“č·Æ径(例如 -/etc/tzname)怂 -.sp -å¦‚ęžœå°†å®Œę•“č·Æå¾„ęŒ‡å®šäøŗäŗ†äø€äøŖäøå­˜åœØꈖäøåÆčÆ»ēš„ꖇ件ļ¼Œåˆ™é»˜č®¤ä½æē”Ø -\fITZ=CST6CDT\fR怂 -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -ę­¤å­—ē¬¦äø²ē”ØäŗŽęē¤ŗč¾“å…„åƆē ć€‚é»˜č®¤ę˜Æ "Password: "ļ¼Œęˆ–者ēæ»čƑäŗ†ēš„ē»“ęžœ(걉čÆ­äø­ēæ»čƑäøŗäŗ†\(lqåƆē ļ¼š\(rq)ć€‚å¦‚ęžœč®¾ē½®äŗ†ę­¤å˜é‡ļ¼Œęē¤ŗäøä¼šč¢«ēæ»čÆ‘ć€‚ -.sp -å¦‚ęžœå­—ē¬¦äø²åŒ…含 -\fI%s\fRļ¼Œå°†ä¼šč¢«ē”Øęˆ·åę›æę¢ć€‚ -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolean) -.RS 4 -åÆē”Øē™»å½•ę—¶ę£€ęŸ„和ēŽ°å®žé‚®ē®±ēŠ¶ę€ć€‚ -.sp -å¦‚ęžœ shell ēš„åÆåŠØę–‡ä»¶å·²ē»ę£€ęŸ„äŗ†é‚®ä»¶("mailx \-e" ęˆ–č€…å…¶å®ƒåŒåŠŸčƒ½ēš„å·„具)ļ¼Œę‚Øåŗ”čÆ„ē¦ē”Øå®ƒć€‚ -.RE -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -邮ē®±ē›®å½•ć€‚äæ®ę”¹ęˆ–删除ē”Øęˆ·č“¦ęˆ·ę—¶éœ€č¦å¤„ē†é‚®ē®±ļ¼Œå¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œå°†ä½æē”Øē¼–čÆ‘ę—¶ęŒ‡å®šēš„é»˜č®¤å€¼ć€‚ -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -定义ē”Øęˆ·é‚®ē®±ę–‡ä»¶ēš„位ē½®(ē›øåƹäŗŽäø»ē›®å½•)怂 -.RE -.PP -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -变量ē”± -\fBuseradd\fRļ¼Œ\fBusermod\fR -和 -\fBuserdel\fR -ē”ØäŗŽåˆ›å»ŗ态ē§»åŠØęˆ–åˆ é™¤ē”Øęˆ·é‚®ē®±ć€‚ -.PP -å¦‚ęžœ -\fBMAIL_CHECK_ENAB\fR -č®¾ē½®äøŗ -\fIyes\fRļ¼Œå®ƒä»¬ä¹Ÿč¢«ē”ØäŗŽå®šä¹‰ -\fBMAIL\fR -ēŽÆå¢ƒå˜é‡ć€‚ -.PP -\fBQUOTAS_ENAB\fR (boolean) -.RS 4 -Enable setting of resource limits from -/etc/limits -and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. -.RE -.PP -\fBSULOG_FILE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œę‰€ęœ‰ēš„ su ę“»åŠØéƒ½ä¼šč®°å½•åˆ°ę­¤ę–‡ä»¶ć€‚ -.RE -.PP -\fBSU_NAME\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œå°±ę˜Æčæč”Œ\(lqsu \-\(rqę—¶ę˜¾ē¤ŗēš„命令名ē§°ć€‚例如ļ¼Œå¦‚ęžœå®šä¹‰äøŗ\(lqsu\(rqļ¼Œé‚£ä¹ˆ\(lqps\(rqä¼šę˜¾ē¤ŗę­¤å‘½ä»¤äøŗ\(lq\-su\(rqć€‚å¦‚ęžœę²”ęœ‰å®šä¹‰ļ¼Œ\(lqps\(rqå°†ä¼šę˜¾ē¤ŗå®žé™…ę‰§č”Œēš„ shellļ¼Œä¾‹å¦‚ē±»ä¼¼äŗŽ\(lq\-sh\(rq怂 -.RE -.PP -\fBSU_WHEEL_ONLY\fR (boolean) -.RS 4 -å¦‚ęžœäøŗ -\fIyes\fRļ¼Œē”Øꈷåæ…é”»åœØ -/etc/group -äø­åˆ«č®¾å®šäøŗ GID äøŗ 0 ēš„ē»„(åœØ大éƒØ分 Linux äøŠå« -\fIroot\fR)ēš„ęˆå‘˜ć€‚ -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (boolean) -.RS 4 -除äŗ† sulog ꖇ件ꗄåæ—ļ¼Œä¹Ÿäøŗ -\fBsu\fR -ę“»åŠØåÆē”Ø\(lqsyslog\(rqę—„åæ—怂 -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -å¦‚ęžœ uid 和 gid ē›ø同ļ¼Œē”Øęˆ·åå’Œäø»ē”Øęˆ·åä¹Ÿē›ø同ļ¼Œä½æ非 root ē»„ēš„ē»„ꎩē ä½å’Œå±žäø»ä½ē›ø同 (如ļ¼š022 \-> 002, 077 \-> 007)怂 -.sp -å¦‚ęžœč®¾ē½®äøŗ -\fIyes\fRļ¼Œå¦‚ęžœē»„äø­ę²”ęœ‰ęˆå‘˜äŗ†ļ¼Œ\fBuserdel\fR -将ē§»é™¤ę­¤ē”Øꈷē»„ļ¼Œ\fBuseradd\fR -创å»ŗē”Øęˆ·ę—¶ļ¼Œä¹Ÿä¼šåˆ›å»ŗäø€äøŖ同名ēš„é»˜č®¤ē»„怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "退å‡ŗ值" -.PP -ęˆåŠŸę—¶ļ¼Œ\fBsu\fR -čæ”å›žę‰§č”Œēš„命令ēš„退å‡ŗå€¼ć€‚ -.PP -å¦‚ęžœå‘½ä»¤č¢«äæ”号ē»“ęŸļ¼Œ\fBsu\fR -čæ”å›žę­¤äæ”号ēš„ē¼–号加 128怂 -.PP -å¦‚ęžœ su åæ…é”»č¦ę€ę­»ę­¤å‘½ä»¤(因äøŗå·²ē»č¦ę±‚它ē»“ęŸļ¼ŒåÆę˜Æå“ę²”ęœ‰åŠę—¶ē»“ęŸ)ļ¼Œ\fBsu\fR -čæ”回 255怂 -.PP -\fBsu\fR -äø­ēš„ęŸäŗ›é€€å‡ŗ值äøŽę‰§č”Œēš„å‘½ä»¤ę— å…³ļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ (åŖ꜉ -\fB\-\-help\fR) -.RE -.PP -\fI1\fR -.RS 4 -ē³»ē»Ÿęˆ–者认čÆå¤±č“„ -.RE -.PP -\fI126\fR -.RS 4 -要걂ēš„命令äøå­˜åœØ -.RE -.PP -\fI127\fR -.RS 4 -čÆ·ę±‚ēš„命令äøčƒ½ę‰§č”Œ -.RE -.SH "å‚č§" -.PP -\fBlogin\fR(1), -\fBlogin.defs\fR(5), -\fBsg\fR(1), -\fBsh\fR(1)\&. diff --git a/man/zh_CN/man3/getspnam.3 b/man/zh_CN/man3/getspnam.3 deleted file mode 100644 index cd473da3..00000000 --- a/man/zh_CN/man3/getspnam.3 +++ /dev/null @@ -1 +0,0 @@ -.so man3/shadow.3 diff --git a/man/zh_CN/man3/shadow.3 b/man/zh_CN/man3/shadow.3 deleted file mode 100644 index e01c99ae..00000000 --- a/man/zh_CN/man3/shadow.3 +++ /dev/null @@ -1,237 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: åŗ“å‡½ę•°č°ƒē”Ø -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "SHADOW" "3" "2014-05-09" "shadow\-utils 4\&.2" "åŗ“å‡½ę•°č°ƒē”Ø" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -shadow, getspnam \- 加åƆåƆē ę–‡ä»¶å·„å…·å‡½ę•° -.SH "SYNTAX" -.PP -\fI#include <shadow\&.h>\fR -.PP -\fIstruct spwd *getspent();\fR -.PP -\fIstruct spwd *getspnam(char\fR\fI*name\fR\fI);\fR -.PP -\fIvoid setspent();\fR -.PP -\fIvoid endspent();\fR -.PP -\fIstruct spwd *fgetspent(FILE\fR\fI*fp\fR\fI);\fR -.PP -\fIstruct spwd *sgetspent(char\fR\fI*cp\fR\fI);\fR -.PP -\fIint putspent(struct spwd\fR\fI*p,\fR\fIFILE\fR\fI*fp\fR\fI);\fR -.PP -\fIint lckpwdf();\fR -.PP -\fIint ulckpwdf();\fR -.SH "ꏏčæ°" -.PP -\fIshadow\fR -处ē† shadow åƆē ę–‡ä»¶ -/etc/shadow -ēš„å†…å®¹ć€‚\fI#include\fR -ꖇ件äø­ēš„ē»“ęž„ę˜Æļ¼š -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct spwd { - char *sp_namp; /* user login name */ - char *sp_pwdp; /* encrypted password */ - long int sp_lstchg; /* last password change */ - long int sp_min; /* days until change allowed\&. */ - long int sp_max; /* days before change required */ - long int sp_warn; /* days warning for expiration */ - long int sp_inact; /* days before account inactive */ - long int sp_expire; /* date when account expires */ - unsigned long int sp_flag; /* reserved for future use */ -} - -.fi -.if n \{\ -.RE -.\} -.PP -ęƏäøŖå­—ę®µēš„含义ę˜Æļ¼š -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_namp \- ęŒ‡å‘ä»„ null ē»“ęŸēš„ē”Øęˆ·åēš„ęŒ‡é’ˆ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_pwdp \- ęŒ‡å‘ null ē»“ęŸēš„åƆē ēš„ęŒ‡é’ˆ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_lstchg \- ꜀čæ‘ę›“ę”¹åƆē ēš„ę—„ꜟ(ę—„ęœŸč®”ē®—ę–¹ę³•ę˜Æ从1970幓1꜈1ę—„å¼€å§‹ēš„å¤©ę•°) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_min \- days before which password may not be changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_max \- days after which password must be changed -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_warn \- days before password is to expire that user is warned of pending password expiration -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_inact \- days after password expires that account is considered inactive and disabled -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_expire \- days since Jan 1, 1970 when account will be disabled -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -sp_flag \- reserved for future use -.RE -.SH "ꏏčæ°" -.PP -\fIgetspent\fR, -\fIgetspname\fR, -\fIfgetspent\fR, and -\fIsgetspent\fR -each return a pointer to a -\fIstruct spwd\fR\&. -\fIgetspent\fR -returns the next entry from the file, and -\fIfgetspent\fR -returns the next entry from the given stream, which is assumed to be a file of the proper format\&. -\fIsgetspent\fR -returns a pointer to a -\fIstruct spwd\fR -using the provided string as input\&. -\fIgetspnam\fR -searches from the current position in the file for an entry matching -\fIname\fR\&. -.PP -\fIsetspent\fR -和 -\fIendspent\fR -分别ē”Øę„å¼€å§‹å’Œē»“ęŸåƹ影子åƆē ę–‡ä»¶ēš„č®æ问怂 -.PP -éœ€č¦ä½æē”Ø -\fIlckpwdf\fR -和 -\fIulckpwdf\fR -å‡½ę•°ę„ē”®äæåƹ -/etc/shadow -ꖇ件ēš„äŗ’ę–„č®æ问怂\fIlckpwdf\fR -ä½æē”Ø -\fIpw_lock\fR -ę„čŽ·å–äø€äøŖ꜀é•æäøŗ 15 ē§’ēš„锁ļ¼Œē„¶åŽē»§ē»­ä½æē”Ø -\fIspw_lock\fR -ę„čŽ·å–é•æåŗ¦äøŗ开始ēš„ 15 ē§’ꗶ闓ēš„剩余量ēš„ē¬¬äŗŒęŠŠé”ć€‚ꀻ讔 15 ē§’之后ļ¼Œę— č®ŗå“ŖäøŖå¤±č“„ļ¼Œ\fIlckpwdf\fR -都čæ”回 \-1怂äø¤ęŠŠé”éƒ½čŽ·å–ęˆåŠŸę—¶ļ¼Œčæ”回 0怂 -.SH "DIAGNOSTICS" -.PP -å¦‚ęžœę²”ęœ‰ę›“å¤šę”ē›®äŗ†ęˆ–č€…å¤„ē†ę—¶å‡ŗ错ļ¼Œę­¤å‡½ę•°čæ”回 NULL怂ä½æē”Ø -\fIint\fR -ē±»åž‹čæ”回值ēš„å‡½ę•°čæ”回 0 č”Øē¤ŗęˆåŠŸļ¼Œ\-1 č”Øē¤ŗå¤±č“„ć€‚ -.SH "CAVEATS" -.PP -čæ™äŗ›å‡½ę•°åŖčƒ½ē”±č¶…ēŗ§ē”Øꈷä½æē”Øļ¼Œå› äøŗåƹ影子åƆē ę–‡ä»¶ēš„č®æ问ę˜Æ受限ēš„怂 -.SH "ꖇ件" -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBgetpwent\fR(3), -\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man5/faillog.5 b/man/zh_CN/man5/faillog.5 deleted file mode 100644 index 9e2c47f1..00000000 --- a/man/zh_CN/man5/faillog.5 +++ /dev/null @@ -1,64 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "FAILLOG" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -faillog \- ē™»å½•å¤±č“„ēš„ę—„åæ—ꖇ件 -.SH "ꏏčæ°" -.PP -/var/log/faillog -maintains a count of login failures and the limits for each account\&. -.PP -The file contains fixed length records, indexed by numerical UID\&. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on which the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure\&. -.PP -ꖇ件ēš„ē»“ęž„ę˜Æļ¼š -.sp -.if n \{\ -.RS 4 -.\} -.nf -struct faillog { - short fail_cnt; - short fail_max; - char fail_line[12]; - time_t fail_time; - long fail_locktime; -}; -.fi -.if n \{\ -.RE -.\} -.SH "ꖇ件" -.PP -/var/log/faillog -.RS 4 -Failure logging file\&. -.RE -.SH "å‚č§" -.PP -\fBfaillog\fR(8) diff --git a/man/zh_CN/man5/gshadow.5 b/man/zh_CN/man5/gshadow.5 deleted file mode 100644 index 6cbfeceb..00000000 --- a/man/zh_CN/man5/gshadow.5 +++ /dev/null @@ -1,103 +0,0 @@ -'\" t -.\" Title: gshadow -.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "GSHADOW" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -gshadow \- 影子化äŗ†ēš„ē»„ꖇ件 -.SH "ꏏčæ°" -.PP -/etc/gshadow -包含影子化äŗ†ēš„ē»„č“¦ęˆ·äæ”ęÆ怂 -.PP -å¦‚ęžœę²”ęœ‰ē»“ęŠ¤å„½åƆē å®‰å…Øļ¼Œę­¤ę–‡ä»¶ē»åƹäøčƒ½č®©ę™®é€šē”ØꈷåÆčÆ»ć€‚ -.PP -ꭤꖇ件ēš„ęÆč”ŒåŒ…å«é€—å·åˆ†éš”ēš„如äø‹å­—ꮵļ¼š -.PP -\fBē»„名\fR -.RS 4 -åæ…é”»ę˜Æē³»ē»Ÿäø­å·²ē»å­˜åœØēš„ęœ‰ę•ˆē»„怂 -.RE -.PP -\fB加åƆäŗ†ēš„åƆē \fR -.RS 4 -čÆ·å‚č€ƒ -\fBcrypt\fR(3) -ę„äŗ†č§£å…³äŗŽč§£ęžę­¤å­—ē¬¦äø²ēš„ē»†čŠ‚äæ”ęÆ怂 -.sp -If the password field contains some string that is not a valid result of -\fBcrypt\fR(3), for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password)\&. -.sp -ę­¤åƆē ē”ØäŗŽäøę˜Æę­¤ē»„ęˆå‘˜ēš„ē”Øęˆ·čŽ·å–ę­¤ē»„ēš„ęƒé™ć€‚(å‚č€ƒ -\fBnewgrp\fR(1) -)怂 -.sp -ę­¤å­—ę®µåÆ仄äøŗē©ŗļ¼Œę­¤ę—¶ļ¼ŒåŖ꜉ē»„ęˆå‘˜åÆä»„čŽ·å–ē»„ęƒé™ć€‚ -.sp -仄叹号开始ēš„åƆē å­—ę®µę„å‘³ē€åƆē č¢«é”å®šć€‚čÆ„č”Œēš„剩余字ē¬¦č”Øē¤ŗ锁定之前ēš„åƆē ć€‚ -.sp -ę­¤åƆē å–代 -/etc/group -äø­ęŒ‡å®šēš„任何åƆē ć€‚ -.RE -.PP -\fBē®”ē†å‘˜\fR -.RS 4 -åæ…é”»ę˜Æäø€äøŖ逗号分隔ēš„ē”Øęˆ·ååˆ—č”Ø怂 -.sp -ē®”ē†å‘˜åÆä»„ę›“ę”¹ē»„åƆē å’Œęˆå‘˜ć€‚ -.sp -ē®”ē†å‘˜ä¹Ÿęœ‰ęˆå‘˜äø€ę ·ēš„ęƒé™(čÆ·ēœ‹äø‹č¾¹)怂 -.RE -.PP -\fBęˆå‘˜\fR -.RS 4 -åæ…é”»ę˜Æäø€äøŖ逗号分隔ēš„ē”Øęˆ·ååˆ—č”Ø怂 -.sp -ęˆå‘˜åÆ仄免åƆē č®æ问ē»„怂 -.sp -You should use the same list of users as in -/etc/group\&. -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBgpasswd\fR(5), -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBgrpconv\fR(8), -\fBnewgrp\fR(1)\&. diff --git a/man/zh_CN/man5/limits.5 b/man/zh_CN/man5/limits.5 deleted file mode 100644 index 2eb1dac4..00000000 --- a/man/zh_CN/man5/limits.5 +++ /dev/null @@ -1,274 +0,0 @@ -'\" t -.\" Title: limits -.\" Author: Luca Berra -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "LIMITS" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -limits \- 资ęŗé™åˆ¶ęčæ° -.SH "ꏏčæ°" -.PP -The -\fIlimits\fR -file (/etc/limits -by default or LIMITS_FILE defined -config\&.h) describes the resource limits you wish to impose\&. It should be owned by root and readable by root account only\&. -.PP -By default no quota is imposed on \*(Aqroot\*(Aq\&. In fact, there is no way to impose limits via this procedure to root\-equiv accounts (accounts with UID 0)\&. -.PP -ęÆč”Œä»„å¦‚äø‹ę ¼å¼åƹäø€äøŖē”Øęˆ·ęčæ°é™åˆ¶ļ¼š -.PP -\fIuser LIMITS_STRING\fR -.PP -ęˆ–å¦‚äø‹ę ¼å¼ļ¼š -.PP -\fI@group LIMITS_STRING\fR -.PP -\fILIMITS_STRING\fR -ę˜Æäø€äøŖäø²č”ēš„资ęŗé™åˆ¶åˆ—č”Ø怂ęÆę”é™åˆ¶ē”±äø€äøŖ字ęÆęŒ‡ē¤ŗē¬¦å’Œč·Ÿéšēš„ę•°å­—é™åˆ¶ē»„ęˆć€‚ -.PP -åÆē”Øēš„ęŒ‡ē¤ŗē¬¦ęœ‰ļ¼š -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Aļ¼šęœ€å¤§åœ°å€ē©ŗé—“ (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Cļ¼šęœ€å¤§č½¬å‚Øę–‡ä»¶å¤§å° (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Dļ¼šęœ€å¤§ę•°ę®å¤§å° (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Fļ¼šęœ€å¤§ę–‡ä»¶å°ŗåÆø (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Kļ¼šę–‡ä»¶åˆ›å»ŗꎩē ļ¼Œē”± -\fBumask\fR(2) -č®¾ē½®ć€‚ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Iļ¼šęœ€é«˜ nice ēŗ§åˆ«ļ¼Œ(0\&.\&.\&.39 åƹåŗ” 20\&.\&.\&.\-19) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Lļ¼šę­¤ē”Øꈷēš„ęœ€å¤§ē™»å½•ę•° -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -M: max locked\-in\-memory address space (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Nļ¼šęœ€å¤§ēš„ę–‡ä»¶ę‰“å¼€ę•° -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Oļ¼šęœ€å¤§å®žę—¶ä¼˜å…ˆēŗ§ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Pļ¼ščæ›ē؋优先ēŗ§ļ¼Œē”± -\fBsetpriority\fR(2) -č®¾ē½®ć€‚ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -R: max resident set size (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Sļ¼šęœ€å¤§ę ˆå°ŗåÆø (KB) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Tļ¼šęœ€å¤§ CPU ꗶ闓 (分钟) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -Uļ¼šęœ€å¤§å¤„ē†å™Øꕰē›® -.RE -.PP -例如ļ¼Œ\fIL2D2048N5\fR -å°±ę˜Æ꜉ꕈēš„ -\fILIMITS_STRING\fR怂äøŗäŗ†é˜…čÆ»ę–¹ä¾æļ¼Œå¦‚äø‹é”¹č”Øē¤ŗåŒę ·ēš„ę„ę€ļ¼š -.sp -.if n \{\ -.RS 4 -.\} -.nf - username L2D2048N5 - username L2 D2048 N5 - -.fi -.if n \{\ -.RE -.\} -.PP -Be aware that after -\fIusername\fR -the rest of the line is considered a limit string, thus comments are not allowed\&. A invalid limits string will be rejected (not considered) by the -\fBlogin\fR -program\&. -.PP -The default entry is denoted by username "\fI*\fR"\&. If you have multiple -\fIdefault\fR -entries in your -\fILIMITS_FILE\fR, then the last one will be used as the default entry\&. -.PP -The limits specified in the form "\fI@group\fR" apply to the members of the specified -\fIgroup\fR\&. -.PP -If more than one line with limits for an user exist, only the first line for this user will be considered\&. -.PP -If no lines are specified for an user, the last -\fI@group\fR -line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user\&. -.PP -č¦å®Œå…Øē¦ē”Øåƹäø€äøŖē”Øꈷēš„限制ļ¼ŒåÆ仄仅仅åŖä½æē”Øäø€äøŖēŸ­ēŗæ\(lq\-\(rq怂 -.PP -To disable a limit for a user, a single dash "\fI\-\fR" can be used instead of the numerical value for this limit\&. -.PP -Also, please note that all limit settings are set PER LOGIN\&. They are not global, nor are they permanent\&. Perhaps global limits will come, but for now this will have to do ;) -.SH "ꖇ件" -.PP -/etc/limits -.RS 4 -.RE -.SH "å‚č§" -.PP -\fBlogin\fR(1), -\fBsetpriority\fR(2), -\fBsetrlimit\fR(2)\&. diff --git a/man/zh_CN/man5/login.access.5 b/man/zh_CN/man5/login.access.5 deleted file mode 100644 index f9265896..00000000 --- a/man/zh_CN/man5/login.access.5 +++ /dev/null @@ -1,66 +0,0 @@ -'\" t -.\" Title: login.access -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "LOGIN\&.ACCESS" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -login.access \- ē™»å½•č®æé—®ęŽ§åˆ¶č”Ø -.SH "ꏏčæ°" -.PP -The -\fIlogin\&.access\fR -file specifies (user, host) combinations and/or (user, tty) combinations for which a login will be either accepted or refused\&. -.PP -When someone logs in, the -\fIlogin\&.access\fR -is scanned for the first entry that matches the (user, host) combination, or, in case of non\-networked logins, the first entry that matches the (user, tty) combination\&. The permissions field of that table entry determines whether the login will be accepted or refused\&. -.PP -ē™»å½•č®æé—®ęŽ§åˆ¶č”Øēš„ęƏäø€č”Œęœ‰\(lq:\(rq分隔ēš„äø‰äøŖå­—ę®µļ¼š -.PP -\fIpermission\fR:\fIusers\fR:\fIorigins\fR -.PP -The first field should be a "\fI+\fR" (access granted) or "\fI\-\fR" (access denied) character\&. The second field should be a list of one or more login names, group names, or -\fIALL\fR -(always matches)\&. The third field should be a list of one or more tty names (for non\-networked logins), host names, domain names (begin with "\&."), host addresses, internet network numbers (end with "\&."), -\fIALL\fR -(always matches) or -\fILOCAL\fR -(matches any string that does not contain a "\&." character)\&. If you run NIS you can use @netgroupname in host or user patterns\&. -.PP -\fIEXCEPT\fR -ę“ä½œē¬¦č®©ē¼–写非åøøå¤ę‚ēš„č§„åˆ™ļ¼ŒęˆäøŗåÆčƒ½ć€‚ -.PP -The group file is searched only when a name does not match that of the logged\-in user\&. Only groups are matched in which users are explicitly listed: the program does not look at a user\*(Aqs primary group id value\&. -.SH "ꖇ件" -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "å‚č§" -.PP -\fBlogin\fR(1)\&. diff --git a/man/zh_CN/man5/login.defs.5 b/man/zh_CN/man5/login.defs.5 deleted file mode 100644 index f5839c50..00000000 --- a/man/zh_CN/man5/login.defs.5 +++ /dev/null @@ -1,812 +0,0 @@ -'\" t -.\" Title: login.defs -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "LOGIN\&.DEFS" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -login.defs \- 影子åƆē å„—件配ē½® -.SH "ꏏčæ°" -.PP -The -/etc/login\&.defs -file defines the site\-specific configuration for the shadow password suite\&. This file is required\&. Absence of this file will not prevent system operation, but will probably result in undesirable operation\&. -.PP -This file is a readable text file, each line of the file describing one configuration parameter\&. The lines consist of a configuration name and value, separated by whitespace\&. Blank lines and comment lines are ignored\&. Comments are introduced with a "#" pound sign and the pound sign must be the first non\-white character of the line\&. -.PP -Parameter values may be of four types: strings, booleans, numbers, and long numbers\&. A string is comprised of any printable characters\&. A boolean should be either the value -\fIyes\fR -or -\fIno\fR\&. An undefined boolean parameter or one with a value other than these will be given a -\fIno\fR -value\&. Numbers (both regular and long) may be either decimal values, octal values (precede the value with -\fI0\fR) or hexadecimal values (precede the value with -\fI0x\fR)\&. The maximum value of the regular and long numeric parameters is machine\-dependent\&. -.PP -ęä¾›å¦‚äø‹é…ē½®é”¹ļ¼š -.PP -\fBCHFN_AUTH\fR (boolean) -.RS 4 -å¦‚ęžœäøŗ -\fIyes\fRļ¼Œ\fBchfn\fR -čæ›č”Œä»»ä½•ę›“ę”¹å‰éƒ½č¦č¦ę±‚č®¤čƁļ¼Œé™¤éžē”±č¶…ēŗ§ē”Øꈷčæč”Œć€‚ -.RE -.PP -\fBCHFN_RESTRICT\fR (string) -.RS 4 -This parameter specifies which values in the -\fIgecos\fR -field of the -/etc/passwd -file may be changed by regular users using the -\fBchfn\fR -program\&. It can be any combination of letters -\fIf\fR, -\fIr\fR, -\fIw\fR, -\fIh\fR, for Full name, Room number, Work phone, and Home phone, respectively\&. For backward compatibility, -\fIyes\fR -is equivalent to -\fIrwh\fR -and -\fIno\fR -is equivalent to -\fIfrwh\fR\&. If not specified, only the superuser can make any changes\&. The most restrictive setting is better achieved by not installing -\fBchfn\fR -SUID\&. -.RE -.PP -\fBCHSH_AUTH\fR (boolean) -.RS 4 -å¦‚ęžœ -\fIyes\fRļ¼Œ\fBchsh\fR -ē؋åŗåœØåšä»»ä½•ę›“ę”¹ä¹‹å‰éƒ½ä¼šč¦ę±‚č®¤čƁļ¼Œé™¤éžę˜Æ仄超ēŗ§ē”Øꈷčŗ«ä»½čæč”Œēš„怂 -.RE -.PP -\fBCONSOLE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œęˆ–者ę˜ÆåŒ…å«č®¾å¤‡å(ę²”č”Œäø€äøŖ)ēš„ꖇ件ēš„å®Œę•“č·Æ径名ļ¼Œęˆ–者ę˜Æ\(lq:\(rq分隔ēš„č®¾å¤‡ååˆ—č”Øć€‚å°†åŖ会åœØčæ™å†™č®¾å¤‡äøŠå…č®ø root ē™»å½•ć€‚ -.sp -å¦‚ęžœę²”ęœ‰å®šä¹‰ļ¼ŒåÆ仄åœØä»»ä½•č®¾å¤‡äøŠä½æē”Ø root怂 -.sp -ęŒ‡å®šēš„č®¾å¤‡ę—¶äøåø¦ /dev/ 前ē¼€ć€‚ -.RE -.PP -\fBCONSOLE_GROUPS\fR (string) -.RS 4 -åœØęŽ§åˆ¶å°ē™»å½•ę—¶ļ¼Œę·»åŠ åˆ°ē”Øęˆ·é™„åŠ ē»„集äø­ēš„ē»„列č”Ø(就如 CONSOLE ꉀē”®å®šēš„)ć€‚é»˜č®¤ę˜Æꗠ怂 -ä½æē”Øę—¶éœ€č¦ę³Øꄏļ¼ščæ™åÆčƒ½ä½æē”Øęˆ·čŽ·å–čæ™äŗ›ē»„ēš„ę°øä¹…ęƒé™ļ¼Œē”šč‡³ē™»å½•åˆ°ēš„äøę˜Æę­¤ęŽ§åˆ¶å°ę—¶ć€‚ -.RE -.PP -\fBCREATE_HOME\fR (boolean) -.RS 4 -ꌇē¤ŗę˜Æ否åŗ”čÆ„äøŗꖰē”Øęˆ·é»˜č®¤åˆ›å»ŗäø»ē›®å½•ć€‚ -.sp -ę­¤č®¾ē½®å¹¶äøåŗ”ē”Ø到ē³»ē»Ÿē”Øꈷļ¼Œå¹¶äø”åÆ仄ä½æē”Øå‘½ä»¤č”Œč¦†ē›–怂 -.RE -.PP -\fBDEFAULT_HOME\fR (boolean) -.RS 4 -å¦‚ęžœäøčƒ½ cd 到äø»ē›®å½•ę—¶ļ¼ŒčÆ“ę˜Žę˜Æ否允č®øē™»å½•ć€‚é»˜č®¤ę˜Æå¦ć€‚ -.sp -å¦‚ęžœč®¾ē½®äøŗ -\fIyes\fRļ¼Œå¦‚ęžœäøčƒ½ cd 到äø»ē›®å½•ę—¶ļ¼Œē”Øęˆ·å°†ä¼šē™»å½•åˆ°ę ¹ē›®å½•(/)怂 -.RE -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -čæ™å®šä¹‰äŗ†ē³»ē»ŸåŠ åƆåƆē ēš„é»˜č®¤ē®—ę³•(å¦‚ęžœę²”ęœ‰åœØå‘½ä»¤č”ŒäøŠęŒ‡å®šē®—ę³•)怂 -.sp -åÆ仄ä½æē”Ø如äø‹å€¼ļ¼š\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -ę³Øꄏļ¼Œę­¤å‚ę•°ä¼šč¦†ē›– -\fBMD5_CRYPT_ENAB\fR -å˜é‡ć€‚ -.RE -.PP -\fBENV_HZ\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œå°†ä¼šē”ØäŗŽåœØē”Øꈷē™»å½•ę—¶å®šä¹‰ HZ ēŽÆå¢ƒå˜é‡ć€‚å€¼åæ…锻仄 -\fIHZ=\fR -å¼€å¤“ć€‚Linux äøŠēš„åøøē”Ø值ę˜Æ -\fIHZ=100\fR怂 -.RE -.PP -\fBENV_PATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example -\fI/bin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/bin:/usr/bin\fR\&. -.RE -.PP -\fBENV_SUPATH\fR (string) -.RS 4 -If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example -\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by -\fIPATH=\fR\&. The default value is -\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. -.RE -.PP -\fBENV_TZ\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œå®ƒå°†ē”ØäŗŽåœØē”Øꈷē™»å½•ę—¶å®šä¹‰ TZ ēŽÆå¢ƒå˜é‡ć€‚ę­¤å€¼åÆ仄ę˜Æ仄 -\fITZ=\fR -开夓ēš„ę—¶åŒŗ名(例如 -\fITZ=CST6CDT\fR)ļ¼Œęˆ–者ę˜ÆåŒ…å«ę—¶åŒŗč§„åˆ™ēš„ę–‡ä»¶å®Œę•“č·Æ径(例如 -/etc/tzname)怂 -.sp -å¦‚ęžœå°†å®Œę•“č·Æå¾„ęŒ‡å®šäøŗäŗ†äø€äøŖäøå­˜åœØꈖäøåÆčÆ»ēš„ꖇ件ļ¼Œåˆ™é»˜č®¤ä½æē”Ø -\fITZ=CST6CDT\fR怂 -.RE -.PP -\fBENVIRON_FILE\fR (string) -.RS 4 -å¦‚ęžœę­¤ę–‡ä»¶å­˜åœØļ¼Œå¹¶äø”åÆčÆ»ļ¼Œå°†ä¼šä»Žäø­čƻ取ē™»å½•ēŽÆå¢ƒć€‚ę‰€ęœ‰č”Œéƒ½åæ…é”»ę˜Æ name=value ēš„ę ¼å¼ć€‚ -.sp -仄 # 开夓ēš„č”Œå°†č§†äøŗę³Ø释ļ¼Œå¹¶č¢«åæ½ē•„怂 -.RE -.PP -\fBERASECHAR\fR (number) -.RS 4 -ē»ˆē«Æę“¦é™¤å­—ē¬¦ (\fI010\fR -= backspace, -\fI0177\fR -= DEL)怂 -.sp -ę­¤å€¼åÆ仄ä½æē”Ø前ē¼€\(lq0\(rqč”Øē¤ŗ八čæ›åˆ¶ļ¼Œ\(lq0x\(rqč”Øē¤ŗ十六čæ›åˆ¶ć€‚ -.RE -.PP -\fBFAIL_DELAY\fR (number) -.RS 4 -ē™»å½•å¤±č“„后ļ¼Œē­‰å¾…多少ē§’ę‰å†å…č®øē™»å½•ć€‚ -.RE -.PP -\fBFAILLOG_ENAB\fR (boolean) -.RS 4 -允č®øē™»å½•å¹¶ę˜¾ē¤ŗ -/var/log/faillog -ē™»å½•å¤±č“„äæ”ęÆ怂 -.RE -.PP -\fBFAKE_SHELL\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œ\fBlogin\fR -å°†ę‰§č”Œę­¤ shell 而äøę˜ÆåœØ -/etc/passwd -äø­ęŒ‡å®šēš„ē”Øꈷ shell怂 -.RE -.PP -\fBFTMP_FILE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰ļ¼Œē™»å½•å¤±č“„会仄 utmp ę ¼å¼č®°å½•åœØꭤꖇ件äø­ć€‚ -.RE -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -\fBuseradd\fRļ¼Œ\fBgroupadd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„åøø规ē»„ēš„ē»„ ID ēš„čŒƒå›“怂 -.sp -\fBGID_MIN\fR -和 -\fBGID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 1000 和 60000怂 -.RE -.PP -\fBHUSHLOGIN_FILE\fR (string) -.RS 4 -If defined, this file can inhibit all the usual chatter during the login sequence\&. If a full pathname is specified, then hushed mode will be enabled if the user\*(Aqs name or shell are found in the file\&. If not a full pathname, then hushed mode will be enabled if the file exists in the user\*(Aqs home directory\&. -.RE -.PP -\fBISSUE_FILE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œę­¤ę–‡ä»¶å°†åœØęÆę¬”ēš„ē™»å½•ęē¤ŗ之前ēŽ°å®žć€‚ -.RE -.PP -\fBKILLCHAR\fR (number) -.RS 4 -ē»ˆē«Æ KILL 字ē¬¦ (\fI025\fR -= CTRL/U)怂 -.sp -ę­¤å€¼åÆ仄ä½æē”Ø前ē¼€\(lq0\(rqč”Øē¤ŗ八čæ›åˆ¶ļ¼Œ\(lq0x\(rqč”Øē¤ŗ十六čæ›åˆ¶ć€‚ -.RE -.PP -\fBLASTLOG_ENAB\fR (boolean) -.RS 4 -允č®øč®°å½•å’Œę˜¾ē¤ŗ /var/log/lastlog ē™»å½•ę—¶é—“äæ”ęÆ怂 -.RE -.PP -\fBLOG_OK_LOGINS\fR (boolean) -.RS 4 -允č®øč®°å½•ęˆåŠŸē™»å½•ć€‚ -.RE -.PP -\fBLOG_UNKFAIL_ENAB\fR (boolean) -.RS 4 -åœØč®°å½•åˆ°ē™»å½•å¤±č“„ę—¶ļ¼Œå…č®øč®°å½•ęœŖēŸ„ē”Øęˆ·åć€‚ -.sp -ę³Øꄏļ¼šå¦‚ęžœē”Øꈷäøå°åæƒå°†åƆē č¾“å…„到äŗ†ē™»å½•åäø­ļ¼Œč®°å½•ęœŖēŸ„ē”Øęˆ·ååÆčƒ½ę˜Æäø€äøŖ安å…Øéšę‚£ć€‚ -.RE -.PP -\fBLOGIN_RETRIES\fR (number) -.RS 4 -åƆē é”™čÆÆę—¶ļ¼Œé‡čƕēš„ęœ€å¤§ę¬”ꕰ怂 -.RE -.PP -\fBLOGIN_STRING\fR (string) -.RS 4 -ę­¤å­—ē¬¦äø²ē”ØäŗŽęē¤ŗč¾“å…„åƆē ć€‚é»˜č®¤ę˜Æ "Password: "ļ¼Œęˆ–者ēæ»čƑäŗ†ēš„ē»“ęžœ(걉čÆ­äø­ēæ»čƑäøŗäŗ†\(lqåƆē ļ¼š\(rq)ć€‚å¦‚ęžœč®¾ē½®äŗ†ę­¤å˜é‡ļ¼Œęē¤ŗäøä¼šč¢«ēæ»čÆ‘ć€‚ -.sp -å¦‚ęžœå­—ē¬¦äø²åŒ…含 -\fI%s\fRļ¼Œå°†ä¼šč¢«ē”Øęˆ·åę›æę¢ć€‚ -.RE -.PP -\fBLOGIN_TIMEOUT\fR (number) -.RS 4 -ęœ€å¤§ē™»å½•ę—¶é—“(仄ē§’äøŗ单位)怂 -.RE -.PP -\fBMAIL_CHECK_ENAB\fR (boolean) -.RS 4 -åÆē”Øē™»å½•ę—¶ę£€ęŸ„和ēŽ°å®žé‚®ē®±ēŠ¶ę€ć€‚ -.sp -å¦‚ęžœ shell ēš„åÆåŠØę–‡ä»¶å·²ē»ę£€ęŸ„äŗ†é‚®ä»¶("mailx \-e" ęˆ–č€…å…¶å®ƒåŒåŠŸčƒ½ēš„å·„具)ļ¼Œę‚Øåŗ”čÆ„ē¦ē”Øå®ƒć€‚ -.RE -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -邮ē®±ē›®å½•ć€‚äæ®ę”¹ęˆ–删除ē”Øęˆ·č“¦ęˆ·ę—¶éœ€č¦å¤„ē†é‚®ē®±ļ¼Œå¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œå°†ä½æē”Øē¼–čÆ‘ę—¶ęŒ‡å®šēš„é»˜č®¤å€¼ć€‚ -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -定义ē”Øęˆ·é‚®ē®±ę–‡ä»¶ēš„位ē½®(ē›øåƹäŗŽäø»ē›®å½•)怂 -.RE -.PP -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -变量ē”± -\fBuseradd\fRļ¼Œ\fBusermod\fR -和 -\fBuserdel\fR -ē”ØäŗŽåˆ›å»ŗ态ē§»åŠØęˆ–åˆ é™¤ē”Øęˆ·é‚®ē®±ć€‚ -.PP -å¦‚ęžœ -\fBMAIL_CHECK_ENAB\fR -č®¾ē½®äøŗ -\fIyes\fRļ¼Œå®ƒä»¬ä¹Ÿč¢«ē”ØäŗŽå®šä¹‰ -\fBMAIL\fR -ēŽÆå¢ƒå˜é‡ć€‚ -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -č”Øē¤ŗåƆē ę˜Æ否åæ…é”»ä½æē”ØåŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å¦‚ęžœč®¾äøŗ -\fIyes\fRļ¼Œę–°åƆē å°†ä½æē”ØåÆä»„å’Œę–°ē‰ˆ FreeBSD 兼容ēš„åŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å®ƒę”Æꌁꗠ限é•æåŗ¦ēš„åƆē ä»„åŠę›“é•æēš„ē›å­—ē¬¦äø²ć€‚å¦‚ęžœę‚Øéœ€č¦å°†åŠ åƆēš„åƆē å¤åˆ¶åˆ°å…¶å®ƒäøē†č§£ę–°ē®—ę³•ēš„ē³»ē»Ÿļ¼Œč®¾ē½®äøŗ -\fIno\fRć€‚é»˜č®¤å€¼ę˜Æ -\fIno\fR怂 -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -ę­¤å˜é‡å·²ē»åŗŸå¼ƒć€‚ę‚Øåŗ”čÆ„ä½æē”Ø -\fBENCRYPT_METHOD\fR怂 -.RE -.PP -\fBMOTD_FILE\fR (string) -.RS 4 -If defined, ":" delimited list of "message of the day" files to be displayed upon login\&. -.RE -.PP -\fBNOLOGINS_FILE\fR (string) -.RS 4 -If defined, name of file whose presence will inhibit non\-root logins\&. The contents of this file should be a message indicating why logins are inhibited\&. -.RE -.PP -\fBOBSCURE_CHECKS_ENAB\fR (boolean) -.RS 4 -åƹåƆē ę›“ę”¹åÆē”Øé™„åŠ ę£€ęŸ„ć€‚ -.RE -.PP -\fBPASS_ALWAYS_WARN\fR (boolean) -.RS 4 -å¦‚ęžœę˜Æ rootļ¼Œč­¦å‘Šå¼±åƆē ļ¼Œä½†ę˜Æ仍ē„¶å…č®øä½æē”Ø怂 -.RE -.PP -\fBPASS_CHANGE_TRIES\fR (number) -.RS 4 -åÆ仄尝čÆ•ę›“ę”¹åƆē ēš„ęœ€å¤§ę¬”ꕰ(å¤Ŗå®¹ę˜“)怂 -.RE -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -äø€äøŖåƆē åÆ仄ä½æē”Øēš„ęœ€å¤§å¤©ę•°ć€‚å¦‚ęžœåƆē ęƔčæ™ę—§ļ¼Œå°†ä¼šå¼ŗčæ«ę›“ę”¹åƆē ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå°±å‡å®šäøŗ \-1ļ¼Œčæ™ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -äø¤ę¬”ę›“ę”¹åƆē ę—¶é—“ēš„ęœ€å°é—“éš”ć€‚å°†ä¼šę‹’ē»ä»»ä½•ę—©äŗŽę­¤ēš„ę›“ę”¹åƆē ēš„尝čÆ•ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå‡å®šäøŗ \-1ļ¼Œå°†ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -åƆē čæ‡ęœŸä¹‹å‰ē»™å‡ŗč­¦å‘Šēš„å¤©ę•°ć€‚0 č”Øē¤ŗåŖ꜉åŖåœØčæ‡ęœŸēš„å½“å¤©č­¦å‘Šļ¼Œč“Ÿå€¼č”Øē¤ŗäøč­¦å‘Šć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œäøä¼šē»™č­¦å‘Šć€‚ -.RE -.PP -\fBPASS_MAX_DAYS\fR, -\fBPASS_MIN_DAYS\fR -and -\fBPASS_WARN_AGE\fR -are only used at the time of account creation\&. Any changes to these settings won\*(Aqt affect existing accounts\&. -.PP -\fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) -.RS 4 -crypt() ēš„ęœ‰ę•ˆå­—ē¬¦ä½ę•°ć€‚\fBPASS_MAX_LEN\fR -默认ę˜Æ 8ļ¼Œé™¤éžę‚Øč‡Ŗå·±ēš„ crypt() ę›“å„½ļ¼Œå¦åˆ™äøč¦ę›“ę”¹ć€‚å¦‚ęžœ -\fBMD5_CRYPT_ENAB\fR -č®¾äøŗ -\fIyes\fRļ¼Œä¼šč¢«åæ½ē•„怂 -.RE -.PP -\fBPORTTIME_CHECKS_ENAB\fR (boolean) -.RS 4 -Enable checking of time restrictions specified in -/etc/porttime\&. -.RE -.PP -\fBQUOTAS_ENAB\fR (boolean) -.RS 4 -Enable setting of resource limits from -/etc/limits -and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -\fBENCRYPT_METHOD\fR -č®¾äøŗ -\fISHA256\fR -ꈖ -\fISHA512\fR -ę—¶ļ¼Œę­¤é”¹ē”®å®šåŠ åƆē®—ę³•é»˜č®¤ä½æē”Ø SHA č½®č½¬ę•°ē›®(å½“č½®č½¬ę•°ę²”ęœ‰é€ščæ‡å‘½ä»¤č”ŒęŒ‡å®šę—¶)怂 -.sp -ä½æē”Øå¾ˆå¤šč½®č½¬ļ¼Œä¼šč®©ęš“力ē “č§£ę›“åŠ å›°éš¾ć€‚ä½†ę˜Æéœ€č¦ę³Øꄏļ¼Œč®¤čƁē”Øęˆ·ę—¶ä¹Ÿä¼šéœ€č¦ę›“å¤šēš„ CPU 资ęŗć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œlibc ä¼šé€‰ę‹©é»˜č®¤ēš„č½®č½¬ę•°(5000)怂 -.sp -值åæ…é”»åœØ 1000 \- 999,999,999 ä¹‹é—“ć€‚ -.sp -å¦‚ęžœåŖč®¾ē½®äŗ†äø€äøŖ -\fBSHA_CRYPT_MIN_ROUNDS\fR -ꈖ -\fBSHA_CRYPT_MAX_ROUNDS\fR -值ļ¼Œå°±ä¼šä½æē”Øčæ™äøŖå€¼ć€‚ -.sp -å¦‚ęžœ -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fRļ¼Œå°†ä¼šä½æē”Ø大ēš„é‚£äøŖ怂 -.RE -.PP -\fBSULOG_FILE\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œę‰€ęœ‰ēš„ su ę“»åŠØéƒ½ä¼šč®°å½•åˆ°ę­¤ę–‡ä»¶ć€‚ -.RE -.PP -\fBSU_NAME\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œå°±ę˜Æčæč”Œ\(lqsu \-\(rqę—¶ę˜¾ē¤ŗēš„命令名ē§°ć€‚例如ļ¼Œå¦‚ęžœå®šä¹‰äøŗ\(lqsu\(rqļ¼Œé‚£ä¹ˆ\(lqps\(rqä¼šę˜¾ē¤ŗę­¤å‘½ä»¤äøŗ\(lq\-su\(rqć€‚å¦‚ęžœę²”ęœ‰å®šä¹‰ļ¼Œ\(lqps\(rqå°†ä¼šę˜¾ē¤ŗå®žé™…ę‰§č”Œēš„ shellļ¼Œä¾‹å¦‚ē±»ä¼¼äŗŽ\(lq\-sh\(rq怂 -.RE -.PP -\fBSU_WHEEL_ONLY\fR (boolean) -.RS 4 -å¦‚ęžœäøŗ -\fIyes\fRļ¼Œē”Øꈷåæ…é”»åœØ -/etc/group -äø­åˆ«č®¾å®šäøŗ GID äøŗ 0 ēš„ē»„(åœØ大éƒØ分 Linux äøŠå« -\fIroot\fR)ēš„ęˆå‘˜ć€‚ -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -\fBuseradd\fR态\fBgroupadd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ē³»ē»Ÿē»„ēš„ē»„ ID ēš„čŒƒå›“怂 -.sp -\fBSYS_GID_MIN\fR -和 -\fBSYS_GID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 101 和 -\fBGID_MIN\fR\-1怂 -.RE -.PP -\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) -.RS 4 -\fBuseradd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ē³»ē»Ÿē”Øꈷēš„ē”Øꈷ ID ēš„čŒƒå›“怂 -.sp -\fBSYS_UID_MIN\fR -和 -\fBSYS_UID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 101 和 -\fBUID_MIN\fR\-1怂 -.RE -.PP -\fBSYSLOG_SG_ENAB\fR (boolean) -.RS 4 -允č®ø\(lqsyslog\(rqč®°å½• -\fBsg\fR -ēš„ę“»åŠØ怂 -.RE -.PP -\fBSYSLOG_SU_ENAB\fR (boolean) -.RS 4 -除äŗ† sulog ꖇ件ꗄåæ—ļ¼Œä¹Ÿäøŗ -\fBsu\fR -ę“»åŠØåÆē”Ø\(lqsyslog\(rqę—„åæ—怂 -.RE -.PP -\fBTTYGROUP\fR (string), \fBTTYPERM\fR (string) -.RS 4 -The terminal permissions: the login tty will be owned by the -\fBTTYGROUP\fR -group, and the permissions will be set to -\fBTTYPERM\fR\&. -.sp -By default, the ownership of the terminal is set to the user\*(Aqs primary group and the permissions are set to -\fI0600\fR\&. -.sp -\fBTTYGROUP\fR -can be either the name of a group or a numeric group identifier\&. -.sp -If you have a -\fBwrite\fR -program which is "setgid" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620\&. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600\&. -.RE -.PP -\fBTTYTYPE_FILE\fR (string) -.RS 4 -If defined, file which maps tty line to TERM environment parameter\&. Each line of the file is in a format something like "vt100 tty01"\&. -.RE -.PP -\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) -.RS 4 -\fBuseradd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ꙮ通ē”Øꈷēš„ē”Øꈷ ID ēš„čŒƒå›“怂 -.sp -\fBUID_MIN\fR -和 -\fBUID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 1000 和 60000怂 -.RE -.PP -\fBULIMIT\fR (number) -.RS 4 -默认 -\fBulimit\fR -å€¼ć€‚ -.RE -.PP -\fBUMASK\fR (number) -.RS 4 -ꖇ件ęؔ式创å»ŗꎩē åˆå§‹åŒ–äøŗę­¤å€¼ć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼ŒęŽ©ē åˆå§‹åŒ–äøŗ 022怂 -.sp -\fBuseradd\fR -和 -\fBnewusers\fR -ä½æē”Øꭤꎩē č®¾ē½®å®ƒä»¬åˆ›å»ŗēš„ē”Øꈷäø»ē›®å½•ēš„ęØ”å¼ć€‚ -.sp -ä¹Ÿč¢« -\fBlogin\fR -ē”ØäŗŽęŒ‡å®šē”Øꈷēš„初始 umask怂ę³Øꄏļ¼Œę­¤ęŽ©ē åÆä»„č¢«ē”Øꈷēš„ GECOS č”Œč¦†ē›–(å½“č®¾ē½®äŗ† -\fBQUOTAS_ENAB\fR -ę—¶)ļ¼Œä¹ŸåÆä»„č¢«åø¦ -\fIK\fR -ꌇē¤ŗē¬¦ēš„ -\fBlimits\fR(5) -定义ēš„é™åˆ¶å€¼č¦†ē›–怂 -.RE -.PP -\fBUSERDEL_CMD\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œčæ™ę˜Æåˆ é™¤č“¦ęˆ·ę—¶ę‰§č”Œēš„å‘½ä»¤ć€‚å®ƒåŗ”čÆ„ē§»é™¤ę‰€ęœ‰å±žäŗŽę­¤ē”Øꈷēš„ēš„ at/cron/print ē­‰ä½œäøš(作äøŗē¬¬äø€äøŖå‚ę•°ä¼ é€’)怂 -.sp -čæ™äøŖč„šęœ¬ēš„čæ”回值并äøč¢«åø¦åˆ°č“¦ęˆ·äø­åŽ»ć€‚ -.sp -čæ™ę˜Æäø€äøŖē¤ŗä¾‹č„šęœ¬ļ¼Œå®ƒē§»é™¤ē”Øꈷēš„ cron态at 和 print 作äøšļ¼š -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# ę£€ęŸ„éœ€č¦ēš„å‚ę•° -if [ $# != 1 ]; then - echo "Usage: $0 username" - exit 1 -fi - -# ē§»é™¤ cron 作äøš -crontab \-r \-u $1 - -# ē§»é™¤ at 作äøš -# ę³Øꄏčæ™å°†ē§»é™¤ę‰€ęœ‰å±žäŗŽåŒäø€äøŖ UID ēš„作äøš -# 即ä½æę­¤ ID ē”±å¤šäøŖē”Øęˆ·åå…±äŗ« -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# ē§»é™¤ print 作äøš -lprm $1 - -# å…ØéƒØå®Œęˆ -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -å¦‚ęžœ uid 和 gid ē›ø同ļ¼Œē”Øęˆ·åå’Œäø»ē”Øęˆ·åä¹Ÿē›ø同ļ¼Œä½æ非 root ē»„ēš„ē»„ꎩē ä½å’Œå±žäø»ä½ē›ø同 (如ļ¼š022 \-> 002, 077 \-> 007)怂 -.sp -å¦‚ęžœč®¾ē½®äøŗ -\fIyes\fRļ¼Œå¦‚ęžœē»„äø­ę²”ęœ‰ęˆå‘˜äŗ†ļ¼Œ\fBuserdel\fR -将ē§»é™¤ę­¤ē”Øꈷē»„ļ¼Œ\fBuseradd\fR -创å»ŗē”Øęˆ·ę—¶ļ¼Œä¹Ÿä¼šåˆ›å»ŗäø€äøŖ同名ēš„é»˜č®¤ē»„怂 -.RE -.SH "äŗ¤å‰å¼•ē”Ø" -.PP -如äø‹äŗ¤å‰å¼•ē”Øę˜¾ē¤ŗ影子åƆē å„—件å“ŖäøŖē؋åŗä½æē”Øå“ŖäøŖå‚ę•°ć€‚ -.PP -chfn -.RS 4 -CHFN_AUTH -CHFN_RESTRICT -LOGIN_STRING -.RE -.PP -chgpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chpasswd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENABSHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -chsh -.RS 4 -CHSH_AUTH LOGIN_STRING -.RE -.PP -gpasswd -.RS 4 -ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -groupadd -.RS 4 -GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN -.RE -.PP -groupdel -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmems -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -groupmod -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpck -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -grpunconv -.RS 4 -MAX_MEMBERS_PER_GROUP -.RE -.PP -login -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE -ERASECHAR FAIL_DELAY -FAILLOG_ENAB -FAKE_SHELL -FTMP_FILE -HUSHLOGIN_FILE -ISSUE_FILE -KILLCHAR -LASTLOG_ENAB -LOGIN_RETRIES -LOGIN_STRING -LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB -MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB -TTYGROUP TTYPERM TTYTYPE_FILE -ULIMIT UMASK -USERGROUPS_ENAB -.RE -.PP -newgrp / sg -.RS 4 -SYSLOG_SG_ENAB -.RE -.PP -newusers -.RS 4 -ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -passwd -.RS 4 -ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN -SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS -.RE -.PP -pwck -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -pwconv -.RS 4 -PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE -.RE -.PP -su -.RS 4 -CONSOLE -CONSOLE_GROUPS DEFAULT_HOME -ENV_HZ ENVIRON_FILE -ENV_PATH ENV_SUPATH -ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB -SULOG_FILE SU_NAME -SU_WHEEL_ONLY -SYSLOG_SU_ENAB -USERGROUPS_ENAB -.RE -.PP -sulogin -.RS 4 -ENV_HZ -ENV_TZ -.RE -.PP -useradd -.RS 4 -CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK -.RE -.PP -userdel -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB -.RE -.PP -usermod -.RS 4 -MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP -.RE -.SH "å‚č§" -.PP -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBsu\fR(1), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBpam\fR(8)\&. diff --git a/man/zh_CN/man5/passwd.5 b/man/zh_CN/man5/passwd.5 deleted file mode 100644 index 2bad5a33..00000000 --- a/man/zh_CN/man5/passwd.5 +++ /dev/null @@ -1,178 +0,0 @@ -'\" t -.\" Title: passwd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "PASSWD" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -passwd \- åƆē ę–‡ä»¶ -.SH "ꏏčæ°" -.PP -/etc/passwd -äøŗęƏäøŖē”Øęˆ·č“¦ęˆ·åŒ…å«äø€č”Œļ¼ŒåŒ…含ä½æē”Ø冒号 (\(lq:\(rq) 分隔ēš„äøƒäøŖå­—ę®µļ¼Œåˆ†åˆ«ę˜Æļ¼š -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ē™»å½•å -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -åÆ选ēš„加åƆ后ēš„åƆē  -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ę•°å­—ē”Øꈷ ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ę•°å­—ē»„ ID -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ē”Øęˆ·åå’Œę³Øé‡Šå­—ę®µ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ē”Øꈷäø»ē›®å½• -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -åÆ选ēš„ē”Øęˆ·å‘½ä»¤č§£é‡Šå™Ø -.RE -.PP -加åƆēš„åƆē å­—ꮵåÆ仄äøŗē©ŗļ¼Œę­¤ę—¶ä½æē”ØęŒ‡å®šēš„ē™»å½•åē™»å½•ę—¶äøä¼šč¦ę±‚认čÆć€‚ē„¶č€Œļ¼Œå¦‚ęžœ -\fIpassword\fR -äøŗē©ŗļ¼Œäø€äŗ›čƻ取 -/etc/passwd -ꖇ件ēš„ē؋åŗåÆčƒ½ä¼šäøå…č®ø -\fI任何\fR -č®æé—®ć€‚å¦‚ęžœ -\fIpassword\fR -å­—ę®µę˜Æäø€äøŖ小写ēš„ -\(lqx\(rqļ¼Œé‚£ä¹ˆåŠ åƆēš„åƆē å®žé™…äøŠå­˜å‚ØäŗŽ -\fBshadow\fR(5) -äø­ļ¼›åœØ -/etc/shadow -ꖇ件äø­ -\fIåæ…é”»\fR -꜉åƹåŗ”ēš„č”Œļ¼Œå¦åˆ™ē”Øęˆ·č“¦ęˆ·å°±ä¼šę— ę•ˆć€‚å¦‚ęžœ -\fIpassword\fR -å­—ę®µę˜Æ其他任何字ē¬¦äø²ļ¼Œå°†ä¼šč¢«č§†äøŗ加åƆčæ‡ēš„åƆē ļ¼Œå¦‚ -\fBcrypt\fR(3) -äø­ēš„čÆ“ę˜Žć€‚ -.PP -ę­¤ę³Øé‡Šå­—ę®µč¢«å¤šäøŖē³»ē»Ÿå·„具ä½æē”Øļ¼Œä¾‹å¦‚ -\fBfinger\fR(1)怂 -.PP -äø»ē›®å½•å­—ę®µęä¾›äŗ†åˆå§‹å·„作ē›®å½•ēš„名ē§°ć€‚\fBlogin\fR -ē؋åŗę ¹ę®ę­¤äæ”ęÆč®¾ē½® -\fB$HOME\fR -ēŽÆå¢ƒå˜é‡ć€‚ -.PP -å‘½ä»¤č§£é‡Šå™Øå­—ę®µęä¾›äŗ†ē”Øęˆ·å‘½ä»¤čÆ­čØ€č§£é‡Šå™Øēš„名ē§°ļ¼Œęˆ–č€…å¼€å§‹ę—¶ę‰§č”Œēš„ē؋åŗēš„名ē§°ć€‚\fBlogin\fR -ē؋åŗä½æē”Øę­¤äæ”ęÆč®¾ē½® -\fB$SHELL\fR -ēŽÆ境变量ēš„å€¼ć€‚å¦‚ęžœå­—ę®µäøŗē©ŗļ¼Œé»˜č®¤å€¼äøŗ -/bin/sh怂 -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -åÆ选ēš„加åƆ后ēš„åƆē ę–‡ä»¶ -.RE -.PP -/etc/passwd\- -.RS 4 -/etc/passwd ēš„å¤‡ä»½ę–‡ä»¶ć€‚ -.sp -ę³Øꄏļ¼Œę­¤ę–‡ä»¶ē”± shadow 巄具集ä½æē”Øļ¼Œč€Œäøę˜Æꉀ꜉ēš„ē”Øęˆ·å’ŒåƆē ē®”ē†å·„具都会ä½æē”Ø怂 -.RE -.SH "å‚č§" -.PP -\fBcrypt\fR(3), -\fBgetent\fR(1), -\fBgetpwnam\fR(3), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBshadow\fR(5), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/zh_CN/man5/porttime.5 b/man/zh_CN/man5/porttime.5 deleted file mode 100644 index 3e338996..00000000 --- a/man/zh_CN/man5/porttime.5 +++ /dev/null @@ -1,93 +0,0 @@ -'\" t -.\" Title: porttime -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "PORTTIME" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -porttime \- ē«Æ口č®æ问ꗶ闓ꖇ件 -.SH "ꏏčæ°" -.PP -\fIporttime\fR -包含äø€äøŖ tty č®¾å¤‡ć€ē”Øęˆ·åå’Œå…č®øē™»å½•ę—¶é—“ēš„列č”Ø怂 -.PP -ęƏ锹包含äø‰äøŖē”±å†’号分隔ēš„å­—ę®µć€‚ē¬¬äø€äøŖå­—ę®µę˜Æ逗号分隔ēš„ tty č®¾å¤‡åˆ—č”Øļ¼Œęˆ–č€…ę˜Ÿå·č”Øē¤ŗåŒ¹é…ę‰€ęœ‰ē»ˆē«Æ怂ē¬¬äŗŒäøŖå­—ę®µę˜Æ逗号分隔ēš„ē”Øęˆ·ååˆ—č”Øļ¼Œęˆ–č€…ę˜Ÿå·č”Øē¤ŗåŒ¹é…ę‰€ęœ‰ē”Øęˆ·åć€‚ē¬¬äø‰äøŖå­—ę®µę˜Æ逗号分隔ēš„č®æ问č®øåÆꗶ闓怂 -.PP -ęÆę”č®æé—®ę—¶é—“åŒ…å«äø€å‘Øēš„ 0 å¤©ęˆ–å¤šå¤©ļ¼Œē¼©å†™äøŗ -\fISu\fR, -\fIMo\fR, -\fITu\fR, -\fIWe\fR, -\fITh\fR, -\fIFr\fR -和 -\fISa\fRļ¼ŒéšåŽę˜Æčæžå­—ē¬¦åˆ†éš”ēš„äø€ē»„ꗶ闓ļ¼Œē¼©å†™ -\fIWk\fR -åÆ仄ē”ØäŗŽč”Øē¤ŗå‘Øäø€åˆ°å‘Øäŗ”ļ¼Œ\fIAl\fR -åÆ仄ē”ØäŗŽč”Øē¤ŗę²”äø€å¤©ć€‚å¦‚ęžœę²”ęœ‰åˆ¶å®šå‘Ø几ļ¼Œå°†ä¼šå‡å®šäøŗ -\fIAl\fR怂 -.SH "ē¤ŗ例" -.PP -äø‹é¢ēš„ę”ē›®å…č®øåœØå·„ä½œę—„ēš„äøŠåˆä¹ē‚¹åˆ°äø‹åˆäŗ”ē‚¹åœØ任何ē«Æ口äøŠč®æ问ē”Øꈷ -\fBjfh\fR怂 -.PP -*:jfh:Wk0900\-1700 -.PP -äø‹é¢čæ™ę”ä»»ä½•ę—¶é—“ļ¼ŒåŖ允č®øē”Øꈷ -\fIroot\fR -和 -\fIoper\fR -åœØ -/dev/console -ē™»å½•ć€‚čæ™ä¹Ÿę˜ÆčÆ“ -/etc/porttime -ꖇ件ę˜Æäø€äøŖč®æ问ꗶ闓ēš„ęœ‰åŗåˆ—č”Øć€‚ä»»ä½•åŒ¹é…ē¬¬äŗŒę”ēš„其他ē”Øęˆ·éƒ½äøä¼šč¢«å…č®øč®æ问怂 -.sp -.if n \{\ -.RS 4 -.\} -.nf - console:root,oper:Al0000\-2400 - console:*: - -.fi -.if n \{\ -.RE -.\} -.PP -如äø‹é”¹å…č®øļ¼ŒåœØéžå·„ä½œę—¶é—“åœØ任何ē«Æ口äøŠä½æē”Øē”Øꈷ -\fIgames\fR怂 -.PP -*:games:Wk1700\-0900,SaSu0000\-2400 -.SH "ꖇ件" -.PP -/etc/porttime -.RS 4 -包含äŗ†ē«Æ口č®æ问äæ”ęÆēš„ꖇ件怂 -.RE -.SH "å‚č§" -.PP -\fBlogin\fR(1)\&. diff --git a/man/zh_CN/man5/shadow.5 b/man/zh_CN/man5/shadow.5 deleted file mode 100644 index 2586a8c4..00000000 --- a/man/zh_CN/man5/shadow.5 +++ /dev/null @@ -1,149 +0,0 @@ -'\" t -.\" Title: shadow -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "SHADOW" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -shadow \- 影子化äŗ†ēš„åƆē ę–‡ä»¶ -.SH "ꏏčæ°" -.PP -shadow -ę˜Æäø€äøŖꖇ件ļ¼Œå®ƒåŒ…含ē³»ē»Ÿč“¦ęˆ·ēš„åƆē äæ”ęÆ和åÆ选ēš„幓龄äæ”ęÆ怂 -.PP -å¦‚ęžœę²”ęœ‰ē»“ęŠ¤å„½åƆē å®‰å…Øļ¼Œę­¤ę–‡ä»¶ē»åƹäøčƒ½č®©ę™®é€šē”ØꈷåÆčÆ»ć€‚ -.PP -ꭤꖇ件ēš„ęÆč”ŒåŒ…ę‹¬ 9 äøŖå­—ę®µļ¼Œä½æē”ØåŠč§’å†’å· (\(lq:\(rq) 分隔ļ¼Œé”ŗåŗå¦‚äø‹ļ¼š -.PP -\fBē™»å½•å\fR -.RS 4 -åæ…é”»ę˜Æ꜉ꕈēš„č“¦ęˆ·åļ¼Œäø”å·²ē»å­˜åœØäŗŽē³»ē»Ÿäø­ć€‚ -.RE -.PP -\fB加åƆäŗ†ēš„åƆē \fR -.RS 4 -čÆ·å‚č€ƒ -\fBcrypt\fR(3) -ę„äŗ†č§£å…³äŗŽč§£ęžę­¤å­—ē¬¦äø²ēš„ē»†čŠ‚äæ”ęÆ怂 -.sp -å¦‚ęžœåƆē å­—ę®µåŒ…å«äø€äŗ›äøę˜Æ -\fBcrypt\fR(3) -åˆę³•ē»“ęžœēš„å­—ē¬¦ļ¼ŒęƔ如 ! ꈖ *ļ¼Œē”Øęˆ·å°†ę— ę³•ä½æē”Ø unix åƆē ē™»å½•(但ę˜ÆåÆ仄通čæ‡å…¶å®ƒę–¹ę³•ē™»å½•ē³»ē»Ÿ)怂 -.sp -ę­¤å­—ę®µåÆ仄äøŗē©ŗļ¼Œę­¤ę—¶č®¤čƁäøŗē‰¹å®šēš„ē™»å½•åę—¶ļ¼Œäøč¦ę±‚åƆē ć€‚ē„¶č€Œļ¼Œäø€äŗ›čƻ取 -/etc/shadow -ꖇ件ēš„åŗ”ē”Øē؋åŗļ¼ŒåœØåƆē å­—ꮵäøŗē©ŗę—¶ļ¼ŒåÆčƒ½å†³å®šē¦ę­¢ä»»ä½•č®æ问怂 -.sp -仄叹号开始ēš„åƆē å­—ę®µę„å‘³ē€åƆē č¢«é”å®šć€‚čÆ„č”Œēš„剩余字ē¬¦č”Øē¤ŗ锁定之前ēš„åƆē ć€‚ -.RE -.PP -\fBęœ€åŽäø€ę¬”ę›“ę”¹åƆē ēš„ę—„ꜟ\fR -.RS 4 -꜀čæ‘äø€ę¬”ę›“ę”¹åƆē ēš„ꗶ闓ļ¼Œč”Øē¤ŗ从1970幓1꜈1ę—„å¼€å§‹ēš„å¤©ę•°ć€‚ -.sp -0 ꜉ē‰¹ę®Šę„ę€ļ¼Œč”Øē¤ŗē”Øꈷåŗ”čÆ„åœØäø‹ę¬”ē™»å½•ē³»ē»Ÿę—¶ę›“ę”¹åƆē ć€‚ -.sp -ē©ŗå­—ę®µč”Øē¤ŗåƆē å¹“é¾„åŠŸčƒ½č¢«ē¦ē”Ø怂 -.RE -.PP -\fBåƆē ēš„ęœ€å°å¹“龄\fR -.RS 4 -ęœ€å°åƆē å¹“龄ę˜Æꌇļ¼Œē”Øꈷäø€ę¬”ę›“ę”¹åƆē ä¹‹åŽļ¼Œč¦ē­‰å¤šé•æę—¶é—“ę‰å†ę¬”č¢«å…č®øę›“ę”¹åƆē ć€‚ -.sp -ē©ŗå­—ę®µęˆ– 0 č”Øē¤ŗę²”ęœ‰ęœ€å°åƆē å¹“é¾„ć€‚ -.RE -.PP -\fBęœ€å¤§åƆē å¹“龄\fR -.RS 4 -ęœ€å¤§åƆē å¹“龄ę˜Æꌇļ¼Œčæ™å†™å¤©ä¹‹åŽļ¼Œē”Øꈷåæ…é”»ę›“ę”¹åƆē ć€‚ -.sp -čæ™å†™å¤©ä¹‹åŽļ¼ŒåƆē ä»ē„¶åÆē”Ø怂ē”Øęˆ·å°†ä¼šåœØäø‹ę¬”ē™»å½•ēš„ę—¶å€™č¢«č¦ę±‚ę›“ę”¹åƆē ć€‚ -.sp -ē©ŗå­—ę®µč”Øē¤ŗę²”ęœ‰ęœ€å¤§åƆē å¹“龄ļ¼Œę²”꜉åƆē č­¦å‘Šę—¶é—“ꮵļ¼Œę²”꜉åƆē ē¦ē”Øꗶ闓ꮵ(čÆ·ēœ‹äø‹č¾¹)怂 -.sp -å¦‚ęžœęœ€å¤§åƆē å¹“龄小äŗŽęœ€å°åƆē å¹“龄ļ¼Œē”Øęˆ·å°†ä¼šäøčƒ½ę›“ę”¹åƆē ć€‚ -.RE -.PP -\fBåƆē č­¦å‘Šę—¶é—“ꮵ\fR -.RS 4 -åƆē čæ‡ęœŸä¹‹å‰ļ¼Œęå‰č­¦å‘Šē”Øꈷēš„ēš„å¤©ę•°(čÆ·å‚č€ƒäøŠč¾¹ēš„åƆē ēš„ęœ€å¤§å¹“龄)怂 -.sp -ē©ŗå­—ę®µęˆ–č€… 0 č”Øē¤ŗę²”ęœ‰åƆē č­¦å‘ŠęœŸć€‚ -.RE -.PP -\fBåƆē ē¦ē”Øꜟ\fR -.RS 4 -åƆē čæ‡ęœŸ(ęŸ„ēœ‹äøŠč¾¹ēš„åƆē ęœ€å¤§å¹“龄)后ļ¼Œä»ē„¶ęŽ„å—ę­¤åƆē ēš„å¤©ę•°(åœØę­¤ęœŸé—“ļ¼Œē”Øꈷåŗ”čÆ„åœØäø‹ę¬”ē™»å½•ę—¶äæ®ę”¹åƆē )怂 -.sp -åƆē åˆ°ęœŸå¹¶äø”čæ‡äŗ†čæ™äøŖå®½é™ęœŸä¹‹åŽļ¼Œä½æē”Øē”Øꈷēš„当前ēš„åƆē å°†ä¼šäøčƒ½ē™»å½•ć€‚ē”Øęˆ·éœ€č¦č”ē³»ē³»ē»Ÿē®”ē†å‘˜ć€‚ -.sp -ē©ŗå­—ę®µč”Øē¤ŗę²”ęœ‰å¼ŗ制åƆē čæ‡ęœŸć€‚ -.RE -.PP -\fB蓦ꈷčæ‡ęœŸę—„ꜟ\fR -.RS 4 -蓦ꈷčæ‡ęœŸēš„ę—„ꜟļ¼Œč”Øē¤ŗ从1970幓1꜈1ę—„å¼€å§‹ēš„å¤©ę•°ć€‚ -.sp -ę³Øꄏļ¼Œč“¦ęˆ·čæ‡ęœŸäøåŒäŗŽåƆē čæ‡ęœŸć€‚č“¦ęˆ·čæ‡ęœŸę—¶ļ¼Œē”Øęˆ·å°†äøč¢«å…č®øē™»å½•ļ¼›åƆē čæ‡ęœŸę—¶ļ¼Œē”Øęˆ·å°†äøč¢«å…č®øä½æē”Ø其åƆē ē™»å½•ć€‚ -.sp -ē©ŗå­—ę®µč”Øē¤ŗ蓦ꈷę°øäøčæ‡ęœŸć€‚ -.sp -åŗ”čÆ„éæ免ä½æē”Ø 0ļ¼Œå› äøŗå®ƒę—¢čƒ½ē†č§£ęˆę°øäøčæ‡ęœŸä¹Ÿčƒ½ē†č§£ęˆåœØ1970幓1꜈1ę—„čæ‡ęœŸć€‚ -.RE -.PP -\fBäæē•™å­—ꮵ\fR -.RS 4 -ę­¤å­—ę®µäæē•™ä½œå°†ę„ä½æē”Ø怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow\- -.RS 4 -/etc/shadow ēš„å¤‡ä»½ę–‡ä»¶ć€‚ -.sp -ę³Øꄏļ¼Œę­¤ę–‡ä»¶ē”± shadow 巄具集ä½æē”Øļ¼Œč€Œäøę˜Æꉀ꜉ēš„ē”Øęˆ·å’ŒåƆē ē®”ē†å·„具都会ä½æē”Ø怂 -.RE -.SH "å‚č§" -.PP -\fBchage\fR(1), -\fBlogin\fR(1), -\fBpasswd\fR(1), -\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBpwconv\fR(8), -\fBpwunconv\fR(8), -\fBsu\fR(1), -\fBsulogin\fR(8)\&. diff --git a/man/zh_CN/man5/suauth.5 b/man/zh_CN/man5/suauth.5 deleted file mode 100644 index 217ce763..00000000 --- a/man/zh_CN/man5/suauth.5 +++ /dev/null @@ -1,138 +0,0 @@ -'\" t -.\" Title: suauth -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ– -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "SUAUTH" "5" "2014-05-09" "shadow\-utils 4\&.2" "ę–‡ä»¶ę ¼å¼å’Œč½¬åŒ–" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -suauth \- čƦē»†ēš„ su ęŽ§åˆ¶ę–‡ä»¶ -.SH "大ēŗ²" -.HP \w'\fB/etc/suauth\fR\ 'u -\fB/etc/suauth\fR -.SH "ꏏčæ°" -.PP -ę‰§č”Œ su å‘½ä»¤ę—¶ļ¼Œę€»ę˜Æę ¹ę® -/etc/suauthļ¼ŒåÆä»„ę›“ę”¹ su 命令ēš„č”Œäøŗļ¼Œč§„则ę˜Æļ¼š -.sp -.if n \{\ -.RS 4 -.\} -.nf - 1) su 到ēš„ē”Øꈷ - -.fi -.if n \{\ -.RE -.\} -.PP -2) ę‰§č”Œ su 命令ēš„ē”Øꈷ (ęˆ–č€…ä»–åÆčƒ½å±žäŗŽēš„ē»„) -.PP -ę–‡ä»¶ę ¼å¼äøŗļ¼šä»„ # 开夓ēš„č”Œč§†äøŗę³Ø视ļ¼Œå¹¶č¢«åæ½ē•„ļ¼› -.sp -.if n \{\ -.RS 4 -.\} -.nf - to\-id:from\-id:ACTION - -.fi -.if n \{\ -.RE -.\} -.PP -ę­¤å¤„ēš„ to\-id åÆ仄ę˜Æļ¼š\fIALL\fRļ¼Œé€—号(,) 分隔ēš„ē”Øęˆ·ååˆ—č”Øꈖ者 -\fIALL EXCEPT\fR -åŽč·Ÿé€—å·åˆ†éš”ēš„ē”Øęˆ·ååˆ—č”Ø怂 -.PP -from\-id ę ¼å¼å’Œ to\-id ē›ø同ļ¼Œä½†ę˜ÆåÆ仄多čƆ别äø€äøŖčƍ -\fIGROUP\fR怂\fIALL EXCEPT GROUP\fR -也ę˜Æ꜉ꕈēš„怂\fIGROUP\fR -åŽč¾¹ę˜Æäø€äøŖęˆ–ę›“å¤šēš„ē»„名ē§°ļ¼Œä½æē”Ø逗号(,)åˆ†éš”ć€‚äøå…‰č¦ęœ‰ē›ø关äø»ē»„ēš„ IDļ¼Œä¹Ÿéœ€č¦åœØ -\fB/etc/group\fR(5) -äø­ęœ‰äø€äøŖę”ē›®ć€‚ -.PP -åŠØ作åŖåÆ仄ä½æē”Ø如äø‹å½“前ę”Æꌁēš„é€‰é”¹ć€‚ -.PP -\fIDENY\fR -.RS 4 -su ēš„尝čƕåœØčƢ问åƆē ä¹‹å‰å°±č¢«ę‹’ē»ć€‚ -.RE -.PP -\fINOPASS\fR -.RS 4 -su 尝čƕč‡ŖåŠØęˆåŠŸļ¼Œč€Œäø”äøčƢ问åƆē ć€‚ -.RE -.PP -\fIOWNPASS\fR -.RS 4 -äøŗäŗ†ęˆåŠŸę‰§č”Œ suļ¼Œē”Øꈷåæ…é”»ęä¾›č‡Ŗå·±ēš„åƆē ć€‚å°†ä¼šęē¤ŗ他们čæ™ę ·ć€‚ -.RE -.PP -ę³Øꄏļ¼Œęœ‰äø‰äøŖē”Ø冒号分割ēš„å­—ę®µć€‚å†’å·ę—č¾¹äøčƒ½ęœ‰ē©ŗę ¼ć€‚ä¹ŸčÆ·ę³Øꄏļ¼Œčæ™äøŖę–‡ä»¶ä¼šč¢«äø€č”Œäø€č”Œåœ°ä¾ę¬”ę£€ęŸ„ļ¼Œä¼šä½æē”Øē¬¬äø€äøŖåÆē”Øēš„č§„åˆ™ļ¼Œč€Œäøä¼šē»§ē»­ę£€ęŸ„ꖇ件怂čæ™åÆ仄让ē³»ē»Ÿē®”ē†å‘˜ä½æē³»ē»Ÿå°½é‡ē¬¦åˆå…¶ęœŸęœ›ć€‚ -.SH "ē¤ŗ例" -.sp -.if n \{\ -.RS 4 -.\} -.nf - # ē¤ŗ例 /etc/suauth ꖇ件 - # - # ꜉äø¤äøŖē”ØꈷåÆ仄ä½æē”Øč‡Ŗå·±ēš„åƆē  su ꈐ root - # - root:chris,birddog:OWNPASS - # - # 任何其他äŗŗ都äøčƒ½ su ꈐ rootļ¼Œé™¤éžåœØ wheel ē»„äø­ć€‚ - # BSD å°±ę˜Æčæ™ę ·å®žēŽ°čæ™äøŖåŠŸčƒ½ēš„怂 - # - root:ALL EXCEPT GROUP wheel:DENY - # - # ꈖč®ø terry 和 birddog ę˜Æ属äŗŽåŒäø€äøŖäŗŗēš„č“¦ęˆ· - # äø¤äøŖ蓦ꈷē›“ꎄäŗ’ē›ø suļ¼Œäøéœ€č¦åƆē  - # - terry:birddog:NOPASS - birddog:terry:NOPASS - # - -.fi -.if n \{\ -.RE -.\} -.SH "ꖇ件" -.PP -/etc/suauth -.RS 4 -.RE -.SH "ē¼ŗ陷" -.PP -åÆčƒ½ä¼šęœ‰å¾ˆå¤šę½œåœØé—®é¢˜ć€‚ę–‡ä»¶č§£ęžå™Ø尤其äøčƒ½å®¹åæčÆ­ę³•é”™čÆÆļ¼Œäøčƒ½ęœ‰ę— ę„ä¹‰ēš„ē©ŗē™½ē¬¦(除äŗ†č”Œé¦–å’Œč”Œå°¾)ļ¼Œå¹¶äø”ä½æē”Øē‰¹å®šēš„ę ‡č®°åˆ†å‰²äøåŒēš„äŗ‹ęƒ…怂 -.SH "DIAGNOSTICS" -.PP -ꭤꖇ件ēš„č§£ęžé”™čÆÆ会ä½æē”Ø -\fBsyslogd\fR(8) -作äøŗ AUTH äø­ēš„ ERR ēŗ§åˆ«ęŠ„å‘Šć€‚ -.SH "å‚č§" -.PP -\fBsu\fR(1)\&. diff --git a/man/zh_CN/man8/chgpasswd.8 b/man/zh_CN/man8/chgpasswd.8 deleted file mode 100644 index cbdeb5b1..00000000 --- a/man/zh_CN/man8/chgpasswd.8 +++ /dev/null @@ -1,206 +0,0 @@ -'\" t -.\" Title: chgpasswd -.\" Author: Thomas K\(/loczko <kloczek@pld.org.pl> -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "CHGPASSWD" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -chgpasswd \- ę‰¹é‡ę›“ę–°ē»„åƆē  -.SH "大ēŗ²" -.HP \w'\fBchgpasswd\fR\ 'u -\fBchgpasswd\fR [\fI选锹\fR] -.SH "ꏏčæ°" -.PP -\fBchgpasswd\fR -å‘½ä»¤ä»Žę ‡å‡†č¾“å…„čƻ取äø€ē³»åˆ—ē»„名和åƆē åƹļ¼Œå¹¶ä½æē”Øę­¤äæ”ęÆꛓꖰčæ™äŗ›å­˜åœØēš„ē»„怂ęÆč”Œēš„ę ¼å¼å¦‚äø‹ļ¼š -.PP -\fIgroup_name\fR:\fIpassword\fR -.PP -默认äøŠļ¼Œęä¾›ēš„åƆē åæ…é”»ę˜Æ꘎ē ę–‡ęœ¬ļ¼Œē„¶åŽē”± -\fBchgpasswd\fR -加åÆ†ć€‚ -.PP -The default encryption algorithm can be defined for the system with the -\fBENCRYPT_METHOD\fR -variable of -/etc/login\&.defs, and can be overwiten with the -\fB\-e\fR, -\fB\-m\fR, or -\fB\-c\fR -options\&. -.PP -ę­¤å‘½ä»¤äø€čˆ¬ē”ØäŗŽéœ€č¦äø€ę¬”创å»ŗ很多ē”Øꈷēš„大型ē³»ē»Ÿć€‚ -.SH "选锹" -.PP -\fBchgpasswd\fR -åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -ä½æē”ØęŒ‡å®šēš„ę–¹ę³•åŠ åƆåƆē ć€‚ -.sp -åÆē”Øēš„ę–¹ę³•ęœ‰ DES, MD5, NONE, and SHA256 ꈖ SHA512ļ¼Œå‰ęę˜Æę‚Øēš„ libc ę”Æꌁčæ™å†™ę–¹ę³•ć€‚ -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -ęä¾›ēš„åƆē ę˜Æå·²ē»åŠ åƆäŗ†ēš„ -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -å¦‚ęžœęä¾›ēš„åƆē ę²”ęœ‰åŠ åƆļ¼Œåˆ™ä½æē”Ø MD5 加åÆ†č€Œäøę˜Æ DES怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -ä½æē”ØęŒ‡å®šę¬”ę•°ēš„č½®č½¬ę„加åƆåƆē ć€‚ -.sp -值 0 č”Øē¤ŗ让ē³»ē»Ÿäøŗ加åÆ†ę–¹ę³•é€‰ę‹©é»˜č®¤ēš„č½®č½¬ę¬”ꕰ (5000)怂 -.sp -会å¼ŗåˆ¶ęœ€å° 1,000ļ¼Œęœ€å¤§ 9,9999,9999 -.sp -ę‚ØåŖåÆ仄åƹ SHA256 ꈖ SHA512 ä½æē”Øę­¤é€‰é”¹ć€‚ -.sp -默认ļ¼Œč½®č½¬ę•°ē”± -/etc/login\&.defs -ꖇ件äø­ēš„ SHA_CRYPT_MIN_ROUNDS 和 SHA_CRYPT_MAX_ROUNDS 变量ē”®å®šć€‚ -.RE -.SH "CAVEATS" -.PP -č®°ä½č¦č®¾ē½®ęƒé™ęˆ–者ꎩē ę„é˜»ę­¢å…¶å®ƒē”ØꈷåƹęœŖ加åÆ†ę–‡ä»¶ēš„čÆ»å–ć€‚ -.PP -ę‚Øéœ€č¦ē”®äæä½ å—和加åÆ†ę–¹ę³•ē¬¦åˆē³»ē»Ÿēš„åƆē ē­–ē•„怂 -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -čæ™å®šä¹‰äŗ†ē³»ē»ŸåŠ åƆåƆē ēš„é»˜č®¤ē®—ę³•(å¦‚ęžœę²”ęœ‰åœØå‘½ä»¤č”ŒäøŠęŒ‡å®šē®—ę³•)怂 -.sp -åÆ仄ä½æē”Ø如äø‹å€¼ļ¼š\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -ę³Øꄏļ¼Œę­¤å‚ę•°ä¼šč¦†ē›– -\fBMD5_CRYPT_ENAB\fR -å˜é‡ć€‚ -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -č”Øē¤ŗåƆē ę˜Æ否åæ…é”»ä½æē”ØåŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å¦‚ęžœč®¾äøŗ -\fIyes\fRļ¼Œę–°åƆē å°†ä½æē”ØåÆä»„å’Œę–°ē‰ˆ FreeBSD 兼容ēš„åŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å®ƒę”Æꌁꗠ限é•æåŗ¦ēš„åƆē ä»„åŠę›“é•æēš„ē›å­—ē¬¦äø²ć€‚å¦‚ęžœę‚Øéœ€č¦å°†åŠ åƆēš„åƆē å¤åˆ¶åˆ°å…¶å®ƒäøē†č§£ę–°ē®—ę³•ēš„ē³»ē»Ÿļ¼Œč®¾ē½®äøŗ -\fIno\fRć€‚é»˜č®¤å€¼ę˜Æ -\fIno\fR怂 -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -ę­¤å˜é‡å·²ē»åŗŸå¼ƒć€‚ę‚Øåŗ”čÆ„ä½æē”Ø -\fBENCRYPT_METHOD\fR怂 -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -\fBENCRYPT_METHOD\fR -č®¾äøŗ -\fISHA256\fR -ꈖ -\fISHA512\fR -ę—¶ļ¼Œę­¤é”¹ē”®å®šåŠ åƆē®—ę³•é»˜č®¤ä½æē”Ø SHA č½®č½¬ę•°ē›®(å½“č½®č½¬ę•°ę²”ęœ‰é€ščæ‡å‘½ä»¤č”ŒęŒ‡å®šę—¶)怂 -.sp -ä½æē”Øå¾ˆå¤šč½®č½¬ļ¼Œä¼šč®©ęš“力ē “č§£ę›“åŠ å›°éš¾ć€‚ä½†ę˜Æéœ€č¦ę³Øꄏļ¼Œč®¤čƁē”Øęˆ·ę—¶ä¹Ÿä¼šéœ€č¦ę›“å¤šēš„ CPU 资ęŗć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œlibc ä¼šé€‰ę‹©é»˜č®¤ēš„č½®č½¬ę•°(5000)怂 -.sp -值åæ…é”»åœØ 1000 \- 999,999,999 ä¹‹é—“ć€‚ -.sp -å¦‚ęžœåŖč®¾ē½®äŗ†äø€äøŖ -\fBSHA_CRYPT_MIN_ROUNDS\fR -ꈖ -\fBSHA_CRYPT_MAX_ROUNDS\fR -值ļ¼Œå°±ä¼šä½æē”Øčæ™äøŖå€¼ć€‚ -.sp -å¦‚ęžœ -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fRļ¼Œå°†ä¼šä½æē”Ø大ēš„é‚£äøŖ怂 -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "å‚č§" -.PP -\fBgpasswd\fR(1), -\fBgroupadd\fR(8), -\fBlogin.defs\fR(5)\&. diff --git a/man/zh_CN/man8/chpasswd.8 b/man/zh_CN/man8/chpasswd.8 deleted file mode 100644 index 08b2972a..00000000 --- a/man/zh_CN/man8/chpasswd.8 +++ /dev/null @@ -1,209 +0,0 @@ -'\" t -.\" Title: chpasswd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "CHPASSWD" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -chpasswd \- ę‰¹é‡ę›“ę–°åƆē  -.SH "大ēŗ²" -.HP \w'\fBchpasswd\fR\ 'u -\fBchpasswd\fR [\fI选锹\fR] -.SH "ꏏčæ°" -.PP -The -\fBchpasswd\fR -command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users\&. Each line is of the format: -.PP -\fIuser_name\fR:\fIpassword\fR -.PP -默认åæ…é”»ę˜Žę–‡ęä¾›åƆē ļ¼Œē„¶åŽē”± -\fBchpasswd\fR -加åÆ†ć€‚å¦‚ęžœå­˜åœØåƆē å¹“龄äæ”ęÆļ¼Œä¹Ÿä¼šę›“ę–°ä¹‹ć€‚ -.PP -The default encryption algorithm can be defined for the system with the -\fBENCRYPT_METHOD\fR -or -\fBMD5_CRYPT_ENAB\fR -variables of -/etc/login\&.defs, and can be overwitten with the -\fB\-e\fR, -\fB\-m\fR, or -\fB\-c\fR -options\&. -.PP -\fBchpasswd\fR -first updates all the passwords in memory, and then commits all the changes to disk if no errors occured for any user\&. -.PP -ę­¤å‘½ä»¤äø€čˆ¬ē”ØäŗŽéœ€č¦äø€ę¬”创å»ŗ很多ē”Øꈷēš„大型ē³»ē»Ÿć€‚ -.SH "选锹" -.PP -\fBchpasswd\fR -åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR\ \&\fIMETHOD\fR -.RS 4 -ä½æē”ØęŒ‡å®šēš„ę–¹ę³•åŠ åƆåƆē ć€‚ -.sp -åÆē”Øēš„ę–¹ę³•ęœ‰ DES, MD5, NONE, and SHA256 ꈖ SHA512ļ¼Œå‰ęę˜Æę‚Øēš„ libc ę”Æꌁčæ™å†™ę–¹ę³•ć€‚ -.sp -By default (if none of the -\fB\-c\fR, -\fB\-m\fR, or -\fB\-e\fR -options are specified), the encryption method is defined by the -\fBENCRYPT_METHOD\fR -or -\fBMD5_CRYPT_ENAB\fR -variables of -/etc/login\&.defs\&. -.RE -.PP -\fB\-e\fR, \fB\-\-encrypted\fR -.RS 4 -ęä¾›ēš„åƆē ę˜Æå·²ē»åŠ åƆäŗ†ēš„ -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-m\fR, \fB\-\-md5\fR -.RS 4 -å¦‚ęžœęä¾›ēš„åƆē ę²”ęœ‰åŠ åƆļ¼Œåˆ™ä½æē”Ø MD5 加åÆ†č€Œäøę˜Æ DES怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fIROUNDS\fR -.RS 4 -ä½æē”ØęŒ‡å®šę¬”ę•°ēš„č½®č½¬ę„加åƆåƆē ć€‚ -.sp -值 0 č”Øē¤ŗ让ē³»ē»Ÿäøŗ加åÆ†ę–¹ę³•é€‰ę‹©é»˜č®¤ēš„č½®č½¬ę¬”ꕰ (5000)怂 -.sp -会å¼ŗåˆ¶ęœ€å° 1,000ļ¼Œęœ€å¤§ 9,9999,9999 -.sp -ę‚ØåŖåÆ仄åƹ SHA256 ꈖ SHA512 ä½æē”Øę­¤é€‰é”¹ć€‚ -.sp -By default, the number of rounds is defined by the -\fBSHA_CRYPT_MIN_ROUNDS\fR -and -\fBSHA_CRYPT_MAX_ROUNDS\fR -variables in -/etc/login\&.defs\&. -.RE -.SH "CAVEATS" -.PP -č®°ä½č¦č®¾ē½®ęƒé™ęˆ–者ꎩē ę„é˜»ę­¢å…¶å®ƒē”ØꈷåƹęœŖ加åÆ†ę–‡ä»¶ēš„čÆ»å–ć€‚ -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -čæ™å®šä¹‰äŗ†ē³»ē»ŸåŠ åƆåƆē ēš„é»˜č®¤ē®—ę³•(å¦‚ęžœę²”ęœ‰åœØå‘½ä»¤č”ŒäøŠęŒ‡å®šē®—ę³•)怂 -.sp -åÆ仄ä½æē”Ø如äø‹å€¼ļ¼š\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -ę³Øꄏļ¼Œę­¤å‚ę•°ä¼šč¦†ē›– -\fBMD5_CRYPT_ENAB\fR -å˜é‡ć€‚ -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -č”Øē¤ŗåƆē ę˜Æ否åæ…é”»ä½æē”ØåŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å¦‚ęžœč®¾äøŗ -\fIyes\fRļ¼Œę–°åƆē å°†ä½æē”ØåÆä»„å’Œę–°ē‰ˆ FreeBSD 兼容ēš„åŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å®ƒę”Æꌁꗠ限é•æåŗ¦ēš„åƆē ä»„åŠę›“é•æēš„ē›å­—ē¬¦äø²ć€‚å¦‚ęžœę‚Øéœ€č¦å°†åŠ åƆēš„åƆē å¤åˆ¶åˆ°å…¶å®ƒäøē†č§£ę–°ē®—ę³•ēš„ē³»ē»Ÿļ¼Œč®¾ē½®äøŗ -\fIno\fRć€‚é»˜č®¤å€¼ę˜Æ -\fIno\fR怂 -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -ę­¤å˜é‡å·²ē»åŗŸå¼ƒć€‚ę‚Øåŗ”čÆ„ä½æē”Ø -\fBENCRYPT_METHOD\fR怂 -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -\fBENCRYPT_METHOD\fR -č®¾äøŗ -\fISHA256\fR -ꈖ -\fISHA512\fR -ę—¶ļ¼Œę­¤é”¹ē”®å®šåŠ åƆē®—ę³•é»˜č®¤ä½æē”Ø SHA č½®č½¬ę•°ē›®(å½“č½®č½¬ę•°ę²”ęœ‰é€ščæ‡å‘½ä»¤č”ŒęŒ‡å®šę—¶)怂 -.sp -ä½æē”Øå¾ˆå¤šč½®č½¬ļ¼Œä¼šč®©ęš“力ē “č§£ę›“åŠ å›°éš¾ć€‚ä½†ę˜Æéœ€č¦ę³Øꄏļ¼Œč®¤čƁē”Øęˆ·ę—¶ä¹Ÿä¼šéœ€č¦ę›“å¤šēš„ CPU 资ęŗć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œlibc ä¼šé€‰ę‹©é»˜č®¤ēš„č½®č½¬ę•°(5000)怂 -.sp -值åæ…é”»åœØ 1000 \- 999,999,999 ä¹‹é—“ć€‚ -.sp -å¦‚ęžœåŖč®¾ē½®äŗ†äø€äøŖ -\fBSHA_CRYPT_MIN_ROUNDS\fR -ꈖ -\fBSHA_CRYPT_MAX_ROUNDS\fR -值ļ¼Œå°±ä¼šä½æē”Øčæ™äøŖå€¼ć€‚ -.sp -å¦‚ęžœ -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fRļ¼Œå°†ä¼šä½æē”Ø大ēš„é‚£äøŖ怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "å‚č§" -.PP -\fBpasswd\fR(1), -\fBnewusers\fR(8), -\fBlogin.defs\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/zh_CN/man8/faillog.8 b/man/zh_CN/man8/faillog.8 deleted file mode 100644 index 22ca29d5..00000000 --- a/man/zh_CN/man8/faillog.8 +++ /dev/null @@ -1,165 +0,0 @@ -'\" t -.\" Title: faillog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "FAILLOG" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -faillog \- ę˜¾ē¤ŗē™»å½•å¤±č“„č®°å½•ęˆ–č®¾ē½®ē™»å½•å¤±č“„限制 -.SH "大ēŗ²" -.HP \w'\fBfaillog\fR\ 'u -\fBfaillog\fR [\fI选锹\fR] -.SH "ꏏčæ°" -.PP -\fBfaillog\fR -displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When -\fBfaillog\fR -is run without arguments, it only displays the faillog records of the users who had a login failure\&. -.SH "选锹" -.PP -\fBfaillog\fR -åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-a\fR, \fB\-\-all\fR -.RS 4 -Display (or act on) faillog records for all users having an entry in the -faillog -database\&. -.sp -ē”Øꈷēš„čŒƒå›“åÆ仄ä½æē”Ø -\fB\-u\fR -é€‰é”¹é™åˆ¶ć€‚ -.sp -In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&. -.sp -With the -\fB\-l\fR, -\fB\-m\fR, -\fB\-r\fR, -\fB\-t\fR -options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR -.RS 4 -ē™»å½•å¤±č“„åŽé”å®šč“¦ęˆ· -\fISEC\fR -ē§’怂 -.sp -ę­¤é€‰é”¹č¦ę±‚åƹ -/var/log/faillog -ęœ‰å†™å…„ęƒé™ć€‚ -.RE -.PP -\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR -.RS 4 -Set the maximum number of login failures after the account is disabled to -\fIMAX\fR\&. -.sp -Selecting a -\fIMAX\fR -value of 0 has the effect of not placing a limit on the number of failed logins\&. -.sp -The maximum failure count should always be 0 for -\fIroot\fR -to prevent a denial of services attack against the system\&. -.sp -ę­¤é€‰é”¹č¦ę±‚åƹ -/var/log/faillog -ęœ‰å†™å…„ęƒé™ć€‚ -.RE -.PP -\fB\-r\fR, \fB\-\-reset\fR -.RS 4 -重ē½®ē™»å½•å¤±č“„讔ꕰ怂 -.sp -ę­¤é€‰é”¹č¦ę±‚åƹ -/var/log/faillog -ęœ‰å†™å…„ęƒé™ć€‚ -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR -.RS 4 -ę˜¾ē¤ŗꖰäŗŽ -\fIDAYS\fR -ēš„ē™»å½•å¤±č“„č®°å½•ć€‚ -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -Display faillog record or maintains failure counters and limits (if used with -\fB\-l\fR, -\fB\-m\fR -or -\fB\-r\fR -options) only for the specified user(s)\&. -.sp -The users can be specified by a login name, a numerical user ID, or a -\fIRANGE\fR -of users\&. This -\fIRANGE\fR -of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. -.RE -.PP -When none of the -\fB\-l\fR, -\fB\-m\fR, or -\fB\-r\fR -options are used, -\fBfaillog\fR -displays the faillog record of the specified user(s)\&. -.SH "CAVEATS" -.PP -\fBfaillog\fR -only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the -\fB\-u\fR -flag, or print out all users with the -\fB\-a\fR -flag\&. -.SH "ꖇ件" -.PP -/var/log/faillog -.RS 4 -Failure logging file\&. -.RE -.SH "å‚č§" -.PP -\fBlogin\fR(1), -\fBfaillog\fR(5)\&. diff --git a/man/zh_CN/man8/groupadd.8 b/man/zh_CN/man8/groupadd.8 deleted file mode 100644 index f6b80282..00000000 --- a/man/zh_CN/man8/groupadd.8 +++ /dev/null @@ -1,242 +0,0 @@ -'\" t -.\" Title: groupadd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "GROUPADD" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -groupadd \- 创å»ŗäø€äøŖꖰē»„ -.SH "大ēŗ²" -.HP \w'\fBgroupadd\fR\ 'u -\fBgroupadd\fR [\fI选锹\fR] \fIgroup\fR -.SH "ꏏčæ°" -.PP -The -\fBgroupadd\fR -command creates a new group account using the values specified on the command line plus the default values from the system\&. The new group will be entered into the system files as needed\&. -.SH "选锹" -.PP -\fBgroupadd\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -This option causes the command to simply exit with success status if the specified group already exists\&. When used with -\fB\-g\fR, and the specified GID already exists, another (unique) GID is chosen (i\&.e\&. -\fB\-g\fR -is turned off)\&. -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -The numerical value of the group\*(Aqs ID\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to -\fBGID_MIN\fR -and greater than every other group\&. -.sp -See also the -\fB\-r\fR -option and the -\fBGID_MAX\fR -description\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR -.RS 4 -Overrides -/etc/login\&.defs -defaults (GID_MIN, GID_MAX and others)\&. Multiple -\fB\-K\fR -options can be specified\&. -.sp -ē¤ŗ例ļ¼š\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \&\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR -.sp -ę³Øꄏļ¼š\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR -尚äøčƒ½å·„ä½œć€‚ -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -ę­¤é€‰é”¹å…č®øę·»åŠ äø€äøŖä½æē”Ø非å”Æäø€ GID ēš„ē»„怂 -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -加åƆäŗ†ēš„åƆē ļ¼Œå°±åƒ -\fBcrypt\fR(3) -ēš„čæ”å›žå€¼ć€‚é»˜č®¤äøŗē¦ē”ØåƆē ć€‚ -.sp -\fBę³Øꄏļ¼š\fRäøęŽØ荐ä½æē”Øčæ™äøŖ选锹ļ¼Œå› äøŗåƆē (ęˆ–åŠ åƆčæ‡ēš„åƆē )ä¼šč¢«ē”Øęˆ·é€ščæ‡åˆ—å‡ŗčæ™äøŖčæ‡ēØ‹č€Œēœ‹åˆ°ć€‚ -.sp -ę‚Øåŗ”čÆ„ē”®äæåƆē ē¬¦åˆē³»ē»Ÿēš„åƆē ę”æē­–怂 -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -创å»ŗäø€äøŖē³»ē»Ÿē»„怂 -.sp -The numeric identifiers of new system groups are chosen in the -\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR -range, defined in -login\&.defs, instead of -\fBGID_MIN\fR\-\fBGID_MAX\fR\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -\fBuseradd\fRļ¼Œ\fBgroupadd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„åøø规ē»„ēš„ē»„ ID ēš„čŒƒå›“怂 -.sp -\fBGID_MIN\fR -和 -\fBGID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 1000 和 60000怂 -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -\fBuseradd\fR态\fBgroupadd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ē³»ē»Ÿē»„ēš„ē»„ ID ēš„čŒƒå›“怂 -.sp -\fBSYS_GID_MIN\fR -和 -\fBSYS_GID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 101 和 -\fBGID_MIN\fR\-1怂 -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "CAVEATS" -.PP -ē»„名åæ…锻仄小写字ęÆęˆ–č€…äø‹åˆ’ēŗæ开夓ļ¼Œč·Ÿéšå°å†™å­—ęÆć€äø‹åˆ’ēŗæꈖēŸ­ęØŖēŗæ怂åÆ仄ē”±ē¾Žå…ƒē¬¦å·ē»“ęŸć€‚ē”Øę­£åˆ™č”Øč¾¾å¼å°±ę˜Æļ¼š[a\-z_][a\-z0\-9_\-]*[$]? -.PP -ē»„åęœ€é•æäøŗ 16 äøŖ字ē¬¦ć€‚ -.PP -You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&. -.PP -If the groupname already exists in an external group database such as NIS or LDAP, -\fBgroupadd\fR -will deny the group creation request\&. -.SH "退å‡ŗ值" -.PP -\fBgroupadd\fR -åÆčƒ½ä»„å¦‚äø‹å€¼é€€å‡ŗļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI2\fR -.RS 4 -ꗠꕈēš„命令čÆ­ę³• -.RE -.PP -\fI3\fR -.RS 4 -ē»™äŗ†é€‰é”¹äø€äøŖꗠꕈēš„å‚ę•° -.RE -.PP -\fI4\fR -.RS 4 -GID äøå”Æäø€ (ę²”ęœ‰ä½æē”Ø -\fB\-o\fR) -.RE -.PP -\fI9\fR -.RS 4 -ē»„名äøå”Æäø€ -.RE -.PP -\fI10\fR -.RS 4 -ę— ę³•ę›“ę–°ē»„ꖇ件 -.RE -.SH "å‚č§" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupdel.8 b/man/zh_CN/man8/groupdel.8 deleted file mode 100644 index 716728b6..00000000 --- a/man/zh_CN/man8/groupdel.8 +++ /dev/null @@ -1,134 +0,0 @@ -'\" t -.\" Title: groupdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "GROUPDEL" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -groupdel \- 删除äø€äøŖē»„ -.SH "大ēŗ²" -.HP \w'\fBgroupdel\fR\ 'u -\fBgroupdel\fR [\fI选锹\fR] \fIGROUP\fR -.SH "ꏏčæ°" -.PP -\fBuserdel\fR -äæ®ę”¹ē³»ē»Ÿč“¦ęˆ·ę–‡ä»¶ļ¼Œåˆ é™¤äøŽ -\fIGROUP\fR -ē›ø关ēš„ę‰€ęœ‰é”¹ē›®ć€‚ē»™å‡ŗēš„ē»„名åæ…锻存åœØ怂 -.SH "选锹" -.PP -\fBgroupdel\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "CAVEATS" -.PP -ę‚Øäøčƒ½ē§»é™¤ēŽ°ęœ‰ē”Øꈷēš„äø»ē»„怂åœØē§»é™¤ę­¤ē»„之前ļ¼Œåæ…锻先ē§»é™¤ę­¤ē”Øęˆ·ć€‚ -.PP -ę‚Øéœ€č¦ę‰‹åŠØę£€ęŸ„ę‰€ęœ‰ę–‡ä»¶ē³»ē»Ÿļ¼Œä»„ē”®äæę²”꜉遗ē•™ēš„属äŗŽę­¤ē»„ēš„ꖇ件怂 -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.SH "退å‡ŗ值" -.PP -\fBgroupdel\fR -命令仄如äø‹å€¼é€€å‡ŗļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI2\fR -.RS 4 -ꗠꕈēš„命令čÆ­ę³• -.RE -.PP -\fI6\fR -.RS 4 -ęŒ‡å®šēš„ē»„äøå­˜åœØ -.RE -.PP -\fI8\fR -.RS 4 -äøčƒ½ē§»é™¤ē”Øꈷēš„äø»ē»„ -.RE -.PP -\fI10\fR -.RS 4 -ę— ę³•ę›“ę–°ē»„ꖇ件 -.RE -.SH "å‚č§" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupmod\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupmems.8 b/man/zh_CN/man8/groupmems.8 deleted file mode 100644 index 85464808..00000000 --- a/man/zh_CN/man8/groupmems.8 +++ /dev/null @@ -1,179 +0,0 @@ -'\" t -.\" Title: groupmems -.\" Author: George Kraft, IV -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "GROUPMEMS" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -groupmems \- ē”Øꈷäø»ē»„ēš„ē®”ē†å‘˜ęˆå‘˜ -.SH "大ēŗ²" -.HP \w'\fBgroupmems\fR\ 'u -\fBgroupmems\fR \-a\ \fIuser_name\fR | \-d\ \fIuser_name\fR | [\-g\ \fIgroup_name\fR] | \-l | \-p -.SH "ꏏčæ°" -.PP -The -\fBgroupmems\fR -command allows a user to administer his/her own group membership list without the requirement of superuser privileges\&. The -\fBgroupmems\fR -utility is for systems that configure its users to be in their own name sake primary group (i\&.e\&., guest / guest)\&. -.PP -Only the superuser, as administrator, can use -\fBgroupmems\fR -to alter the memberships of other groups\&. -.SH "选锹" -.PP -\fBgroupmems\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser_name\fR -.RS 4 -将äø€äøŖē”Øęˆ·ę·»åŠ åˆ°ē»„ęˆå‘˜åˆ—č”Ø怂 -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser_name\fR -.RS 4 -从ē»„ęˆå‘˜åˆ—č”Øäø­åˆ é™¤ē”Øęˆ·ć€‚ -.sp -å¦‚ęžœ -/etc/gshadow -ę–‡ä»¶å­˜åœØļ¼Œē”Øęˆ·å°†ä¼šč¢«ä»Žē»„ęˆå‘˜å’Œē®”ē†å‘˜äø­ē§»é™¤ć€‚ -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-g\fR, \fB\-\-group\fR\ \&\fIgroup_name\fR -.RS 4 -超ēŗ§ē”ØꈷåÆä»„ęŒ‡å®šäæ®ę”¹å“ŖäøŖē»„ēš„ē»„ęˆå‘˜åˆ—č”Ø怂 -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-l\fR, \fB\-\-list\fR -.RS 4 -列å‡ŗē»„ęˆå‘˜ć€‚ -.RE -.PP -\fB\-p\fR, \fB\-\-purge\fR -.RS 4 -从ē»„ęˆå‘˜åˆ—č”Øäø­åˆ é™¤ę‰€ęœ‰ē”Øęˆ·ć€‚ -.sp -If the -/etc/gshadow -file exist, and the group has no entry in the -/etc/gshadow -file, a new entry will be created\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "SETUP" -.PP -The -\fBgroupmems\fR -executable should be in mode -2770 -as user -\fIroot\fR -and in group -\fIgroups\fR\&. The system administrator can add users to group -\fIgroups\fR -to allow or disallow them using the -\fBgroupmems\fR -utility to manage their own group membership list\&. -.sp -.if n \{\ -.RS 4 -.\} -.nf - $ groupadd \-r groups - $ chmod 2770 groupmems - $ chown root\&.groups groupmems - $ groupmems \-g groups \-a gk4 - -.fi -.if n \{\ -.RE -.\} -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ -.RE -.SH "å‚č§" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupmod.8 b/man/zh_CN/man8/groupmod.8 deleted file mode 100644 index 8e734bf2..00000000 --- a/man/zh_CN/man8/groupmod.8 +++ /dev/null @@ -1,207 +0,0 @@ -'\" t -.\" Title: groupmod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "GROUPMOD" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -groupmod \- modify a group definition on the system -.SH "大ēŗ²" -.HP \w'\fBgroupmod\fR\ 'u -\fBgroupmod\fR [\fI选锹\fR] \fIGROUP\fR -.SH "ꏏčæ°" -.PP -The -\fBgroupmod\fR -command modifies the definition of the specified -\fIGROUP\fR -by modifying the appropriate entry in the group database\&. -.SH "选锹" -.PP -\fBgroupmod\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR -.RS 4 -The group ID of the given -\fIGROUP\fR -will be changed to -\fIGID\fR\&. -.sp -The value of -\fIGID\fR -must be a non\-negative decimal integer\&. This value must be unique, unless the -\fB\-o\fR -option is used\&. -.sp -Users who use the group as primary group will be updated to keep the group as their primary group\&. -.sp -Any files that have the old group ID and must continue to belong to -\fIGROUP\fR, must have their group ID changed manually\&. -.sp -No checks will be performed with regard to the -\fBGID_MIN\fR, -\fBGID_MAX\fR, -\fBSYS_GID_MIN\fR, or -\fBSYS_GID_MAX\fR -from -/etc/login\&.defs\&. -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fINEW_GROUP\fR -.RS 4 -The name of the group will be changed from -\fIGROUP\fR -to -\fINEW_GROUP\fR -name\&. -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -When used with the -\fB\-g\fR -option, allow to change the group -\fIGID\fR -to a non\-unique value\&. -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -å·²ē»åŠ åƆčæ‡ēš„åƆē ļ¼Œå°±åƒ -\fBcrypt\fR(3) -čæ”回ēš„é‚£ę ·ć€‚ -.sp -\fBę³Øꄏļ¼š\fRäøęŽØ荐ä½æē”Øčæ™äøŖ选锹ļ¼Œå› äøŗåƆē (ęˆ–åŠ åƆčæ‡ēš„åƆē )ä¼šč¢«ē”Øęˆ·é€ščæ‡åˆ—å‡ŗčæ™äøŖčæ‡ēØ‹č€Œēœ‹åˆ°ć€‚ -.sp -ę‚Øåŗ”čÆ„ē”®äæåƆē ē¬¦åˆē³»ē»Ÿēš„åƆē ę”æē­–怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "退å‡ŗ值" -.PP -\fBgroupmod\fR -命令åÆ仄čæ”回如äø‹å€¼ļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI2\fR -.RS 4 -ꗠꕈēš„命令čÆ­ę³• -.RE -.PP -\fI3\fR -.RS 4 -ē»™äŗ†é€‰é”¹äø€äøŖꗠꕈēš„å‚ę•° -.RE -.PP -\fI4\fR -.RS 4 -ęŒ‡å®šēš„ē»„äøå­˜åœØ -.RE -.PP -\fI6\fR -.RS 4 -ęŒ‡å®šēš„ē»„äøå­˜åœØ -.RE -.PP -\fI9\fR -.RS 4 -ē»„名已ē»åœØä½æē”Ø -.RE -.PP -\fI10\fR -.RS 4 -ę— ę³•ę›“ę–°ē»„ꖇ件 -.RE -.SH "å‚č§" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBlogin.defs\fR(5), -\fBuseradd\fR(8), -\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/grpck.8 b/man/zh_CN/man8/grpck.8 deleted file mode 100644 index 7c3f0a3c..00000000 --- a/man/zh_CN/man8/grpck.8 +++ /dev/null @@ -1,239 +0,0 @@ -'\" t -.\" Title: grpck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "GRPCK" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -grpck \- ę£€ęŸ„ē»„ꖇ件ēš„å®Œę•“ꀧ -.SH "大ēŗ²" -.HP \w'\fBgrpck\fR\ 'u -\fBgrpck\fR [选锹] [\fIgroup\fR\ [\ \fIshadow\fR\ ]] -.SH "ꏏčæ°" -.PP -The -\fBgrpck\fR -command verifies the integrity of the groups information\&. It checks that all entries in -/etc/groupand /etc/gshadow -have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. -.PP -ę£€ęŸ„ēš„锹ē›®ęœ‰ļ¼š -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ę­£ē”®ēš„å­—ę®µę•° -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -äø€äøŖå”Æäø€äø”ęœ‰ę•ˆēš„ē»„名 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -꜉ꕈēš„ē»„ę ‡čƆē¬¦ -(仅 /etc/group) -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -꜉ꕈēš„ęˆå‘˜å’Œ -ē®”ē†å‘˜ -列č”Ø怂 -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -a corresponding entry in the -/etc/gshadow -file (respectively -/etc/group -for the -gshadow -checks) -.RE -.PP -The checks for correct number of fields and unique group name are fatal\&. If an entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warnings and the user is encouraged to run the -\fBgroupmod\fR -command to correct the error\&. -.PP -The commands which operate on the -/etc/groupand /etc/gshadow files -are not able to alter corrupted or duplicated entries\&. -\fBgrpck\fR -should be used in those circumstances to remove the offending entries\&. -.SH "选锹" -.PP -\fB\-r\fR -和 -\fB\-s\fR -选锹äøčƒ½č”合ä½æē”Ø怂 -.PP -\fBgrpck\fR -åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -Execute the -\fBgrpck\fR -command in read\-only mode\&. This causes all questions regarding changes to be answered -\fIno\fR -without user intervention\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -ę ¹ę® GID åœØ -/etc/group和 /etc/gshadow -äø­čæ›č”ŒęŽ’åŗć€‚ -.RE -.PP -By default, -\fBgrpck\fR -operates on -/etc/groupand /etc/gshadow\&. The user may select alternate files with the -\fIgroup\fRand \fIshadow\fR parameters\&. -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "退å‡ŗ值" -.PP -\fBgrpck\fR -åÆ仄čæ”回如äø‹å€¼ļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI1\fR -.RS 4 -ꗠꕈēš„命令čÆ­ę³• -.RE -.PP -\fI2\fR -.RS 4 -äø€äøŖęˆ–å¤šäøŖåęŽ‰ēš„ē»„ę”ē›® -.RE -.PP -\fI3\fR -.RS 4 -ę— ę³•ę‰“å¼€ē»„ꖇ件 -.RE -.PP -\fI4\fR -.RS 4 -ę— ę³•é”å®šē»„ꖇ件 -.RE -.PP -\fI5\fR -.RS 4 -ę— ę³•ę›“ę–°ē»„ꖇ件 -.RE -.SH "å‚č§" -.PP -\fBgroup\fR(5), -\fBgroupmod\fR(8), -\fBgshadow\fR(5),\fBpasswd\fR(5), -\fBpwck\fR(8), -\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man8/grpconv.8 b/man/zh_CN/man8/grpconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/zh_CN/man8/grpconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/zh_CN/man8/grpunconv.8 b/man/zh_CN/man8/grpunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/zh_CN/man8/grpunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/zh_CN/man8/lastlog.8 b/man/zh_CN/man8/lastlog.8 deleted file mode 100644 index 00b24a05..00000000 --- a/man/zh_CN/man8/lastlog.8 +++ /dev/null @@ -1,110 +0,0 @@ -'\" t -.\" Title: lastlog -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "LASTLOG" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -lastlog \- ęŠ„å‘Šę‰€ęœ‰ē”Øꈷēš„ęœ€čæ‘ē™»å½•ęƒ…况ļ¼Œęˆ–č€…ęŒ‡å®šē”Øꈷēš„ęœ€čæ‘ē™»å½•ęƒ…况 -.SH "大ēŗ²" -.HP \w'\fBlastlog\fR\ 'u -\fBlastlog\fR [\fI选锹\fR] -.SH "ꏏčæ°" -.PP -\fBlastlog\fR -formats and prints the contents of the last login log -/var/log/lastlog -file\&. The -\fIlogin\-name\fR, -\fIport\fR, and -\fIlast login time\fR -will be printed\&. The default (no flags) causes lastlog entries to be printed, sorted by their order in -/etc/passwd\&. -.SH "选锹" -.PP -\fBlastlog\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-b\fR, \fB\-\-before\fR\ \&\fIDAYS\fR -.RS 4 -åŖę˜¾ē¤ŗ老äŗŽ -\fIDAYS\fR -ēš„ęœ€čæ‘ē™»å½•č®°å½•ć€‚ -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR -.RS 4 -åŖēŽ°å®žę–°äŗŽ -\fIDAYS\fR -ēš„ęœ€čæ‘ē™»å½•č®°å½•ć€‚ -.RE -.PP -\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR -.RS 4 -ēŽ°å®žęŒ‡å®šē”Øꈷēš„ęœ€čæ‘ē™»å½•č®°å½•ć€‚ -.sp -The users can be specified by a login name, a numerical user ID, or a -\fIRANGE\fR -of users\&. This -\fIRANGE\fR -of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. -.RE -.PP -å¦‚ęžœē”Øęˆ·ä»Žę„ę²”ęœ‰ē™»å½•čæ‡ļ¼Œå°†ä¼šę˜¾ē¤ŗ -\fI** 从ęœŖē™»å½• **\fR -而äøę˜Æē«Æå£å’Œę—¶é—“ć€‚ -.PP -Only the entries for the current users of the system will be displayed\&. Other entries may exist for users that were deleted previously\&. -.SH "ę³Øꄏ" -.PP -The -lastlog -file is a database which contains info on the last login of each user\&. You should not rotate it\&. It is a sparse file, so its size on the disk is usually much smaller than the one shown by "\fBls \-l\fR" (which can indicate a really big file if you have in -passwd -users with a high UID)\&. You can display its real size with "\fBls \-s\fR"\&. -.SH "ꖇ件" -.PP -/var/log/lastlog -.RS 4 -Database times of previous user logins\&. -.RE -.SH "CAVEATS" -.PP -Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i\&.e\&. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171\-799)\&. diff --git a/man/zh_CN/man8/logoutd.8 b/man/zh_CN/man8/logoutd.8 deleted file mode 100644 index e613b800..00000000 --- a/man/zh_CN/man8/logoutd.8 +++ /dev/null @@ -1,57 +0,0 @@ -'\" t -.\" Title: logoutd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "LOGOUTD" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -logoutd \- å¼ŗ制ē™»å½•ę—¶é—“限制 -.SH "大ēŗ²" -.HP \w'\fBlogoutd\fR\ 'u -\fBlogoutd\fR -.SH "ꏏčæ°" -.PP -\fBlogoutd\fR -enforces the login time and port restrictions specified in -/etc/porttime\&. -\fBlogoutd\fR -should be started from -/etc/rc\&. The -/var/run/utmp -file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time\&. Any login session which is violating the restrictions in -/etc/porttime -is terminated\&. -.SH "ꖇ件" -.PP -/etc/porttime -.RS 4 -包含äŗ†ē«Æ口č®æ问äæ”ęÆēš„ꖇ件怂 -.RE -.PP -/var/run/utmp -.RS 4 -当前ē™»å½•ä¼ščƝēš„列č”Ø怂 -.RE diff --git a/man/zh_CN/man8/newusers.8 b/man/zh_CN/man8/newusers.8 deleted file mode 100644 index 3c4277a7..00000000 --- a/man/zh_CN/man8/newusers.8 +++ /dev/null @@ -1,430 +0,0 @@ -'\" t -.\" Title: newusers -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "NEWUSERS" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -newusers \- ę‰¹é‡ę›“ę–°å’Œåˆ›å»ŗꖰē”Øꈷ -.SH "大ēŗ²" -.HP \w'\fBnewusers\fR\ 'u -\fBnewusers\fR [\fI选锹\fR] [\fIꖇ件\fR] -.SH "ꏏčæ°" -.PP -The -\fBnewusers\fR -command reads a -\fIfile\fR -(or the standard input by default) and uses this information to update a set of existing users or to create new users\&. Each line is in the same format as the standard password file (see -\fBpasswd\fR(5)) with the exceptions explained below: -.PP -pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell -.PP -\fIpw_name\fR -.RS 4 -čæ™ę˜Æē”Øꈷēš„ē”Øęˆ·åć€‚ -.sp -ę—¢åÆ仄ę˜Æꖰē”Øęˆ·åä¹ŸåÆ仄ę˜ÆēŽ°ęœ‰ē”Øęˆ·å(也åÆ仄ę˜Æ -\fBnewusers\fR -仄前创å»ŗēš„ē”Øꈷ)怂ēŽ°ęœ‰ē”Øęˆ·ę—¶ļ¼Œå°†ä¼šę›“ę”¹ē”Øꈷäæ”ęÆļ¼Œå¦åˆ™ä¼šåˆ›å»ŗꖰē”Øęˆ·ć€‚ -.RE -.PP -\fIpw_passwd\fR -.RS 4 -ę­¤å­—ę®µå°†č¢«åŠ åƆē„¶åŽē”ØäŗŽåŠ åƆ后åƆē ēš„ę–°å€¼ć€‚ -.RE -.PP -\fIpw_uid\fR -.RS 4 -ę­¤å­—ę®µē”ØäŗŽå®šä¹‰ē”Øꈷēš„ UID怂 -.sp -å¦‚ęžœę­¤å­—ę®µäøŗē©ŗļ¼Œ\fBnewusers\fR -会č‡ŖåŠØē”®å®šäø€äøŖꖰēš„(ęœŖä½æē”Øēš„)UID怂 -.sp -å¦‚ęžœę­¤å­—ę®µåŒ…å«äø€äøŖę•°å­—ļ¼Œę­¤ę•°å­—会ē”ØäŗŽ UID怂 -.sp -å¦‚ęžœę­¤å­—ę®µåŒ…å«å·²ē»ä½æē”Øäŗ†ēš„ē”Øęˆ·å(ꈖ者 -\fBnewusers\fR -åœØå‰č¾¹å·²ē»åˆ›å»ŗēš„äø€äøŖē”Øꈷ)ļ¼Œå°†ä¼šä½æē”ØęŒ‡å®šē”Øꈷēš„ UID怂 -.sp -å¦‚ęžœäø€äøŖēŽ°ęœ‰ē”Øęˆ·ę›“ę”¹äŗ† UIDļ¼Œę­¤ē”Øꈷēš„ę–‡ä»¶ę‰€ęœ‰ęƒéœ€č¦ę‰‹åŠØäæ®å¤ć€‚ -.RE -.PP -\fIpw_gid\fR -.RS 4 -ę­¤å­—ę®µē”ØäŗŽå®šä¹‰ē”Øꈷēš„äø»ē»„ ID怂 -.sp -å¦‚ęžœę­¤å­—ę®µåŒ…å«äø€äøŖēŽ°ęœ‰ē»„ēš„ē»„名(ꈖ者 -\fBnewusers\fR -åœØå‰č¾¹åˆ›å»ŗēš„äø€äøŖē»„)ļ¼Œę­¤ē»„ēš„ GID ä¼šč¢«ē”ØäŗŽåšę­¤ē”Øꈷēš„äø»ē»„ ID怂 -.sp -å¦‚ęžœę­¤å­—ę®µę˜Æäø€äøŖę•°å­—ļ¼Œę­¤ę•°å­—ä¼šč¢«ē”Øä½œę­¤ē”Øꈷēš„äø»ē»„ IDć€‚å¦‚ęžœę²”ęœ‰åƹåŗ”ę­¤ GID ēš„ēŽ°ęœ‰ē»„ļ¼Œå°†ä¼šä½æē”Øę­¤ GID 创å»ŗäø€äøŖꖰē»„ļ¼Œåē§°å’Œē”Øęˆ·åē›øåŒć€‚ -.sp -å¦‚ęžœę­¤å­—ę®µäøŗē©ŗļ¼Œå°†ä¼šä½æē”Øē”Øęˆ·åä½œäøŗē»„名ļ¼Œ\fBnewusers\fR -č‡ŖåŠØē”®å®šēš„äø€äøŖ GID 作äøŗäø»ē»„ ID ę„åˆ›å»ŗäø€äøŖꖰē»„怂 -.sp -å¦‚ęžœę­¤å­—ę®µåŒ…å«äø€äøŖäøå­˜åœØēš„ē»„ēš„名字(ä¹Ÿę²”ęœ‰ē”± -\fBnewusers\fR -åœØå‰č¾¹åˆ›å»ŗ)ļ¼Œå°†ä½æē”ØęŒ‡å®šēš„ē»„名和 -\fBnewusers\fR -č‡ŖåŠØē”®å®šēš„ GID 创å»ŗäø€äøŖē»„ļ¼Œå¹¶ä½œäøŗē”Øꈷēš„äø»ē»„怂 -.RE -.PP -\fIpw_gecos\fR -.RS 4 -ę­¤å­—ę®µå¤åˆ¶åˆ°ē”Øꈷēš„ GECOS å­—ę®µć€‚ -.RE -.PP -\fIpw_dir\fR -.RS 4 -ę­¤å­—ę®µē”ØäŗŽå®šä¹‰ē”Øꈷēš„äø»ē›®å½•ć€‚ -.sp -å¦‚ęžœę­¤å­—ę®µęŒ‡å®šēš„äøę˜ÆēŽ°ęœ‰ēš„ē›®å½•ļ¼Œå°†ä¼šåˆ›å»ŗęŒ‡å®šēš„ē›®å½•ļ¼Œę‰€ęœ‰ęƒč®¾ē½®äøŗ创å»ŗęˆ–ę›“ę–°ēš„ē”Øęˆ·åŠå…¶äø»ē»„怂 -.sp -å¦‚ęžœēŽ°ęœ‰ē”Øꈷēš„äø»ē›®å½•å˜ę›“ļ¼Œ\fBnewusers\fR -äøä¼šē§»åŠØęˆ–č€…å¤åˆ¶ę—§ē›®å½•ēš„å†…å®¹åˆ°ę–°ä½ē½®ć€‚čæ™éœ€č¦ę‰‹åŠØå®Œęˆć€‚ -.RE -.PP -\fIpw_shell\fR -.RS 4 -ę­¤å­—ę®µå®šä¹‰äŗ†ē”Øꈷēš„ shell怂åÆ¹ę­¤å­—ę®µäøčæ›č”Œä»»ä½•ę£€ęŸ„怂 -.RE -.PP -\fBnewusers\fR -首先尝čƕ创å»ŗęˆ–ę›“ę”¹ę‰€ęœ‰ęŒ‡å®šēš„ē”Øꈷļ¼Œē„¶åŽå°†čæ™äŗ›ę›“ę”¹å†™å…„ē”Øęˆ·ęˆ–ē»„ę•°ę®åŗ“ć€‚å¦‚ęžœå‘ē”Ÿé”™čÆÆ(除非ę˜ÆåœØęœ€åŽå†™å…„ę•°ę®åŗ“čæ‡ē؋äø­)ļ¼Œäøä¼šęœ‰ä»»ä½•ę›“ę”¹ć€‚ -.PP -ę­¤å‘½ä»¤äø€čˆ¬ē”ØäŗŽåœØ大型ēš„åŗ”ē”ØēŽÆ境äø­ļ¼ŒåÆ¹å¤§é‡č“¦ęˆ·čæ›č”Œäø€ę¬”ꀧꛓꖰ怂 -.SH "选锹" -.PP -\fBnewusers\fR -命令åÆ仄ä½æē”Øēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-c\fR, \fB\-\-crypt\-method\fR -.RS 4 -ä½æē”ØęŒ‡å®šēš„ę–¹ę³•åŠ åƆåƆē ć€‚ -.sp -åÆē”Øēš„ę–¹ę³•ęœ‰ DES, MD5, NONE, and SHA256 ꈖ SHA512ļ¼Œå‰ęę˜Æę‚Øēš„ libc ę”Æꌁčæ™å†™ę–¹ę³•ć€‚ -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -创å»ŗäø€äøŖē³»ē»Ÿč“¦ęˆ·ć€‚ -.sp -System users will be created with no aging information in -/etc/shadow, and their numeric identifiers are chosen in the -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR -range, defined in -login\&.defs, instead of -\fBUID_MIN\fR\-\fBUID_MAX\fR -(and their -\fBGID\fR -counterparts for the creation of groups)\&. -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sha\-rounds\fR -.RS 4 -ä½æē”ØęŒ‡å®šę¬”ę•°ēš„č½®č½¬ę„加åƆåƆē ć€‚ -.sp -值 0 č”Øē¤ŗ让ē³»ē»Ÿäøŗ加åÆ†ę–¹ę³•é€‰ę‹©é»˜č®¤ēš„č½®č½¬ę¬”ꕰ (5000)怂 -.sp -会å¼ŗåˆ¶ęœ€å° 1,000ļ¼Œęœ€å¤§ 9,9999,9999 -.sp -ę‚ØåŖåÆ仄åƹ SHA256 ꈖ SHA512 ä½æē”Øę­¤é€‰é”¹ć€‚ -.sp -默认ļ¼Œč½®č½¬ę•°ē”± -/etc/login\&.defs -ꖇ件äø­ēš„ SHA_CRYPT_MIN_ROUNDS 和 SHA_CRYPT_MAX_ROUNDS 变量ē”®å®šć€‚ -.RE -.SH "CAVEATS" -.PP -č¾“å…„ę–‡ä»¶åæ…锻受到äæęŠ¤ļ¼Œå› äøŗ它包含ęœŖ加åƆēš„åƆē ć€‚ -.PP -ę‚Øéœ€č¦ē”®äæä½ å—和加åÆ†ę–¹ę³•ē¬¦åˆē³»ē»Ÿēš„åƆē ē­–ē•„怂 -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBENCRYPT_METHOD\fR (string) -.RS 4 -čæ™å®šä¹‰äŗ†ē³»ē»ŸåŠ åƆåƆē ēš„é»˜č®¤ē®—ę³•(å¦‚ęžœę²”ęœ‰åœØå‘½ä»¤č”ŒäøŠęŒ‡å®šē®—ę³•)怂 -.sp -åÆ仄ä½æē”Ø如äø‹å€¼ļ¼š\fIDES\fR -(default), -\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. -.sp -ę³Øꄏļ¼Œę­¤å‚ę•°ä¼šč¦†ē›– -\fBMD5_CRYPT_ENAB\fR -å˜é‡ć€‚ -.RE -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -\fBuseradd\fRļ¼Œ\fBgroupadd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„åøø规ē»„ēš„ē»„ ID ēš„čŒƒå›“怂 -.sp -\fBGID_MIN\fR -和 -\fBGID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 1000 和 60000怂 -.RE -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -\fBMD5_CRYPT_ENAB\fR (boolean) -.RS 4 -č”Øē¤ŗåƆē ę˜Æ否åæ…é”»ä½æē”ØåŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å¦‚ęžœč®¾äøŗ -\fIyes\fRļ¼Œę–°åƆē å°†ä½æē”ØåÆä»„å’Œę–°ē‰ˆ FreeBSD 兼容ēš„åŸŗäŗŽ MD5 ēš„ē®—ę³•åŠ åÆ†ć€‚å®ƒę”Æꌁꗠ限é•æåŗ¦ēš„åƆē ä»„åŠę›“é•æēš„ē›å­—ē¬¦äø²ć€‚å¦‚ęžœę‚Øéœ€č¦å°†åŠ åƆēš„åƆē å¤åˆ¶åˆ°å…¶å®ƒäøē†č§£ę–°ē®—ę³•ēš„ē³»ē»Ÿļ¼Œč®¾ē½®äøŗ -\fIno\fRć€‚é»˜č®¤å€¼ę˜Æ -\fIno\fR怂 -.sp -This variable is superseded by the -\fBENCRYPT_METHOD\fR -variable or by any command line option used to configure the encryption algorithm\&. -.sp -ę­¤å˜é‡å·²ē»åŗŸå¼ƒć€‚ę‚Øåŗ”čÆ„ä½æē”Ø -\fBENCRYPT_METHOD\fR怂 -.RE -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -äø€äøŖåƆē åÆ仄ä½æē”Øēš„ęœ€å¤§å¤©ę•°ć€‚å¦‚ęžœåƆē ęƔčæ™ę—§ļ¼Œå°†ä¼šå¼ŗčæ«ę›“ę”¹åƆē ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå°±å‡å®šäøŗ \-1ļ¼Œčæ™ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -äø¤ę¬”ę›“ę”¹åƆē ę—¶é—“ēš„ęœ€å°é—“éš”ć€‚å°†ä¼šę‹’ē»ä»»ä½•ę—©äŗŽę­¤ēš„ę›“ę”¹åƆē ēš„尝čÆ•ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå‡å®šäøŗ \-1ļ¼Œå°†ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -åƆē čæ‡ęœŸä¹‹å‰ē»™å‡ŗč­¦å‘Šēš„å¤©ę•°ć€‚0 č”Øē¤ŗåŖ꜉åŖåœØčæ‡ęœŸēš„å½“å¤©č­¦å‘Šļ¼Œč“Ÿå€¼č”Øē¤ŗäøč­¦å‘Šć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œäøä¼šē»™č­¦å‘Šć€‚ -.RE -.PP -\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) -.RS 4 -\fBENCRYPT_METHOD\fR -č®¾äøŗ -\fISHA256\fR -ꈖ -\fISHA512\fR -ę—¶ļ¼Œę­¤é”¹ē”®å®šåŠ åƆē®—ę³•é»˜č®¤ä½æē”Ø SHA č½®č½¬ę•°ē›®(å½“č½®č½¬ę•°ę²”ęœ‰é€ščæ‡å‘½ä»¤č”ŒęŒ‡å®šę—¶)怂 -.sp -ä½æē”Øå¾ˆå¤šč½®č½¬ļ¼Œä¼šč®©ęš“力ē “č§£ę›“åŠ å›°éš¾ć€‚ä½†ę˜Æéœ€č¦ę³Øꄏļ¼Œč®¤čƁē”Øęˆ·ę—¶ä¹Ÿä¼šéœ€č¦ę›“å¤šēš„ CPU 资ęŗć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œlibc ä¼šé€‰ę‹©é»˜č®¤ēš„č½®č½¬ę•°(5000)怂 -.sp -值åæ…é”»åœØ 1000 \- 999,999,999 ä¹‹é—“ć€‚ -.sp -å¦‚ęžœåŖč®¾ē½®äŗ†äø€äøŖ -\fBSHA_CRYPT_MIN_ROUNDS\fR -ꈖ -\fBSHA_CRYPT_MAX_ROUNDS\fR -值ļ¼Œå°±ä¼šä½æē”Øčæ™äøŖå€¼ć€‚ -.sp -å¦‚ęžœ -\fBSHA_CRYPT_MIN_ROUNDS\fR -> -\fBSHA_CRYPT_MAX_ROUNDS\fRļ¼Œå°†ä¼šä½æē”Ø大ēš„é‚£äøŖ怂 -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -\fBuseradd\fR态\fBgroupadd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ē³»ē»Ÿē»„ēš„ē»„ ID ēš„čŒƒå›“怂 -.sp -\fBSYS_GID_MIN\fR -和 -\fBSYS_GID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 101 和 -\fBGID_MIN\fR\-1怂 -.RE -.PP -\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) -.RS 4 -\fBuseradd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ē³»ē»Ÿē”Øꈷēš„ē”Øꈷ ID ēš„čŒƒå›“怂 -.sp -\fBSYS_UID_MIN\fR -和 -\fBSYS_UID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 101 和 -\fBUID_MIN\fR\-1怂 -.RE -.PP -\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) -.RS 4 -\fBuseradd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ꙮ通ē”Øꈷēš„ē”Øꈷ ID ēš„čŒƒå›“怂 -.sp -\fBUID_MIN\fR -和 -\fBUID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 1000 和 60000怂 -.RE -.PP -\fBUMASK\fR (number) -.RS 4 -ꖇ件ęؔ式创å»ŗꎩē åˆå§‹åŒ–äøŗę­¤å€¼ć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼ŒęŽ©ē åˆå§‹åŒ–äøŗ 022怂 -.sp -\fBuseradd\fR -和 -\fBnewusers\fR -ä½æē”Øꭤꎩē č®¾ē½®å®ƒä»¬åˆ›å»ŗēš„ē”Øꈷäø»ē›®å½•ēš„ęØ”å¼ć€‚ -.sp -ä¹Ÿč¢« -\fBlogin\fR -ē”ØäŗŽęŒ‡å®šē”Øꈷēš„初始 umask怂ę³Øꄏļ¼Œę­¤ęŽ©ē åÆä»„č¢«ē”Øꈷēš„ GECOS č”Œč¦†ē›–(å½“č®¾ē½®äŗ† -\fBQUOTAS_ENAB\fR -ę—¶)ļ¼Œä¹ŸåÆä»„č¢«åø¦ -\fIK\fR -ꌇē¤ŗē¬¦ēš„ -\fBlimits\fR(5) -定义ēš„é™åˆ¶å€¼č¦†ē›–怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "å‚č§" -.PP -\fBlogin.defs\fR(5), -\fBpasswd\fR(1), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8)\&. diff --git a/man/zh_CN/man8/nologin.8 b/man/zh_CN/man8/nologin.8 deleted file mode 100644 index c22ff160..00000000 --- a/man/zh_CN/man8/nologin.8 +++ /dev/null @@ -1,49 +0,0 @@ -'\" t -.\" Title: nologin -.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "NOLOGIN" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -nologin \- ē¤¼č²Œåœ°ę‹’ē»ē™»å½• -.SH "大ēŗ²" -.HP \w'\fBnologin\fR\ 'u -\fBnologin\fR -.SH "ꏏčæ°" -.PP -\fBnologin\fR -å‘½ä»¤ę˜¾ē¤ŗäø€äøŖäæ”ęÆļ¼ŒčÆ“č“¦ęˆ·äøåÆē”Øē„¶åŽčæ”å›žéžé›¶å€¼ć€‚å®ƒē”ØäŗŽä»£ę›æå·²ē»ē¦ē”Øēš„č“¦ęˆ·ēš„ shell å­—ę®µć€‚ -.PP -å¦‚ęžœč¦ē¦ē”Øꉀ꜉ē™»å½•ļ¼ŒčÆ·å‚č€ƒ -\fBnologin\fR(5)怂 -.SH "å‚č§" -.PP -\fBlogin\fR(1), -\fBnologin\fR(5)\&. -.SH "历史" -.PP -\fBnologin\fR -首ꬔå‡ŗēŽ°äŗŽ BSD 4\&.4怂 diff --git a/man/zh_CN/man8/pwck.8 b/man/zh_CN/man8/pwck.8 deleted file mode 100644 index fcf66450..00000000 --- a/man/zh_CN/man8/pwck.8 +++ /dev/null @@ -1,318 +0,0 @@ -'\" t -.\" Title: pwck -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "PWCK" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -pwck \- ę£€ęŸ„åƆē ę–‡ä»¶ēš„å®Œę•“ꀧ -.SH "大ēŗ²" -.HP \w'\fBpwck\fR\ 'u -\fBpwck\fR [选锹] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] -.SH "ꏏčæ°" -.PP -\fBpwck\fR -å‘½ä»¤ę£€ęŸ„ē”Øęˆ·åŠå…¶č®¤čƁäæ”ęÆēš„å®Œę•“ę€§ć€‚å®ƒę£€ęŸ„ -/etc/passwd -和 -/etc/shadow -ę ¼å¼ę­£ē”®ć€ę•°ę®ęœ‰ę•ˆć€‚å°†ä¼šęē¤ŗē”Øęˆ·åˆ é™¤ę ¼å¼äøę­£ē”®ęˆ–č€…ęœ‰å…¶å®ƒé”™čÆÆēš„é”¹ć€‚ -.PP -ę£€ęŸ„ēš„锹ē›®ęœ‰ļ¼š -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ę­£ē”®ēš„å­—ę®µę•° -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -äø€äøŖå”Æäø€äø”ęœ‰ę•ˆēš„ē”Øęˆ·å -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -äø€äøŖ꜉ꕈēš„ē”Øęˆ·å’Œē»„ę ‡čƆē¬¦ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -꜉ꕈēš„äø»ē»„ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -꜉ꕈēš„äø»ē›®å½• -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -꜉ꕈēš„ē™»å½• shell -.RE -.PP -å½“ęŒ‡å®šē¬¬äŗŒäøŖę–‡ä»¶å‚ę•°ęˆ– -/etc/shadow -åœØē³»ē»Ÿäø­å­˜åœØę—¶ļ¼ŒåÆē”Ø -shadow -ę£€ęŸ„ć€‚ -.PP -čæ™äŗ›ę£€ęŸ„ę˜Æļ¼š -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ęƏäøŖåƆē é”¹éƒ½ęœ‰åƹåŗ”ēš„影子ē›øļ¼Œåä¹‹äŗ¦ē„¶ć€‚ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -åƆē åœØ影子化äŗ†ēš„ꖇ件äø­ęŒ‡å®š -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -å½±å­é”¹ęœ‰ę­£ē”®ēš„å­—ę®µę•°ć€‚ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -影子锹åœØå½±å­ę–‡ä»¶äø­ę˜Æå”Æäø€ēš„ -.RE -.sp -.RS 4 -.ie n \{\ -\h'-04'\(bu\h'+03'\c -.\} -.el \{\ -.sp -1 -.IP \(bu 2.3 -.\} -ęœ€åŽäø€ę¬”ēš„åƆē ę›“ę”¹ę—¶é—“äøę˜Æč¢«č®¾ęˆäŗ†äø€äøŖå°†ę„ēš„ꗶ闓怂 -.RE -.PP -The checks for correct number of fields and unique user name are fatal\&. If the entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated user name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warning and the user is encouraged to run the -\fBusermod\fR -command to correct the error\&. -.PP -ę“ä½œ -/etc/passwd -ꖇ件ēš„čæ™äŗ›å‘½ä»¤äøčƒ½č­¦å‘ŠęŸåęˆ–重复ēš„ę”ē›®ļ¼Œčæ™äŗ›ęƒ…况äø‹ļ¼Œåŗ”čÆ„ä½æē”Ø -\fBpwck\fR -ę„ē§»é™¤čæ™å†™ęœ‰é—®é¢˜ēš„ę”ē›®ć€‚ -.SH "选锹" -.PP -\fB\-r\fR -和 -\fB\-s\fR -选锹äøčƒ½č”合ä½æē”Ø怂 -.PP -\fBpwck\fR -选锹åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -åŖęŠ„å‘Šé”™čÆÆ怂äøę˜¾ē¤ŗ那äŗ›äøéœ€č¦ē”Øęˆ·ę“ä½œēš„č­¦å‘Šć€‚ -.RE -.PP -\fB\-r\fR, \fB\-\-read\-only\fR -.RS 4 -åœØåŖčÆ»ęؔ式äø‹ę‰§č”Œ -\fBpwck\fR怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-sort\fR -.RS 4 -ę ¹ę® UID åœØ -/etc/passwd -和 -/etc/shadow -åƹ锹ē›®čæ›č”ŒęŽ’åŗć€‚ -.RE -.PP -默认äøŠļ¼Œ\fBpwck\fR -ę“ä½œę–‡ä»¶ -/etc/passwd -和 -/etc/shadow怂ē”Øęˆ·ä¹ŸåÆ仄ä½æē”Ø -\fIpasswd\fR -和 -\fIshadow\fR -å‚ę•°ę„é€‰ę‹©ę›æä»£ę–‡ä»¶ć€‚ -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -äø€äøŖåƆē åÆ仄ä½æē”Øēš„ęœ€å¤§å¤©ę•°ć€‚å¦‚ęžœåƆē ęƔčæ™ę—§ļ¼Œå°†ä¼šå¼ŗčæ«ę›“ę”¹åƆē ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå°±å‡å®šäøŗ \-1ļ¼Œčæ™ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -äø¤ę¬”ę›“ę”¹åƆē ę—¶é—“ēš„ęœ€å°é—“éš”ć€‚å°†ä¼šę‹’ē»ä»»ä½•ę—©äŗŽę­¤ēš„ę›“ę”¹åƆē ēš„尝čÆ•ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå‡å®šäøŗ \-1ļ¼Œå°†ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -åƆē čæ‡ęœŸä¹‹å‰ē»™å‡ŗč­¦å‘Šēš„å¤©ę•°ć€‚0 č”Øē¤ŗåŖ꜉åŖåœØčæ‡ęœŸēš„å½“å¤©č­¦å‘Šļ¼Œč“Ÿå€¼č”Øē¤ŗäøč­¦å‘Šć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œäøä¼šē»™č­¦å‘Šć€‚ -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "退å‡ŗ值" -.PP -\fBpwck\fR -å‘½ä»¤ęœ‰å¦‚äø‹čæ”回值ļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI1\fR -.RS 4 -ꗠꕈēš„命令čÆ­ę³• -.RE -.PP -\fI2\fR -.RS 4 -äø€äøŖęˆ–å¤šäøŖ错čÆÆēš„åƆē ę”ē›® -.RE -.PP -\fI3\fR -.RS 4 -ę— ę³•ę‰“å¼€åƆē ę–‡ä»¶ -.RE -.PP -\fI4\fR -.RS 4 -ę— ę³•é”å®šåƆē ę–‡ä»¶ -.RE -.PP -\fI5\fR -.RS 4 -ę— ę³•ę›“ę–°åƆē ę–‡ä»¶ -.RE -.PP -\fI6\fR -.RS 4 -ę— ę³•åœØåƆē ę–‡ä»¶äø­ęŽ’åŗ -.RE -.SH "å‚č§" -.PP -\fBgroup\fR(5), -\fBgrpck\fR(8), -\fBpasswd\fR(5), -\fBshadow\fR(5), -\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/pwconv.8 b/man/zh_CN/man8/pwconv.8 deleted file mode 100644 index 4a46d53b..00000000 --- a/man/zh_CN/man8/pwconv.8 +++ /dev/null @@ -1,187 +0,0 @@ -'\" t -.\" Title: pwconv -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "PWCONV" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -pwconv, pwunconv, grpconv, grpunconv \- åœØ影子åƆē å’Œē»„仄及其它ē›“ęŽ„č½¬ę¢ -.SH "大ēŗ²" -.HP \w'\fBpwconv\fR\ 'u -\fBpwconv\fR [\fI选锹\fR] -.HP \w'\fBpwunconv\fR\ 'u -\fBpwunconv\fR [\fI选锹\fR] -.HP \w'\fBgrpconv\fR\ 'u -\fBgrpconv\fR [\fI选锹\fR] -.HP \w'\fBgrpunconv\fR\ 'u -\fBgrpunconv\fR [\fI选锹\fR] -.SH "ꏏčæ°" -.PP -\fBpwconv\fR -命令ä½æē”Ø -\fIpasswd\fR -仄及åÆ选并已ē»å­˜åœØēš„ -\fIshadow\fR -ę„åˆ›å»ŗ -\fIshadow\fR怂 -.PP -\fBpwunconv\fR -命令ä½æē”Ø -\fIpasswd\fR -和 -\fIshadow\fR -ę„åˆ›å»ŗ -\fIpasswd\fRļ¼Œē„¶åŽē§»é™¤ -\fIshadow\fR怂 -.PP -\fBgrpconv\fR -从 -\fIgroup\fR -和åÆčƒ½å­˜åœØēš„ -\fIgshadow\fR -创å»ŗ -\fIgshadow\fR怂 -.PP -\fBgrpunconv\fR -命令从 -\fIgroup\fR -和 -\fIgshadow\fR -创å»ŗ -\fIgroup\fRļ¼Œē„¶åŽē§»é™¤ -\fIgshadow\fR怂 -.PP -čæ™å››äøŖē؋åŗéƒ½åÆä»„ę“ä½œę™®é€šęˆ–å½±å­åƆē å’Œē»„ꖇ件ļ¼š/etc/passwd, -/etc/group, -/etc/shadow -和 -/etc/gshadow怂 -.PP -č½¬ę¢å‰ļ¼ŒęƏäøŖē؋åŗéƒ½ä¼ščŽ·å–éœ€č¦ēš„锁怂\fBpwconv\fR -和 -\fBgrpconv\fR -也ē±»ä¼¼ć€‚首先删除ļ¼Œå­˜åœØäŗŽåœØå½±å­ę–‡ä»¶äø­ļ¼Œä½†åœØäø»ę–‡ä»¶äø­å“ę²”ęœ‰ēš„ę”ē›®ļ¼›ē„¶åŽļ¼Œę›“ꖰåœØäø»ę–‡ä»¶äø­äøä½æē”Ø\(lqx\(rq作äøŗåƆē ēš„å½±å­ę”ē›®ļ¼Œä¼šę·»åŠ ę‰€ęœ‰ē¼ŗ失ēš„ę”ē›®ļ¼›ęœ€åŽļ¼Œå°†äø»ę–‡ä»¶äø­ēš„åƆē ę›æę¢äøŗ\(lqx\(rq怂čæ™äø¤äøŖå·„å…·åÆ仄ē”ØäŗŽåˆå§‹č½¬ę¢ä»„åŠę ¹ę®ę‰‹åŠØē¼–č¾‘ēš„äø»ę–‡ä»¶ę›“ę–°å½±å­ę–‡ä»¶ć€‚ -.PP -\fBpwconv\fR -向 -/etc/shadow -ę·»åŠ ę”ē›®ę—¶ļ¼Œå°†ä½æē”Ø/etc/login\&.defs -äø­ēš„ -\fIPASS_MIN_DAYS\fR, -\fIPASS_MAX_DAYS\fR -和 -\fIPASS_WARN_AGE\fR -å€¼ć€‚ -.PP -\fBpwunconv\fR -和 -\fBgrpunconv\fR -äøŽę­¤ē±»ä¼¼ć€‚äø»ę–‡ä»¶äø­ēš„åƆē ä¼šę ¹ę®å½±å­ę–‡ä»¶ę›“ꖰ怂åœØäø»ę–‡ä»¶äø­å­˜åœØļ¼Œä½†äøåœØå½±å­ę–‡ä»¶äø­ēš„ę”ē›®å•ē‹¬ē•™äø‹ć€‚ęœ€åŽļ¼Œē§»é™¤å½±å­ę–‡ä»¶ć€‚äø€äŗ›åƆē å¹“龄äæ”ęÆ会因äøŗ -\fBpwunconv\fR -而äø¢å¤±ć€‚它åŖč½¬ę¢å®ƒåÆä»„č½¬ę¢ēš„怂 -.SH "选锹" -.PP -\fBpwconv\fR, -\fBpwunconv\fR, -\fBgrpconv\fR -和 -\fBgrpunconv\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.SH "ē¼ŗ陷" -.PP -åœØ passwd ꈖ group ꖇ件äø­ęœ‰é”™čÆÆ(ęƔ如ļ¼Œęœ‰é‡å¤ę”ē›®)åÆčƒ½ä¼šé€ ęˆčæ™äŗ›ē؋åŗę­»å¾ŖēŽÆęˆ–č€…ä»„å„‡ę€Ŗēš„ę–¹å¼å¤±č“„怂åœØč½¬ę¢č‡Ŗļ¼Œęˆ–č½¬ę¢åˆ°å½±å­åƆē ęˆ–ē»„ę–‡ä»¶å‰ļ¼ŒčÆ·čæč”Œ -\fBpwck\fR -和 -\fBgrpck\fR -ę„äæ®ę­£ę­¤ē±»é”™čÆÆ怂 -.SH "配ē½®ę–‡ä»¶" -.PP -/etc/login\&.defs -äø­ēš„如äø‹é…ē½®å˜é‡ę”¹å˜ -\fBgrpconv\fR -和 -\fBgrpunconv\fR -ēš„č”Œäøŗļ¼š -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -/etc/login\&.defs -äø­ēš„如äø‹é…ē½®å˜é‡ę”¹å˜ -\fBpwconv\fR -ēš„č”Œäøŗļ¼š -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -äø€äøŖåƆē åÆ仄ä½æē”Øēš„ęœ€å¤§å¤©ę•°ć€‚å¦‚ęžœåƆē ęƔčæ™ę—§ļ¼Œå°†ä¼šå¼ŗčæ«ę›“ę”¹åƆē ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå°±å‡å®šäøŗ \-1ļ¼Œčæ™ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -äø¤ę¬”ę›“ę”¹åƆē ę—¶é—“ēš„ęœ€å°é—“éš”ć€‚å°†ä¼šę‹’ē»ä»»ä½•ę—©äŗŽę­¤ēš„ę›“ę”¹åƆē ēš„尝čÆ•ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå‡å®šäøŗ \-1ļ¼Œå°†ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -åƆē čæ‡ęœŸä¹‹å‰ē»™å‡ŗč­¦å‘Šēš„å¤©ę•°ć€‚0 č”Øē¤ŗåŖ꜉åŖåœØčæ‡ęœŸēš„å½“å¤©č­¦å‘Šļ¼Œč“Ÿå€¼č”Øē¤ŗäøč­¦å‘Šć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œäøä¼šē»™č­¦å‘Šć€‚ -.RE -.SH "ꖇ件" -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "å‚č§" -.PP -\fBgrpck\fR(8), -\fBlogin.defs\fR(5), -\fBpwck\fR(8)\&. diff --git a/man/zh_CN/man8/pwunconv.8 b/man/zh_CN/man8/pwunconv.8 deleted file mode 100644 index 6eed9e8b..00000000 --- a/man/zh_CN/man8/pwunconv.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/pwconv.8 diff --git a/man/zh_CN/man8/sulogin.8 b/man/zh_CN/man8/sulogin.8 deleted file mode 100644 index 15ca901a..00000000 --- a/man/zh_CN/man8/sulogin.8 +++ /dev/null @@ -1,116 +0,0 @@ -'\" t -.\" Title: sulogin -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "SULOGIN" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -sulogin \- Single\-user login -.SH "SYNTAX" -.PP -\fBsulogin\fR -[\fItty\-device\fR] -.SH "ꏏčæ°" -.PP -The -\fBsulogin\fR -command is invoked by -\fBinit\fR -prior to allowing the user access to the system when in single user mode\&. This feature may only be available on certain systems where -\fBinit\fR -has been modified accordingly, or where the -/etc/inittab -has an entry for a single user login\&. -.PP -The user is prompted -.PP -Type control\-d to proceed with normal startup, (or give root password for system maintenance): -.PP -Input and output will be performed with the standard file descriptors unless the optional device name argument is provided\&. -.PP -If the user enters the correct root password, a login session is initiated\&. When -\fIEOF\fR -is pressed instead, the system enters multi\-user mode\&. -.PP -After the user exits the single\-user shell, or presses -\fIEOF\fR, the system begins the initialization process required to enter multi\-user mode\&. -.SH "CAVEATS" -.PP -This command can only be used if -\fBinit\fR -has been modified to call -\fBsulogin\fR -instead of -/bin/sh, or if the user has set the -\fIinittab\fR -to support a single user login\&. For example, the line: -.PP -co:s:respawn:/etc/sulogin /dev/console -.PP -should execute the sulogin command in single user mode\&. -.PP -As complete an environment as possible is created\&. However, various devices may be unmounted or uninitialized and many of the user commands may be unavailable or nonfunctional as a result\&. -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBENV_HZ\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œå°†ä¼šē”ØäŗŽåœØē”Øꈷē™»å½•ę—¶å®šä¹‰ HZ ēŽÆå¢ƒå˜é‡ć€‚å€¼åæ…锻仄 -\fIHZ=\fR -å¼€å¤“ć€‚Linux äøŠēš„åøøē”Ø值ę˜Æ -\fIHZ=100\fR怂 -.RE -.PP -\fBENV_TZ\fR (string) -.RS 4 -å¦‚ęžœč®¾ē½®äŗ†ļ¼Œå®ƒå°†ē”ØäŗŽåœØē”Øꈷē™»å½•ę—¶å®šä¹‰ TZ ēŽÆå¢ƒå˜é‡ć€‚ę­¤å€¼åÆ仄ę˜Æ仄 -\fITZ=\fR -开夓ēš„ę—¶åŒŗ名(例如 -\fITZ=CST6CDT\fR)ļ¼Œęˆ–者ę˜ÆåŒ…å«ę—¶åŒŗč§„åˆ™ēš„ę–‡ä»¶å®Œę•“č·Æ径(例如 -/etc/tzname)怂 -.sp -å¦‚ęžœå°†å®Œę•“č·Æå¾„ęŒ‡å®šäøŗäŗ†äø€äøŖäøå­˜åœØꈖäøåÆčÆ»ēš„ꖇ件ļ¼Œåˆ™é»˜č®¤ä½æē”Ø -\fITZ=CST6CDT\fR怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBlogin\fR(1), -\fBsh\fR(1), -\fBinit\fR(8)\&. diff --git a/man/zh_CN/man8/useradd.8 b/man/zh_CN/man8/useradd.8 deleted file mode 100644 index 30f5c73c..00000000 --- a/man/zh_CN/man8/useradd.8 +++ /dev/null @@ -1,738 +0,0 @@ -'\" t -.\" Title: useradd -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "USERADD" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -useradd \- 创å»ŗäø€äøŖꖰē”Øęˆ·ęˆ–ę›“ę–°é»˜č®¤ę–°ē”Øꈷäæ”ęÆ -.SH "大ēŗ²" -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR [\fI选锹\fR] \fIē™»å½•\fR -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D -.HP \w'\fBuseradd\fR\ 'u -\fBuseradd\fR \-D [\fI选锹\fR] -.SH "ꏏčæ°" -.PP -å¦‚ęžœä½æē”Øę—¶äøåø¦ -\fB\-D\fR -选锹ļ¼Œ\fBuseradd\fR -命令ä½æē”Øå‘½ä»¤č”ŒäøŠęŒ‡å®šēš„值和ē³»ē»Ÿēš„é»˜č®¤å€¼åˆ›å»ŗäø€äøŖꖰē”Øęˆ·ć€‚ę ¹ę®å‘½ä»¤č”Œé€‰é”¹ļ¼Œ\fBuseradd\fR -å‘½ä»¤ä¹Ÿä¼šę›“ę–°ē³»ē»Ÿę–‡ä»¶å’Œåˆ›å»ŗꖰē”Øꈷēš„äø»ē›®å½•å¹¶å¤åˆ¶åˆå§‹ę–‡ä»¶ć€‚ -.PP -默认äøŠļ¼Œä¹Ÿä¼šäøŗē”Øęˆ·åˆ›å»ŗē»„ (åƟēœ‹ -\fB\-g\fR, -\fB\-N\fR, -\fB\-U\fRļ¼Œå’Œ -\fBUSERGROUPS_ENAB\fR)怂 -.SH "选锹" -.PP -\fBuseradd\fR -åÆ仄ä½æē”Øēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR -.RS 4 -å¦‚ęžœę²”ęœ‰ä½æē”Ø -\fB\-d\fR\ \&\fIHOME_DIR\fRļ¼Œåˆ™ä½æē”Ø默认ēš„åŸŗē›®å½•ć€‚\fIBASE_DIR\fR -加äøŠč“¦ęˆ·åå°±ę˜Æäø»ē›®å½•ć€‚å¦‚ęžœę²”꜉ä½æē”Ø -\fB\-m\fR -选锹ļ¼Œ\fIBASE_DIR\fR -åæ…锻已ē»å­˜åœØ怂 -.sp -å¦‚ęžœé€‰é”¹ę²”ęœ‰ęŒ‡å®šļ¼Œ\fBuseradd\fR -将ä½æē”Ø -/etc/default/useradd -äø­ēš„ -\fBHOME\fR -变量ļ¼Œęˆ–č€…é»˜č®¤ēš„ -/home怂 -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR -.RS 4 -任何字ē¬¦äø²ć€‚通åøøę˜Æ关äŗŽē™»å½•ēš„ē®€ēŸ­ęčæ°ļ¼Œå½“前ē”ØäŗŽē”Øꈷå…Øåć€‚ -.RE -.PP -\fB\-d\fR, \fB\-\-home\-dir\fR\ \&\fIHOME_DIR\fR -.RS 4 -将创å»ŗꖰē”Øꈷļ¼Œå¹¶ä½æē”Ø -\fIHOME_DIR\fR -作äøŗē”Øꈷē™»é™†ē›®å½•ēš„å€¼ć€‚é»˜č®¤å€¼ę˜Æ将 -\fILOGIN\fR -名附加到 -\fIBASE_DIR\fR -后面ļ¼Œå¹¶ä½æē”Øčæ™ä½œäøŗē™»é™†ē›®å½•ć€‚ē›®å½•äøäø€å®šåæ…锻已ē»å­˜åœØ -\fIHOME_DIR\fRļ¼Œä½†ę˜Æ会åœØéœ€č¦ę—¶åˆ›å»ŗ怂 -.RE -.PP -\fB\-D\fR, \fB\-\-defaults\fR -.RS 4 -ēœ‹äø‹č¾¹ļ¼Œ\(lqę›“ę”¹é»˜č®¤å€¼\(rqå­čŠ‚ć€‚ -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -ē”Øęˆ·č“¦ęˆ·å°†č¢«ē¦ē”Øēš„ę—„ęœŸć€‚ę—„ęœŸä»„ -\fIYYYY\-MM\-DD\fR -ę ¼å¼ęŒ‡å®šć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œ\fBuseradd\fR -将ä½æē”Ø -/etc/default/useradd -äø­ -\fBEXPIRE\fR -å˜é‡ęŒ‡å®šēš„é»˜č®¤čæ‡ęœŸę—„ꜟļ¼Œęˆ–者äø€äøŖē©ŗ字ē¬¦äø²(äøčæ‡ęœŸ)怂 -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -åƆē čæ‡ęœŸåŽļ¼Œč“¦ęˆ·č¢«å½»åŗ•ē¦ē”Ø之前ēš„å¤©ę•°ć€‚0 č”Øē¤ŗē«‹å³ē¦ē”Øļ¼Œ\-1 č”Øē¤ŗē¦ē”Øčæ™äøŖåŠŸčƒ½ć€‚ -.sp -å¦‚ęžœęœŖęŒ‡å®šļ¼Œ\fBuseradd\fR -将ä½æē”Ø -/etc/default/useradd -äø­ēš„ -\fBINACTIVE\fR -ęŒ‡å®šēš„é»˜č®¤ē¦ē”Øå‘Øꜟļ¼Œęˆ–č€…é»˜č®¤äøŗ \-1怂 -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -ē”Øęˆ·åˆå§‹ē™»é™†ē»„ēš„ē»„åęˆ–å·ē ć€‚ē»„名åæ…锻已ē»å­˜åœØ怂ē»„号ē åæ…é”»ęŒ‡ä»£å·²ē»å­˜åœØēš„ē»„怂 -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œ -\fBuseradd\fR -ēš„č”Œäøŗå°†ä¾čµ–äŗŽ -/etc/login\&.defs -ꖇ件äø­ēš„ -\fBUSERGROUPS_ENAB\fR -å‚ę•°ć€‚å¦‚ęžœę­¤å‚ę•°č®¾ē½®äøŗäŗ† -\fIyes\fR -(ꈖ者åœØå‘½ä»¤č”ŒäøŠęŒ‡å®šäŗ† -\fB\-U/\-\-user\-group\fR)ļ¼Œå°†ä¼šäøŗē”Øęˆ·åˆ›å»ŗäø€äøŖē»„ļ¼Œē»„名和ē™»å½•åē›øåŒć€‚å¦‚ęžœé€‰é”¹č®¾ē½®äøŗäŗ† -\fIno\fR -(ꈖ者åœØå‘½ä»¤č”ŒäøŠęŒ‡å®šäŗ† -\fB\-N/\-\-no\-user\-group\fR)ļ¼Œuseradd ä¼šęŠŠę–°ē”Øꈷēš„äø»ē»„č®¾ē½®äøŗ -/etc/default/useradd -äø­ -\fBGROUP\fR -å˜é‡ęŒ‡å®šēš„值ļ¼Œå†ęˆ–č€…é»˜č®¤ę˜Æ 100怂 -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] -.RS 4 -ē”Øꈷčæ˜å±žäŗŽēš„附加ē»„列č”Ø怂ęƏäøŖē»„都ē”Ø逗号隔开ļ¼Œę²”꜉äø­é—“ēš„ē©ŗę ¼ć€‚čæ™é‡Œēš„ē»„受到äŗ† -\fB\-g\fR -选锹ē»™å®šēš„ē»„åŒę ·ēš„é™åˆ¶ć€‚é»˜č®¤äøŠļ¼Œē”ØꈷåŖ属äŗŽåˆå§‹ē»„怂 -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-k\fR, \fB\-\-skel\fR\ \&\fISKEL_DIR\fR -.RS 4 -éŖØꞶē›®å½•ļ¼ŒåŒ…含ä½æē”Ø -\fBuseradd\fR -创å»ŗē”Øęˆ·ę—¶ļ¼Œč¦å¤åˆ¶åˆ°ē”Øꈷäø»ē›®å½•äø­ēš„ę–‡ä»¶å’Œē›®å½•ć€‚ -.sp -čæ™äøŖ选锹åŖ꜉åœØęŒ‡å®š -\fB\-m\fR -(ꈖ -\fB\-\-create\-home\fR) é€‰é”¹ę—¶ę‰ęœ‰ę•ˆć€‚ -.sp -å¦‚ęžœę­¤é”¹ę²”ęœ‰č®¾ē½®ļ¼ŒéŖØꞶē›®å½•ä½æē”Ø -/etc/default/useradd -äø­ēš„ -\fBSKEL\fR -ēš„å˜é‡ęˆ–é»˜č®¤äøŗ -/etc/skel怂 -.sp -å¦‚ęžœåÆ仄ļ¼Œä¹Ÿå¤åˆ¶ ACL å’Œę‰©å±•å±žę€§ć€‚ -.RE -.PP -\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR -.RS 4 -é»˜č®¤č¦†ē›– -/etc/login\&.defs -(\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBUMASK\fR, -\fBPASS_MAX_DAYS\fR -及其它)怂 -例如ļ¼š\fB\-K\fR\ \&\fIPASS_MAX_DAYS\fR=\fI\-1\fR -åÆ仄ē”ØäŗŽåˆ›å»ŗäø€äøŖåƆē äøä¼ščæ‡ęœŸēš„ē³»ē»Ÿč“¦ęˆ·ļ¼Œå³ä½æē³»ē»Ÿč“¦ęˆ·ę²”꜉åƆē ć€‚åÆä»„ęŒ‡å®šå¤šäøŖ -\fB\-K\fR -选锹ļ¼Œå¦‚ļ¼š\fB\-K\fR\ \&\fIUID_MIN\fR=\fI100\fR\ \&\fB\-K\fR\ \&\fIUID_MAX\fR=\fI499\fR -.RE -.PP -\fB\-l\fR, \fB\-\-no\-log\-init\fR -.RS 4 -äøč¦å°†ē”Øęˆ·ę·»åŠ åˆ°ęœ€čæ‘ē™»å½•å’Œē™»å½•å¤±č“„ę•°ę®åŗ“怂 -.sp -默认äøŠļ¼Œęœ€čæ‘ē™»å½•å’Œē™»å½•å¤±č“„äø­ē”Øꈷēš„ę”ē›®ä¼šč¢«é‡ē½®ļ¼Œä»„éæå…é‡ę–°ä½æē”Ø先前删除ēš„ē”Øꈷēš„ę”ē›®ć€‚ -.RE -.PP -\fB\-m\fR, \fB\-\-create\-home\fR -.RS 4 -å¦‚ęžœäøå­˜åœØļ¼Œåˆ™åˆ›å»ŗē”Øꈷäø»ē›®å½•ć€‚éŖØꞶē›®å½•äø­ēš„ę–‡ä»¶å’Œē›®å½•(åÆ仄ä½æē”Ø -\fB\-k\fR -é€‰é”¹ęŒ‡å®š)ļ¼Œå°†ä¼šå¤åˆ¶åˆ°äø»ē›®å½•ć€‚ -.sp -默认äøŠļ¼Œå¦‚ęžœę²”ęœ‰ęŒ‡å®šę­¤é€‰é”¹å¹¶äø” -\fBCREATE_HOME\fR -ę²”ęœ‰åÆē”Øļ¼Œäøä¼šåˆ›å»ŗäø»ē›®å½•ć€‚ -.RE -.PP -\fB\-M\fR -.RS 4 -äøåˆ›å»ŗē”Øꈷäø»ē›®å½•ļ¼Œå³ä½æē³»ē»ŸåœØ -/etc/login\&.defs -äø­ēš„č®¾ē½® (\fBCREATE_HOME\fR) äøŗ -\fIyes\fR怂 -.RE -.PP -\fB\-N\fR, \fB\-\-no\-user\-group\fR -.RS 4 -äøč¦åˆ›å»ŗ同名ē»„ļ¼Œč€Œę˜Æ将ē”Øęˆ·ę·»åŠ åˆ° -\fB\-g\fR -é€‰é”¹ęŒ‡å®šēš„ē»„ļ¼Œęˆ–ę ¹ę® -/etc/default/useradd -äø­ēš„ -\fBGROUP\fR -å˜é‡ć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®š -\fB\-g\fR, -\fB\-N\fR -和 -\fB\-U\fR -选锹ļ¼Œé»˜č®¤č”Œäøŗē”± -/etc/login\&.defs -äø­ēš„ -\fBUSERGROUPS_ENAB\fR -å˜é‡ęŒ‡å®šć€‚ -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -允č®øä½æē”Ø重复ēš„ UID 创å»ŗē”Øęˆ·č“¦ęˆ·ć€‚ -.sp -ę­¤é€‰é”¹åŖęœ‰å’Œ -\fB\-u\fR -选锹ē»„合ä½æē”Øꉍ꜉ꕈ怂 -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -加åƆäŗ†ēš„åƆē ļ¼Œå°±åƒ -\fBcrypt\fR(3) -ēš„čæ”å›žå€¼ć€‚é»˜č®¤äøŗē¦ē”ØåƆē ć€‚ -.sp -\fBę³Øꄏļ¼š\fRäøęŽØ荐ä½æē”Øčæ™äøŖ选锹ļ¼Œå› äøŗåƆē (ęˆ–åŠ åƆčæ‡ēš„åƆē )ä¼šč¢«ē”Øęˆ·é€ščæ‡åˆ—å‡ŗčæ™äøŖčæ‡ēØ‹č€Œēœ‹åˆ°ć€‚ -.sp -ę‚Øåŗ”čÆ„ē”®äæåƆē ē¬¦åˆē³»ē»Ÿēš„åƆē ę”æē­–怂 -.RE -.PP -\fB\-r\fR, \fB\-\-system\fR -.RS 4 -创å»ŗäø€äøŖē³»ē»Ÿč“¦ęˆ·ć€‚ -.sp -System users will be created with no aging information in -/etc/shadow, and their numeric identifiers are chosen in the -\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR -range, defined in -/etc/login\&.defs, instead of -\fBUID_MIN\fR\-\fBUID_MAX\fR -(and their -\fBGID\fR -counterparts for the creation of groups)\&. -.sp -ę³Øꄏļ¼š\fBuseradd\fR -äøä¼šäøŗčæ™ē§ē”Øęˆ·åˆ›å»ŗäø»ē›®å½•ļ¼Œę— č®ŗ -/etc/login\&.defs -(\fBCREATE_HOME\fR) äø­ę˜Æēš„é»˜č®¤č®¾ē½®ę˜Æę€Žę ·ć€‚å¦‚ęžœęƒ³äøŗč¦åˆ›å»ŗēš„ē³»ē»Ÿč“¦ęˆ·åˆ›å»ŗäø»ē›®å½•ļ¼Œéœ€č¦ęŒ‡å®š -\fB\-m\fR -é€‰é”¹ć€‚ -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -ē”Øꈷēš„ē™»å½• shell åć€‚é»˜č®¤äøŗē•™ē©ŗļ¼Œč®©ē³»ē»Ÿę ¹ę® -/etc/default/useradd -äø­ēš„ -\fBSHELL\fR -å˜é‡é€‰ę‹©é»˜č®¤ēš„ē™»å½• shellļ¼Œé»˜č®¤äøŗē©ŗ字ē¬¦äø²ć€‚ -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -ē”Øꈷ ID ēš„ę•°å­—å€¼ć€‚ę­¤å€¼åæ…é”»äøŗå”Æäø€ēš„ļ¼Œé™¤éžä½æē”Øäŗ† -\fB\-o\fR -é€‰é”¹ć€‚ę­¤å€¼åæ…é”»éžč“Ÿļ¼Œé»˜č®¤ä½æē”Ø大äŗŽē­‰äŗŽ -\fBUID_MIN\fRļ¼Œäø”大äŗŽä»»ä½•å…¶ä»–ē”Øꈷ ID ęœ€å°å€¼ć€‚ -.sp -čÆ·å‚č€ƒ -\fB\-r\fR -选锹和 -\fBUID_MAX\fR -ēš„ꏏčæ°ć€‚ -.RE -.PP -\fB\-U\fR, \fB\-\-user\-group\fR -.RS 4 -创å»ŗäø€äøŖ和ē”Øęˆ·åŒåēš„ē»„ļ¼Œå¹¶å°†ē”Øęˆ·ę·»åŠ åˆ°ē»„äø­ć€‚ -.sp -å¦‚ęžœę²”ęœ‰ęŒ‡å®š -\fB\-g\fR, -\fB\-N\fR -和 -\fB\-U\fR -选锹ļ¼Œé»˜č®¤č”Œäøŗē”± -/etc/login\&.defs -äø­ēš„ -\fBUSERGROUPS_ENAB\fR -å˜é‡ęŒ‡å®šć€‚ -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -ē”Øꈷē™»é™†ēš„ SELinux ē”Øęˆ·ć€‚é»˜č®¤äøŗē•™ē©ŗļ¼Œčæ™ä¼šé€ ęˆē³»ē»Ÿé€‰ę‹©é»˜č®¤ēš„ SELinux ē”Øęˆ·ć€‚ -.RE -.SS "ę›“ę”¹é»˜č®¤å€¼" -.PP -åŖåø¦ -\fB\-D\fR -选锹ä½æē”Øę—¶ļ¼Œ\fBuseradd\fR -å°†ę˜¾ē¤ŗ当前ēš„é»˜č®¤å€¼ć€‚\fB\-D\fR -和其它选锹配合ä½æē”Øę—¶ļ¼Œ\fBuseradd\fR -将äøŗęŒ‡å®šēš„é€‰é”¹ę›“ę–°é»˜č®¤å€¼ć€‚ęœ‰ę•ˆēš„\(lqę›“ę”¹é»˜č®¤å€¼\(rqé€‰é”¹ęœ‰ļ¼š -.PP -\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR -.RS 4 -ꖰē”Øꈷäø»ē›®å½•ēš„č·Æ径前ē¼€ć€‚å¦‚ęžœåˆ›å»ŗę–°č“¦ęˆ·ę—¶ļ¼Œę²”꜉ä½æē”Ø -\fB\-d\fR -选锹ļ¼Œē”Øꈷēš„名ē§°å°†ä¼šē¼€åœØ -\fIBASE_DIR\fR -ēš„åŽč¾¹å½¢ęˆę–°ē”Øꈷēš„äø»ē›®å½•åć€‚ -.sp -čæ™äøŖ选ꋩåœØ -/etc/default/useradd -äø­č®¾ē½® -\fBHOME\fR -é€‰é”¹ć€‚ -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -ē¦ē”Øę­¤ē”Øꈷ蓦ꈷēš„ę—„ꜟ怂 -.sp -ę­¤é€‰é”¹åœØ -/etc/default/useradd -äø­č®¾ē½® -\fBEXPIRE\fR -å˜é‡ć€‚ -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -åƆē čæ‡ęœŸåˆ°č“¦ęˆ·č¢«ē¦ē”Ø之前ēš„å¤©ę•°ć€‚ -.sp -čæ™äøŖ选锹åœØ -/etc/default/useradd -äø­č®¾ē½® -\fBINACTIVE\fR -å˜é‡ć€‚ -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -ꖰē”Øęˆ·åˆå§‹ē»„ēš„ē»„åęˆ– ID (ä½æē”Øäŗ† -\fB\-N/\-\-no\-user\-group\fR -ꈖ者 -/etc/login\&.defs -äø­ēš„变量 -\fBUSERGROUPS_ENAB\fR -č®¾ē½®äøŗ -\fIno\fR -ę—¶)怂ē»™å‡ŗēš„ē»„åæ…锻存åœØļ¼Œå¹¶äø”ę•°å­—ē»„ ID åæ…é”»ęœ‰äø€äøŖå·²ē»å­˜åœØēš„é”¹ć€‚ -.sp -čæ™äøŖ选锹åœØ -/etc/default/useradd -äø­č®¾ē½® -\fBGROUP\fR -å˜é‡ć€‚ -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -ꖰē”Øꈷēš„ē™»å½• shell åć€‚ -.sp -čæ™äøŖ选锹åœØ -/etc/default/useradd -č®¾ē½® -\fBSHELL\fR -å˜é‡ć€‚ -.RE -.SH "ę³Øꄏļ¼š" -.PP -ē³»ē»Ÿē®”ē†å‘˜č“Ÿč“£å°†é»˜č®¤ēš„ē”Øęˆ·ę–‡ä»¶ę”¾åœØ -/etc/skel/ -ē›®å½•äø­(ęˆ–č€…å‘½ä»¤č”ŒäøŠć€/etc/default/useradd -äø­ęŒ‡å®šēš„任何其它ē›®å½•)怂 -.SH "CAVEATS" -.PP -ę‚ØåÆčƒ½äøčƒ½ęƒ³ NIS ē»„ęˆ– LDAP ē»„ę·»åŠ ē”Øęˆ·ć€‚čæ™åŖčƒ½åœØē›øåŗ”ęœåŠ”å™ØäøŠčæ›č”Œć€‚ -.PP -ē›ø似地ļ¼Œå¦‚ęžœē”Øęˆ·åå·²ē»å­˜åœØäŗŽå¤–éƒØē”Øęˆ·ę•°ę®åŗ“äø­ļ¼ŒęƔ如 NIS ꈖ LDAPļ¼Œ\fBuseradd\fR -å°†ę‹’ē»åˆ›å»ŗē”Øꈷ蓦ꈷēš„čÆ·ę±‚ć€‚ -.PP -ē”Øęˆ·ååæ…锻仄äø€äøŖ小写字ęÆęˆ–äø‹åˆ’ēŗæ开始ļ¼Œč·Ÿéšå°å†™å­—ē¬¦ć€ę•°å­—态äø‹åˆ’ēŗæꈖčæžå­—ē¬¦ēš„ē»„åˆć€‚åÆ仄仄ē¾Žå…ƒē¬¦å·ē»“ęŸć€‚ē”Øę­£åˆ™č”Øč¾¾å¼č”Øē¤ŗå°±ę˜Æļ¼š[a\-z_][a\-z0\-9_\-]*[$]? -.PP -ē”Øęˆ·åäøčƒ½č¶…čæ‡ 32 äøŖ字ē¬¦é•æ怂 -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBCREATE_HOME\fR (boolean) -.RS 4 -ꌇē¤ŗę˜Æ否åŗ”čÆ„äøŗꖰē”Øęˆ·é»˜č®¤åˆ›å»ŗäø»ē›®å½•ć€‚ -.sp -ę­¤č®¾ē½®å¹¶äøåŗ”ē”Ø到ē³»ē»Ÿē”Øꈷļ¼Œå¹¶äø”åÆ仄ä½æē”Øå‘½ä»¤č”Œč¦†ē›–怂 -.RE -.PP -\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) -.RS 4 -\fBuseradd\fRļ¼Œ\fBgroupadd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„åøø规ē»„ēš„ē»„ ID ēš„čŒƒå›“怂 -.sp -\fBGID_MIN\fR -和 -\fBGID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 1000 和 60000怂 -.RE -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -邮ē®±ē›®å½•ć€‚äæ®ę”¹ęˆ–删除ē”Øęˆ·č“¦ęˆ·ę—¶éœ€č¦å¤„ē†é‚®ē®±ļ¼Œå¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œå°†ä½æē”Øē¼–čÆ‘ę—¶ęŒ‡å®šēš„é»˜č®¤å€¼ć€‚ -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -定义ē”Øęˆ·é‚®ē®±ę–‡ä»¶ēš„位ē½®(ē›øåƹäŗŽäø»ē›®å½•)怂 -.RE -.PP -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -变量ē”± -\fBuseradd\fRļ¼Œ\fBusermod\fR -和 -\fBuserdel\fR -ē”ØäŗŽåˆ›å»ŗ态ē§»åŠØęˆ–åˆ é™¤ē”Øęˆ·é‚®ē®±ć€‚ -.PP -å¦‚ęžœ -\fBMAIL_CHECK_ENAB\fR -č®¾ē½®äøŗ -\fIyes\fRļ¼Œå®ƒä»¬ä¹Ÿč¢«ē”ØäŗŽå®šä¹‰ -\fBMAIL\fR -ēŽÆå¢ƒå˜é‡ć€‚ -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -\fBPASS_MAX_DAYS\fR (number) -.RS 4 -äø€äøŖåƆē åÆ仄ä½æē”Øēš„ęœ€å¤§å¤©ę•°ć€‚å¦‚ęžœåƆē ęƔčæ™ę—§ļ¼Œå°†ä¼šå¼ŗčæ«ę›“ę”¹åƆē ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå°±å‡å®šäøŗ \-1ļ¼Œčæ™ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_MIN_DAYS\fR (number) -.RS 4 -äø¤ę¬”ę›“ę”¹åƆē ę—¶é—“ēš„ęœ€å°é—“éš”ć€‚å°†ä¼šę‹’ē»ä»»ä½•ę—©äŗŽę­¤ēš„ę›“ę”¹åƆē ēš„尝čÆ•ć€‚å¦‚ęžœäøęŒ‡å®šļ¼Œå‡å®šäøŗ \-1ļ¼Œå°†ä¼šē¦ē”Øčæ™äøŖé™åˆ¶ć€‚ -.RE -.PP -\fBPASS_WARN_AGE\fR (number) -.RS 4 -åƆē čæ‡ęœŸä¹‹å‰ē»™å‡ŗč­¦å‘Šēš„å¤©ę•°ć€‚0 č”Øē¤ŗåŖ꜉åŖåœØčæ‡ęœŸēš„å½“å¤©č­¦å‘Šļ¼Œč“Ÿå€¼č”Øē¤ŗäøč­¦å‘Šć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œäøä¼šē»™č­¦å‘Šć€‚ -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) -.RS 4 -\fBuseradd\fR态\fBgroupadd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ē³»ē»Ÿē»„ēš„ē»„ ID ēš„čŒƒå›“怂 -.sp -\fBSYS_GID_MIN\fR -和 -\fBSYS_GID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 101 和 -\fBGID_MIN\fR\-1怂 -.RE -.PP -\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) -.RS 4 -\fBuseradd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ē³»ē»Ÿē”Øꈷēš„ē”Øꈷ ID ēš„čŒƒå›“怂 -.sp -\fBSYS_UID_MIN\fR -和 -\fBSYS_UID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 101 和 -\fBUID_MIN\fR\-1怂 -.RE -.PP -\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) -.RS 4 -\fBuseradd\fR -ꈖ -\fBnewusers\fR -创å»ŗēš„ꙮ通ē”Øꈷēš„ē”Øꈷ ID ēš„čŒƒå›“怂 -.sp -\fBUID_MIN\fR -和 -\fBUID_MAX\fR -ēš„é»˜č®¤å€¼åˆ†åˆ«ę˜Æ 1000 和 60000怂 -.RE -.PP -\fBUMASK\fR (number) -.RS 4 -ꖇ件ęؔ式创å»ŗꎩē åˆå§‹åŒ–äøŗę­¤å€¼ć€‚å¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼ŒęŽ©ē åˆå§‹åŒ–äøŗ 022怂 -.sp -\fBuseradd\fR -和 -\fBnewusers\fR -ä½æē”Øꭤꎩē č®¾ē½®å®ƒä»¬åˆ›å»ŗēš„ē”Øꈷäø»ē›®å½•ēš„ęØ”å¼ć€‚ -.sp -ä¹Ÿč¢« -\fBlogin\fR -ē”ØäŗŽęŒ‡å®šē”Øꈷēš„初始 umask怂ę³Øꄏļ¼Œę­¤ęŽ©ē åÆä»„č¢«ē”Øꈷēš„ GECOS č”Œč¦†ē›–(å½“č®¾ē½®äŗ† -\fBQUOTAS_ENAB\fR -ę—¶)ļ¼Œä¹ŸåÆä»„č¢«åø¦ -\fIK\fR -ꌇē¤ŗē¬¦ēš„ -\fBlimits\fR(5) -定义ēš„é™åˆ¶å€¼č¦†ē›–怂 -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -å¦‚ęžœ uid 和 gid ē›ø同ļ¼Œē”Øęˆ·åå’Œäø»ē”Øęˆ·åä¹Ÿē›ø同ļ¼Œä½æ非 root ē»„ēš„ē»„ꎩē ä½å’Œå±žäø»ä½ē›ø同 (如ļ¼š022 \-> 002, 077 \-> 007)怂 -.sp -å¦‚ęžœč®¾ē½®äøŗ -\fIyes\fRļ¼Œå¦‚ęžœē»„äø­ę²”ęœ‰ęˆå‘˜äŗ†ļ¼Œ\fBuserdel\fR -将ē§»é™¤ę­¤ē”Øꈷē»„ļ¼Œ\fBuseradd\fR -创å»ŗē”Øęˆ·ę—¶ļ¼Œä¹Ÿä¼šåˆ›å»ŗäø€äøŖ同名ēš„é»˜č®¤ē»„怂 -.RE -.SH "ꖇ件" -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/default/useradd -.RS 4 -č“¦ęˆ·åˆ›å»ŗēš„é»˜č®¤å€¼ć€‚ -.RE -.PP -/etc/skel/ -.RS 4 -åŒ…å«é»˜č®¤ę–‡ä»¶ēš„ē›®å½•ć€‚ -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.SH "退å‡ŗ值" -.PP -\fBuseradd\fR -åÆ仄čæ”回如äø‹å€¼ļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI1\fR -.RS 4 -ę— ę³•ę›“ę–°åƆē ę–‡ä»¶ -.RE -.PP -\fI2\fR -.RS 4 -ꗠꕈēš„命令čÆ­ę³• -.RE -.PP -\fI3\fR -.RS 4 -ē»™äŗ†é€‰é”¹äø€äøŖꗠꕈēš„å‚ę•° -.RE -.PP -\fI4\fR -.RS 4 -UID å·²ē»ä½æē”Ø (äø”ę²”꜉ -\fB\-o\fR) -.RE -.PP -\fI6\fR -.RS 4 -ęŒ‡å®šēš„ē»„äøå­˜åœØ -.RE -.PP -\fI9\fR -.RS 4 -ē”Øęˆ·åå·²č¢«ä½æē”Ø -.RE -.PP -\fI10\fR -.RS 4 -ę— ę³•ę›“ę–°ē»„ꖇ件 -.RE -.PP -\fI12\fR -.RS 4 -ę— ę³•åˆ›å»ŗäø»ē›®å½• -.RE -.PP -\fI14\fR -.RS 4 -can\*(Aqt update SELinux user mapping -.RE -.SH "å‚č§" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBnewusers\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuserdel\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/userdel.8 b/man/zh_CN/man8/userdel.8 deleted file mode 100644 index 9a073b4c..00000000 --- a/man/zh_CN/man8/userdel.8 +++ /dev/null @@ -1,287 +0,0 @@ -'\" t -.\" Title: userdel -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "USERDEL" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -userdel \- 删除ē”Øęˆ·č“¦ęˆ·å’Œē›øå…³ę–‡ä»¶ -.SH "大ēŗ²" -.HP \w'\fBuserdel\fR\ 'u -\fBuserdel\fR [选锹] \fIē™»å½•\fR -.SH "ꏏčæ°" -.PP -\fBuserdel\fR -äæ®ę”¹ē³»ē»Ÿč“¦ęˆ·ę–‡ä»¶ļ¼Œåˆ é™¤äøŽē”Øęˆ·å -\fILOGIN\fR -ē›ø关ēš„ꉀ仄锹ē›®ć€‚ē»™å‡ŗēš„ē”Øęˆ·ååæ…锻存åœØ怂 -.SH "选锹" -.PP -\fBuserdel\fR -åÆ仄ä½æē”Øēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-f\fR, \fB\-\-force\fR -.RS 4 -ę­¤é€‰é”¹å¼ŗ制删除ē”Øꈷ蓦ꈷļ¼Œē”šč‡³ē”Øęˆ·ä»ē„¶åœØē™»å½•ēŠ¶ę€ć€‚它也å¼ŗ制 -\fBuserdel\fR -删除ē”Øꈷēš„äø»ē›®å½•å’Œé‚®ē®±ļ¼Œå³ä½æ其它ē”Øęˆ·ä¹Ÿä½æē”Ø同äø€äøŖäø»ē›®å½•ęˆ–é‚®ē®±äøå±žäŗŽęŒ‡å®šēš„ē”Øęˆ·ć€‚å¦‚ęžœ -/etc/login\&.defs -äø­ēš„ -\fBUSERGROUPS_ENAB\fR -定义äøŗ -\fIyes\fRļ¼Œå¹¶äø”å¦‚ęžœęœ‰äø€äøŖ和ē”Øęˆ·åŒåēš„ē»„ļ¼Œä¹Ÿä¼šåˆ é™¤ę­¤ē»„ļ¼Œå³ä½æ它仍ē„¶ę˜Æ别ēš„ē”Øꈷēš„äø»ē»„怂 -.sp -\fIę³Øꄏļ¼š\fRę­¤é€‰é”¹å±é™©ļ¼ŒåÆčƒ½ä¼šē “坏ē³»ē»Ÿēš„ēØ³å®šę€§ć€‚ -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-r\fR, \fB\-\-remove\fR -.RS 4 -ē”Øꈷäø»ē›®å½•äø­ēš„ę–‡ä»¶å°†éšē”Øꈷäø»ē›®å½•å’Œē”Øęˆ·é‚®ē®±äø€čµ·åˆ é™¤ć€‚åœØå…¶å®ƒę–‡ä»¶ē³»ē»Ÿäø­ēš„ꖇ件åæ…锻ꉋåŠØꐜē“¢å¹¶åˆ é™¤ć€‚ -.sp -邮ē®±åœØ -login\&.defs -ꖇ件äø­ēš„ -\fBMAIL_DIR\fR -变量äø­å®šä¹‰ć€‚ -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR -.RS 4 -ē§»é™¤ē”Øꈷē™»å½•ēš„ę‰€ęœ‰ SELinux ē”Øęˆ·ę˜ å°„ć€‚ -.RE -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -邮ē®±ē›®å½•ć€‚äæ®ę”¹ęˆ–删除ē”Øęˆ·č“¦ęˆ·ę—¶éœ€č¦å¤„ē†é‚®ē®±ļ¼Œå¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œå°†ä½æē”Øē¼–čÆ‘ę—¶ęŒ‡å®šēš„é»˜č®¤å€¼ć€‚ -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -定义ē”Øęˆ·é‚®ē®±ę–‡ä»¶ēš„位ē½®(ē›øåƹäŗŽäø»ē›®å½•)怂 -.RE -.PP -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -变量ē”± -\fBuseradd\fRļ¼Œ\fBusermod\fR -和 -\fBuserdel\fR -ē”ØäŗŽåˆ›å»ŗ态ē§»åŠØęˆ–åˆ é™¤ē”Øęˆ·é‚®ē®±ć€‚ -.PP -å¦‚ęžœ -\fBMAIL_CHECK_ENAB\fR -č®¾ē½®äøŗ -\fIyes\fRļ¼Œå®ƒä»¬ä¹Ÿč¢«ē”ØäŗŽå®šä¹‰ -\fBMAIL\fR -ēŽÆå¢ƒå˜é‡ć€‚ -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -\fBUSERDEL_CMD\fR (string) -.RS 4 -å¦‚ęžœå®šä¹‰äŗ†ļ¼Œčæ™ę˜Æåˆ é™¤č“¦ęˆ·ę—¶ę‰§č”Œēš„å‘½ä»¤ć€‚å®ƒåŗ”čÆ„ē§»é™¤ę‰€ęœ‰å±žäŗŽę­¤ē”Øꈷēš„ēš„ at/cron/print ē­‰ä½œäøš(作äøŗē¬¬äø€äøŖå‚ę•°ä¼ é€’)怂 -.sp -čæ™äøŖč„šęœ¬ēš„čæ”回值并äøč¢«åø¦åˆ°č“¦ęˆ·äø­åŽ»ć€‚ -.sp -čæ™ę˜Æäø€äøŖē¤ŗä¾‹č„šęœ¬ļ¼Œå®ƒē§»é™¤ē”Øꈷēš„ cron态at 和 print 作äøšļ¼š -.sp -.if n \{\ -.RS 4 -.\} -.nf -#! /bin/sh - -# ę£€ęŸ„éœ€č¦ēš„å‚ę•° -if [ $# != 1 ]; then - echo "Usage: $0 username" - exit 1 -fi - -# ē§»é™¤ cron 作äøš -crontab \-r \-u $1 - -# ē§»é™¤ at 作äøš -# ę³Øꄏčæ™å°†ē§»é™¤ę‰€ęœ‰å±žäŗŽåŒäø€äøŖ UID ēš„作äøš -# 即ä½æę­¤ ID ē”±å¤šäøŖē”Øęˆ·åå…±äŗ« -AT_SPOOL_DIR=/var/spool/cron/atjobs -find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; - -# ē§»é™¤ print 作äøš -lprm $1 - -# å…ØéƒØå®Œęˆ -exit 0 - -.fi -.if n \{\ -.RE -.\} -.RE -.PP -\fBUSERGROUPS_ENAB\fR (boolean) -.RS 4 -å¦‚ęžœ uid 和 gid ē›ø同ļ¼Œē”Øęˆ·åå’Œäø»ē”Øęˆ·åä¹Ÿē›ø同ļ¼Œä½æ非 root ē»„ēš„ē»„ꎩē ä½å’Œå±žäø»ä½ē›ø同 (如ļ¼š022 \-> 002, 077 \-> 007)怂 -.sp -å¦‚ęžœč®¾ē½®äøŗ -\fIyes\fRļ¼Œå¦‚ęžœē»„äø­ę²”ęœ‰ęˆå‘˜äŗ†ļ¼Œ\fBuserdel\fR -将ē§»é™¤ę­¤ē”Øꈷē»„ļ¼Œ\fBuseradd\fR -创å»ŗē”Øęˆ·ę—¶ļ¼Œä¹Ÿä¼šåˆ›å»ŗäø€äøŖ同名ēš„é»˜č®¤ē»„怂 -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "退å‡ŗ值" -.PP -\fBuserdel\fR -命令ä½æē”Ø如äø‹å€¼é€€å‡ŗļ¼š -.PP -\fI0\fR -.RS 4 -ęˆåŠŸ -.RE -.PP -\fI1\fR -.RS 4 -ę— ę³•ę›“ę–°åƆē ę–‡ä»¶ -.RE -.PP -\fI2\fR -.RS 4 -ꗠꕈēš„命令čÆ­ę³• -.RE -.PP -\fI6\fR -.RS 4 -ęŒ‡å®šēš„ē”Øꈷäøå­˜åœØ -.RE -.PP -\fI8\fR -.RS 4 -ē”Øęˆ·å·²ē»ē™»å½• -.RE -.PP -\fI10\fR -.RS 4 -ę— ę³•ę›“ę–°ē»„ꖇ件 -.RE -.PP -\fI12\fR -.RS 4 -ę— ę³•åˆ é™¤äø»ē›®å½• -.RE -.SH "CAVEATS" -.PP -å¦‚ęžœęŸč“¦ęˆ·ęœ‰ę­£åœØčæč”Œēš„čæ›ē؋ļ¼Œ\fBuserdel\fR -äøä¼šå…č®øę­¤č“¦ęˆ·ć€‚ę­¤ę—¶ļ¼Œę‚ØåÆčƒ½åæ…é”»č¦ę€ę­»é‚£å†™čæ›ēØ‹ęˆ–č€…é”å®šē”Øꈷēš„åƆē å’Œč“¦ęˆ·ļ¼Œå¹¶ēØåŽå†åˆ é™¤č“¦ęˆ·ć€‚\fB\-f\fR -选锹åÆ仄å¼ŗåˆ¶ę­¤åˆ é™¤č“¦ęˆ·ć€‚ -.PP -ę‚Øåŗ”čÆ„ę‰‹åŠØę£€ęŸ„ę‰€ä»„ę–‡ä»¶ē³»ē»Ÿļ¼Œä»„ē”®äæę²”꜉遗ē•™ę­¤ē”Øꈷēš„ꖇ件怂 -.PP -ę‚Øäøčƒ½åœØ NIS å®¢ęˆ·ē«ÆäøŠē§»é™¤ä»»ä½• NIS å±žę€§ć€‚čæ™åæ…é”»åœØ NIS ęœåŠ”å™ØäøŠę‰§č”Œć€‚ -.PP -å¦‚ęžœåœØ -/etc/login\&.defs -äø­ -\fBUSERGROUPS_ENAB\fR -č®¾ē½®äøŗ -\fIyes\fRļ¼Œ -\fBuserdel\fR -将删除同名ē»„怂äøŗäŗ†éæå…ęŸå passwd 和 group ę•°ę®åŗ“ļ¼Œ\fBuserdel\fR -å°†ä¼šę£€ęŸ„čæ™äøŖäø»ę˜Æå¦č¢«åˆ«ēš„ē”Øꈷē”Ø作äø»ē»„ļ¼Œå¦‚ęžœęœ‰ļ¼Œå°†åŖ发å‡ŗč­¦å‘Šå¹¶äøåˆ é™¤ę­¤ē»„怂\fB\-f\fR -选锹åÆ仄å¼ŗåˆ¶åˆ é™¤ę­¤ē»„怂 -.SH "å‚č§" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBlogin.defs\fR(5), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/usermod.8 b/man/zh_CN/man8/usermod.8 deleted file mode 100644 index 3fc021d5..00000000 --- a/man/zh_CN/man8/usermod.8 +++ /dev/null @@ -1,447 +0,0 @@ -'\" t -.\" Title: usermod -.\" Author: Julianne Frances Haugh -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "USERMOD" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -usermod \- äæ®ę”¹äø€äøŖē”Øꈷ蓦ꈷ -.SH "大ēŗ²" -.HP \w'\fBusermod\fR\ 'u -\fBusermod\fR [\fI选锹\fR] \fIē™»å½•\fR -.SH "ꏏčæ°" -.PP -\fBusermod\fR -äæ®ę”¹ē³»ē»Ÿč“¦ęˆ·ę–‡ä»¶å’ŒåœØå‘½ä»¤č”ŒäøŠęŒ‡å®šēš„ē›øå…³ę›“ę”¹ć€‚ -.SH "选锹" -.PP -\fBusermod\fR -åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-a\fR, \fB\-\-append\fR -.RS 4 -将ē”Øęˆ·ę·»åŠ åˆ°é™„åŠ ē»„怂åŖčƒ½å’Œ -\fB\-G\fR -选锹äø€čµ·ä½æē”Ø怂 -.RE -.PP -\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR -.RS 4 -ē”ØꈷåƆē ę–‡ä»¶äø­ę³Øé‡Šå­—ę®µēš„ę–°å€¼ć€‚é€šåøøä½æē”Ø -\fBchfn\fR(1) -å·„å…·åƹ其čæ›č”Œäæ®ę”¹ć€‚ -.RE -.PP -\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_DIR\fR -.RS 4 -ē”Øꈷēš„ę–°ē™»å½•ē›®å½•ć€‚ -.sp -å¦‚ęžœē»™äŗ† -\fB\-m\fR -选锹ļ¼Œå½“前äø»ē›®å½•ēš„内容将会ē§»åŠØåˆ°ę–°äø»ē›®å½•äø­ļ¼Œå¦‚ęžœäøå­˜åœØļ¼Œåˆ™åˆ›å»ŗ怂 -.RE -.PP -\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR -.RS 4 -ē”Øęˆ·č“¦ęˆ·å°†č¢«ē¦ē”Øēš„ę—„ęœŸć€‚ę—„ęœŸä»„ -\fIYYYY\-MM\-DD\fR -ę ¼å¼ęŒ‡å®šć€‚ -.sp -ē©ŗ -\fIEXPIRE_DATE\fR -å‚ę•°å°†ē¦ē”Ø蓦ꈷčæ‡ęœŸć€‚ -.sp -ę­¤é€‰é”¹éœ€č¦äø€äøŖ -/etc/passwd -ę–‡ä»¶ć€‚å¦‚ęžœę²”ęœ‰ļ¼Œå°†ä¼šåˆ›å»ŗäø€ę” -/etc/shadow -锹ē›®ć€‚ -.RE -.PP -\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR -.RS 4 -åƆē čæ‡ęœŸä¹‹åŽļ¼Œč“¦ęˆ·č¢«å½»åŗ•ē¦ē”Ø之前ēš„å¤©ę•°ć€‚ -.sp -0 č”Øē¤ŗåƆē čæ‡ęœŸę—¶ļ¼Œē«‹å³ē¦ē”Ø蓦ꈷļ¼›\-1 č”Øē¤ŗäøä½æē”Øčæ™äøŖåŠŸčƒ½ć€‚ -.sp -ę­¤é€‰é”¹éœ€č¦äø€äøŖ -/etc/passwd -ę–‡ä»¶ć€‚å¦‚ęžœę²”ęœ‰ļ¼Œå°†ä¼šåˆ›å»ŗäø€ę” -/etc/shadow -锹ē›®ć€‚ -.RE -.PP -\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR -.RS 4 -ē”Øꈷēš„ę–°åˆå§‹ē™»å½•ē»„ēš„ē»„åęˆ–ę•°å­—ä»£å·ć€‚ę­¤ē»„åæ…锻存åœØ怂 -.sp -ē”Øꈷäø»ē›®å½•äø­ļ¼Œå±žäŗŽåŽŸę„ēš„äø»ē»„ēš„ę–‡ä»¶å°†č½¬äŗ¤ę–°ē»„ę‰€ęœ‰ć€‚ -.sp -äø»ē›®å½•ä¹‹å¤–ēš„ę–‡ä»¶ę‰€å±žēš„ē»„åæ…锻ꉋåŠØäæ®ę”¹ć€‚ -.RE -.PP -\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] -.RS 4 -ē”Øꈷčæ˜å±žäŗŽēš„附加ē»„列č”Ø怂ē»„之闓ä½æē”Ø逗号分隔ļ¼Œę²”꜉ē©ŗę ¼ć€‚čæ™äŗ›ē»„éœ€č¦éµå®ˆå’Œ -\fB\-g\fR -选锹äø­ē»™ēš„ē»„åŒę ·ēš„é™åˆ¶ć€‚ -.sp -å¦‚ęžœē”Øęˆ·å½“å‰ę˜Æäø€äøŖē»„ēš„ęˆå‘˜ļ¼Œč€Œčæ™äøŖē»„ę²”ęœ‰åˆ—åœØčæ™é‡Œļ¼Œē”Øęˆ·å°†č¢«ä»Žé‚£äøŖē»„里ä¾æåˆ é™¤ć€‚čæ™äøŖč”ŒäøŗåÆ仄通čæ‡ -\fB\-a\fR -选锹äæ®ę”¹ļ¼Œčæ™ä½æē”Øꈷčæ½åŠ åˆ°ē»™å‡ŗēš„附加ē»„列č”Øäø­ć€‚ -.RE -.PP -\fB\-l\fR, \fB\-\-login\fR\ \&\fINEW_LOGIN\fR -.RS 4 -ē”Øꈷēš„名ē§°å°†ä¼šä»Ž -\fILOGIN\fR -äæ®ę”¹äøŗ -\fINEW_LOGIN\fR怂äøä¼šę›“ę”¹åˆ«ēš„任何äøœč„æ怂ē‰¹åˆ«ę˜Æļ¼Œē”Øꈷēš„äø»ē›®å½•åå’Œé‚®ä»¶ę± ä¹Ÿéœ€č¦ę‰‹åŠØäæ®ę”¹ä»„å’Œę–°ē™»å½•ååƹåŗ”怂 -.RE -.PP -\fB\-L\fR, \fB\-\-lock\fR -.RS 4 -锁定ē”Øꈷēš„åƆē ć€‚čæ™ä¼šåœØē”Øęˆ·åŠ åƆēš„åƆē ä¹‹å‰ę”¾ē½®äø€äøŖ\(lq!\(rqļ¼ŒåÆ仄åæ«é€Ÿē¦ē”ØåƆē ć€‚ę‚ØåÆ仄和 -\fB\-p\fR -ꈖ -\fB\-U\fR -配合ä½æē”Øę­¤é€‰é”¹ć€‚ -.sp -ę³Øꄏļ¼šå¦‚ęžœåøŒęœ›é”å®šč“¦ęˆ·(äøä»…ä»…ę˜Æ通čæ‡åƆē č®æ问)ļ¼Œę‚Øä¹Ÿéœ€č¦č®¾ē½® -\fIEXPIRE_DATE\fR -äøŗ -\fI1\fR怂 -.RE -.PP -\fB\-m\fR, \fB\-\-move\-home\fR -.RS 4 -将ē”Øꈷēš„äø»ē›®å½•ē§»åŠØåˆ°ę–°ä½ē½®ć€‚ -.sp -čæ™äøŖ选锹åŖęœ‰å’Œ -\fB\-d\fR -(ꈖ -\fB\-\-home\fR) 选锹ē»„合ä½æē”Øę—¶ę‰ęœ‰ę•ˆć€‚ -.sp -\fBusermod\fR -ä¼šę”¹å†™ę–‡ä»¶ēš„属äø»å¹¶å¤åˆ¶ęØ”å¼ć€ACL å’Œę‰©å±•å±žę€§ļ¼Œä½†ę˜Æē؍后也åÆčƒ½éœ€č¦ę‰‹åŠØäæ®ę”¹ć€‚ -.RE -.PP -\fB\-o\fR, \fB\-\-non\-unique\fR -.RS 4 -ä½æē”Ø -\fB\-u\fR -é€‰é”¹ę—¶ļ¼ŒåÆ仄将ē”Øꈷ ID ę”¹äøŗ非å”Æäø€ēš„å€¼ć€‚ -.RE -.PP -\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR -.RS 4 -å·²ē»åŠ åƆčæ‡ēš„åƆē ļ¼Œå°±åƒ -\fBcrypt\fR(3) -čæ”回ēš„é‚£ę ·ć€‚ -.sp -\fBę³Øꄏļ¼š\fRäøęŽØ荐ä½æē”Øčæ™äøŖ选锹ļ¼Œå› äøŗåƆē (ęˆ–åŠ åƆčæ‡ēš„åƆē )ä¼šč¢«ē”Øęˆ·é€ščæ‡åˆ—å‡ŗčæ™äøŖčæ‡ēØ‹č€Œēœ‹åˆ°ć€‚ -.sp -ę‚Øåŗ”čÆ„ē”®äæåƆē ē¬¦åˆē³»ē»Ÿēš„åƆē ę”æē­–怂 -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR -.RS 4 -ē”Øꈷēš„ę–°ē™»å½• shell ēš„名ē§°ć€‚å°†ę­¤å­—ę®µč®¾ē½®äøŗē©ŗä¼šč®©ē³»ē»Ÿé€‰ę‹©é»˜č®¤ēš„ē™»å½• shell怂 -.RE -.PP -\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR -.RS 4 -ē”Øꈷ ID ēš„ę–°ę•°å€¼ć€‚ -.sp -čæ™äøŖ值åæ…é”»ę˜Æå”Æäø€ēš„ļ¼Œé™¤éžä½æē”Øäŗ† -\fB\-o\fR -选锹ļ¼Œåæ…é”»ę˜Æéžč“Ÿå€¼ć€‚ -.sp -ē”Øꈷēš„é‚®ē®±ļ¼Œē”Øꈷäø»ē›®å½•äø­å±žäŗŽę­¤ē”Øꈷēš„ꖇ件ēš„属äø» ID 也将č‡ŖåŠØę›“ę”¹ć€‚ -.sp -ē”Øꈷäø»ē›®å½•ä¹‹å¤–ę–‡ä»¶ę‰€ęœ‰ęƒåæ…锻ꉋåŠØäæ®å¤ć€‚ -.sp -äøä¼šåƹ -/etc/login\&.defs -äø­ēš„ -\fBUID_MIN\fR, -\fBUID_MAX\fR, -\fBSYS_UID_MIN\fR -和 -\fBSYS_UID_MAX\fR -čæ›č”Œę£€ęŸ„怂 -.RE -.PP -\fB\-U\fR, \fB\-\-unlock\fR -.RS 4 -č§£é”ē”Øꈷēš„åƆē ć€‚čæ™å°†ē§»é™¤åŠ åƆēš„åƆē ä¹‹å‰ēš„\(lq!\(rq怂ę‚ØåÆä»„å°†ę­¤é€‰é”¹å’Œ -\fB\-p\fR -ꈖ -\fB\-L\fR -配合ä½æē”Ø怂 -.sp -ę³Øꄏļ¼šå¦‚ęžœę‚ØåøŒęœ›č§£é”č“¦ęˆ·(äøåŖę˜Æä½æē”ØåƆē č®æ问)ļ¼Œę‚Ø也åŗ”čÆ„č®¾ē½® -\fIEXPIRE_DATE\fR -(ä¾‹å¦‚č®¾ē½®äøŗ -\fI99999\fRļ¼Œęˆ–者 -/etc/default/useradd -äø­ēš„ -\fBEXPIRE\fR -值)怂 -.RE -.PP -\fB\-v\fR, \fB\-\-add\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate uids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-V\fR, \fB\-\-del\-sub\-uids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate uids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-uids\fR -and -\fB\-\-add\-sub\-uids\fR -are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, or -\fBSUB_UID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-w\fR, \fB\-\-add\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Add a range of subordinate gids to the user\*(Aqs account\&. -.sp -This option may be specified multiple times to add multiple ranges to a users account\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-W\fR, \fB\-\-del\-sub\-gids\fR\ \&\fIFIRST\fR\-\fILAST\fR -.RS 4 -Remove a range of subordinate gids from the user\*(Aqs account\&. -.sp -This option may be specified multiple times to remove multiple ranges to a users account\&. When both -\fB\-\-del\-sub\-gids\fR -and -\fB\-\-add\-sub\-gids\fR -are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. -.sp -No checks will be performed with regard to -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, or -\fBSUB_GID_COUNT\fR -from /etc/login\&.defs\&. -.RE -.PP -\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR -.RS 4 -ē”Øꈷē™»é™†ēš„ SELinux ē”Øęˆ·ć€‚ -.sp -ē©ŗēš„ -\fISEUSER\fR -将ē§»é™¤ē”Øꈷ -\fILOGIN\fR -ēš„ SELinux ē”Øęˆ·ę˜ å°„(å¦‚ęžœęœ‰)怂 -.RE -.SH "CAVEATS" -.PP -å¦‚ęžœč¦ę›“ę”¹ē”Øꈷēš„ę•°å­— ID态ē”Øęˆ·åęˆ–äø»ē›®å½•ļ¼Œéœ€č¦ē”®äæå…č®øå‘½ä»¤ę—¶ļ¼Œē”Øęˆ·ę²”ęœ‰ę‰§č”Œä»»ä½•čæ›ēØ‹ć€‚\fBusermod\fR -会åœØ Linux äøŠčæ›č”Œę£€ęŸ„ļ¼›ä½†ę˜ÆåœØ其它平台äøŠļ¼Œä»…ä»…ę ¹ę® utmp ę£€ęŸ„ē”Øꈷę˜Æ否已ē»ē™»å½•ć€‚ -.PP -ę‚Øåæ…锻ꉋåŠØę›“ę”¹ -\fBcrontab\fR -ę–‡ä»¶ęˆ– -\fBat\fR -作äøšēš„属äø»ć€‚ -.PP -ę‚Øåæ…é”»ę›“ę”¹ NIS ęœåŠ”å™ØäøŠēš„ NIS ē›øå…³å†…å®¹ć€‚ -.SH "配ē½®ę–‡ä»¶" -.PP -åœØ -/etc/login\&.defs -äø­ęœ‰å¦‚äø‹é…ē½®å˜é‡ļ¼ŒåÆ仄ē”Øę„ę›“ę”¹ę­¤å·„å…·ēš„č”Œäøŗļ¼š -.PP -\fBMAIL_DIR\fR (string) -.RS 4 -邮ē®±ē›®å½•ć€‚äæ®ę”¹ęˆ–删除ē”Øęˆ·č“¦ęˆ·ę—¶éœ€č¦å¤„ē†é‚®ē®±ļ¼Œå¦‚ęžœę²”ęœ‰ęŒ‡å®šļ¼Œå°†ä½æē”Øē¼–čÆ‘ę—¶ęŒ‡å®šēš„é»˜č®¤å€¼ć€‚ -.RE -.PP -\fBMAIL_FILE\fR (string) -.RS 4 -定义ē”Øęˆ·é‚®ē®±ę–‡ä»¶ēš„位ē½®(ē›øåƹäŗŽäø»ē›®å½•)怂 -.RE -.PP -\fBMAIL_DIR\fR -and -\fBMAIL_FILE\fR -变量ē”± -\fBuseradd\fRļ¼Œ\fBusermod\fR -和 -\fBuserdel\fR -ē”ØäŗŽåˆ›å»ŗ态ē§»åŠØęˆ–åˆ é™¤ē”Øęˆ·é‚®ē®±ć€‚ -.PP -å¦‚ęžœ -\fBMAIL_CHECK_ENAB\fR -č®¾ē½®äøŗ -\fIyes\fRļ¼Œå®ƒä»¬ä¹Ÿč¢«ē”ØäŗŽå®šä¹‰ -\fBMAIL\fR -ēŽÆå¢ƒå˜é‡ć€‚ -.PP -\fBMAX_MEMBERS_PER_GROUP\fR (number) -.RS 4 -ęƏäøŖē»„ę”ē›®ēš„ęœ€å¤§ęˆå‘˜ę•°ć€‚č¾¾åˆ°ęœ€å¤§å€¼ę—¶ļ¼ŒåœØ -/etc/group -开始äø€äøŖę–°ę”ē›®(č”Œ)(ä½æē”ØåŒę ·ēš„名ē§°ļ¼ŒåŒę ·ēš„åƆē ļ¼ŒåŒę ·ēš„ GID)怂 -.sp -é»˜č®¤å€¼ę˜Æ 0ļ¼Œę„å‘³ē€ē»„äø­ēš„ęˆå‘˜ę•°ę²”ęœ‰é™åˆ¶ć€‚ -.sp -ę­¤åŠŸčƒ½(分割ē»„)允č®ø限制ē»„ꖇ件äø­ēš„č”Œé•æåŗ¦ć€‚čæ™åƹäŗŽē”®äæ NIS ē»„ēš„č”ŒęƔé•æäŗŽ 1024 字ē¬¦ć€‚ -.sp -å¦‚ęžœč¦å¼ŗ制čæ™äøŖ限制ļ¼ŒåÆ仄ä½æē”Ø 25怂 -.sp -ę³Øꄏļ¼šåˆ†å‰²ē»„åÆčƒ½äøå—ę‰€ęœ‰å·„具ēš„ę”Æꌁ(ē”šč‡³åœØ Shadow 巄具集äø­)怂ę‚Øäøåŗ”čÆ„ä½æē”Øčæ™äøŖ变量ļ¼Œé™¤éžēœŸēš„éœ€č¦ć€‚ -.RE -.PP -\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate group IDs) allocate -\fBSUB_GID_COUNT\fR -unused group IDs from the range -\fBSUB_GID_MIN\fR -to -\fBSUB_GID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_GID_MIN\fR, -\fBSUB_GID_MAX\fR, -\fBSUB_GID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.PP -\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) -.RS 4 -If -/etc/subuid -exists, the commands -\fBuseradd\fR -and -\fBnewusers\fR -(unless the user already have subordinate user IDs) allocate -\fBSUB_UID_COUNT\fR -unused user IDs from the range -\fBSUB_UID_MIN\fR -to -\fBSUB_UID_MAX\fR -for each new user\&. -.sp -The default values for -\fBSUB_UID_MIN\fR, -\fBSUB_UID_MAX\fR, -\fBSUB_UID_COUNT\fR -are respectively 100000, 600100000 and 10000\&. -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/login\&.defs -.RS 4 -Shadow åƆē å„—件配ē½®ć€‚ -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/subgid -.RS 4 -Per user subordinate group IDs\&. -.RE -.PP -/etc/subuid -.RS 4 -Per user subordinate user IDs\&. -.RE -.SH "å‚č§" -.PP -\fBchfn\fR(1), -\fBchsh\fR(1), -\fBpasswd\fR(1), -\fBcrypt\fR(3), -\fBgpasswd\fR(8), -\fBgroupadd\fR(8), -\fBgroupdel\fR(8), -\fBgroupmod\fR(8), -\fBlogin.defs\fR(5), -\fBsubgid\fR(5), \fBsubuid\fR(5),\fBuseradd\fR(8), -\fBuserdel\fR(8)\&. diff --git a/man/zh_CN/man8/vigr.8 b/man/zh_CN/man8/vigr.8 deleted file mode 100644 index ff72d7ae..00000000 --- a/man/zh_CN/man8/vigr.8 +++ /dev/null @@ -1 +0,0 @@ -.so man8/vipw.8 diff --git a/man/zh_CN/man8/vipw.8 b/man/zh_CN/man8/vipw.8 deleted file mode 100644 index ea215dff..00000000 --- a/man/zh_CN/man8/vipw.8 +++ /dev/null @@ -1,134 +0,0 @@ -'\" t -.\" Title: vipw -.\" Author: Marek Micha\(/lkiewicz -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2014-05-09 -.\" Manual: ē³»ē»Ÿē®”ē†å‘½ä»¤ -.\" Source: shadow-utils 4.2 -.\" Language: Chinese Simplified -.\" -.TH "VIPW" "8" "2014-05-09" "shadow\-utils 4\&.2" "ē³»ē»Ÿē®”ē†å‘½ä»¤" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "名ē§°" -vipw, vigr \- ē¼–č¾‘åƆē ć€ē»„ć€å½±å­åƆē ęˆ–影子ē»„ꖇ件怂 -.SH "大ēŗ²" -.HP \w'\fBvipw\fR\ 'u -\fBvipw\fR [\fI选锹\fR] -.HP \w'\fBvigr\fR\ 'u -\fBvigr\fR [\fI选锹\fR] -.SH "ꏏčæ°" -.PP -\fBvipw\fR -和 -\fBvigr\fR -命令分别ē¼–č¾‘ -/etc/passwd -和 -/etc/group -ꖇ件怂ä½æē”Ø -\fB\-s\fR -ꠇčÆ†ę—¶ļ¼Œå°†ē¼–č¾‘čæ™äŗ›ę–‡ä»¶ēš„影子ē‰ˆļ¼Œå³åˆ†åˆ«äøŗ -/etc/shadow -和 -/etc/gshadow怂čæ™äŗ›ē؋åŗå°†č®¾ē½®ē›øåŗ”ēš„锁ļ¼Œä»„é˜²ę­¢ę–‡ä»¶ęŸåć€‚åÆ»ę‰¾ē¼–č¾‘å™Øę—¶ļ¼Œé¦–先尝čƕēŽÆ境变量 -\fB$VISUAL\fRļ¼Œē„¶åŽę˜ÆēŽÆ境变量 -\fB$EDITOR\fRļ¼Œęœ€åŽę˜Æ默认ē¼–č¾‘å™Ø -\fBvi\fR(1)怂 -.SH "选锹" -.PP -\fBvipw\fR -和 -\fBvigr\fR -命令åÆä»„ęŽ„å—ēš„é€‰é”¹ęœ‰ļ¼š -.PP -\fB\-g\fR, \fB\-\-group\fR -.RS 4 -ē¼–č¾‘ group ę•°ę®åŗ“怂 -.RE -.PP -\fB\-h\fR, \fB\-\-help\fR -.RS 4 -ēŽ°å®žåø®åŠ©äæ”ęÆ并退å‡ŗ怂 -.RE -.PP -\fB\-p\fR, \fB\-\-passwd\fR -.RS 4 -ē¼–č¾‘ passwd ę•°ę®åŗ“怂 -.RE -.PP -\fB\-q\fR, \fB\-\-quiet\fR -.RS 4 -安静ęØ”å¼ć€‚ -.RE -.PP -\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR -.RS 4 -Apply changes in the -\fICHROOT_DIR\fR -directory and use the configuration files from the -\fICHROOT_DIR\fR -directory\&. -.RE -.PP -\fB\-s\fR, \fB\-\-shadow\fR -.RS 4 -ē¼–č¾‘ shadow ꈖ gshadow ę•°ę®åŗ“怂 -.RE -.SH "ēŽÆ境变量" -.PP -\fBVISUAL\fR -.RS 4 -要ä½æē”Øēš„ē¼–č¾‘å™Ø怂 -.RE -.PP -\fBEDITOR\fR -.RS 4 -\fBVISUAL\fR -ę²”ęœ‰č®¾ē½®ēš„ęƒ…å†µäø‹ļ¼Œä½æē”Øēš„ē¼–č¾‘å™Ø怂 -.RE -.SH "ꖇ件" -.PP -/etc/group -.RS 4 -ē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/gshadow -.RS 4 -安å…Øē»„č“¦ęˆ·äæ”ęÆ怂 -.RE -.PP -/etc/passwd -.RS 4 -ē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.PP -/etc/shadow -.RS 4 -安å…Øē”Øꈷ蓦ꈷäæ”ęÆ怂 -.RE -.SH "å‚č§" -.PP -\fBvi\fR(1), -\fBgroup\fR(5), -\fBgshadow\fR(5), -\fBpasswd\fR(5), , -\fBshadow\fR(5)\&. diff --git a/man/zh_TW/Makefile.in b/man/zh_TW/Makefile.in deleted file mode 100644 index 8eee364c..00000000 --- a/man/zh_TW/Makefile.in +++ /dev/null @@ -1,641 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = man/zh_TW -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -SOURCES = -DIST_SOURCES = -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; -am__install_max = 40 -am__nobase_strip_setup = \ - srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` -am__nobase_strip = \ - for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" -am__nobase_list = $(am__nobase_strip_setup); \ - for p in $$list; do echo "$$p $$p"; done | \ - sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ - $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ - if (++n[$$2] == $(am__install_max)) \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' -am__base_list = \ - sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ - sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ - || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ - $(am__cd) "$$dir" && rm -f $$files; }; \ - } -man1dir = $(mandir)/man1 -am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ - -# man pages encoded in Big5 -mandir = @mandir@/zh_TW -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -man_MANS = \ - man1/chfn.1 \ - man1/chsh.1 \ - man8/chpasswd.8 \ - man1/newgrp.1 \ - man8/groupadd.8 \ - man8/groupdel.8 \ - man8/groupmod.8 \ - man5/passwd.5 \ - man1/su.1 \ - man8/useradd.8 \ - man8/userdel.8 \ - man8/usermod.8 - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu man/zh_TW/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu man/zh_TW/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man1dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.1[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ - done; } - -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man1dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.1[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) -install-man5: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man5dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.5[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ - done; } - -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man5dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.5[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) - @$(NORMAL_INSTALL) - @list1=''; \ - list2='$(man_MANS)'; \ - test -n "$(man8dir)" \ - && test -n "`echo $$list1$$list2`" \ - || exit 0; \ - echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ - { for i in $$list1; do echo "$$i"; done; \ - if test -n "$$list2"; then \ - for i in $$list2; do echo "$$i"; done \ - | sed -n '/\.8[a-z]*$$/p'; \ - fi; \ - } | while read p; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - echo "$$d$$p"; echo "$$p"; \ - done | \ - sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ - sed 'N;N;s,\n, ,g' | { \ - list=; while read file base inst; do \ - if test "$$base" = "$$inst"; then list="$$list $$file"; else \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ - fi; \ - done; \ - for i in $$list; do echo "$$i"; done | $(am__base_list) | \ - while read files; do \ - test -z "$$files" || { \ - echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ - $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ - done; } - -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list=''; test -n "$(man8dir)" || exit 0; \ - files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ - sed -n '/\.8[a-z]*$$/p'; \ - } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ - -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ - dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags TAGS: - -ctags CTAGS: - -cscope cscopelist: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(MANS) -installdirs: - for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: install-man1 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man - -uninstall-man: uninstall-man1 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: all all-am check check-am clean clean-generic clean-libtool \ - cscopelist-am ctags-am distclean distclean-generic \ - distclean-libtool distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-man5 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags-am uninstall \ - uninstall-am uninstall-man uninstall-man1 uninstall-man5 \ - uninstall-man8 - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/missing b/missing deleted file mode 100755 index cdea5149..00000000 --- a/missing +++ /dev/null @@ -1,215 +0,0 @@ -#! /bin/sh -# Common wrapper for a few potentially missing GNU programs. - -scriptversion=2012-06-26.16; # UTC - -# Copyright (C) 1996-2013 Free Software Foundation, Inc. -# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -if test $# -eq 0; then - echo 1>&2 "Try '$0 --help' for more information" - exit 1 -fi - -case $1 in - - --is-lightweight) - # Used by our autoconf macros to check whether the available missing - # script is modern enough. - exit 0 - ;; - - --run) - # Back-compat with the calling convention used by older automake. - shift - ;; - - -h|--h|--he|--hel|--help) - echo "\ -$0 [OPTION]... PROGRAM [ARGUMENT]... - -Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due -to PROGRAM being missing or too old. - -Options: - -h, --help display this help and exit - -v, --version output version information and exit - -Supported PROGRAM values: - aclocal autoconf autoheader autom4te automake makeinfo - bison yacc flex lex help2man - -Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and -'g' are ignored when checking the name. - -Send bug reports to <bug-automake@gnu.org>." - exit $? - ;; - - -v|--v|--ve|--ver|--vers|--versi|--versio|--version) - echo "missing $scriptversion (GNU Automake)" - exit $? - ;; - - -*) - echo 1>&2 "$0: unknown '$1' option" - echo 1>&2 "Try '$0 --help' for more information" - exit 1 - ;; - -esac - -# Run the given program, remember its exit status. -"$@"; st=$? - -# If it succeeded, we are done. -test $st -eq 0 && exit 0 - -# Also exit now if we it failed (or wasn't found), and '--version' was -# passed; such an option is passed most likely to detect whether the -# program is present and works. -case $2 in --version|--help) exit $st;; esac - -# Exit code 63 means version mismatch. This often happens when the user -# tries to use an ancient version of a tool on a file that requires a -# minimum version. -if test $st -eq 63; then - msg="probably too old" -elif test $st -eq 127; then - # Program was missing. - msg="missing on your system" -else - # Program was found and executed, but failed. Give up. - exit $st -fi - -perl_URL=http://www.perl.org/ -flex_URL=http://flex.sourceforge.net/ -gnu_software_URL=http://www.gnu.org/software - -program_details () -{ - case $1 in - aclocal|automake) - echo "The '$1' program is part of the GNU Automake package:" - echo "<$gnu_software_URL/automake>" - echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" - echo "<$gnu_software_URL/autoconf>" - echo "<$gnu_software_URL/m4/>" - echo "<$perl_URL>" - ;; - autoconf|autom4te|autoheader) - echo "The '$1' program is part of the GNU Autoconf package:" - echo "<$gnu_software_URL/autoconf/>" - echo "It also requires GNU m4 and Perl in order to run:" - echo "<$gnu_software_URL/m4/>" - echo "<$perl_URL>" - ;; - esac -} - -give_advice () -{ - # Normalize program name to check for. - normalized_program=`echo "$1" | sed ' - s/^gnu-//; t - s/^gnu//; t - s/^g//; t'` - - printf '%s\n' "'$1' is $msg." - - configure_deps="'configure.ac' or m4 files included by 'configure.ac'" - case $normalized_program in - autoconf*) - echo "You should only need it if you modified 'configure.ac'," - echo "or m4 files included by it." - program_details 'autoconf' - ;; - autoheader*) - echo "You should only need it if you modified 'acconfig.h' or" - echo "$configure_deps." - program_details 'autoheader' - ;; - automake*) - echo "You should only need it if you modified 'Makefile.am' or" - echo "$configure_deps." - program_details 'automake' - ;; - aclocal*) - echo "You should only need it if you modified 'acinclude.m4' or" - echo "$configure_deps." - program_details 'aclocal' - ;; - autom4te*) - echo "You might have modified some maintainer files that require" - echo "the 'automa4te' program to be rebuilt." - program_details 'autom4te' - ;; - bison*|yacc*) - echo "You should only need it if you modified a '.y' file." - echo "You may want to install the GNU Bison package:" - echo "<$gnu_software_URL/bison/>" - ;; - lex*|flex*) - echo "You should only need it if you modified a '.l' file." - echo "You may want to install the Fast Lexical Analyzer package:" - echo "<$flex_URL>" - ;; - help2man*) - echo "You should only need it if you modified a dependency" \ - "of a man page." - echo "You may want to install the GNU Help2man package:" - echo "<$gnu_software_URL/help2man/>" - ;; - makeinfo*) - echo "You should only need it if you modified a '.texi' file, or" - echo "any other file indirectly affecting the aspect of the manual." - echo "You might want to install the Texinfo package:" - echo "<$gnu_software_URL/texinfo/>" - echo "The spurious makeinfo call might also be the consequence of" - echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" - echo "want to install GNU make:" - echo "<$gnu_software_URL/make/>" - ;; - *) - echo "You might have modified some files without having the proper" - echo "tools for further handling them. Check the 'README' file, it" - echo "often tells you about the needed prerequisites for installing" - echo "this package. You may also peek at any GNU archive site, in" - echo "case some other package contains this missing '$1' program." - ;; - esac -} - -give_advice "$1" | sed -e '1s/^/WARNING: /' \ - -e '2,$s/^/ /' >&2 - -# Propagate the correct exit status (expected to be 127 for a program -# not found, 63 for a program that failed due to version mismatch). -exit $st - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-time-zone: "UTC" -# time-stamp-end: "; # UTC" -# End: diff --git a/po/Makefile.in.in b/po/Makefile.in.in deleted file mode 100644 index 5022b8b1..00000000 --- a/po/Makefile.in.in +++ /dev/null @@ -1,403 +0,0 @@ -# Makefile for PO directory in any package using GNU gettext. -# Copyright (C) 1995-1997, 2000-2006 by Ulrich Drepper <drepper@gnu.ai.mit.edu> -# -# This file can be copied and used freely without restrictions. It can -# be used in projects which are not available under the GNU General Public -# License but which still want to provide support for the GNU gettext -# functionality. -# Please note that the actual code of GNU gettext is covered by the GNU -# General Public License and is *not* in the public domain. -# -# Origin: gettext-0.16 - -PACKAGE = @PACKAGE@ -VERSION = @VERSION@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ - -SHELL = /bin/sh -@SET_MAKE@ - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -datarootdir = @datarootdir@ -datadir = @datadir@ -localedir = @localedir@ -gettextsrcdir = $(datadir)/gettext/po - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ - -# We use $(mkdir_p). -# In automake <= 1.9.x, $(mkdir_p) is defined either as "mkdir -p --" or as -# "$(mkinstalldirs)" or as "$(install_sh) -d". For these automake versions, -# @install_sh@ does not start with $(SHELL), so we add it. -# In automake >= 1.10, @mkdir_p@ is derived from ${MKDIR_P}, which is defined -# either as "/path/to/mkdir -p" or ".../install-sh -c -d". For these automake -# versions, $(mkinstalldirs) and $(install_sh) are unused. -mkinstalldirs = $(SHELL) @install_sh@ -d -install_sh = $(SHELL) @install_sh@ -MKDIR_P = @MKDIR_P@ -mkdir_p = @mkdir_p@ - -GMSGFMT_ = @GMSGFMT@ -GMSGFMT_no = @GMSGFMT@ -GMSGFMT_yes = @GMSGFMT_015@ -GMSGFMT = $(GMSGFMT_$(USE_MSGCTXT)) -MSGFMT_ = @MSGFMT@ -MSGFMT_no = @MSGFMT@ -MSGFMT_yes = @MSGFMT_015@ -MSGFMT = $(MSGFMT_$(USE_MSGCTXT)) -XGETTEXT_ = @XGETTEXT@ -XGETTEXT_no = @XGETTEXT@ -XGETTEXT_yes = @XGETTEXT_015@ -XGETTEXT = $(XGETTEXT_$(USE_MSGCTXT)) -MSGMERGE = msgmerge -MSGMERGE_UPDATE = @MSGMERGE@ --update -MSGINIT = msginit -MSGCONV = msgconv -MSGFILTER = msgfilter - -POFILES = @POFILES@ -GMOFILES = @GMOFILES@ -UPDATEPOFILES = @UPDATEPOFILES@ -DUMMYPOFILES = @DUMMYPOFILES@ -DISTFILES.common = Makefile.in.in remove-potcdate.sin \ -$(DISTFILES.common.extra1) $(DISTFILES.common.extra2) $(DISTFILES.common.extra3) -DISTFILES = $(DISTFILES.common) Makevars POTFILES.in \ -$(POFILES) $(GMOFILES) \ -$(DISTFILES.extra1) $(DISTFILES.extra2) $(DISTFILES.extra3) - -POTFILES = \ - -CATALOGS = @CATALOGS@ - -# Makevars gets inserted here. (Don't remove this line!) - -.SUFFIXES: -.SUFFIXES: .po .gmo .mo .sed .sin .nop .po-create .po-update - -.po.mo: - @echo "$(MSGFMT) -c -o $@ $<"; \ - $(MSGFMT) -c -o t-$@ $< && mv t-$@ $@ - -.po.gmo: - @lang=`echo $* | sed -e 's,.*/,,'`; \ - test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \ - echo "$${cdcmd}rm -f $${lang}.gmo && $(GMSGFMT) -c --statistics -o $${lang}.gmo $${lang}.po"; \ - cd $(srcdir) && rm -f $${lang}.gmo && $(GMSGFMT) -c --statistics -o t-$${lang}.gmo $${lang}.po && mv t-$${lang}.gmo $${lang}.gmo - -.sin.sed: - sed -e '/^#/d' $< > t-$@ - mv t-$@ $@ - - -all: all-@USE_NLS@ - -all-yes: stamp-po -all-no: - -# $(srcdir)/$(DOMAIN).pot is only created when needed. When xgettext finds no -# internationalized messages, no $(srcdir)/$(DOMAIN).pot is created (because -# we don't want to bother translators with empty POT files). We assume that -# LINGUAS is empty in this case, i.e. $(POFILES) and $(GMOFILES) are empty. -# In this case, stamp-po is a nop (i.e. a phony target). - -# stamp-po is a timestamp denoting the last time at which the CATALOGS have -# been loosely updated. Its purpose is that when a developer or translator -# checks out the package via CVS, and the $(DOMAIN).pot file is not in CVS, -# "make" will update the $(DOMAIN).pot and the $(CATALOGS), but subsequent -# invocations of "make" will do nothing. This timestamp would not be necessary -# if updating the $(CATALOGS) would always touch them; however, the rule for -# $(POFILES) has been designed to not touch files that don't need to be -# changed. -stamp-po: $(srcdir)/$(DOMAIN).pot - test ! -f $(srcdir)/$(DOMAIN).pot || \ - test -z "$(GMOFILES)" || $(MAKE) $(GMOFILES) - @test ! -f $(srcdir)/$(DOMAIN).pot || { \ - echo "touch stamp-po" && \ - echo timestamp > stamp-poT && \ - mv stamp-poT stamp-po; \ - } - -# Note: Target 'all' must not depend on target '$(DOMAIN).pot-update', -# otherwise packages like GCC can not be built if only parts of the source -# have been downloaded. - -# This target rebuilds $(DOMAIN).pot; it is an expensive operation. -# Note that $(DOMAIN).pot is not touched if it doesn't need to be changed. -$(DOMAIN).pot-update: $(POTFILES) $(srcdir)/POTFILES.in remove-potcdate.sed - if test -n '$(MSGID_BUGS_ADDRESS)' || test '$(PACKAGE_BUGREPORT)' = '@'PACKAGE_BUGREPORT'@'; then \ - msgid_bugs_address='$(MSGID_BUGS_ADDRESS)'; \ - else \ - msgid_bugs_address='$(PACKAGE_BUGREPORT)'; \ - fi; \ - $(XGETTEXT) --default-domain=$(DOMAIN) --directory=$(top_srcdir) \ - --add-comments=TRANSLATORS: $(XGETTEXT_OPTIONS) \ - --files-from=$(srcdir)/POTFILES.in \ - --copyright-holder='$(COPYRIGHT_HOLDER)' \ - --msgid-bugs-address="$$msgid_bugs_address" - test ! -f $(DOMAIN).po || { \ - if test -f $(srcdir)/$(DOMAIN).pot; then \ - sed -f remove-potcdate.sed < $(srcdir)/$(DOMAIN).pot > $(DOMAIN).1po && \ - sed -f remove-potcdate.sed < $(DOMAIN).po > $(DOMAIN).2po && \ - if cmp $(DOMAIN).1po $(DOMAIN).2po >/dev/null 2>&1; then \ - rm -f $(DOMAIN).1po $(DOMAIN).2po $(DOMAIN).po; \ - else \ - rm -f $(DOMAIN).1po $(DOMAIN).2po $(srcdir)/$(DOMAIN).pot && \ - mv $(DOMAIN).po $(srcdir)/$(DOMAIN).pot; \ - fi; \ - else \ - mv $(DOMAIN).po $(srcdir)/$(DOMAIN).pot; \ - fi; \ - } - -# This rule has no dependencies: we don't need to update $(DOMAIN).pot at -# every "make" invocation, only create it when it is missing. -# Only "make $(DOMAIN).pot-update" or "make dist" will force an update. -$(srcdir)/$(DOMAIN).pot: - $(MAKE) $(DOMAIN).pot-update - -# This target rebuilds a PO file if $(DOMAIN).pot has changed. -# Note that a PO file is not touched if it doesn't need to be changed. -$(POFILES): $(srcdir)/$(DOMAIN).pot - @lang=`echo $@ | sed -e 's,.*/,,' -e 's/\.po$$//'`; \ - if test -f "$(srcdir)/$${lang}.po"; then \ - test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \ - echo "$${cdcmd}$(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot"; \ - cd $(srcdir) && $(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot; \ - else \ - $(MAKE) $${lang}.po-create; \ - fi - - -install: install-exec install-data -install-exec: -install-data: install-data-@USE_NLS@ - if test "$(PACKAGE)" = "gettext-tools"; then \ - $(mkdir_p) $(DESTDIR)$(gettextsrcdir); \ - for file in $(DISTFILES.common) Makevars.template; do \ - $(INSTALL_DATA) $(srcdir)/$$file \ - $(DESTDIR)$(gettextsrcdir)/$$file; \ - done; \ - for file in Makevars; do \ - rm -f $(DESTDIR)$(gettextsrcdir)/$$file; \ - done; \ - else \ - : ; \ - fi -install-data-no: all -install-data-yes: all - $(mkdir_p) $(DESTDIR)$(datadir) - @catalogs='$(CATALOGS)'; \ - for cat in $$catalogs; do \ - cat=`basename $$cat`; \ - lang=`echo $$cat | sed -e 's/\.gmo$$//'`; \ - dir=$(localedir)/$$lang/LC_MESSAGES; \ - $(mkdir_p) $(DESTDIR)$$dir; \ - if test -r $$cat; then realcat=$$cat; else realcat=$(srcdir)/$$cat; fi; \ - $(INSTALL_DATA) $$realcat $(DESTDIR)$$dir/$(DOMAIN).mo; \ - echo "installing $$realcat as $(DESTDIR)$$dir/$(DOMAIN).mo"; \ - for lc in '' $(EXTRA_LOCALE_CATEGORIES); do \ - if test -n "$$lc"; then \ - if (cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc 2>/dev/null) | grep ' -> ' >/dev/null; then \ - link=`cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc | sed -e 's/^.* -> //'`; \ - mv $(DESTDIR)$(localedir)/$$lang/$$lc $(DESTDIR)$(localedir)/$$lang/$$lc.old; \ - mkdir $(DESTDIR)$(localedir)/$$lang/$$lc; \ - (cd $(DESTDIR)$(localedir)/$$lang/$$lc.old && \ - for file in *; do \ - if test -f $$file; then \ - ln -s ../$$link/$$file $(DESTDIR)$(localedir)/$$lang/$$lc/$$file; \ - fi; \ - done); \ - rm -f $(DESTDIR)$(localedir)/$$lang/$$lc.old; \ - else \ - if test -d $(DESTDIR)$(localedir)/$$lang/$$lc; then \ - :; \ - else \ - rm -f $(DESTDIR)$(localedir)/$$lang/$$lc; \ - mkdir $(DESTDIR)$(localedir)/$$lang/$$lc; \ - fi; \ - fi; \ - rm -f $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo; \ - ln -s ../LC_MESSAGES/$(DOMAIN).mo $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo 2>/dev/null || \ - ln $(DESTDIR)$(localedir)/$$lang/LC_MESSAGES/$(DOMAIN).mo $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo 2>/dev/null || \ - cp -p $(DESTDIR)$(localedir)/$$lang/LC_MESSAGES/$(DOMAIN).mo $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo; \ - echo "installing $$realcat link as $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo"; \ - fi; \ - done; \ - done - -install-strip: install - -installdirs: installdirs-exec installdirs-data -installdirs-exec: -installdirs-data: installdirs-data-@USE_NLS@ - if test "$(PACKAGE)" = "gettext-tools"; then \ - $(mkdir_p) $(DESTDIR)$(gettextsrcdir); \ - else \ - : ; \ - fi -installdirs-data-no: -installdirs-data-yes: - $(mkdir_p) $(DESTDIR)$(datadir) - @catalogs='$(CATALOGS)'; \ - for cat in $$catalogs; do \ - cat=`basename $$cat`; \ - lang=`echo $$cat | sed -e 's/\.gmo$$//'`; \ - dir=$(localedir)/$$lang/LC_MESSAGES; \ - $(mkdir_p) $(DESTDIR)$$dir; \ - for lc in '' $(EXTRA_LOCALE_CATEGORIES); do \ - if test -n "$$lc"; then \ - if (cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc 2>/dev/null) | grep ' -> ' >/dev/null; then \ - link=`cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc | sed -e 's/^.* -> //'`; \ - mv $(DESTDIR)$(localedir)/$$lang/$$lc $(DESTDIR)$(localedir)/$$lang/$$lc.old; \ - mkdir $(DESTDIR)$(localedir)/$$lang/$$lc; \ - (cd $(DESTDIR)$(localedir)/$$lang/$$lc.old && \ - for file in *; do \ - if test -f $$file; then \ - ln -s ../$$link/$$file $(DESTDIR)$(localedir)/$$lang/$$lc/$$file; \ - fi; \ - done); \ - rm -f $(DESTDIR)$(localedir)/$$lang/$$lc.old; \ - else \ - if test -d $(DESTDIR)$(localedir)/$$lang/$$lc; then \ - :; \ - else \ - rm -f $(DESTDIR)$(localedir)/$$lang/$$lc; \ - mkdir $(DESTDIR)$(localedir)/$$lang/$$lc; \ - fi; \ - fi; \ - fi; \ - done; \ - done - -# Define this as empty until I found a useful application. -installcheck: - -uninstall: uninstall-exec uninstall-data -uninstall-exec: -uninstall-data: uninstall-data-@USE_NLS@ - if test "$(PACKAGE)" = "gettext-tools"; then \ - for file in $(DISTFILES.common) Makevars.template; do \ - rm -f $(DESTDIR)$(gettextsrcdir)/$$file; \ - done; \ - else \ - : ; \ - fi -uninstall-data-no: -uninstall-data-yes: - catalogs='$(CATALOGS)'; \ - for cat in $$catalogs; do \ - cat=`basename $$cat`; \ - lang=`echo $$cat | sed -e 's/\.gmo$$//'`; \ - for lc in LC_MESSAGES $(EXTRA_LOCALE_CATEGORIES); do \ - rm -f $(DESTDIR)$(localedir)/$$lang/$$lc/$(DOMAIN).mo; \ - done; \ - done - -check: all - -info dvi ps pdf html tags TAGS ctags CTAGS ID: - -mostlyclean: - rm -f remove-potcdate.sed - rm -f stamp-poT - rm -f core core.* $(DOMAIN).po $(DOMAIN).1po $(DOMAIN).2po *.new.po - rm -fr *.o - -clean: mostlyclean - -distclean: clean - rm -f Makefile Makefile.in POTFILES *.mo - -maintainer-clean: distclean - @echo "This command is intended for maintainers to use;" - @echo "it deletes files that may require special tools to rebuild." - rm -f stamp-po $(GMOFILES) - -distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -dist distdir: - $(MAKE) update-po - @$(MAKE) dist2 -# This is a separate target because 'update-po' must be executed before. -dist2: stamp-po $(DISTFILES) - dists="$(DISTFILES)"; \ - if test "$(PACKAGE)" = "gettext-tools"; then \ - dists="$$dists Makevars.template"; \ - fi; \ - if test -f $(srcdir)/$(DOMAIN).pot; then \ - dists="$$dists $(DOMAIN).pot stamp-po"; \ - fi; \ - if test -f $(srcdir)/ChangeLog; then \ - dists="$$dists ChangeLog"; \ - fi; \ - for i in 0 1 2 3 4 5 6 7 8 9; do \ - if test -f $(srcdir)/ChangeLog.$$i; then \ - dists="$$dists ChangeLog.$$i"; \ - fi; \ - done; \ - if test -f $(srcdir)/LINGUAS; then dists="$$dists LINGUAS"; fi; \ - for file in $$dists; do \ - if test -f $$file; then \ - cp -p $$file $(distdir) || exit 1; \ - else \ - cp -p $(srcdir)/$$file $(distdir) || exit 1; \ - fi; \ - done - -update-po: Makefile - $(MAKE) $(DOMAIN).pot-update - test -z "$(UPDATEPOFILES)" || $(MAKE) $(UPDATEPOFILES) - $(MAKE) update-gmo - -# General rule for creating PO files. - -.nop.po-create: - @lang=`echo $@ | sed -e 's/\.po-create$$//'`; \ - echo "File $$lang.po does not exist. If you are a translator, you can create it through 'msginit'." 1>&2; \ - exit 1 - -# General rule for updating PO files. - -.nop.po-update: - @lang=`echo $@ | sed -e 's/\.po-update$$//'`; \ - if test "$(PACKAGE)" = "gettext-tools"; then PATH=`pwd`/../src:$$PATH; fi; \ - tmpdir=`pwd`; \ - echo "$$lang:"; \ - test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \ - echo "$${cdcmd}$(MSGMERGE) $$lang.po $(DOMAIN).pot -o $$lang.new.po"; \ - cd $(srcdir); \ - if $(MSGMERGE) $$lang.po $(DOMAIN).pot -o $$tmpdir/$$lang.new.po; then \ - if cmp $$lang.po $$tmpdir/$$lang.new.po >/dev/null 2>&1; then \ - rm -f $$tmpdir/$$lang.new.po; \ - else \ - if mv -f $$tmpdir/$$lang.new.po $$lang.po; then \ - :; \ - else \ - echo "msgmerge for $$lang.po failed: cannot move $$tmpdir/$$lang.new.po to $$lang.po" 1>&2; \ - exit 1; \ - fi; \ - fi; \ - else \ - echo "msgmerge for $$lang.po failed!" 1>&2; \ - rm -f $$tmpdir/$$lang.new.po; \ - fi - -$(DUMMYPOFILES): - -update-gmo: Makefile $(GMOFILES) - @: - -Makefile: Makefile.in.in Makevars $(top_builddir)/config.status @POMAKEFILEDEPS@ - cd $(top_builddir) \ - && $(SHELL) ./config.status $(subdir)/$@.in po-directories - -force: - -# Tell versions [3.59,3.63) of GNU make not to export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/po/Rules-quot b/po/Rules-quot deleted file mode 100644 index 9c2a995e..00000000 --- a/po/Rules-quot +++ /dev/null @@ -1,47 +0,0 @@ -# Special Makefile rules for English message catalogs with quotation marks. - -DISTFILES.common.extra1 = quot.sed boldquot.sed en@quot.header en@boldquot.header insert-header.sin Rules-quot - -.SUFFIXES: .insert-header .po-update-en - -en@quot.po-create: - $(MAKE) en@quot.po-update -en@boldquot.po-create: - $(MAKE) en@boldquot.po-update - -en@quot.po-update: en@quot.po-update-en -en@boldquot.po-update: en@boldquot.po-update-en - -.insert-header.po-update-en: - @lang=`echo $@ | sed -e 's/\.po-update-en$$//'`; \ - if test "$(PACKAGE)" = "gettext"; then PATH=`pwd`/../src:$$PATH; GETTEXTLIBDIR=`cd $(top_srcdir)/src && pwd`; export GETTEXTLIBDIR; fi; \ - tmpdir=`pwd`; \ - echo "$$lang:"; \ - ll=`echo $$lang | sed -e 's/@.*//'`; \ - LC_ALL=C; export LC_ALL; \ - cd $(srcdir); \ - if $(MSGINIT) -i $(DOMAIN).pot --no-translator -l $$ll -o - 2>/dev/null | sed -f $$tmpdir/$$lang.insert-header | $(MSGCONV) -t UTF-8 | $(MSGFILTER) sed -f `echo $$lang | sed -e 's/.*@//'`.sed 2>/dev/null > $$tmpdir/$$lang.new.po; then \ - if cmp $$lang.po $$tmpdir/$$lang.new.po >/dev/null 2>&1; then \ - rm -f $$tmpdir/$$lang.new.po; \ - else \ - if mv -f $$tmpdir/$$lang.new.po $$lang.po; then \ - :; \ - else \ - echo "creation of $$lang.po failed: cannot move $$tmpdir/$$lang.new.po to $$lang.po" 1>&2; \ - exit 1; \ - fi; \ - fi; \ - else \ - echo "creation of $$lang.po failed!" 1>&2; \ - rm -f $$tmpdir/$$lang.new.po; \ - fi - -en@quot.insert-header: insert-header.sin - sed -e '/^#/d' -e 's/HEADER/en@quot.header/g' $(srcdir)/insert-header.sin > en@quot.insert-header - -en@boldquot.insert-header: insert-header.sin - sed -e '/^#/d' -e 's/HEADER/en@boldquot.header/g' $(srcdir)/insert-header.sin > en@boldquot.insert-header - -mostlyclean: mostlyclean-quot -mostlyclean-quot: - rm -f *.insert-header diff --git a/po/boldquot.sed b/po/boldquot.sed deleted file mode 100644 index 4b937aa5..00000000 --- a/po/boldquot.sed +++ /dev/null @@ -1,10 +0,0 @@ -s/"\([^"]*\)"/ā€œ\1ā€/g -s/`\([^`']*\)'/ā€˜\1ā€™/g -s/ '\([^`']*\)' / ā€˜\1ā€™ /g -s/ '\([^`']*\)'$/ ā€˜\1ā€™/g -s/^'\([^`']*\)' /ā€˜\1ā€™ /g -s/ā€œā€/""/g -s/ā€œ/ā€œ/g -s/ā€/ā€/g -s/ā€˜/ā€˜/g -s/ā€™/ā€™/g diff --git a/po/bs.gmo b/po/bs.gmo deleted file mode 100644 index 7daf0b75..00000000 Binary files a/po/bs.gmo and /dev/null differ diff --git a/po/bs.po b/po/bs.po index 272670fc..219fa701 100644 --- a/po/bs.po +++ b/po/bs.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2004-05-09 12:03+0100\n" "Last-Translator: Safir Å ećerović <sapphire@linux.org.ba>\n" "Language-Team: Bosnian <lokal@lugbih.org>\n" @@ -1027,6 +1027,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: nepoznat član %s\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "" @@ -1234,6 +1239,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1252,6 +1267,22 @@ msgstr "" msgid "**Never logged in**" msgstr "" +#, fuzzy, c-format +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "nepoznata grupa: %s\n" + +#, fuzzy, c-format +msgid "%s: Failed to update the lastlog file\n" +msgstr "nepoznata grupa: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "" @@ -1281,12 +1312,6 @@ msgid "" "[Disconnect bypassed -- root login allowed.]" msgstr "" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "" @@ -1294,6 +1319,12 @@ msgstr "" msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" msgstr "" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "" @@ -1684,12 +1715,6 @@ msgstr "" msgid "Please enter your OWN password as authentication.\n" msgstr "" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: unknown member %s\n" msgid "%s: Cannot fork user shell\n" @@ -1706,6 +1731,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2203,22 +2234,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "nepoznata grupa: %s\n" - -#, c-format -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "" - -#, fuzzy, c-format -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "nepoznata grupa: %s\n" - -#, c-format -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "" - #, c-format msgid "%s: directory %s exists\n" msgstr "" @@ -2259,6 +2274,22 @@ msgstr "" msgid "failed to rename mailbox" msgstr "" +#, fuzzy, c-format +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "nepoznata grupa: %s\n" + +#, c-format +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "" + +#, fuzzy, c-format +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "nepoznata grupa: %s\n" + +#, c-format +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/ca.gmo b/po/ca.gmo deleted file mode 100644 index 2b840bc9..00000000 Binary files a/po/ca.gmo and /dev/null differ diff --git a/po/ca.po b/po/ca.po index 98fce8b4..064a62f9 100644 --- a/po/ca.po +++ b/po/ca.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-01-22 18:25+0100\n" "Last-Translator: Innocent De Marchi <tangram.peces@gmail.com>\n" "Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n" @@ -1130,6 +1130,16 @@ msgstr "%s: el GID '%lu ja existeix\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: no es pot configurar el servei de neteja.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset restableix els comptadors d'errors " +"d'identificaciĆ³\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: no es pot eliminar l'entrada Ā«%sĀ» de %s\n" @@ -1360,6 +1370,26 @@ msgstr "" " -b, --before DIES mostra nomĆ©s els registres de lastlog mĆ©s\n" " antics que DIES\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all mostra els registres Ā«faillogĀ» per a tots " +"els usuaris\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all mostra els registres Ā«faillogĀ» per a tots " +"els usuaris\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1381,6 +1411,24 @@ msgstr "Usuari Port ƚltim" msgid "**Never logged in**" msgstr "**No ha entrat mai**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: No s'ha pogut obtenir l'entrada de la UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: no es pot actualitzar el fitxer de contrasenyes\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Forma d'Ćŗs: %s [-p] [nom]\n" @@ -1414,14 +1462,6 @@ msgstr "" "\n" "[S'ha evitat la desconnexiĆ³ -- l'accĆ©s de Ā«rootĀ» estĆ  permĆØs]." -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"L'accĆ©s ha caducat desprĆ©s de %u segons.\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "%s: no es pot treballar sense Ć©sser administrador\n" @@ -1430,6 +1470,14 @@ msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" msgstr "" "No hi ha entrada utmp. Heu d'executar Ā«loginĀ» des del Ā«shĀ» de nivell mĆ©s baix" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"L'accĆ©s ha caducat desprĆ©s de %u segons.\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: fallada de PAM, s'estĆ  cancelĀ·lant: %s\n" @@ -1863,12 +1911,6 @@ msgstr "S'ha evitat l'autenticaciĆ³ de contrasenya.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Si us plau introduĆÆu la VOSTRA contrasenya com a autenticaciĆ³.\n" -msgid " ...killed.\n" -msgstr "...mort.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr "...esperant al fill per acabar.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: no es pot blocar el Ā«shellĀ» de l'usuari\n" @@ -1884,6 +1926,12 @@ msgstr "%s: el senyal emmascara un error\n" msgid "Session terminated, terminating shell..." msgstr "SessiĆ³ acabada, finalitzant el Ā«shellĀ»..." +msgid " ...killed.\n" +msgstr "...mort.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr "...esperant al fill per acabar.\n" + msgid " ...terminated.\n" msgstr "...acabat.\n" @@ -2474,26 +2522,6 @@ msgstr "%s: UID '%lu' ja existeix\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s no estĆ  autoritzat per canviar la contrasenya de %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: ha fallat la preparaciĆ³ de la nova entrada %s: Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: ha fallat la preparaciĆ³ de la nova entrada %s: Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: ha fallat la preparaciĆ³ de la nova entrada %s: Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: ha fallat la preparaciĆ³ de la nova entrada %s: Ā«%sĀ»\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: el directori %s ja existeix\n" @@ -2541,6 +2569,26 @@ msgstr "no s'ha pogut canviar el propietari de la bĆŗstia de correu" msgid "failed to rename mailbox" msgstr "no s'ha pogut reanomenar la bĆŗstia de correu" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: ha fallat la preparaciĆ³ de la nova entrada %s: Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: ha fallat la preparaciĆ³ de la nova entrada %s: Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: ha fallat la preparaciĆ³ de la nova entrada %s: Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: ha fallat la preparaciĆ³ de la nova entrada %s: Ā«%sĀ»\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3243,9 +3291,6 @@ msgstr "%s: no es pot trobar el directori Ā«tcbĀ» per %s\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: no es pot actualitzar el fitxer de contrasenyes\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: no es pot actualitzar el fitxer de contrasenyes ombra\n" diff --git a/po/cs.gmo b/po/cs.gmo deleted file mode 100644 index a672fbf5..00000000 Binary files a/po/cs.gmo and /dev/null differ diff --git a/po/cs.po b/po/cs.po index df1a726f..383f0d49 100644 --- a/po/cs.po +++ b/po/cs.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2011-11-26 18:41+0100\n" "Last-Translator: Miroslav Kure <kurem@debian.cz>\n" "Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n" @@ -1105,6 +1105,15 @@ msgstr "%s: GID ā€ž%luā€œ již existuje\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: vaÅ”e uživatelskĆ© jmĆ©no nelze zjistit.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset vynuluje počitadla chybnĆ½ch přihlĆ”Å”enĆ­\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: nelze odstranit zĆ”znam ā€ž%sā€œ z %s\n" @@ -1328,6 +1337,26 @@ msgid "" msgstr "" " -b, --before DNÅ® zobrazĆ­ zĆ”znamy lastlogu starÅ”Ć­ než DNÅ®\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all zobrazĆ­ zĆ”znamy faillogu o vÅ”ech " +"uživatelĆ­ch\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all zobrazĆ­ zĆ”znamy faillogu o vÅ”ech " +"uživatelĆ­ch\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1348,6 +1377,24 @@ msgstr "Uživatel Port Naposledy" msgid "**Never logged in**" msgstr "**Nikdy nebyl přihlĆ”Å”en**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: nepodařilo se zĆ­skat zĆ”znam pro UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: soubor s hesly nelze aktualizovat\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "PoužitĆ­: %s [-p] [jmĆ©no]\n" @@ -1381,6 +1428,13 @@ msgstr "" "\n" "[OdpojenĆ­ přeskočeno -- uživatel root smĆ­ bĆ½t přihlĆ”Å”en.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "%s: Bez efektivnĆ­ch oprĆ”vněnĆ­ uživatele root nelze pracovat\n" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "utmp zĆ”znam neexistuje. MusĆ­te spustit ā€žloginā€œ z nejniÅ¾Å”Ć­ho ā€žshā€œ" + #, c-format msgid "" "\n" @@ -1389,13 +1443,6 @@ msgstr "" "\n" "VyprÅ”el časovĆ½ limit pro přihlĆ”Å”enĆ­ (%u sekund).\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "%s: Bez efektivnĆ­ch oprĆ”vněnĆ­ uživatele root nelze pracovat\n" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "utmp zĆ”znam neexistuje. MusĆ­te spustit ā€žloginā€œ z nejniÅ¾Å”Ć­ho ā€žshā€œ" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: Chyba PAM, končƭm: %s\n" @@ -1822,12 +1869,6 @@ msgstr "OvěřovĆ”nĆ­ heslem vynechĆ”no.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Pro ověřenĆ­ zadejte VAÅ E vlastnĆ­ heslo.\n" -msgid " ...killed.\n" -msgstr " ...zabit.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...čekĆ” na ukončenĆ­ potomka.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: Nelze rozdvojit uživatelskĆ½ shell\n" @@ -1843,6 +1884,12 @@ msgstr "%s: chyba maskovĆ”nĆ­ signĆ”lu\n" msgid "Session terminated, terminating shell..." msgstr "SezenĆ­ skončeno, ukončuji shell..." +msgid " ...killed.\n" +msgstr " ...zabit.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ...čekĆ” na ukončenĆ­ potomka.\n" + msgid " ...terminated.\n" msgstr " ...ukončen.\n" @@ -2435,26 +2482,6 @@ msgstr "%s: UID ā€ž%luā€œ již existuje\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s nenĆ­ oprĆ”vněn změnit heslo %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: selhala pÅ™Ć­prava novĆ©ho %s zĆ”znamu ā€ž%sā€œ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: selhala pÅ™Ć­prava novĆ©ho %s zĆ”znamu ā€ž%sā€œ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: selhala pÅ™Ć­prava novĆ©ho %s zĆ”znamu ā€ž%sā€œ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: selhala pÅ™Ć­prava novĆ©ho %s zĆ”znamu ā€ž%sā€œ\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: adresĆ”Å™ %s již existuje\n" @@ -2500,6 +2527,26 @@ msgstr "chyba při změně vlastnĆ­ka poÅ”tovnĆ­ schrĆ”nky" msgid "failed to rename mailbox" msgstr "chyba při přejmenovĆ”vĆ”nĆ­ poÅ”tovnĆ­ schrĆ”nky" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: selhala pÅ™Ć­prava novĆ©ho %s zĆ”znamu ā€ž%sā€œ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: selhala pÅ™Ć­prava novĆ©ho %s zĆ”znamu ā€ž%sā€œ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: selhala pÅ™Ć­prava novĆ©ho %s zĆ”znamu ā€ž%sā€œ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: selhala pÅ™Ć­prava novĆ©ho %s zĆ”znamu ā€ž%sā€œ\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3283,9 +3330,6 @@ msgstr "%s: chybnĆ½ zĆ”kladnĆ­ adresĆ”Å™ ā€ž%sā€œ\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: soubor s hesly nelze přepsat\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: soubor s hesly nelze aktualizovat\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: soubor se stĆ­novĆ½mi hesly nelze aktualizovat\n" diff --git a/po/da.gmo b/po/da.gmo deleted file mode 100644 index aa27c971..00000000 Binary files a/po/da.gmo and /dev/null differ diff --git a/po/da.po b/po/da.po index a705aa8c..75dc0209 100644 --- a/po/da.po +++ b/po/da.po @@ -20,7 +20,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-01-26 23:57+0100\n" "Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n" "Language-Team: Danish <debian-l10n-danish@lists.debian.org>\n" @@ -1103,6 +1103,15 @@ msgstr "%s: GID Ā»%luĀ« findes allerede\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Kan ikke opsƦtte tjenesten cleanup.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset nulstil tƦlleren for mislykkede logind\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: Kan ikke fjerne punkt Ā»%sĀ« fra %s\n" @@ -1333,6 +1342,22 @@ msgstr "" " -b, --before DAGE vis kun lastlog-poster, der er Ʀldre\n" " end DAGE\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr " -a, --all vis faillog-poster for alle brugere\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr " -a, --all vis faillog-poster for alle brugere\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1355,6 +1380,24 @@ msgstr "Brugernavn Port Seneste" msgid "**Never logged in**" msgstr "**Har aldrig logget pĆ„**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Kunne ikke indhente punktet for UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: Kunne ikke nulstille lastlog-punktet for UID %lu: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Brug: %s [-p] [navn]\n" @@ -1388,6 +1431,13 @@ msgstr "" "\n" "[AfbrĆød ikke forbindelsen - root-logind er tilladt.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "%s: Kan umuligt arbejde uden effektiv root\n" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "Intet utmp-punkt. Du skal kĆøre Ā»loginĀ« fra det laveste Ā»sh-niveauĀ«" + #, c-format msgid "" "\n" @@ -1396,13 +1446,6 @@ msgstr "" "\n" "Logind udlĆøb efter %u sekunder.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "%s: Kan umuligt arbejde uden effektiv root\n" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "Intet utmp-punkt. Du skal kĆøre Ā»loginĀ« fra det laveste Ā»sh-niveauĀ«" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM-fejl, afbryder: %s\n" @@ -1825,12 +1868,6 @@ msgstr "Gik uden om adgangskodegodkendelse.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Angiv din EGEN adgangskode som godkendelse.\n" -msgid " ...killed.\n" -msgstr " ...drƦbt.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...venter pĆ„ at underproces termineres.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: Kan ikke forgrene brugerskal\n" @@ -1846,6 +1883,12 @@ msgstr "%s: Forkert signalmasking\n" msgid "Session terminated, terminating shell..." msgstr "Session termineret, terminerer skal..." +msgid " ...killed.\n" +msgstr " ...drƦbt.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ...venter pĆ„ at underproces termineres.\n" + msgid " ...terminated.\n" msgstr " ...termineret.\n" @@ -2430,26 +2473,6 @@ msgstr "%s: UID Ā»%luĀ« findes allerede\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s er ikke godkendt til at Ʀndre adgangskoden pĆ„ %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: Kunne ikke forberede det nye %s-punkt Ā»%sĀ«\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: Kunne ikke forberede det nye %s-punkt Ā»%sĀ«\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: Kunne ikke forberede det nye %s-punkt Ā»%sĀ«\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: Kunne ikke forberede det nye %s-punkt Ā»%sĀ«\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: Mappen %s findes\n" @@ -2494,6 +2517,26 @@ msgstr "kunne ikke Ʀndre postkassens ejer" msgid "failed to rename mailbox" msgstr "kunne ikke omdĆøbe postkasse" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: Kunne ikke forberede det nye %s-punkt Ā»%sĀ«\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: Kunne ikke forberede det nye %s-punkt Ā»%sĀ«\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: Kunne ikke forberede det nye %s-punkt Ā»%sĀ«\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: Kunne ikke forberede det nye %s-punkt Ā»%sĀ«\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/de.gmo b/po/de.gmo deleted file mode 100644 index 8ca6af87..00000000 Binary files a/po/de.gmo and /dev/null differ diff --git a/po/de.po b/po/de.po index edda0630..5376ba53 100644 --- a/po/de.po +++ b/po/de.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.1.4.2\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-01-18 21:44+0100\n" "Last-Translator: Holger Wansing <linux@wansing-online.de>\n" "Language-Team: German <debian-l10n-german@lists.debian.org>\n" @@ -1120,6 +1120,16 @@ msgstr "%s: GID Ā»%luĀ« existiert bereits.\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Ihr Benutzername konnte nicht bestimmt werden.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset ZƤhler fehlgeschlagener Anmeldungen\n" +" zurĆ¼cksetzen\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: Eintrag Ā»%sĀ« konnte nicht aus %s entfernt werden.\n" @@ -1356,6 +1366,26 @@ msgstr "" "Ƥlter\n" " als TAGE sind\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all Aufzeichnungen fehlgeschlagener Anmeldungen\n" +" fĆ¼r alle Benutzer anzeigen\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all Aufzeichnungen fehlgeschlagener Anmeldungen\n" +" fĆ¼r alle Benutzer anzeigen\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1378,6 +1408,24 @@ msgstr "Benutzername Port Letzter" msgid "**Never logged in**" msgstr "**Noch nie angemeldet**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Auslesen des Eintrags fĆ¼r UID %lu fehlgeschlagen\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: ZurĆ¼cksetzen des lastlog-Eintrags fĆ¼r UID %lu fehlgeschlagen: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Aufruf: %s [-p] [Name]\n" @@ -1411,6 +1459,14 @@ msgstr "" "\n" "[Trennung abgebrochen -- root-Login erlaubt.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "%s: Arbeit ohne effektive root-Rechte eventuell nicht mƶglich\n" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Kein utmp-Eintrag. Sie mĆ¼ssen Ā»loginĀ« vom niedrigsten Ā»shĀ«-Level ausfĆ¼hren." + #, c-format msgid "" "\n" @@ -1420,14 +1476,6 @@ msgstr "" "Login nach %u Sekunden wegen\n" "ZeitĆ¼berschreitung abgebrochen.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "%s: Arbeit ohne effektive root-Rechte eventuell nicht mƶglich\n" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Kein utmp-Eintrag. Sie mĆ¼ssen Ā»loginĀ« vom niedrigsten Ā»shĀ«-Level ausfĆ¼hren." - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM-Fehler, Abbruch: %s\n" @@ -1858,12 +1906,6 @@ msgstr "Passwort-Authentifizierung umgangen.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Bitte geben Sie Ihr EIGENES Passwort als Authentifizierung ein.\n" -msgid " ...killed.\n" -msgstr " ... abgeschossen.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ... Warten auf Beendigung des Kindprozesses.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: Prozessaufspaltung (fork) fĆ¼r Benutzer-Shell nicht mƶglich\n" @@ -1879,6 +1921,12 @@ msgstr "%s: Signalmaskierungs-Fehlfunktion\n" msgid "Session terminated, terminating shell..." msgstr "Sitzung abgebrochen, Shell wird beendet ..." +msgid " ...killed.\n" +msgstr " ... abgeschossen.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ... Warten auf Beendigung des Kindprozesses.\n" + msgid " ...terminated.\n" msgstr " ... abgebrochen.\n" @@ -2484,26 +2532,6 @@ msgstr "%s: UID Ā»%luĀ« existiert bereits\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s ist nicht berechtigt, das Passwort von %s zu Ƥndern.\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: Vorbereiten des neuen %s-Eintrags Ā»%sĀ« fehlgeschlagen.\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: Vorbereiten des neuen %s-Eintrags Ā»%sĀ« fehlgeschlagen.\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: Vorbereiten des neuen %s-Eintrags Ā»%sĀ« fehlgeschlagen.\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: Vorbereiten des neuen %s-Eintrags Ā»%sĀ« fehlgeschlagen.\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: Verzeichnis %s existiert\n" @@ -2551,6 +2579,26 @@ msgstr "Fehler beim Ƅndern des mailbox-Besitzers" msgid "failed to rename mailbox" msgstr "Fehler beim Umbenennen von mailbox" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: Vorbereiten des neuen %s-Eintrags Ā»%sĀ« fehlgeschlagen.\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: Vorbereiten des neuen %s-Eintrags Ā»%sĀ« fehlgeschlagen.\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: Vorbereiten des neuen %s-Eintrags Ā»%sĀ« fehlgeschlagen.\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: Vorbereiten des neuen %s-Eintrags Ā»%sĀ« fehlgeschlagen.\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/dz.gmo b/po/dz.gmo deleted file mode 100644 index 5cfee5ee..00000000 Binary files a/po/dz.gmo and /dev/null differ diff --git a/po/dz.po b/po/dz.po index 02ce4019..c9ecebdd 100644 --- a/po/dz.po +++ b/po/dz.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.17\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2006-06-01 15:28+0530\n" "Last-Translator: Jurmey Rabgay <jur_gay@yahoo.com>\n" "Language-Team: dzongkha <pgeyleg@dit.gov.bt>\n" @@ -1089,6 +1089,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: ą½ą¾±ą½¼ą½‘ą¼‹ą½€ą¾±ą½²ą¼‹ą½£ą½‚ą¼‹ą½£ą½ŗą½“ą¼‹ą½”ą½ ą½²ą¼‹ą½˜ą½²ą½„ą¼‹ ą½‚ą½ą½“ą¼‹ą½ ą½–ą½ŗą½–ą½¦ą¼‹ą½–ą½Ÿą½¼ą¼‹ą½˜ą½²ą¼‹ą½šą½“ą½‚ą½¦ą¼\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1305,6 +1310,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1323,6 +1338,24 @@ msgstr "ą½£ą½‚ą¼‹ą½£ą½ŗą½“ą¼‹ą½”ą½ ą½²ą¼‹ą½˜ą½²ą½„ą¼‹ ą½ ą½‘ą¾² msgid "**Never logged in**" msgstr "**ą½“ą½˜ą¼‹ą½”ą½„ą¼‹ą½“ą½„ą¼‹ą½–ą½¦ą¾ą¾±ą½¼ą½‘ą¼‹ą½˜ą¼‹ą½ ą½–ą½‘ą¼‹**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: ą½¦ą¾£ą½¼ą½‘ą¼‹ą½ą½¼ą¼‹ %s ą½‚ą½¦ą½¢ą¼‹ą½–ą½¦ą¾ą¾²ą½“ą½“ą¼‹ą½ ą½–ą½‘ą¼‹ą½˜ą½²ą¼‹ą½šą½“ą½‚ą½¦ą¼\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: ą½†ą½¼ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½¦ą¾£ą½¼ą½‘ą¼‹ ą½‘ą½“ą½¦ą¼‹ą½˜ą½ą½“ą½“ą¼‹ą½–ą½Ÿą½¼ą¼‹ą½˜ą¼‹ą½šą½“ą½‚ą½¦ą¼\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "ą½£ą½‚ą¼‹ą½£ą½ŗą½“ą¼‹: %s [-p] [ą½˜ą½²ą½„ą¼‹]\n" @@ -1356,6 +1389,14 @@ msgstr "" "\n" "[ą½˜ą½ą½“ą½‘ą¼‹ą½–ą½ą½¼ą½‚ą¼‹ą½Ÿą½“ą½¢ą¼‹ą½ą½ŗą¼‹ą½ ą½‚ą¾±ą½¼ą¼‹ą½”ą½¼ą½‘ą½”ą¼‹ --ą½¢ą¾©ą¼‹ą½–ą½ ą½²ą¼‹ą½“ą½„ą¼‹ą½–ą½¦ą¾ą¾±ą½¼ą½‘ą¼‹ą½˜ą½²ą¼‹ą½†ą½¼ą½‚]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"utmpą½ą½¼ą¼‹ą½–ą½€ą½¼ą½‘ą¼‹ą½˜ą½²ą½“ą¼‹ą½ ą½‘ą½“ą½‚ ą½ą¾±ą½¼ą½‘ą¼‹ą½€ą¾±ą½²ą½¦ą¼‹ ą½‚ą½“ą½¦ą¼‹ą½¢ą½²ą½˜ą¼‹ą½‘ą½˜ą½ ą¼‹ą½¤ą½¼ą½¦ą¼‹\"sh\"ą½‚ą½²ą¼‹ą½“ą½„ą¼‹ą½£ą½¦ą¼‹ \"login\"ą½£ą½‚ą¼‹ą½£ą½ŗą½“ą¼‹ą½ ą½ą½–ą¼‹ą½‘ą½‚ą½¼" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1367,14 +1408,6 @@ msgstr "" "\n" "%d ą½¦ą¾ą½¢ą¼‹ą½†ą½‚ą¼‹ą½‚ą½²ą¼‹ą½¤ą½“ą½£ą¼‹ą½˜ą½¢ą¼‹ ą½“ą½„ą¼‹ą½–ą½¦ą¾ą¾±ą½¼ą½‘ą¼‹ą½„ą½£ą¼‹ą½˜ą½šą½˜ą½¦ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"utmpą½ą½¼ą¼‹ą½–ą½€ą½¼ą½‘ą¼‹ą½˜ą½²ą½“ą¼‹ą½ ą½‘ą½“ą½‚ ą½ą¾±ą½¼ą½‘ą¼‹ą½€ą¾±ą½²ą½¦ą¼‹ ą½‚ą½“ą½¦ą¼‹ą½¢ą½²ą½˜ą¼‹ą½‘ą½˜ą½ ą¼‹ą½¤ą½¼ą½¦ą¼‹\"sh\"ą½‚ą½²ą¼‹ą½“ą½„ą¼‹ą½£ą½¦ą¼‹ \"login\"ą½£ą½‚ą¼‹ą½£ą½ŗą½“ą¼‹ą½ ą½ą½–ą¼‹ą½‘ą½‚ą½¼" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "ą½“ą½„ą¼‹ą½–ą½¦ą¾ą¾±ą½¼ą½‘ą¼‹: ą½”ą½²ą¼‹ą½Øą½ŗą¼‹ą½Øą½ŗą½˜ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ ą½–ą½¢ą¼‹ą½–ą½¤ą½¼ą½£ą¼‹ą½‘ą½¼ą¼‹: %s\n" @@ -1789,12 +1822,6 @@ msgstr "ą½†ą½¼ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½–ą½‘ą½ŗą½“ą¼‹ą½–ą½¤ą½‘ą¼‹ą½Ÿą½“ą½¢ą¼‹ą½£ą½¦ą¼‹ msgid "Please enter your OWN password as authentication.\n" msgstr "ą½ą¾±ą½¼ą½‘ą¼‹ą½¢ą½ ą½²ą¼‹ą½†ą½¼ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½ ą½‘ą½²ą¼‹ ą½–ą½‘ą½ŗą½“ą¼‹ą½–ą½¤ą½‘ą¼‹ą½¦ą¾¦ą½ŗą¼‹ą½–ą½™ą½“ą½‚ą½¦ą¼\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1811,6 +1838,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2352,26 +2385,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: ą½ą½ŗą¼‹ą½‘ą½–ą½„ą¼‹(%s)ą½šą½“ą¼‹ą½–ą½€ą½¼ą½‚ą¼‹ą½“ą½²ą½ ą½²ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: ą½ą½ŗą¼‹ą½‘ą½–ą½„ą¼‹(%s)ą½šą½“ą¼‹ą½–ą½€ą½¼ą½‚ą¼‹ą½“ą½²ą½ ą½²ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: ą½ą½ŗą¼‹ą½‘ą½–ą½„ą¼‹(%s)ą½šą½“ą¼‹ą½–ą½€ą½¼ą½‚ą¼‹ą½“ą½²ą½ ą½²ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: ą½ą½ŗą¼‹ą½‘ą½–ą½„ą¼‹(%s)ą½šą½“ą¼‹ą½–ą½€ą½¼ą½‚ą¼‹ą½“ą½²ą½ ą½²ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: ą½¦ą¾£ą½¼ą½‘ą¼‹ą½ą½¼ą¼‹ %są½ ą½‘ą½²ą¼‹ą½”ą½¼ą½‘ą½”ą½Øą½²ą½“ą¼\n" @@ -2414,6 +2427,26 @@ msgstr "ą½”ą½²ą½‚ą¼‹ą½¦ą¾’ą¾²ą½¼ą½˜ą¼‹ą½–ą½‘ą½‚ą¼‹ą½”ą½¼ą¼‹ą½¦ą½¼ą½¢ą¼‹ą½“ą½²ą¼‹ msgid "failed to rename mailbox" msgstr "ą½”ą½²ą½‚ą¼‹ą½¦ą¾’ą¾²ą½¼ą½˜ą¼‹ą½‚ą¾±ą½²ą¼‹ą½–ą½¦ą¾ą¾±ą½¢ą¼‹ą½˜ą½²ą½„ą¼‹ą½–ą½ą½‚ą½¦ą¼‹ą½“ą½²ą¼‹ą½£ą½“ą¼‹ ą½ ą½›ą½¼ą½£ą¼‹ą½–ą¼" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: ą½ą½ŗą¼‹ą½‘ą½–ą½„ą¼‹(%s)ą½šą½“ą¼‹ą½–ą½€ą½¼ą½‚ą¼‹ą½“ą½²ą½ ą½²ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: ą½ą½ŗą¼‹ą½‘ą½–ą½„ą¼‹(%s)ą½šą½“ą¼‹ą½–ą½€ą½¼ą½‚ą¼‹ą½“ą½²ą½ ą½²ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: ą½ą½ŗą¼‹ą½‘ą½–ą½„ą¼‹(%s)ą½šą½“ą¼‹ą½–ą½€ą½¼ą½‚ą¼‹ą½“ą½²ą½ ą½²ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: ą½ą½ŗą¼‹ą½‘ą½–ą½„ą¼‹(%s)ą½šą½“ą¼‹ą½–ą½€ą½¼ą½‚ą¼‹ą½“ą½²ą½ ą½²ą¼‹ą½ ą½ą½“ą½¦ą¼‹ą½¤ą½¼ą½¢ą¼‹ą½–ą¾±ą½“ą½„ą¼‹ą½”ą½¼ą½‘ą½”ą¼\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3066,9 +3099,6 @@ msgstr "%s: ą½“ą½“ą½¦ą¼‹ą½˜ą½ŗą½‘ą¼‹ą½‚ą½žą½²ą¼‹ą½¢ą¾Ÿą½ŗą½“ą¼‹ą½¦ą¾£ą½¼ą½‘ą¼‹ #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: ą½†ą½¼ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½¦ą¾£ą½¼ą½‘ą¼‹ ą½£ą½¼ą½‚ą¼‹ą½ ą½–ą¾²ą½²ą¼‹ą½˜ą¼‹ą½šą½“ą½‚ą½¦ą¼\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: ą½†ą½¼ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½¦ą¾£ą½¼ą½‘ą¼‹ ą½‘ą½“ą½¦ą¼‹ą½˜ą½ą½“ą½“ą¼‹ą½–ą½Ÿą½¼ą¼‹ą½˜ą¼‹ą½šą½“ą½‚ą½¦ą¼\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: ą½‚ą¾±ą½²ą½–ą¼‹ą½˜ą½ ą½²ą¼‹ą½†ą½¼ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½”ą½²ą½‚ą¼‹ą½¦ą¾£ą½¼ą½‘ą¼‹ ą½‘ą½“ą½¦ą¼‹ą½˜ą½ą½“ą½“ą¼‹ą½–ą½Ÿą½¼ą¼‹ą½˜ą¼‹ą½šą½“ą½‚ą½¦ą¼\n" diff --git a/po/el.gmo b/po/el.gmo deleted file mode 100644 index faf24803..00000000 Binary files a/po/el.gmo and /dev/null differ diff --git a/po/el.po b/po/el.po index a1ebce31..28e7d074 100644 --- a/po/el.po +++ b/po/el.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow_po_el\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-01-21 00:22+0200\n" "Last-Translator: Thomas Vasileiou <thomas-v@wildmail.com>\n" "Language-Team: Greek <debian-l10n-greek@lists.debian.org>\n" @@ -1129,6 +1129,15 @@ msgstr "%s: Ļ„Īæ GID '%lu' Ļ…Ļ€Ī¬ĻĻ‡ĪµĪ¹\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Ī”ĪµĪ½ Ī®Ļ„Ī±Ī½ Ī“Ļ…Ī½Ī±Ļ„Ī® Ī· ĻĻĪøĪ¼Ī¹ĻƒĪ· Ļ„Ī·Ļ‚ Ļ…Ļ€Ī·ĻĪµĻƒĪÆĪ±Ļ‚ ĪµĪŗĪŗĪ±ĪøĪ¬ĻĪ¹ĻƒĪ·Ļ‚.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset ĪµĻ€Ī±Ī½Ī±Ļ†ĪæĻĪ¬ Ī¼ĪµĻ„ĻĪ·Ļ„Ī® Ī±Ļ€ĪæĻ„Ļ…Ļ‡Ī·Ī¼Ī­Ī½Ļ‰Ī½ ĪµĪ¹ĻƒĻŒĪ“Ļ‰Ī½\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: Ī±Ī“Ļ…Ī½Ī±Ī¼ĪÆĪ± Ī±Ļ€ĪæĪ¼Ī¬ĪŗĻĻ…Ī½ĻƒĪ·Ļ‚ Ļ„Ī·Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ '%s' Ī±Ļ€ĻŒ Ļ„Īæ %s\n" @@ -1359,6 +1368,26 @@ msgstr "" " -b, --before Ī—ĪœĪ•Ī”Ī•Ī£ Ļ€ĻĪæĪ²ĪæĪ»Ī® Ļ„Ļ‰Ī½ ĪµĪ³Ī³ĻĪ±Ļ†ĻŽĪ½ Ļ„ĪæĻ… lastlog Ļ€ĪæĻ… ĪµĪÆĪ½Ī±Ī¹ " "Ļ€Ī±Ī»Ī±Ī¹ĻŒĻ„ĪµĻĪµĻ‚ Ī±Ļ€ĻŒ Ī—ĪœĪ•Ī”Ī•Ī£\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all Ļ€ĻĪæĪ²ĪæĪ»Ī® Ļ„Ļ‰Ī½ ĪµĪ³Ī³ĻĪ±Ļ†ĻŽĪ½ Ļ„ĪæĻ… faillog Ī³Ī¹Ī± ĻŒĪ»ĪæĻ…Ļ‚ " +"Ļ„ĪæĻ…Ļ‚ Ļ‡ĻĪ®ĻƒĻ„ĪµĻ‚\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all Ļ€ĻĪæĪ²ĪæĪ»Ī® Ļ„Ļ‰Ī½ ĪµĪ³Ī³ĻĪ±Ļ†ĻŽĪ½ Ļ„ĪæĻ… faillog Ī³Ī¹Ī± ĻŒĪ»ĪæĻ…Ļ‚ " +"Ļ„ĪæĻ…Ļ‚ Ļ‡ĻĪ®ĻƒĻ„ĪµĻ‚\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1381,6 +1410,24 @@ msgstr "ĪŒĪ½ĪæĪ¼Ī±_Ī§ĻĪ®ĻƒĻ„Ī· Ī˜ĻĻĪ± Ī¤ĪµĪ»ĪµĻ…Ļ„Ī±ĪÆĪ±" msgid "**Never logged in**" msgstr "**ĪšĪ±Ī¼Ī¹Ī¬ ĪµĪÆĻƒĪæĪ“ĪæĻ‚ ĻƒĻ„Īæ ĻƒĻĻƒĻ„Ī·Ī¼Ī±**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: AĪ“Ļ…Ī½Ī±Ī¼ĪÆĪ± Ī±Ī½Ī¬ĪŗĻ„Ī·ĻƒĪ·Ļ‚ Ļ„Ī·Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: Ī±Ī“Ļ…Ī½Ī±Ī¼ĪÆĪ± Ī±Ī½Ī±Ī½Ī­Ļ‰ĻƒĪ·Ļ‚ Ī±ĻĻ‡ĪµĪÆĪæĻ… ĻƒĻ…Ī½ĪøĪ·Ī¼Ī±Ļ„Ī¹ĪŗĻŽĪ½\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Ī§ĻĪ®ĻƒĪ·: %s [-p] [ĻŒĪ½ĪæĪ¼Ī±]\n" @@ -1414,14 +1461,6 @@ msgstr "" "\n" "[Ī Ī±ĻĪ¬ĪŗĪ±Ī¼ĻˆĪ· Ī±Ļ€ĪæĻƒĻĪ½Ī“ĪµĻƒĪ·Ļ‚ -- Ī— ĪµĪÆĻƒĪæĪ“ĪæĻ‚ Ļ„ĪæĻ… root ĪµĻ€ĪµĻ„ĻĪ¬Ļ€Ī·.]" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"Ī— Ī“Ī¹Ī±Ī“Ī¹ĪŗĪ±ĻƒĪÆĪ± ĪµĪ¹ĻƒĻŒĪ“ĪæĻ… Ļ„ĪµĻĪ¼Ī±Ļ„ĪÆĻƒĻ„Ī·ĪŗĪµ Ī¼ĪµĻ„Ī¬ Ī±Ļ€ĻŒ %u Ī“ĪµĻ…Ļ„ĪµĻĻŒĪ»ĪµĻ€Ļ„Ī±.\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "%s: ĪœĪ¬Ī»Ī»ĪæĪ½ Ī“ĪµĪ½ ĪµĪÆĪ½Ī±Ī¹ Ī“Ļ…Ī½Ī±Ļ„Ī® Ī· Ī»ĪµĪ¹Ļ„ĪæĻ…ĻĪ³ĪÆĪ± Ļ‡Ļ‰ĻĪÆĻ‚ ĪµĪ½ĪµĻĪ³ĻŒ Ļ‡ĻĪ®ĻƒĻ„Ī· root\n" @@ -1431,6 +1470,14 @@ msgstr "" "Ī”ĪµĪ½ Ļ…Ļ€Ī¬ĻĻ‡ĪµĪ¹ ĪŗĪ±Ļ„Ī±Ļ‡ĻŽĻĪ¹ĻƒĪ· utmp. Ī ĻĪ­Ļ€ĪµĪ¹ Ī½Ī± ĪµĪŗĻ„ĪµĪ»Ī­ĻƒĪµĻ„Īµ \"login\" Ī±Ļ€ĻŒ Ļ„Īæ \"sh\" " "Ļ„ĪæĻ… Ļ€Ī¹Īæ Ļ‡Ī±Ī¼Ī·Ī»ĪæĻ ĪµĻ€Ī¹Ļ€Ī­Ī“ĪæĻ…" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"Ī— Ī“Ī¹Ī±Ī“Ī¹ĪŗĪ±ĻƒĪÆĪ± ĪµĪ¹ĻƒĻŒĪ“ĪæĻ… Ļ„ĪµĻĪ¼Ī±Ļ„ĪÆĻƒĻ„Ī·ĪŗĪµ Ī¼ĪµĻ„Ī¬ Ī±Ļ€ĻŒ %u Ī“ĪµĻ…Ļ„ĪµĻĻŒĪ»ĪµĻ€Ļ„Ī±.\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± PAM, ĪµĪ³ĪŗĪ±Ļ„Ī¬Ī»ĪµĪ¹ĻˆĪ·: %s\n" @@ -1880,12 +1927,6 @@ msgstr "Ī Ī±ĻĪ¬ĪŗĪ±Ī¼ĻˆĪ· ĪµĪ¾Ī±ĪŗĻĪÆĪ²Ļ‰ĻƒĪ·Ļ‚ Ī¼Īµ ĻƒĻ…Ī½ĪøĪ·Ī¼Ī±Ļ„Ī¹ĪŗĻŒ.\n msgid "Please enter your OWN password as authentication.\n" msgstr "Ī Ī±ĻĪ±ĪŗĪ±Ī»ĻŽ ĪµĪ¹ĻƒĪ¬Ī³ĪµĻ„Īµ Ļ„Īæ Ī”Ī™ĪšĪŸ ĻƒĪ±Ļ‚ ĻƒĻ…Ī½ĪøĪ·Ī¼Ī±Ļ„Ī¹ĪŗĻŒ Ī³Ī¹Ī± ĪµĪ¾Ī±ĪŗĻĪÆĪ²Ļ‰ĻƒĪ·.\n" -msgid " ...killed.\n" -msgstr " ...ĻƒĪŗĪæĻ„ĻŽĪøĪ·ĪŗĪµ.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: Ī±Ī“Ļ…Ī½Ī±Ī¼ĪÆĪ± Ī“Ī¹Ļ‡Ī¬Ī»Ļ‰ĻƒĪ·Ļ‚ Ļ„ĪæĻ… Ļ†Ī»ĪæĪ¹ĪæĻ Ļ„ĪæĻ… Ļ‡ĻĪ®ĻƒĻ„Ī·\n" @@ -1901,6 +1942,12 @@ msgstr "%s: Ī“Ļ…ĻƒĪ»ĪµĪ¹Ļ„ĪæĻ…ĻĪ³ĪÆĪ± Ī¼Ī±ĻƒĪŗĪ±ĻĪÆĻƒĪ¼ĪæĻ‚ Ļ„ĪæĻ… ĻƒĪ®Ī¼Ī±Ļ„ msgid "Session terminated, terminating shell..." msgstr "Ī£Ļ…Ī½ĪµĪ“ĻĪÆĪ± Ļ„ĪµĻĪ¼Ī±Ļ„ĪÆĻƒĻ„Ī·ĪŗĪµ, Ļ„ĪµĻĪ¼Ī±Ļ„Ī¹ĻƒĪ¼ĻŒĻ‚ Ļ†Ī»ĪæĪ¹ĪæĻ..." +msgid " ...killed.\n" +msgstr " ...ĻƒĪŗĪæĻ„ĻŽĪøĪ·ĪŗĪµ.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr " ...Ļ„ĪµĻĪ¼Ī±Ļ„ĪÆĻƒĻ„Ī·ĪŗĪµ.\n" @@ -2502,26 +2549,6 @@ msgstr "" "%s: Īæ Ļ‡ĻĪ®ĻƒĻ„Ī·Ļ‚ %s Ī“ĪµĪ½ ĪµĪÆĪ½Ī±Ī¹ ĪµĪ¾ĪæĻ…ĻƒĪ¹ĪæĪ“ĪæĻ„Ī·Ī¼Ī­Ī½ĪæĻ‚ Ī½Ī± Ī±Ī»Ī»Ī¬Ī¾ĪµĪ¹ Ļ„Īæ ĻƒĻ…Ī½ĪøĪ·Ī¼Ī±Ļ„Ī¹ĪŗĻŒ Ļ„ĪæĻ… " "%s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ļ€ĻĪæĪµĻ„ĪæĪ¹Ī¼Ī±ĻƒĪÆĪ±Ļ‚ Ļ„Ī·Ļ‚ Ī½Ī­Ī±Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ %s '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ļ€ĻĪæĪµĻ„ĪæĪ¹Ī¼Ī±ĻƒĪÆĪ±Ļ‚ Ļ„Ī·Ļ‚ Ī½Ī­Ī±Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ %s '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ļ€ĻĪæĪµĻ„ĪæĪ¹Ī¼Ī±ĻƒĪÆĪ±Ļ‚ Ļ„Ī·Ļ‚ Ī½Ī­Ī±Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ %s '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ļ€ĻĪæĪµĻ„ĪæĪ¹Ī¼Ī±ĻƒĪÆĪ±Ļ‚ Ļ„Ī·Ļ‚ Ī½Ī­Ī±Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ %s '%s'\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: Īæ ĪŗĪ±Ļ„Ī¬Ī»ĪæĪ³ĪæĻ‚ %s Ļ…Ļ€Ī¬ĻĻ‡ĪµĪ¹\n" @@ -2570,6 +2597,26 @@ msgstr "Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ī±Ī»Ī»Ī±Ī³Ī®Ļ‚ Ļ„ĪæĻ… Ī¹Ī“Ī¹ĪæĪŗĻ„Ī®Ļ„Ī· Ļ„ĪæĻ… Ī³ĻĪ± msgid "failed to rename mailbox" msgstr "Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ī¼ĪµĻ„ĪæĪ½ĪæĪ¼Ī±ĻƒĪÆĪ±Ļ‚ Ī³ĻĪ±Ī¼Ī¼Ī±Ļ„ĪæĪŗĪ¹Ī²Ļ‰Ļ„ĪÆĪæĻ…" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ļ€ĻĪæĪµĻ„ĪæĪ¹Ī¼Ī±ĻƒĪÆĪ±Ļ‚ Ļ„Ī·Ļ‚ Ī½Ī­Ī±Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ %s '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ļ€ĻĪæĪµĻ„ĪæĪ¹Ī¼Ī±ĻƒĪÆĪ±Ļ‚ Ļ„Ī·Ļ‚ Ī½Ī­Ī±Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ %s '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ļ€ĻĪæĪµĻ„ĪæĪ¹Ī¼Ī±ĻƒĪÆĪ±Ļ‚ Ļ„Ī·Ļ‚ Ī½Ī­Ī±Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ %s '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± Ļ€ĻĪæĪµĻ„ĪæĪ¹Ī¼Ī±ĻƒĪÆĪ±Ļ‚ Ļ„Ī·Ļ‚ Ī½Ī­Ī±Ļ‚ ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ %s '%s'\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3264,9 +3311,6 @@ msgstr "%s: Ī±Ļ€ĪæĻ„Ļ…Ļ‡ĪÆĪ± ĪµĻĻĪµĻƒĪ·Ļ‚ ĪŗĪ±Ļ„Ī±Ī»ĻŒĪ³ĪæĻ… tcb %s\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: Ī±Ī“Ļ…Ī½Ī±Ī¼ĪÆĪ± ĪµĻ€Ī±Ī½ĪµĪ³Ī³ĻĪ±Ļ†Ī®Ļ‚ Ī±ĻĻ‡ĪµĪÆĪæĻ… ĻƒĻ…Ī½ĪøĪ·Ī¼Ī±Ļ„Ī¹ĪŗĻŽĪ½\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: Ī±Ī“Ļ…Ī½Ī±Ī¼ĪÆĪ± Ī±Ī½Ī±Ī½Ī­Ļ‰ĻƒĪ·Ļ‚ Ī±ĻĻ‡ĪµĪÆĪæĻ… ĻƒĻ…Ī½ĪøĪ·Ī¼Ī±Ļ„Ī¹ĪŗĻŽĪ½\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: Ī±Ī“Ļ…Ī½Ī±Ī¼ĪÆĪ± Ī±Ī½Ī±Ī½Ī­Ļ‰ĻƒĪ·Ļ‚ Ļ„ĪæĻ… Ī±ĻĻ‡ĪµĪÆĪæĻ… ĻƒĪŗĪ¹Ļ‰Ī“ĻŽĪ½ ĻƒĻ…Ī½ĪøĪ·Ī¼Ī±Ļ„Ī¹ĪŗĻŽĪ½\n" diff --git a/po/en@boldquot.header b/po/en@boldquot.header deleted file mode 100644 index fedb6a06..00000000 --- a/po/en@boldquot.header +++ /dev/null @@ -1,25 +0,0 @@ -# All this catalog "translates" are quotation characters. -# The msgids must be ASCII and therefore cannot contain real quotation -# characters, only substitutes like grave accent (0x60), apostrophe (0x27) -# and double quote (0x22). These substitutes look strange; see -# http://www.cl.cam.ac.uk/~mgk25/ucs/quotes.html -# -# This catalog translates grave accent (0x60) and apostrophe (0x27) to -# left single quotation mark (U+2018) and right single quotation mark (U+2019). -# It also translates pairs of apostrophe (0x27) to -# left single quotation mark (U+2018) and right single quotation mark (U+2019) -# and pairs of quotation mark (0x22) to -# left double quotation mark (U+201C) and right double quotation mark (U+201D). -# -# When output to an UTF-8 terminal, the quotation characters appear perfectly. -# When output to an ISO-8859-1 terminal, the single quotation marks are -# transliterated to apostrophes (by iconv in glibc 2.2 or newer) or to -# grave/acute accent (by libiconv), and the double quotation marks are -# transliterated to 0x22. -# When output to an ASCII terminal, the single quotation marks are -# transliterated to apostrophes, and the double quotation marks are -# transliterated to 0x22. -# -# This catalog furthermore displays the text between the quotation marks in -# bold face, assuming the VT100/XTerm escape sequences. -# diff --git a/po/en@quot.header b/po/en@quot.header deleted file mode 100644 index a9647fc3..00000000 --- a/po/en@quot.header +++ /dev/null @@ -1,22 +0,0 @@ -# All this catalog "translates" are quotation characters. -# The msgids must be ASCII and therefore cannot contain real quotation -# characters, only substitutes like grave accent (0x60), apostrophe (0x27) -# and double quote (0x22). These substitutes look strange; see -# http://www.cl.cam.ac.uk/~mgk25/ucs/quotes.html -# -# This catalog translates grave accent (0x60) and apostrophe (0x27) to -# left single quotation mark (U+2018) and right single quotation mark (U+2019). -# It also translates pairs of apostrophe (0x27) to -# left single quotation mark (U+2018) and right single quotation mark (U+2019) -# and pairs of quotation mark (0x22) to -# left double quotation mark (U+201C) and right double quotation mark (U+201D). -# -# When output to an UTF-8 terminal, the quotation characters appear perfectly. -# When output to an ISO-8859-1 terminal, the single quotation marks are -# transliterated to apostrophes (by iconv in glibc 2.2 or newer) or to -# grave/acute accent (by libiconv), and the double quotation marks are -# transliterated to 0x22. -# When output to an ASCII terminal, the single quotation marks are -# transliterated to apostrophes, and the double quotation marks are -# transliterated to 0x22. -# diff --git a/po/es.gmo b/po/es.gmo deleted file mode 100644 index 750e3c80..00000000 Binary files a/po/es.gmo and /dev/null differ diff --git a/po/es.po b/po/es.po index 3f15f6e1..42ef7654 100644 --- a/po/es.po +++ b/po/es.po @@ -32,7 +32,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.1.4.2\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2011-11-23 23:56+0100\n" "Last-Translator: Francisco Javier Cuadrado <fcocuadrado@gmail.com>\n" "Language-Team: Debian l10n Spanish <debian-l10n-spanish@lists.debian.org>\n" @@ -1146,6 +1146,15 @@ msgstr "%s: el GID Ā«%luĀ» ya existe\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: no se pudo determinar su nombre de usuario.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset reinicia el contador de accesos fallidos\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: no se pudo eliminar la entrada Ā«%sĀ» de %s\n" @@ -1376,6 +1385,26 @@ msgstr "" "anteriores\n" " a DƍAS\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all muestra los registros de faillog para\n" +" todos los usuarios\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all muestra los registros de faillog para\n" +" todos los usuarios\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1398,6 +1427,24 @@ msgstr "Nombre Puerto ƚltimo" msgid "**Never logged in**" msgstr "**Nunca ha accedido**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Se produjo un fallo al conseguir la entrada para el UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: no puedo actualizar el fichero de contraseƱas\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Modo de uso: %s [-p] [nombre]\n" @@ -1431,6 +1478,13 @@ msgstr "" "\n" "[DesconexiĆ³n evitada -- acceso del administrador (Ā«rootĀ») permitido.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "%s: posiblemente no se puede trabajar sin el administrador\n" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "Sin entrada utmp. Debe ejecutar Ā«loginĀ» desde el nivel Ā«shĀ» mĆ”s bajo" + #, c-format msgid "" "\n" @@ -1439,13 +1493,6 @@ msgstr "" "\n" "El acceso caducĆ³ despuĆ©s de %u segundos.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "%s: posiblemente no se puede trabajar sin el administrador\n" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "Sin entrada utmp. Debe ejecutar Ā«loginĀ» desde el nivel Ā«shĀ» mĆ”s bajo" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: fallo de PAM, abortando: %s\n" @@ -1887,12 +1934,6 @@ msgstr "AutenticaciĆ³n de contraseƱa evitada.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Por favor, introduzca su PROPIA contraseƱa como autenticaciĆ³n.\n" -msgid " ...killed.\n" -msgstr " ... finalizado.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ... esperando a que el hijo finalice.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: no se pudo realizar el Ā«forkĀ» de la consola del usuario\n" @@ -1908,6 +1949,12 @@ msgstr "%s: funcionamiento incorrecto del enmascaramiento de la seƱal\n" msgid "Session terminated, terminating shell..." msgstr "SesiĆ³n finalizada, parando la consola ..." +msgid " ...killed.\n" +msgstr " ... finalizado.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ... esperando a que el hijo finalice.\n" + msgid " ...terminated.\n" msgstr " ... parada.\n" @@ -2519,26 +2566,6 @@ msgstr "%s: el UID Ā«%luĀ» ya existe\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s no estĆ” autorizado a cambiar la contraseƱa de %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: se produjo un fallo al preparar la nueva %s entrada Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: se produjo un fallo al preparar la nueva %s entrada Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: se produjo un fallo al preparar la nueva %s entrada Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: se produjo un fallo al preparar la nueva %s entrada Ā«%sĀ»\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: el directorio %s existe\n" @@ -2586,6 +2613,26 @@ msgstr "se produjo un fallo al cambiar el propietario del buzĆ³n de correo" msgid "failed to rename mailbox" msgstr "se produjo un fallo al cambiar el nombre del buzĆ³n de correo" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: se produjo un fallo al preparar la nueva %s entrada Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: se produjo un fallo al preparar la nueva %s entrada Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: se produjo un fallo al preparar la nueva %s entrada Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: se produjo un fallo al preparar la nueva %s entrada Ā«%sĀ»\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3295,9 +3342,6 @@ msgstr "%s: se produjo un fallo al buscar el directorio tcb de %s\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: no se puede reescribir el fichero de contraseƱas\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: no puedo actualizar el fichero de contraseƱas\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: no puedo actualizar el fichero de contraseƱas ocultas\n" diff --git a/po/eu.gmo b/po/eu.gmo deleted file mode 100644 index 21e3e00d..00000000 Binary files a/po/eu.gmo and /dev/null differ diff --git a/po/eu.po b/po/eu.po index dc7a2ec2..a4643021 100644 --- a/po/eu.po +++ b/po/eu.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: eu\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2011-11-26 19:42+0100\n" "Last-Translator: Piarres Beobide <pi@beobide.net>\n" "Language-Team: Euskara <debian-l10n-eu@lists.debian.org>\n" @@ -1120,6 +1120,16 @@ msgstr "%s: '%lu' GIDa badago dagoeneko\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset saio-hasierako hutsegiteen kontatzailea\n" +" berrezartzeko\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n" @@ -1347,6 +1357,26 @@ msgstr "" " -b, --before EGUN EGUN kopurua baino zaharragoak diren\n" " erregistroak\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all erabiltzaile guztien faillog-en\n" +" erregistroak bistaratzen ditu\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all erabiltzaile guztien faillog-en\n" +" erregistroak bistaratzen ditu\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1369,6 +1399,24 @@ msgstr "Erabiltzaile-izena Ataka Azkena" msgid "**Never logged in**" msgstr "**Inoiz ez du saiorik hasi**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Huts %lu UIDaren sarrera eskuratzean\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: huts %lu UIDaren lastlog sarrera berrezartzean: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Erabilera: %s [-p] [izena]\n" @@ -1402,14 +1450,6 @@ msgstr "" "\n" "[Deskonexioa saltatuta -- root-ek saio-hastea baimenduta.]" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"Saio-hasiera denboraz kanpo %u segundo igarotakoan.\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "%s: Ezingo du ziurrenik funtzionatu erro efektibo bat gabe\n" @@ -1419,6 +1459,14 @@ msgstr "" "Ez dago utmp sarrerarik. \"login\" \"sh\" maila baxuenetik exekutatu beharko " "zenuke" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"Saio-hasiera denboraz kanpo %u segundo igarotakoan.\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "saio hasiera: PAM hutsa, uzten: %s\n" @@ -1857,12 +1905,6 @@ msgstr "Pasahitz autentifikazioa saltatuta.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Sartu zure pasahitz PROPIOA autentifikazio gisa.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: Cannot determine your user name.\n" msgid "%s: Cannot fork user shell\n" @@ -1879,6 +1921,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2466,26 +2514,6 @@ msgstr "%s: '%lu' UIDa badago dagoeneko\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s ez dago %s-ren pasahitza aldatzeko baimendurik\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: huts %s sarrera berria prestatzean '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: huts %s sarrera berria prestatzean '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: huts %s sarrera berria prestatzean '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: huts %s sarrera berria prestatzean '%s'\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: %s direktorioa badago\n" @@ -2531,6 +2559,26 @@ msgstr "huts egin du postontzia jabez aldatzean" msgid "failed to rename mailbox" msgstr "huts egin du postontzia izenez aldatzean" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: huts %s sarrera berria prestatzean '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: huts %s sarrera berria prestatzean '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: huts %s sarrera berria prestatzean '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: huts %s sarrera berria prestatzean '%s'\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/fi.gmo b/po/fi.gmo deleted file mode 100644 index 6c2598b6..00000000 Binary files a/po/fi.gmo and /dev/null differ diff --git a/po/fi.po b/po/fi.po index 35544a0e..b177bdc3 100644 --- a/po/fi.po +++ b/po/fi.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18.1\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2007-11-24 22:54+0100\n" "Last-Translator: Tommi Vainikainen <thv+debian@iki.fi>\n" "Language-Team: Finnish <debian-l10n-finnish@lists.debian.org>\n" @@ -1086,6 +1086,11 @@ msgstr "JƤsen on jo olemassa\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: KƤyttƤjƤtunnusta ei voi selvittƤƤ.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1302,6 +1307,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1320,6 +1335,24 @@ msgstr "KƤyttƤjƤ Portti Viimeksi" msgid "**Never logged in**" msgstr "**Ei koskaan kirjautunut sisƤƤn**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: hakemistoa %s ei voi luoda\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: salasanatiedostoa ei voi pƤivittƤƤ\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "KƤyttƶ: %s [-p] [nimi]\n" @@ -1353,6 +1386,13 @@ msgstr "" "\n" "[Yhteydenkatkaisu ohitettu -- pƤƤkƤyttƤjƤn kirjautuminen sallittu.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "Ei utmp-tietuetta. Suorita \"login\" alimman tason kuoresta" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1364,13 +1404,6 @@ msgstr "" "\n" "SisƤƤnkirjautuminen keskeytetty %d sekunnin jƤlkeen.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "Ei utmp-tietuetta. Suorita \"login\" alimman tason kuoresta" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM-virhe, keskeytetƤƤn: %s\n" @@ -1789,12 +1822,6 @@ msgstr "Salasanatodennus ohitettu.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "SyƶtƤ OMA salasanasi todennukseksi.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1811,6 +1838,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2357,26 +2390,6 @@ msgstr "JƤsen on jo olemassa\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: Oikeuksien pudottaminen epƤonnistui (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: Oikeuksien pudottaminen epƤonnistui (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: Oikeuksien pudottaminen epƤonnistui (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: Oikeuksien pudottaminen epƤonnistui (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: hakemisto %s on olemassa\n" @@ -2419,6 +2432,26 @@ msgstr "postilaatikon omistajan vaihtaminen epƤonnistui" msgid "failed to rename mailbox" msgstr "postilaatikon uudelleennimeƤminen epƤonnistui" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: Oikeuksien pudottaminen epƤonnistui (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: Oikeuksien pudottaminen epƤonnistui (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: Oikeuksien pudottaminen epƤonnistui (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: Oikeuksien pudottaminen epƤonnistui (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3161,9 +3194,6 @@ msgstr "%s: virheellinen perushakemisto \"%s\"\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: salasanatiedostoa ei voi uudelleenkirjoittaa\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: salasanatiedostoa ei voi pƤivittƤƤ\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: varjosalasanatiedostoa ei voi pƤivittƤƤ\n" diff --git a/po/fr.gmo b/po/fr.gmo deleted file mode 100644 index 55b889f4..00000000 Binary files a/po/fr.gmo and /dev/null differ diff --git a/po/fr.po b/po/fr.po index 79c6188f..adfcbf37 100644 --- a/po/fr.po +++ b/po/fr.po @@ -1,19 +1,19 @@ # Translation of shadow messages to French # Copyright (C) 1999, 2004, 2005, 2006, 2009 Free Software Foundation, Inc. -# Copyright (C) 2011-2013 Debian French l10n team <debian-l10n-french@lists.debian.org> +# Copyright (C) 2011, 2012 Debian French l10n team <debian-l10n-french@lists.debian.org> # Patches, suggestions, etc welcome. # # Vincent Renardias <vincent@ldsol.com>, 1999, 2005. # Jean-Luc Coulon <jean.luc.coulon@wanadoo.fr>, 2005, 2006, 2008. # Christian Perrier <bubulle@debian.org>, 2005, 2006, 2008, 2009. # Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>, 2009. -# Thomas Blein <tblein@tblein.eu>, 2011, 2012, 2013. +# Thomas Blein <tblein@tblein.eu>, 2011, 2012. msgid "" msgstr "" "Project-Id-Version: shadow\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" -"PO-Revision-Date: 2013-07-10 18:53+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" +"PO-Revision-Date: 2012-01-13 17:09+0100\n" "Last-Translator: Thomas Blein <tblein@tblein.eu>\n" "Language-Team: French <debian-l10n-french@lists.debian.org>\n" "Language: fr\n" @@ -21,7 +21,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=n>1;\n" -"X-Generator: Lokalize 1.4\n" +"X-Generator: Lokalize 1.0\n" #, c-format msgid "" @@ -54,9 +54,10 @@ msgstr "" msgid "%s: nscd did not terminate normally (signal %d)\n" msgstr "%sĀ : nscd ne s'est pas terminĆ© normalement (signal %d).\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: nscd exited with status %d" msgid "%s: nscd exited with status %d\n" -msgstr "%sĀ : nscd s'est terminĆ© avec l'Ć©tat %d\n" +msgstr "%sĀ : nscd s'est terminĆ© avec le statut %d." msgid "Password: " msgstr "Mot de passeĀ : " @@ -1162,6 +1163,16 @@ msgstr "%sĀ : l'identifiant de groupe (GID) Ā«Ā %luĀ Ā» existe dĆ©jĆ \n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%sĀ : Impossible de mettre en place un service de nettoyage.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset rĆ©initialiser les compteurs d'Ć©checs de " +"connexion\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%sĀ : impossible de supprimer l'entrĆ©e Ā«Ā %sĀ Ā» de %s\n" @@ -1394,6 +1405,28 @@ msgstr "" " b, --before JOURS n'afficher que les enregistrements de\n" " Ā«Ā lastlogĀ Ā» plus anciens que JOURS\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all afficher les enregistrements d'Ć©chec " +"(Ā«Ā faillogĀ Ā»)\n" +" pour tous les utilisateurs\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all afficher les enregistrements d'Ć©chec " +"(Ā«Ā faillogĀ Ā»)\n" +" pour tous les utilisateurs\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1416,6 +1449,28 @@ msgstr "Utilisateur Port DerniĆØre" msgid "**Never logged in**" msgstr "**Jamais connectĆ©**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "" +"%sĀ : Ć©chec de l'obtention de l'entrĆ©e pour l'identifiant d'utilisateur (UID) " +"%lu\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "" +"%sĀ : impossible de rĆ©initialiser l'entrĆ©e lastlog de l'identifiant " +"d'utilisateur (UID) %luĀ : %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "SyntaxeĀ : %s [-p] [nom]\n" @@ -1450,14 +1505,6 @@ msgstr "" "\n" "[DĆ©connexion court-circuitĆ©e -- accĆØs superutilisateur autorisĆ©]." -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"Tentative de connexionĀ : dĆ©lai de %u secondes dĆ©passĆ©.\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "" @@ -1468,6 +1515,14 @@ msgstr "" "Pas d'entrĆ©e utmp. Vous devez exĆ©cuter Ā«Ā loginĀ Ā» depuis l'interprĆ©teur de " "commandes de plus bas niveau (Ā«Ā shĀ Ā»)" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"Tentative de connexionĀ : dĆ©lai de %u secondes dĆ©passĆ©.\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "loginĀ : Ć©chec de PAM, abandonĀ : %s\n" @@ -1906,12 +1961,6 @@ msgstr "Authentification par mot de passe court-circuitĆ©e.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Entrez votre PROPRE mot de passe pour vous authentifier.\n" -msgid " ...killed.\n" -msgstr "ā€¦ TuĆ©.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr "ā€¦ en attente que les processus fils se terminent.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "" @@ -1929,6 +1978,12 @@ msgstr "%sĀ : dĆ©faut de fonctionnement de masquage du signal\n" msgid "Session terminated, terminating shell..." msgstr "Session terminĆ©e, arrĆŖt de l'interprĆ©teur de commandesā€¦" +msgid " ...killed.\n" +msgstr "ā€¦ TuĆ©.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr "ā€¦ en attente que les processus fils se terminent.\n" + msgid " ...terminated.\n" msgstr "ā€¦ terminĆ©.\n" @@ -2051,9 +2106,10 @@ msgstr "%sĀ : impossible d'ouvrir le nouveau fichier des valeurs par dĆ©faut\n" msgid "%s: line too long in %s: %s..." msgstr "%sĀ : ligne trop longue dans %sĀ :Ā %sā€¦" -#, c-format +#, fuzzy, c-format +#| msgid "%s: Cannot create symbolic link %s: %s\n" msgid "%s: Cannot create backup file (%s): %s\n" -msgstr "%sĀ : impossible de crĆ©er le fichier de sauvegarde (%s)Ā : %s\n" +msgstr "%sĀ : impossible de crĆ©er le lien symbolique %sĀ : %s\n" #, c-format msgid "%s: rename: %s: %s\n" @@ -2556,26 +2612,6 @@ msgstr "%sĀ : l'identifiant d'utilisateur (UID) Ā«Ā %luĀ Ā» existe dĆ©jĆ \n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%sĀ : %s n'est pas autorisĆ© Ć  modifier le mot de passe de %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%sĀ : Ć©chec lors de la prĆ©paration de la nouvelle entrĆ©e de %s Ā«Ā %sĀ Ā»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%sĀ : Ć©chec lors de la prĆ©paration de la nouvelle entrĆ©e de %s Ā«Ā %sĀ Ā»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%sĀ : Ć©chec lors de la prĆ©paration de la nouvelle entrĆ©e de %s Ā«Ā %sĀ Ā»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%sĀ : Ć©chec lors de la prĆ©paration de la nouvelle entrĆ©e de %s Ā«Ā %sĀ Ā»\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%sĀ : le rĆ©pertoire %s existe\n" @@ -2623,6 +2659,26 @@ msgstr "Ć©chec du changement de propriĆ©taire de la boĆ®te Ć  lettres" msgid "failed to rename mailbox" msgstr "Ć©chec du changement de nom de la boĆ®te Ć  lettres" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%sĀ : Ć©chec lors de la prĆ©paration de la nouvelle entrĆ©e de %s Ā«Ā %sĀ Ā»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%sĀ : Ć©chec lors de la prĆ©paration de la nouvelle entrĆ©e de %s Ā«Ā %sĀ Ā»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%sĀ : Ć©chec lors de la prĆ©paration de la nouvelle entrĆ©e de %s Ā«Ā %sĀ Ā»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%sĀ : Ć©chec lors de la prĆ©paration de la nouvelle entrĆ©e de %s Ā«Ā %sĀ Ā»\n" + #, c-format msgid "" "You have modified %s.\n" @@ -2683,9 +2739,9 @@ msgid "%s: %s: %s\n" msgstr "%sĀ : PAMĀ : %s\n" #, fuzzy, c-format -#| msgid "%s: nscd exited with status %d\n" +#| msgid "%s: nscd exited with status %d" msgid "%s: %s returned with status %d\n" -msgstr "%sĀ : nscd s'est terminĆ© avec l'Ć©tat %d\n" +msgstr "%sĀ : nscd s'est terminĆ© avec le statut %d." #, c-format msgid "%s: %s killed by signal %d\n" diff --git a/po/gl.gmo b/po/gl.gmo deleted file mode 100644 index 571c6234..00000000 Binary files a/po/gl.gmo and /dev/null differ diff --git a/po/gl.po b/po/gl.po index b0d986f3..2a47e8b4 100644 --- a/po/gl.po +++ b/po/gl.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2006-07-18 23:27+0200\n" "Last-Translator: Jacobo Tarrio <jtarrio@debian.org>\n" "Language-Team: Galician <trasno@ceu.fi.udc.es>\n" @@ -1086,6 +1086,11 @@ msgstr "O membro xa existe\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Non se pode determinar o seu nome de usuario.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1302,6 +1307,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1320,6 +1335,24 @@ msgstr "Usuario Porto ƚltima" msgid "**Never logged in**" msgstr "**Nunca entrou**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: non se pode crear o directorio %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: non se pode actualizar o ficheiro de contrasinais\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Emprego: %s [-p] [nome]\n" @@ -1353,6 +1386,15 @@ msgstr "" "\n" "[Omitida a desconexiĆ³n -- permĆ­tese a entrada coma root.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Non hai unha entrada en utmp. Debe executar \"login\" dende o \"sh\" de " +"nivel mĆ”is baixo" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1364,15 +1406,6 @@ msgstr "" "\n" "A entrada caducou despois de %d segundos.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Non hai unha entrada en utmp. Debe executar \"login\" dende o \"sh\" de " -"nivel mĆ”is baixo" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: Fallo en PAM, a abortar: %s\n" @@ -1790,12 +1823,6 @@ msgstr "Omitiuse a autenticaciĆ³n por contrasinal.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Introduza O SEU PROPIO contrasinal para autenticaciĆ³n.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1812,6 +1839,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2358,26 +2391,6 @@ msgstr "O membro xa existe\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: non se puido deixar os privilexios (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: non se puido deixar os privilexios (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: non se puido deixar os privilexios (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: non se puido deixar os privilexios (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: o directorio %s existe\n" @@ -2420,6 +2433,26 @@ msgstr "non se puido cambiar o propietario da caixa do correo" msgid "failed to rename mailbox" msgstr "non se puido cambiar o nome da caixa do correo" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: non se puido deixar os privilexios (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: non se puido deixar os privilexios (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: non se puido deixar os privilexios (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: non se puido deixar os privilexios (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3067,9 +3100,6 @@ msgstr "%s: directorio base \"%s\" non vĆ”lido\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: non se pode actualizar o ficheiro de contrasinais\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: non se pode actualizar o ficheiro de contrasinais shadow\n" diff --git a/po/he.gmo b/po/he.gmo deleted file mode 100644 index be802a4c..00000000 Binary files a/po/he.gmo and /dev/null differ diff --git a/po/he.po b/po/he.po index c8572df3..ec42d1c9 100644 --- a/po/he.po +++ b/po/he.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2004-07-21 23:59+0300\n" "Last-Translator: Lior Kaplan <webmaster@guides.co.il>\n" "Language-Team: Hebrew <en@li.org>\n" @@ -1039,6 +1039,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: לא יכול לקבוע א×Ŗ שם המש×Ŗמש שלך.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: לא יכול לשנו×Ŗ מש×Ŗמש `%s' על לקוח NIS.\n" @@ -1248,6 +1253,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1266,6 +1281,23 @@ msgstr "" msgid "**Never logged in**" msgstr "" +#, fuzzy, c-format +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "הפ×Øי×Ŗ שו×Øש לא חוקי×Ŗ \"%s\"\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: לא יכול לעדכן קובׄ היהמאו×Ŗ\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, fuzzy, c-format msgid "Usage: %s [-p] [name]\n" msgstr "שימוש: %s [-p] [name]\n" @@ -1295,12 +1327,6 @@ msgid "" "[Disconnect bypassed -- root login allowed.]" msgstr "" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "" @@ -1308,6 +1334,12 @@ msgstr "" msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" msgstr "" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "" @@ -1703,12 +1735,6 @@ msgstr "" msgid "Please enter your OWN password as authentication.\n" msgstr "" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: Cannot determine your user name.\n" msgid "%s: Cannot fork user shell\n" @@ -1725,6 +1751,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2221,23 +2253,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: מהפ×Ø ×˜×œ×¤×•×Ÿ בעבודה לא חוקי: \"%s\"\n" - -#, fuzzy, c-format -#| msgid "%s: fields too long\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: שדו×Ŗ א×Øוכים מידי\n" - -#, fuzzy, c-format -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: מהפ×Ø ×˜×œ×¤×•×Ÿ בעבודה לא חוקי: \"%s\"\n" - -#, fuzzy, c-format -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "הפ×Øי×Ŗ שו×Øש לא חוקי×Ŗ \"%s\"\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "" @@ -2278,6 +2293,23 @@ msgstr "" msgid "failed to rename mailbox" msgstr "" +#, fuzzy, c-format +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: מהפ×Ø ×˜×œ×¤×•×Ÿ בעבודה לא חוקי: \"%s\"\n" + +#, fuzzy, c-format +#| msgid "%s: fields too long\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: שדו×Ŗ א×Øוכים מידי\n" + +#, fuzzy, c-format +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: מהפ×Ø ×˜×œ×¤×•×Ÿ בעבודה לא חוקי: \"%s\"\n" + +#, fuzzy, c-format +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "הפ×Øי×Ŗ שו×Øש לא חוקי×Ŗ \"%s\"\n" + #, c-format msgid "" "You have modified %s.\n" @@ -2410,9 +2442,6 @@ msgstr "הפ×Øי×Ŗ שו×Øש לא חוקי×Ŗ \"%s\"\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: לא יכול לכ×Ŗוב מחדש קובׄ היהמאו×Ŗ\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: לא יכול לעדכן קובׄ היהמאו×Ŗ\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: לא יכול לעדכן קובׄ היהמאו×Ŗ צל\n" diff --git a/po/hu.gmo b/po/hu.gmo deleted file mode 100644 index 6c5a3304..00000000 Binary files a/po/hu.gmo and /dev/null differ diff --git a/po/hu.po b/po/hu.po index 9dbd2af4..310034b0 100644 --- a/po/hu.po +++ b/po/hu.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2007-11-25 20:56+0100\n" "Last-Translator: SZERVƁC Attila <sas@321.hu>\n" "Language-Team: Hungarian <gnome@gnome.hu>\n" @@ -1081,6 +1081,11 @@ msgstr "A tag mĆ”r lĆ©tezik\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: A felhasznĆ”lĆ³neved megĆ”llapĆ­tĆ”sa sikertelen\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1297,6 +1302,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1315,6 +1330,24 @@ msgstr "FelhasznĆ”lĆ³nĆ©v Port LegutĆ³bb" msgid "**Never logged in**" msgstr "**Sosem lĆ©pett be**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: %s kƶnyvtĆ”r nem hozhatĆ³ lĆ©tre\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: a jelszĆ³fĆ”jl frissĆ­tĆ©se sikertelen\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "HasznĆ”lat: %s [-p] [nĆ©v]\n" @@ -1348,6 +1381,15 @@ msgstr "" "\n" "[LevĆ”lasztĆ”s Ć”tlĆ©pve -- root bejelentkezĆ©s engedĆ©lyezett]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Nincs utmp bejegyzĆ©s. Futtasd a \"login\"-t a legalacsonyabb szintű \"sh\"-" +"bĆ³l." + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1359,15 +1401,6 @@ msgstr "" "\n" "A bejelentkezĆ©s %d mp. utĆ”n elkĆ©sett\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Nincs utmp bejegyzĆ©s. Futtasd a \"login\"-t a legalacsonyabb szintű \"sh\"-" -"bĆ³l." - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM hiba, tƶrƶlve: %s\n" @@ -1785,12 +1818,6 @@ msgstr "JelszĆ³ hitelesĆ­tĆ©s Ć”tlĆ©pve.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Add meg SAJƁT jelszavad a hitelesĆ­tĆ©shez.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1807,6 +1834,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2352,26 +2385,6 @@ msgstr "A tag mĆ”r lĆ©tezik\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: a jogosultsĆ”gok eldobĆ”sa meghiĆŗsult (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: a jogosultsĆ”gok eldobĆ”sa meghiĆŗsult (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: a jogosultsĆ”gok eldobĆ”sa meghiĆŗsult (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: a jogosultsĆ”gok eldobĆ”sa meghiĆŗsult (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: %s kƶnyvtĆ”r lĆ©tezik\n" @@ -2413,6 +2426,26 @@ msgstr "a postafiĆ³k tulajdonosĆ”nak vĆ”ltĆ”sa sikertelen" msgid "failed to rename mailbox" msgstr "a postafiĆ³k Ć”tnevezĆ©se sikertelen" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: a jogosultsĆ”gok eldobĆ”sa meghiĆŗsult (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: a jogosultsĆ”gok eldobĆ”sa meghiĆŗsult (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: a jogosultsĆ”gok eldobĆ”sa meghiĆŗsult (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: a jogosultsĆ”gok eldobĆ”sa meghiĆŗsult (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3190,9 +3223,6 @@ msgstr "%s: Ć©rvĆ©nytelen alapkƶnyvtĆ”r: \"%s\"\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: a jelszĆ³fĆ”jl ĆŗjraĆ­rĆ”sa sikertelen\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: a jelszĆ³fĆ”jl frissĆ­tĆ©se sikertelen\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: az Ć”rnyĆ©k jelszĆ³fĆ”jl frissĆ­tĆ©se sikertelen\n" diff --git a/po/id.gmo b/po/id.gmo deleted file mode 100644 index 51a26d85..00000000 Binary files a/po/id.gmo and /dev/null differ diff --git a/po/id.po b/po/id.po index c4b4a757..8aae75e5 100644 --- a/po/id.po +++ b/po/id.po @@ -5,7 +5,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.15\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2007-11-25 20:58+0100\n" "Last-Translator: Parlin Imanuel Toh <parlin_i@yahoo.com>\n" "Language-Team: Debian Indonesia <debid@yahoogroups.com>\n" @@ -1077,6 +1077,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Tidak dapat menentukan nama pengguna anda.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1290,6 +1295,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1308,6 +1323,24 @@ msgstr "Nama pengguna Port Terakhir" msgid "**Never logged in**" msgstr "**Tak pernah log in**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: tak dapat membuat direktori %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: tidak dapat memperbaharui berkas kata sandi\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Penggunaan: %s [-p] [nama]\n" @@ -1341,6 +1374,14 @@ msgstr "" "\n" "[Pemutusan hubungan diabaikan -- login root diperbolehkan.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Tanpa entri utmp. Anda mesti menjalankan \"login\" dari level terendah \"sh\"" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1352,14 +1393,6 @@ msgstr "" "\n" "Login time out setelah %d detik.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Tanpa entri utmp. Anda mesti menjalankan \"login\" dari level terendah \"sh\"" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: Kegagalan PAM, berhenti: %s\n" @@ -1777,12 +1810,6 @@ msgstr "Otentikasi kata sandi diabaikan.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Silakan masukkan kata sandi anda SENDIRI sebagai otentikasi.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1799,6 +1826,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2337,26 +2370,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: gagal membuang hak (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: gagal membuang hak (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: gagal membuang hak (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: gagal membuang hak (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: direktori %s telah ada\n" @@ -2398,6 +2411,26 @@ msgstr "gagal mengganti pemilik kotak-surat" msgid "failed to rename mailbox" msgstr "gagal mengubah nama kotak-surat" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: gagal membuang hak (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: gagal membuang hak (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: gagal membuang hak (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: gagal membuang hak (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3073,9 +3106,6 @@ msgstr "%s: direktori awal `%s' tak sah\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: tidak dapat menulis kembali berkas kata sandi\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: tidak dapat memperbaharui berkas kata sandi\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: tidak dapat memperbaharui berkas kata sandi bayangan\n" diff --git a/po/insert-header.sin b/po/insert-header.sin deleted file mode 100644 index b26de01f..00000000 --- a/po/insert-header.sin +++ /dev/null @@ -1,23 +0,0 @@ -# Sed script that inserts the file called HEADER before the header entry. -# -# At each occurrence of a line starting with "msgid ", we execute the following -# commands. At the first occurrence, insert the file. At the following -# occurrences, do nothing. The distinction between the first and the following -# occurrences is achieved by looking at the hold space. -/^msgid /{ -x -# Test if the hold space is empty. -s/m/m/ -ta -# Yes it was empty. First occurrence. Read the file. -r HEADER -# Output the file's contents by reading the next line. But don't lose the -# current line while doing this. -g -N -bb -:a -# The hold space was nonempty. Following occurrences. Do nothing. -x -:b -} diff --git a/po/it.gmo b/po/it.gmo deleted file mode 100644 index ab39e679..00000000 Binary files a/po/it.gmo and /dev/null differ diff --git a/po/it.po b/po/it.po index b7f7e518..ea7332ad 100644 --- a/po/it.po +++ b/po/it.po @@ -25,7 +25,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.1.1\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2008-03-27 14:40+0100\n" "Last-Translator: Danilo Piazzalunga <danilopiazza@gmail.com>\n" "Language-Team: Italian <tp@lists.linux.it>\n" @@ -1166,6 +1166,11 @@ msgstr "Membro giĆ  esistente\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: impossibile determinare il proprio nome utente.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1398,6 +1403,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1416,6 +1431,24 @@ msgstr "Nome utente Porta Ultimo accesso" msgid "**Never logged in**" msgstr "**Nessun accesso effettuato**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: impossibile creare la directory %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: impossibile aggiornare il file delle password\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Uso: %s [-p] [NOME]\n" @@ -1450,6 +1483,13 @@ msgstr "" "\n" "[Disconnessione obbligatoria evitata: root puĆ² accedere.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "Nessuna voce utmp. Eseguire Ā«loginĀ» dalla shell di livello piĆ¹ basso" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1461,13 +1501,6 @@ msgstr "" "\n" "Login scaduto dopo %d secondi.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "Nessuna voce utmp. Eseguire Ā«loginĀ» dalla shell di livello piĆ¹ basso" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM ha restituito un errore: %s\n" @@ -1916,12 +1949,6 @@ msgstr "Evitata l'autenticazione tramite password.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Inserire la PROPRIA password per autenticarsi.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1938,6 +1965,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2560,26 +2593,6 @@ msgstr "Membro giĆ  esistente\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: impossibile abbandonare i privilegi (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: impossibile abbandonare i privilegi (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: impossibile abbandonare i privilegi (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: impossibile abbandonare i privilegi (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: la directory %s esiste giĆ \n" @@ -2623,6 +2636,26 @@ msgstr "impossibile cambiare il proprietario della casella di posta" msgid "failed to rename mailbox" msgstr "impossibile rinominare la casella di posta" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: impossibile abbandonare i privilegi (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: impossibile abbandonare i privilegi (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: impossibile abbandonare i privilegi (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: impossibile abbandonare i privilegi (%s)\n" + #, fuzzy, c-format #| msgid "" #| "You have modified %s.\n" @@ -3455,9 +3488,6 @@ msgstr "%s: directory di base Ā«%sĀ» non valida\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: impossibile riscrivere il file delle password\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: impossibile aggiornare il file delle password\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: impossibile aggiornare il file delle shadow password\n" diff --git a/po/ja.gmo b/po/ja.gmo deleted file mode 100644 index 7ec0a6cb..00000000 Binary files a/po/ja.gmo and /dev/null differ diff --git a/po/ja.po b/po/ja.po index a68a698a..3125e5f8 100644 --- a/po/ja.po +++ b/po/ja.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.1.5\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-05-21 02:52+0900\n" "Last-Translator: NAKANO Takeo <nakano@webmasters.gr.jp>\n" "Language-Team: Japanese <debian-japanese@lists.debian.org>\n" @@ -1084,6 +1084,14 @@ msgstr "%s: GID '%lu' ćÆę—¢ć«å­˜åœØć—ć¾ć™\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: ć‚ÆćƒŖćƒ¼ćƒ³ć‚¢ćƒƒćƒ—ć‚µćƒ¼ćƒ“ć‚¹ć‚’čØ­å®šć§ćć¾ć›ć‚“ć€‚\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr " -r, --reset ćƒ­ć‚°ć‚¤ćƒ³å¤±ę•—ć®ć‚«ć‚¦ćƒ³ć‚æ悒ćƒŖć‚»ćƒƒćƒˆć™ć‚‹\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: '%s' 恮ć‚Øćƒ³ćƒˆćƒŖ悒 %s ć‹ć‚‰å‰Šé™¤ć§ćć¾ć›ć‚“\n" @@ -1311,6 +1319,22 @@ msgstr "" " -b, --before DAYS DAYS ę—„ć‚ˆć‚Šä»„å‰ć® lastlog čØ˜éŒ²ć ć‘ć‚’č”Øē¤ŗ恙" "悋\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr " -a, --all å…Øćƒ¦ćƒ¼ć‚¶ć® faillog čØ˜éŒ²ć‚’č”Øē¤ŗ恙悋\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr " -a, --all å…Øćƒ¦ćƒ¼ć‚¶ć® faillog čØ˜éŒ²ć‚’č”Øē¤ŗ恙悋\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1331,6 +1355,24 @@ msgstr "ćƒ¦ćƒ¼ć‚¶å ćƒćƒ¼ćƒˆ ꜀čæ‘ć®ćƒ­ć‚°ć‚¤ćƒ³" msgid "**Never logged in**" msgstr "**äø€åŗ¦ć‚‚ćƒ­ć‚°ć‚¤ćƒ³ć—ć¦ć„ć¾ć›ć‚“**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: UID %lu 恮ć‚Øćƒ³ćƒˆćƒŖć‚’å–å¾—ć§ćć¾ć›ć‚“ć§ć—ćŸ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: UID %lu 恮 lastlog ć‚Øćƒ³ćƒˆćƒŖ悒ćƒŖć‚»ćƒƒćƒˆć§ćć¾ć›ć‚“ć§ć—ćŸ: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "ä½æć„ę–¹: %s [-p] [ćƒ¦ćƒ¼ć‚¶å]\n" @@ -1364,14 +1406,6 @@ msgstr "" "\n" "[åˆ‡ę–­ć‚’čæ‚回 -- root ćƒ­ć‚°ć‚¤ćƒ³ćŒåÆčƒ½ć§ć™ć€‚]" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"恂ćØ %u ē§’ć§ćƒ­ć‚°ć‚¤ćƒ³ćÆć‚æć‚¤ćƒ ć‚¢ć‚¦ćƒˆć—ć¾ć™ć€‚\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "%s: ćŠćć‚‰ćå®ŸåŠ¹ root 恌ćŖ恄ćØå‹•ä½œć§ćć¾ć›ć‚“\n" @@ -1381,6 +1415,14 @@ msgstr "" "utmp 恫ć‚Øćƒ³ćƒˆćƒŖćŒć‚ć‚Šć¾ć›ć‚“ć€‚\"login\" 悒 \"sh\" ć®ęœ€ä½Žćƒ¬ćƒ™ćƒ«ć‹ć‚‰č”Œć†åæ…č¦ćŒć‚" "ć‚Šć¾ć™" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"恂ćØ %u ē§’ć§ćƒ­ć‚°ć‚¤ćƒ³ćÆć‚æć‚¤ćƒ ć‚¢ć‚¦ćƒˆć—ć¾ć™ć€‚\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM ćŒå¤±ę•—ć—ć¾ć—ćŸć€ēµ‚äŗ†ć—ć¾ć™: %s\n" @@ -1805,12 +1847,6 @@ msgstr "ćƒ‘ć‚¹ćƒÆćƒ¼ćƒ‰čŖčØ¼ć‚’čæ‚å›žć—ć¾ć™ć€‚\n" msgid "Please enter your OWN password as authentication.\n" msgstr "怌恂ćŖ恟č‡Ŗčŗ«ć®ćƒ‘ć‚¹ćƒÆćƒ¼ćƒ‰ć€ć‚’å…„åŠ›ć—ć¦čŖčØ¼ć—ć¦ćć ć•ć„ć€‚\n" -msgid " ...killed.\n" -msgstr " ...kill ć•ć‚Œć¾ć—ćŸć€‚\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...å­ćƒ—ćƒ­ć‚»ć‚¹ć®ēµ‚äŗ†ć‚’å¾…ć”ć¾ć™ć€‚\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: ćƒ¦ćƒ¼ć‚¶ć‚·ć‚§ćƒ«ć‚’čµ·å‹•ć§ćć¾ć›ć‚“ć€‚\n" @@ -1826,6 +1862,12 @@ msgstr "%s: ć‚·ć‚°ćƒŠćƒ«ć®ćƒžć‚¹ć‚­ćƒ³ć‚°ćŒē•°åøø恧恙\n" msgid "Session terminated, terminating shell..." msgstr "ć‚»ćƒƒć‚·ćƒ§ćƒ³ćŒēµ‚äŗ†ć—ć¾ć—ćŸć€‚ć‚·ć‚§ćƒ«ć‚’ēµ‚äŗ†ć—ć¦ć„ć¾ć™..." +msgid " ...killed.\n" +msgstr " ...kill ć•ć‚Œć¾ć—ćŸć€‚\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ...å­ćƒ—ćƒ­ć‚»ć‚¹ć®ēµ‚äŗ†ć‚’å¾…ć”ć¾ć™ć€‚\n" + msgid " ...terminated.\n" msgstr " ...ēµ‚äŗ†ć—ć¾ć—ćŸć€‚\n" @@ -2047,7 +2089,7 @@ msgid " -s, --shell SHELL login shell of the new account\n" msgstr " -s, --shell SHELL ę–°ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć®ćƒ­ć‚°ć‚¤ćƒ³ć‚·ć‚§ćƒ«\n" msgid " -u, --uid UID user ID of the new account\n" -msgstr " -u, --iud UID ę–°ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć®ćƒ¦ćƒ¼ć‚¶ ID\n" +msgstr " -u, --uid UID ę–°ć‚¢ć‚«ć‚¦ćƒ³ćƒˆć®ćƒ¦ćƒ¼ć‚¶ ID\n" msgid "" " -U, --user-group create a group with the same name as the " @@ -2390,26 +2432,6 @@ msgstr "%s: UID '%lu' ćÆę—¢ć«å­˜åœØć—ć¾ć™\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s ćÆ %s ć®ćƒ‘ć‚¹ćƒÆćƒ¼ćƒ‰ć‚’å¤‰ę›“ć™ć‚‹ęØ©é™ćŒć‚ć‚Šć¾ć›ć‚“\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: %s 恮ꖰ恗恄ć‚Øćƒ³ćƒˆćƒŖ '%s' 悒ęŗ–å‚™ć§ćć¾ć›ć‚“ć§ć—ćŸć€‚\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: %s 恮ꖰ恗恄ć‚Øćƒ³ćƒˆćƒŖ '%s' 悒ęŗ–å‚™ć§ćć¾ć›ć‚“ć§ć—ćŸć€‚\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: %s 恮ꖰ恗恄ć‚Øćƒ³ćƒˆćƒŖ '%s' 悒ęŗ–å‚™ć§ćć¾ć›ć‚“ć§ć—ćŸć€‚\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: %s 恮ꖰ恗恄ć‚Øćƒ³ćƒˆćƒŖ '%s' 悒ęŗ–å‚™ć§ćć¾ć›ć‚“ć§ć—ćŸć€‚\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: ćƒ‡ć‚£ćƒ¬ć‚Æ惈ćƒŖ %s ćÆ存åœØć—ć¾ć™\n" @@ -2454,6 +2476,26 @@ msgstr "mailbox ę‰€ęœ‰č€…ć®å¤‰ę›“ć«å¤±ę•—ć—ć¾ć—ćŸ" msgid "failed to rename mailbox" msgstr "mailbox ć®åå‰å¤‰ę›“ć«å¤±ę•—ć—ć¾ć—ćŸ" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: %s 恮ꖰ恗恄ć‚Øćƒ³ćƒˆćƒŖ '%s' 悒ęŗ–å‚™ć§ćć¾ć›ć‚“ć§ć—ćŸć€‚\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: %s 恮ꖰ恗恄ć‚Øćƒ³ćƒˆćƒŖ '%s' 悒ęŗ–å‚™ć§ćć¾ć›ć‚“ć§ć—ćŸć€‚\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: %s 恮ꖰ恗恄ć‚Øćƒ³ćƒˆćƒŖ '%s' 悒ęŗ–å‚™ć§ćć¾ć›ć‚“ć§ć—ćŸć€‚\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: %s 恮ꖰ恗恄ć‚Øćƒ³ćƒˆćƒŖ '%s' 悒ęŗ–å‚™ć§ćć¾ć›ć‚“ć§ć—ćŸć€‚\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/kk.gmo b/po/kk.gmo deleted file mode 100644 index c4d019dc..00000000 Binary files a/po/kk.gmo and /dev/null differ diff --git a/po/kk.po b/po/kk.po index 0f8396de..78bed465 100644 --- a/po/kk.po +++ b/po/kk.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: shadowutils\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-01-20 21:16+0600\n" "Last-Translator: Baurzhan Muftakhidinov <baurthefirst@gmail.com>\n" "Language-Team: Kazakh <kk_KZ@googlegroups.com>\n" @@ -1096,6 +1096,14 @@ msgstr "%s: GID '%lu' Š±Š°Ń€ Š±Š¾Š»Ń‹Šæ тŅ±Ń€\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Š¢Š°Š·Š°Ń€Ń‚Ńƒ Ņ›Ń‹Š·Š¼ŠµŃ‚Ń–Š½ Š¾Ń€Š½Š°Ń‚Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr " -r, --reset сәтсіŠ· Šŗіру тŠ°Š»Š°Šæ сŠ°Š½Š°Ņ“Ń‹ŃˆŃ‹Š½ Š½Ó©Š»Š“ŠµŃƒ\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: '%s' Š¶Š°Š·Š±Š°ŃŃ‹Š½ %s ішіŠ½ŠµŠ½ Ó©ŃˆŃ–Ń€Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" @@ -1322,6 +1330,26 @@ msgstr "" " -b, --before ŠšŅ®Š Š¼ŠµŃ€Š·Ń–Š¼Ń– ŠšŅ®ŠŠ½ŠµŠ½ ŅÆŠ»ŠŗŠµŠ½ Ņ“Š°Š½Š° lastlog Š¶Š°Š·Š±Š°Š»Š°Ń€Ń‹Š½ " "ŠŗөрсŠµŃ‚Ńƒ\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all Š±Š°Ń€Š»Ń‹Ņ› ŠæŠ°Š¹Š“Š°Š»Š°Š½ŃƒŃˆŃ‹Š»Š°Ń€ ŅÆшіŠ½ faillog " +"Š¶Š°Š·Š±Š°Š»Š°Ń€Ń‹Š½ ŠŗөрсŠµŃ‚Ńƒ\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all Š±Š°Ń€Š»Ń‹Ņ› ŠæŠ°Š¹Š“Š°Š»Š°Š½ŃƒŃˆŃ‹Š»Š°Ń€ ŅÆшіŠ½ faillog " +"Š¶Š°Š·Š±Š°Š»Š°Ń€Ń‹Š½ ŠŗөрсŠµŃ‚Ńƒ\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1344,6 +1372,24 @@ msgstr "ŠŸŠ°Š¹Š“Š°Š»Š°Š½ŃƒŃˆŃ‹ ŠŸŠ¾Ń€Ń‚ Š”Š¾Ņ£Ņ“Ń‹" msgid "**Never logged in**" msgstr "**Š–ŅÆŠ¹ŠµŠ³Šµ ŠµŃˆŅ›Š°ŃˆŠ°Š½ ŠŗірŠ¼ŠµŠ³ŠµŠ½**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: UID %lu ŅÆшіŠ½ Š¶Š°Š·Š±Š°Š½Ń‹ Š°Š»Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: %lu UID-і ŅÆшіŠ½ lastlog Š¶Š°Š·Š±Š°ŃŃ‹Š½ Š½Ó©Š»Š“ŠµŃƒ сәтсіŠ·: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "ŅšŠ¾Š»Š“Š°Š½Ń‹Š»ŃƒŃ‹: %s [-p] [Š°Ń‚Ń‹]\n" @@ -1378,14 +1424,6 @@ msgstr "" "[Š–ŅÆŠ¹ŠµŠ“ŠµŠ½ Š¼Ó™Š¶Š±ŅÆрŠ»Ń– шыŅ“Ńƒ Š¾Ń€Ń‹Š½Š“Š°Š»Š¼Š°Š“ы -- root ŅÆшіŠ½ Š¶ŅÆŠ¹ŠµŠ³Šµ ŠŗіруŠ³Šµ рŅ±Ņ›ŃŠ°Ń‚ " "ŠµŃ‚Ń–Š»Š³ŠµŠ½.]" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"Š–ŅÆŠ¹ŠµŠ³Šµ Šŗіру уŠ°Ņ›Ń‹Ń‚Ń‹ %u сŠµŠŗуŠ½Š“тŠ°Š½ ŠŗŠµŠ¹Ń–Š½ Š°ŃŅ›Ń‚Š°Š»Š“ы.\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "%s: Š­Ń„Ń„ŠµŠŗтŠøŠ²Ń‚Ń– root-сыŠ· Š¶Ņ±Š¼Ń‹Ń істŠµŠ¼ŠµŃƒŃ– Š¼ŅÆŠ¼ŠŗіŠ½\n" @@ -1395,6 +1433,14 @@ msgstr "" "Utmp Š¶Š°Š·Š±Š°ŃŃ‹ Š¶Š¾Ņ›. Š”іŠ·Š³Šµ exec \"login\" ŠŗŠ¾Š¼Š°Š½Š“Š°ŃŃ‹Š½ Š±Ń–ріŠ½ŃˆŃ– Š“ŠµŅ£Š³ŠµŠ¹Š“ŠµŠ½ \"sh\" " "Ņ›Š¾ŃŃƒ ŠŗŠµŃ€ŠµŠŗ" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"Š–ŅÆŠ¹ŠµŠ³Šµ Šŗіру уŠ°Ņ›Ń‹Ń‚Ń‹ %u сŠµŠŗуŠ½Š“тŠ°Š½ ŠŗŠµŠ¹Ń–Š½ Š°ŃŅ›Ń‚Š°Š»Š“ы.\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM Ņ›Š°Ń‚ŠµŃŃ–, тŠ¾Ņ›Ń‚Š°Ń‚Ń‹Š»Š“ы: %s\n" @@ -1825,12 +1871,6 @@ msgstr "ŠŸŠ°Ń€Š¾Š»ŃŒŠ“іŠŗ Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøяŠ½Ń‹ Š°Ń‚Ń‚Š°Šæ Ó©Ń‚ŠµŠ¼ msgid "Please enter your OWN password as authentication.\n" msgstr "ŠØыŠ½Š“ыŠ»Ń‹Ņ›Ń‚Ń‹ тŠµŠŗсŠµŃ€Ńƒ ŅÆшіŠ½ ÓØŠ—Š†Ņ¢Š†Š—Š”Š†Ņ¢ ŠæŠ°Ń€Š¾Š»Ń–Ņ£Ń–Š·Š“і ŠµŠ½Š³Ń–Š·Ń–Ņ£Ń–Š·.\n" -msgid " ...killed.\n" -msgstr " ...Ó©Š»Ń‚іріŠ»Š“і.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...Ņ±Ń€ŠæŠ°Ņ› ŅÆрŠ“істіŅ£ тŠ¾Ņ›Ń‚Š°Ń‚Ń‹Š»ŃƒŃ‹Š½ ŠŗŅÆту.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: ŠŸŠ°Š¹Š“Š°Š»Š°Š½ŃƒŃˆŃ‹ Ņ›Š¾Ń€ŃˆŠ°Š¼Ń‹Š½ ісŠŗŠµ Ņ›Š¾ŃŃƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" @@ -1846,6 +1886,12 @@ msgstr "%s: сŠøŠ³Š½Š°Š»Š“ы Š±Š°ŃŅ›Š°Ń€Ńƒ Š°Ņ›Š°ŃƒŠ»Ń‹Ņ“Ń‹\n" msgid "Session terminated, terminating shell..." msgstr "Š”ŠµŃŃŠøя тŠ¾Ņ›Ń‚Š°Ń‚Ń‹Š»Š“ы, Ņ›Š¾Ń€ŃˆŠ°Š¼Š“ы тŠ¾Ņ›Ń‚Š°Ń‚Ńƒ..." +msgid " ...killed.\n" +msgstr " ...Ó©Š»Ń‚іріŠ»Š“і.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ...Ņ±Ń€ŠæŠ°Ņ› ŅÆрŠ“істіŅ£ тŠ¾Ņ›Ń‚Š°Ń‚Ń‹Š»ŃƒŃ‹Š½ ŠŗŅÆту.\n" + msgid " ...terminated.\n" msgstr " ...тŠ¾Ņ›Ń‚Š°Ń‚Ń‹Š»Š“ы.\n" @@ -2422,26 +2468,6 @@ msgstr "%s: '%lu' UID-і Š±Š°Ń€ Š±Š¾Š»Ń‹Šæ тŅ±Ń€\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s ŠæŠ°Š¹Š“Š°Š»Š°Š½ŃƒŃˆŃ‹Š½Ń‹Ņ£ %s ŅÆшіŠ½ ŠæŠ°Ń€Š¾Š»Š“і Ó©Š·Š³ŠµŃ€Ń‚ŃƒŠ³Šµ Ņ›Ņ±Ņ›Ń‹Ņ“Ń‹ Š¶Š¾Ņ›\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: Š¶Š°Ņ£Š° %s '%s' Š¶Š°Š·Š±Š°Š½Ń‹ Š“Š°Š¹Ń‹Š½Š“Š°Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: Š¶Š°Ņ£Š° %s '%s' Š¶Š°Š·Š±Š°Š½Ń‹ Š“Š°Š¹Ń‹Š½Š“Š°Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: Š¶Š°Ņ£Š° %s '%s' Š¶Š°Š·Š±Š°Š½Ń‹ Š“Š°Š¹Ń‹Š½Š“Š°Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: Š¶Š°Ņ£Š° %s '%s' Š¶Š°Š·Š±Š°Š½Ń‹ Š“Š°Š¹Ń‹Š½Š“Š°Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: %s Š±ŃƒŠ¼Š°ŃŃ‹ Š±Š°Ń€ Š±Š¾Š»Ń‹Šæ тŅ±Ń€\n" @@ -2486,6 +2512,26 @@ msgstr "mailbox ŠøŠµŃŃ–Š½ Š°ŃƒŃ‹ŃŃ‚Ń‹Ń€Ńƒ Ņ›Š°Ń‚ŠµŠ¼ŠµŠ½ Š°ŃŅ›Ń‚Š°Š»Š“ы" msgid "failed to rename mailbox" msgstr "mailbox Š°Ń‚Ń‹Š½ Š°ŃƒŃ‹ŃŃ‚Ń‹Ń€Ńƒ Ņ›Š°Ń‚ŠµŠ¼ŠµŠ½ Š°ŃŅ›Ń‚Š°Š»Š“ы" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: Š¶Š°Ņ£Š° %s '%s' Š¶Š°Š·Š±Š°Š½Ń‹ Š“Š°Š¹Ń‹Š½Š“Š°Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: Š¶Š°Ņ£Š° %s '%s' Š¶Š°Š·Š±Š°Š½Ń‹ Š“Š°Š¹Ń‹Š½Š“Š°Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: Š¶Š°Ņ£Š° %s '%s' Š¶Š°Š·Š±Š°Š½Ń‹ Š“Š°Š¹Ń‹Š½Š“Š°Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: Š¶Š°Ņ£Š° %s '%s' Š¶Š°Š·Š±Š°Š½Ń‹ Š“Š°Š¹Ń‹Š½Š“Š°Ńƒ Š¼ŅÆŠ¼ŠŗіŠ½ ŠµŠ¼ŠµŃ\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/km.gmo b/po/km.gmo deleted file mode 100644 index 9168652b..00000000 Binary files a/po/km.gmo and /dev/null differ diff --git a/po/km.po b/po/km.po index a92f55bb..50475301 100644 --- a/po/km.po +++ b/po/km.po @@ -11,7 +11,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow_po_km\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2006-06-28 10:08+0700\n" "Last-Translator: Khoem Sokhem <khoemsokhem@khmeros.info>\n" "Language-Team: Khmer <support@khmeros.info>\n" @@ -1095,6 +1095,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%sĀ įŸ– įž˜įž·įž“ā€‹įž¢įž¶įž…įž€įŸ†įžŽįžįŸ‹ā€‹įžˆįŸ’įž˜įŸ„įŸ‡ā€‹įž¢įŸ’įž“įž€įž”įŸ’įžšįž¾ā€‹įžšįž”įžŸįŸ‹ā€‹įž¢įŸ’įž“įž€ā€‹įž”įž¶įž“ā€‹įž‘įŸĀ įŸ”\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1315,6 +1320,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1335,6 +1350,24 @@ msgstr "įžˆįŸ’įž˜įŸ„įŸ‡ā€‹įž¢įŸ’įž“įž€ā€‹įž”įŸ’įžšįž¾ įž…įŸ’įžš msgid "**Never logged in**" msgstr "**įž˜įž·įž“ā€‹įžŠįŸ‚įž›ā€‹įž…įž¼įž›ā€‹įžŸįŸ„įŸ‡**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%sĀ įŸ– įž˜įž·įž“ā€‹ā€‹įž¢įž¶įž…ā€‹įž”įž„įŸ’įž€įž¾įžā€‹įžįžā€‹ %s įž”įž¶įž“įž”įž¾įž™\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%sĀ įŸ– įž˜įž·įž“įž¢įž¶įž…ā€‹įž’įŸ’įžœįž¾įž²įŸ’įž™ā€‹įžÆįž€įžŸįž¶įžšā€‹įž–įž¶įž€įŸ’įž™ā€‹įžŸįž˜įŸ’įž„įž¶įžįŸ‹ā€‹įž‘įž¶įž“įŸ‹įžŸįž˜įŸįž™ā€‹įž”įž¶įž“įž‘įŸ\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "įžšįž”įŸ€įž”įž”įŸ’įžšįž¾Ā įŸ– %s [-p] [name]\n" @@ -1371,6 +1404,13 @@ msgstr "" "\n" "[įž”įž¶įž“ā€‹įžœįŸ€įž„ā€‹įž€įž¶įžšā€‹įž•įŸ’įžŠįž¶įž…įŸ‹ -- įž”įž¶įž“ā€‹įž¢įž“įž»įž‰įŸ’įž‰įž¶įžā€‹įž€įž¶įžšā€‹įž…įž¼įž›ā€‹įž‡įž¶ rootĀ įŸ”]\n" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "įž‚įŸ’įž˜įž¶įž“ā€‹įž’įž¶įžįž»ā€‹ utmp įž”įž¾įž™Ā įŸ” įž¢įŸ’įž“įž€ā€‹įžįŸ’įžšįž¼įžœā€‹įž”įŸ’įžšįžįž·įž”įžįŸ’įžįž·ā€‹ \"login\" įž–įžøā€‹įž€įž˜įŸ’įžšįž·įžā€‹įž‘įž¶įž”ā€‹įž”įŸ†įž•įž»įžā€‹ \"sh\"" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1382,13 +1422,6 @@ msgstr "" "\n" "įž¢įžŸįŸ‹ā€‹įž–įŸįž›ā€‹įž…įž¼įž›ā€‹įž”įž“įŸ’įž‘įž¶įž”įŸ‹įž–įžø %d įžœįž·įž“įž¶įž‘įžøĀ įŸ”\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "įž‚įŸ’įž˜įž¶įž“ā€‹įž’įž¶įžįž»ā€‹ utmp įž”įž¾įž™Ā įŸ” įž¢įŸ’įž“įž€ā€‹įžįŸ’įžšįž¼įžœā€‹įž”įŸ’įžšįžįž·įž”įžįŸ’įžįž·ā€‹ \"login\" įž–įžøā€‹įž€įž˜įŸ’įžšįž·įžā€‹įž‘įž¶įž”ā€‹įž”įŸ†įž•įž»įžā€‹ \"sh\"" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "įž…įž¼įž›Ā įŸ– PAM įž”įžšįž¶įž‡įŸįž™ā€‹ įž€įŸ†įž–įž»įž„ā€‹įž”įŸ„įŸ‡įž”įž„įŸ‹ā€‹Ā įŸ– %s\n" @@ -1812,12 +1845,6 @@ msgstr "įž€įž¶įžšā€‹įž•įŸ’įž‘įŸ€įž„įž•įŸ’įž‘įž¶įžįŸ‹ā€‹įž—įž¶įž–ā€‹įžįŸ’įžšįž¹ msgid "Please enter your OWN password as authentication.\n" msgstr "įžŸįž¼įž˜ā€‹įž”įž‰įŸ’įž…įž¼įž›ā€‹įž–įž¶įž€įŸ’įž™ā€‹įžŸįž˜įŸ’įž„įž¶įžįŸ‹įž•įŸ’įž‘įž¶įž›įŸ‹įžįŸ’įž›įž½įž“ā€‹įžšįž”įžŸįŸ‹įž¢įŸ’įž“įž€ā€‹ įž‡įž¶ā€‹įž€įž¶įžšįž•įŸ’įž‘įŸ€įž„įž•įŸ’įž‘įž¶įžįŸ‹įž—įž¶įž–įžįŸ’įžšįž¹įž˜įžįŸ’įžšįž¼įžœā€‹Ā įŸ”\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1834,6 +1861,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2373,26 +2406,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%sĀ įŸ– įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž‘įž˜įŸ’įž›įž¶įž€įŸ‹ā€‹įžŸįž·įž‘įŸ’įž’ (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%sĀ įŸ– įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž‘įž˜įŸ’įž›įž¶įž€įŸ‹ā€‹įžŸįž·įž‘įŸ’įž’ (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%sĀ įŸ– įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž‘įž˜įŸ’įž›įž¶įž€įŸ‹ā€‹įžŸįž·įž‘įŸ’įž’ (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%sĀ įŸ– įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž‘įž˜įŸ’įž›įž¶įž€įŸ‹ā€‹įžŸįž·įž‘įŸ’įž’ (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%sĀ įŸ– įž˜įž¶įž“įžįžā€‹ %s ā€‹įžšįž½įž…ā€‹įž įž¾įž™ā€‹\n" @@ -2434,6 +2447,26 @@ msgstr "įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž•įŸ’įž›įž¶įžŸįŸ‹įž”įŸ’ msgid "failed to rename mailbox" msgstr "ā€‹įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšįž”įŸ’įžŠįž¼įžšįžˆįŸ’įž˜įŸ„įŸ‡įž”įŸ’įžšįž¢įž”įŸ‹" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%sĀ įŸ– įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž‘įž˜įŸ’įž›įž¶įž€įŸ‹ā€‹įžŸįž·įž‘įŸ’įž’ (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%sĀ įŸ– įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž‘įž˜įŸ’įž›įž¶įž€įŸ‹ā€‹įžŸįž·įž‘įŸ’įž’ (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%sĀ įŸ– įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž‘įž˜įŸ’įž›įž¶įž€įŸ‹ā€‹įžŸįž·įž‘įŸ’įž’ (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%sĀ įŸ– įž”įžšįž¶įž‡įŸįž™ā€‹įž€įŸ’įž“įž»įž„įž€įž¶įžšā€‹įž‘įž˜įŸ’įž›įž¶įž€įŸ‹ā€‹įžŸįž·įž‘įŸ’įž’ (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3071,9 +3104,6 @@ msgstr "%sĀ Ā įŸ– įžįžā€‹įž˜įž¼įž›įžŠįŸ’įž‹įž¶įž“ā€‹įž˜įž·įž“ā€‹įžįŸ’įžšįž¹ #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%sĀ įŸ– įž˜įž·įž“įž¢įž¶įž…ā€‹įžŸįžšįžŸįŸįžšā€‹įžÆįž€įžŸįž¶įžšįž–įž¶įž€įŸ’įž™įžŸįž˜įŸ’įž„įž¶įžįŸ‹ā€‹įž”įž¾įž„įžœįž·įž‰įž”įž¶įž“įž‘įŸā€‹\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%sĀ įŸ– įž˜įž·įž“įž¢įž¶įž…ā€‹įž’įŸ’įžœįž¾įž²įŸ’įž™ā€‹įžÆįž€įžŸįž¶įžšā€‹įž–įž¶įž€įŸ’įž™ā€‹įžŸįž˜įŸ’įž„įž¶įžįŸ‹ā€‹įž‘įž¶įž“įŸ‹įžŸįž˜įŸįž™ā€‹įž”įž¶įž“įž‘įŸ\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%sĀ įŸ– įž˜įž·įž“įž¢įž¶įž…ā€‹įž’įŸ’įžœįž¾ā€‹įž²įŸ’įž™ā€‹įžÆįž€įžŸįž¶įžšįž–įž¶įž€įŸ’įž™įžŸįž˜įŸ’įž„įž¶įžįŸ‹ā€‹įžŸįŸ’įžšįž˜įŸ„įž›įž‘įž¶įž“įŸ‹įžŸįž˜įŸįž™įž”įž¶įž“įž‘įŸ\n" diff --git a/po/ko.gmo b/po/ko.gmo deleted file mode 100644 index 39d2f5dd..00000000 Binary files a/po/ko.gmo and /dev/null differ diff --git a/po/ko.po b/po/ko.po index d268870c..1b00e99d 100644 --- a/po/ko.po +++ b/po/ko.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.1.1\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2009-04-19 21:32+0900\n" "Last-Translator: Changwoo Ryu <cwryu@debian.org>\n" "Language-Team: Korean <debian-l10n-korean@lists.debian.org>\n" @@ -1101,6 +1101,11 @@ msgstr "%s: '%lu' GIDź°€ ģ“ėÆø ģžˆģŠµė‹ˆė‹¤\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: ģ‚¬ģš©ģž ģ“ė¦„ģ„ ģøģ‹ķ•  ģˆ˜ ģ—†ģŠµė‹ˆė‹¤.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: '%s' ķ•­ėŖ©ģ„ %sģ—ģ„œ ģ œź±°ķ•  ģˆ˜ ģ—†ģŠµė‹ˆė‹¤\n" @@ -1317,6 +1322,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1335,6 +1350,24 @@ msgstr "ģ‚¬ģš©ģžģ“ė¦„ ķ¬ķŠø ģµœź·¼ģ •ė³“" msgid "**Never logged in**" msgstr "**ķ•œė²ˆė„ ė”œź·øģøķ•œ ģ ģ“ ģ—†ģŠµė‹ˆė‹¤**" +#, fuzzy, c-format +#| msgid "lastlog: Failed to get the entry for UID %d\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "lastlog: UID %dė²ˆģ˜ ķ•­ėŖ©ģ„ ģ½ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: UID %luė²ˆģ˜ ģµœź·¼ źø°ė” ķ•­ėŖ©ģ„ ģ“ˆźø°ķ™”ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "ģ‚¬ģš©ė²•: %s [-p] [ģ“ė¦„]\n" @@ -1368,6 +1401,14 @@ msgstr "" "\n" "[ģ ‘ģ†ķ•“ģ œź°€ ė¬“ģ‹œė˜ģ—ˆģŠµė‹ˆė‹¤ -- ė£ØķŠø ė”œź·øģø ķ—ˆģš©.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"UTMP ķ•­ėŖ©ģ“ ģ—†ģŠµė‹ˆė‹¤. ź°€ģž„ ė‚®ģ€ \"sh\"ģ—ģ„œ \"login\"ģ„ ģ‹¤ķ–‰ķ•“ģ•¼ ķ•©ė‹ˆė‹¤." + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1379,14 +1420,6 @@ msgstr "" "\n" "%d ģ“ˆ ķ›„ ė”œź·øģøģ“ ģ¢…ė£Œė˜ģ—ˆģŠµė‹ˆė‹¤.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"UTMP ķ•­ėŖ©ģ“ ģ—†ģŠµė‹ˆė‹¤. ź°€ģž„ ė‚®ģ€ \"sh\"ģ—ģ„œ \"login\"ģ„ ģ‹¤ķ–‰ķ•“ģ•¼ ķ•©ė‹ˆė‹¤." - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM ģ‹¤ķŒØ. ģ¤‘ģ§€ ģ¤‘: %s\n" @@ -1811,12 +1844,6 @@ msgstr "ģ•”ķ˜ø ģøģ¦ģ“ ė¬“ģ‹œė˜ģ—ˆģŠµė‹ˆė‹¤.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "ģøģ¦ķ•˜źø° ģœ„ķ•“ ė³øģøģ˜ ģ•”ķ˜øė„¼ ģž…ė „ķ•˜ģ‹­ģ‹œģ˜¤.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: Cannot determine your user name.\n" msgid "%s: Cannot fork user shell\n" @@ -1833,6 +1860,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2416,26 +2449,6 @@ msgstr "%s: '%lu' UIDź°€ ģ“ėÆø ģžˆģŠµė‹ˆė‹¤\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s ģ‚¬ģš©ģžėŠ” %sģ˜ ģ•”ķ˜øė„¼ ė°”źæ€ ź¶Œķ•œģ“ ģ—†ģŠµė‹ˆė‹¤\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: ģƒˆ %s ķ•­ėŖ© '%s'ģ„(ė„¼) ģ¤€ė¹„ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: ģƒˆ %s ķ•­ėŖ© '%s'ģ„(ė„¼) ģ¤€ė¹„ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: ģƒˆ %s ķ•­ėŖ© '%s'ģ„(ė„¼) ģ¤€ė¹„ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: ģƒˆ %s ķ•­ėŖ© '%s'ģ„(ė„¼) ģ¤€ė¹„ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: ė””ė ‰ķ„°ė¦¬ %sģ€(ėŠ”) ģ“ėÆø ģžˆģŠµė‹ˆė‹¤\n" @@ -2480,6 +2493,26 @@ msgstr "ė©”ģ¼ķ•Ø ģ†Œģœ ģžė„¼ ė°”ź¾øėŠ” ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤" msgid "failed to rename mailbox" msgstr "ė©”ģ¼ķ•Øģ˜ ģ“ė¦„ģ„ ė°”ź¾øėŠ” ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: ģƒˆ %s ķ•­ėŖ© '%s'ģ„(ė„¼) ģ¤€ė¹„ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: ģƒˆ %s ķ•­ėŖ© '%s'ģ„(ė„¼) ģ¤€ė¹„ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: ģƒˆ %s ķ•­ėŖ© '%s'ģ„(ė„¼) ģ¤€ė¹„ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: ģƒˆ %s ķ•­ėŖ© '%s'ģ„(ė„¼) ģ¤€ė¹„ķ•˜ėŠ”ė° ģ‹¤ķŒØķ–ˆģŠµė‹ˆė‹¤\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/nb.gmo b/po/nb.gmo deleted file mode 100644 index d8f2522f..00000000 Binary files a/po/nb.gmo and /dev/null differ diff --git a/po/nb.po b/po/nb.po index d8bd46e7..d42a8640 100644 --- a/po/nb.po +++ b/po/nb.po @@ -11,7 +11,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.17\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-01-18 17:19+0100\n" "Last-Translator: BjĆørn Steensrud <bjornst@skogkatt.homelinux.org>\n" "Language-Team: Norwegian BokmĆ„l <i18n-nb@lister.ping.uio.no>\n" @@ -1138,6 +1138,16 @@ msgstr "%s; GID Ā«%luĀ» finnes fra fĆør.\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Kan ikke sette opp oppryddingstjeneste.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset tilbakestill tellere for mislykte " +"innlogginger\n" + # , c-format #, c-format msgid "%s: cannot remove entry '%s' from %s\n" @@ -1377,6 +1387,24 @@ msgstr "" " -b, --before DAGER skriv ut bare lastlog-poster eldre enn " "DAGER\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all vis faillog -oppfĆøringer for alle brukere\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all vis faillog -oppfĆøringer for alle brukere\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1397,6 +1425,24 @@ msgstr "Brukernavn Port Sist" msgid "**Never logged in**" msgstr "**Aldri vƦrt innlogget**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Klarte ikke hente innslag for UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: kan ikke oppdatere passordfila\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Bruk: %s [-p] [navn]\n" @@ -1430,6 +1476,13 @@ msgstr "" "\n" "[Frakobling omgĆ„tt - root-innlogging tillatt.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "%s: Kan umulig virke uten effektiv root\n" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "Ingen oppfĆøring i utmp. Du mĆ„ kjĆøre Ā«loginĀ» fra Ā«shĀ» pĆ„ laveste nivĆ„" + #, c-format msgid "" "\n" @@ -1438,13 +1491,6 @@ msgstr "" "\n" "Innlogging avbrutt pĆ„ tid etter %u sekunder.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "%s: Kan umulig virke uten effektiv root\n" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "Ingen oppfĆøring i utmp. Du mĆ„ kjĆøre Ā«loginĀ» fra Ā«shĀ» pĆ„ laveste nivĆ„" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM mislyktes, avbryter: %s\n" @@ -1889,12 +1935,6 @@ msgstr "Passordautentisering forbi-koblet.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Oppgi ditt EGET passord som autentisering.\n" -msgid " ...killed.\n" -msgstr " ā€¦ drept.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ... venter pĆ„ at barneprosess avslutter.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: Kan ikke spalte ut brukerskall\n" @@ -1910,6 +1950,12 @@ msgstr "%s: funksjonsfeil ved signalmasking\n" msgid "Session terminated, terminating shell..." msgstr "Ƙkt avsluttet, avslutter skall ..." +msgid " ...killed.\n" +msgstr " ā€¦ drept.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ... venter pĆ„ at barneprosess avslutter.\n" + msgid " ...terminated.\n" msgstr " ā€¦ avsluttet.\n" @@ -2499,30 +2545,6 @@ msgstr "%s: UID Ā«%luĀ» finnes fra fĆør\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s har ikke rett til Ć„ endre passord for %s\n" -# , c-format -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: klarte ikke lage det nye %s-innslaget Ā«%sĀ»\n" - -# , c-format -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: klarte ikke lage det nye %s-innslaget Ā«%sĀ»\n" - -# , c-format -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: klarte ikke lage det nye %s-innslaget Ā«%sĀ»\n" - -# , c-format -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: klarte ikke lage det nye %s-innslaget Ā«%sĀ»\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: mappa %s finnes\n" @@ -2570,6 +2592,30 @@ msgstr "klarte ikke Ć„ endre eier av mailbox" msgid "failed to rename mailbox" msgstr "klarte ikke Ć„ endre navn pĆ„ mailbox" +# , c-format +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: klarte ikke lage det nye %s-innslaget Ā«%sĀ»\n" + +# , c-format +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: klarte ikke lage det nye %s-innslaget Ā«%sĀ»\n" + +# , c-format +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: klarte ikke lage det nye %s-innslaget Ā«%sĀ»\n" + +# , c-format +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: klarte ikke lage det nye %s-innslaget Ā«%sĀ»\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3377,9 +3423,6 @@ msgstr "%s: klarte ikke Ć„ finne tcb-mappe for %s\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: kan ikke gjenskrive passordfila\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: kan ikke oppdatere passordfila\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: kan ikke oppdatere skyggepassordfila\n" diff --git a/po/ne.gmo b/po/ne.gmo deleted file mode 100644 index 05e4dde8..00000000 Binary files a/po/ne.gmo and /dev/null differ diff --git a/po/ne.po b/po/ne.po index bb0ea00a..e40129b8 100644 --- a/po/ne.po +++ b/po/ne.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.17\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2006-06-16 14:30+0545\n" "Last-Translator: Shiva Pokharel <pokharelshiva@hotmail.com>\n" "Language-Team: Nepali <info@mpp.org.np>\n" @@ -1086,6 +1086,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: ą¤¤ą¤Ŗą¤¾ą¤ˆą¤ą¤•ą„‹ ą¤Ŗą„ą¤°ą¤Æą„‹ą¤—ą¤•ą¤°ą„ą¤¤ą¤¾ ą¤Øą¤¾ą¤® ą¤Øą¤æą¤°ą„ą¤§ą¤¾ą¤°ą¤£ ą¤—ą¤°ą„ą¤Ø ą¤øą¤•ą¤æą¤ą¤Ø ą„¤\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1302,6 +1307,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1320,6 +1335,24 @@ msgstr "ą¤øą¤¬ą„ˆą¤­ą¤Øą„ą¤¦ą¤¾ ą¤Ŗą¤›ą¤æą¤²ą„ą¤²ą„‹ ą¤Ŗą„‹ą¤°ą„ msgid "**Never logged in**" msgstr "**Never logged in**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: ą¤”ą¤¾ą¤‡ą¤°ą„‡ą¤•ą¤Ÿą„ą¤°ą„€ ą¤øą¤æą¤°ą„ą¤œą¤Øą¤¾ ą¤—ą¤°ą„ą¤Ø ą¤øą¤•ą¤æą¤ą¤Ø %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: ą¤Ŗą¤¾ą¤øą¤µą¤°ą„ą¤” ą¤«ą¤¾ą¤‡ą¤² ą¤…ą¤¦ą„ą¤Æą¤¾ą¤µą¤§ą¤æą¤• ą¤—ą¤°ą„ą¤Ø ą¤øą¤•ą¤æą¤ą¤Ø\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "ą¤‰ą¤Ŗą¤Æą„‹ą¤—: %s [-p] [name]\n" @@ -1353,6 +1386,15 @@ msgstr "" "\n" "[ą¤¬ą¤¾ą¤‡ą¤Ŗą¤¾ą¤ø ą¤œą¤”ą¤¾ą¤Ø ą¤µą¤æą¤šą„ą¤›ą„‡ą¤¦ą¤Ø ą¤­ą¤Æą„‹ --ą¤®ą„‚ą¤² ą¤²ą¤—ą¤‡ą¤Øą¤²ą¤¾ą¤ˆ ą¤…ą¤Øą„ą¤®ą¤¤ą¤æ ą¤› ą„¤ ]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"utmp ą¤Ŗą„ą¤°ą¤µą¤æą¤·ą„ą¤Ÿą¤æ ą¤­ą¤ą¤Ø ą„¤ ą¤¤ą¤Ŗą¤¾ą¤ˆą¤ą¤²ą„‡ \"login\" ą¤—ą¤°ą„ą¤¦ą¤¾ ą¤œą„ą¤Æą¤¾ą¤¦ą„ˆ ą¤Øą„ą¤Æą„‚ą¤Ø ą¤¤ą¤¹ \"sh\" ą¤¬ą¤¾ą¤Ÿ ą¤•ą¤¾ą¤°ą„ą¤Æą¤Øą„ą¤µą¤Æą¤Ø " +"ą¤—ą¤°ą„ą¤Øą„ą¤Ŗą¤°ą„ą¤›" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1364,15 +1406,6 @@ msgstr "" "\n" "%d ą¤øą„‡ą¤•ą„‡ą¤£ą„ą¤” ą¤Ŗą¤›ą¤æ ą¤²ą¤—ą¤‡ą¤Ø ą¤øą¤®ą¤Æ ą¤øą¤®ą¤¾ą¤Ŗą„ą¤¤ ą¤­ą¤Æą„‹ ą„¤\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"utmp ą¤Ŗą„ą¤°ą¤µą¤æą¤·ą„ą¤Ÿą¤æ ą¤­ą¤ą¤Ø ą„¤ ą¤¤ą¤Ŗą¤¾ą¤ˆą¤ą¤²ą„‡ \"login\" ą¤—ą¤°ą„ą¤¦ą¤¾ ą¤œą„ą¤Æą¤¾ą¤¦ą„ˆ ą¤Øą„ą¤Æą„‚ą¤Ø ą¤¤ą¤¹ \"sh\" ą¤¬ą¤¾ą¤Ÿ ą¤•ą¤¾ą¤°ą„ą¤Æą¤Øą„ą¤µą¤Æą¤Ø " -"ą¤—ą¤°ą„ą¤Øą„ą¤Ŗą¤°ą„ą¤›" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "ą¤²ą¤—ą¤‡ą¤Ø: PAM ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹, ą¤Ŗą¤°ą¤æą¤¤ą„ą¤Æą¤¾ą¤— ą¤—ą¤°ą¤æą¤¦ą„ˆ: %s\n" @@ -1791,12 +1824,6 @@ msgstr "ą¤Ŗą¤¾ą¤øą¤µą¤°ą„ą¤” ą¤Ŗą„ą¤°ą¤®ą¤¾ą¤£ą„€ą¤•ą¤°ą¤£ ą¤¬ą¤¾ą¤‡ą¤Ŗą¤¾ą¤ø msgid "Please enter your OWN password as authentication.\n" msgstr " ą¤•ą„ƒą¤Ŗą¤Æą¤¾ ą¤Ŗą„ą¤°ą¤®ą¤¾ą¤£ą„€ą¤•ą¤°ą¤£ą¤•ą„‹ ą¤°ą„ą¤Ŗą¤®ą¤¾ ą¤¤ą¤Ŗą¤¾ą¤ˆą¤ą¤•ą„‹ ą¤†ą¤«ą„ą¤Øą„‹ ą¤Ŗą¤¾ą¤øą¤µą¤°ą„ą¤” ą¤Ŗą„ą¤°ą¤µą¤æą¤·ą„ą¤Ÿ ą¤—ą¤°ą„ą¤Øą„ą¤¹ą„‹ą¤øą„ ą„¤\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1813,6 +1840,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2352,26 +2385,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: ą¤µą¤æą¤¶ą„‡ą¤·ą¤§ą¤æą¤•ą¤¾ą¤°ą¤¹ą¤°ą„‚ ą¤›ą„‹ą¤”ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹ (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: ą¤µą¤æą¤¶ą„‡ą¤·ą¤§ą¤æą¤•ą¤¾ą¤°ą¤¹ą¤°ą„‚ ą¤›ą„‹ą¤”ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹ (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: ą¤µą¤æą¤¶ą„‡ą¤·ą¤§ą¤æą¤•ą¤¾ą¤°ą¤¹ą¤°ą„‚ ą¤›ą„‹ą¤”ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹ (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: ą¤µą¤æą¤¶ą„‡ą¤·ą¤§ą¤æą¤•ą¤¾ą¤°ą¤¹ą¤°ą„‚ ą¤›ą„‹ą¤”ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹ (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: ą¤”ą¤¾ą¤‡ą¤°ą„‡ą¤•ą„ą¤Ÿą„ą¤°ą„€ %s ą¤…ą¤µą¤øą„ą¤„ą¤æą¤¤ ą¤›\n" @@ -2413,6 +2426,26 @@ msgstr "ą¤®ą„‡ą¤²ą¤¬ą¤•ą„ą¤ø ą¤Ŗą„ą¤°ą¤¾ą¤Ŗą¤• ą¤Ŗą¤°ą¤æą¤µą¤°ą„ą¤¤ą¤Ø ą¤—ą¤° msgid "failed to rename mailbox" msgstr "ą¤®ą„‡ą¤² ą¤¬ą¤•ą„ą¤øą¤²ą¤¾ą¤ˆ ą¤Ŗą„ą¤Ø:ą¤Øą¤¾ą¤®ą¤•ą¤°ą¤£ ą¤—ą¤°ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: ą¤µą¤æą¤¶ą„‡ą¤·ą¤§ą¤æą¤•ą¤¾ą¤°ą¤¹ą¤°ą„‚ ą¤›ą„‹ą¤”ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹ (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: ą¤µą¤æą¤¶ą„‡ą¤·ą¤§ą¤æą¤•ą¤¾ą¤°ą¤¹ą¤°ą„‚ ą¤›ą„‹ą¤”ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹ (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: ą¤µą¤æą¤¶ą„‡ą¤·ą¤§ą¤æą¤•ą¤¾ą¤°ą¤¹ą¤°ą„‚ ą¤›ą„‹ą¤”ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹ (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: ą¤µą¤æą¤¶ą„‡ą¤·ą¤§ą¤æą¤•ą¤¾ą¤°ą¤¹ą¤°ą„‚ ą¤›ą„‹ą¤”ą„ą¤Ø ą¤…ą¤øą¤«ą¤² ą¤­ą¤Æą„‹ (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3062,9 +3095,6 @@ msgstr "%s: ą¤…ą¤µą„ˆą¤§ ą¤”ą¤¾ą¤‡ą¤°ą„‡ą¤•ą„ą¤Ÿą„ą¤°ą„€ '%s'\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: ą¤Ŗą¤¾ą¤øą¤µą¤°ą„ą¤” ą¤«ą¤¾ą¤‡ą¤² ą¤Ŗą„ą¤Ø:ą¤²ą„‡ą¤–ą¤Ø ą¤—ą¤°ą„ą¤Ø ą¤øą¤•ą¤æą¤ą¤Ø\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: ą¤Ŗą¤¾ą¤øą¤µą¤°ą„ą¤” ą¤«ą¤¾ą¤‡ą¤² ą¤…ą¤¦ą„ą¤Æą¤¾ą¤µą¤§ą¤æą¤• ą¤—ą¤°ą„ą¤Ø ą¤øą¤•ą¤æą¤ą¤Ø\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: ą¤øą„ą¤Æą¤¾ą¤”ą„‹ ą¤Ŗą¤¾ą¤øą¤µą¤°ą„ą¤” ą¤«ą¤¾ą¤‡ą¤² ą¤…ą¤¦ą„ą¤Æą¤¾ą¤µą¤§ą¤æą¤• ą¤—ą¤°ą„ą¤Ø ą¤øą¤•ą¤æą¤ą¤Ø\n" diff --git a/po/nl.gmo b/po/nl.gmo deleted file mode 100644 index c55e671b..00000000 Binary files a/po/nl.gmo and /dev/null differ diff --git a/po/nl.po b/po/nl.po index 46d423fb..d55717f1 100644 --- a/po/nl.po +++ b/po/nl.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2007-11-25 21:11+0100\n" "Last-Translator: Bart Cornelis <cobaco@skolelinux.no>\n" "Language-Team: debian-l10n-dutch <debian-l10n-dutch@lists.debian.org>\n" @@ -1086,6 +1086,11 @@ msgstr "Lid bestaat reeds\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Kan uw gebruikersnaam niet bepalen.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1302,6 +1307,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1320,6 +1335,24 @@ msgstr "Gebruikersnaam Poort Laatste" msgid "**Never logged in**" msgstr "**Heeft zich nog nooit aangemeld**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: kan map %s niet aanmaken\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: kan wachtwoordbestand niet bijwerken\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Gebruik: %s [-p] [naam]\n" @@ -1353,6 +1386,15 @@ msgstr "" "\n" "[Verbinding verbreken omzeild -- aanmelden van root is toegelaten.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Er is geen utmp-ingang. U dient 'login' uit te voeren vanaf de laagste " +"niveau 'sh'" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1364,15 +1406,6 @@ msgstr "" "\n" "Aanmelding is na %d seconden verlopen.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Er is geen utmp-ingang. U dient 'login' uit te voeren vanaf de laagste " -"niveau 'sh'" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM-fout, er wordt afgebroken: %s\n" @@ -1794,12 +1827,6 @@ msgstr "Wachtwoordauthentificatie is omzeild.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Gelieve uw EIGEN wachtwoord in te voeren voor authentificatie.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1816,6 +1843,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2362,26 +2395,6 @@ msgstr "Lid bestaat reeds\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: afgeven van rechten is mislukt (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: afgeven van rechten is mislukt (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: afgeven van rechten is mislukt (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: afgeven van rechten is mislukt (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: map %s bestaat al\n" @@ -2424,6 +2437,26 @@ msgstr "aanpassen van de eigenaar van de e-mailbox is mislukt" msgid "failed to rename mailbox" msgstr "hernoemen van de e-mailbox is mislukt" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: afgeven van rechten is mislukt (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: afgeven van rechten is mislukt (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: afgeven van rechten is mislukt (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: afgeven van rechten is mislukt (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3174,9 +3207,6 @@ msgstr "%s: ongeldige basismap '%s'\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: kan het wachtwoordbestand niet herschrijven\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: kan wachtwoordbestand niet bijwerken\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: kan schaduwwachtwoordbestand niet bijwerken\n" diff --git a/po/nn.gmo b/po/nn.gmo deleted file mode 100644 index 58ec8eb5..00000000 Binary files a/po/nn.gmo and /dev/null differ diff --git a/po/nn.po b/po/nn.po index 8dea4235..59890ceb 100644 --- a/po/nn.po +++ b/po/nn.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2004-06-03 21:41+0200\n" "Last-Translator: HĆ„vard Korsvoll <korsvoll@skulelinux.no>\n" "Language-Team: Norwegian (Nynorsk) <i18n-nn@lister.ping.uio.no>\n" @@ -1076,6 +1076,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1289,6 +1294,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1307,6 +1322,24 @@ msgstr "Brukarnamn Port Siste" msgid "**Never logged in**" msgstr "**Aldri vore innlogga**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: kan ikkje oppretta mappa %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: klarer ikkje oppdatere passordfil\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Bruk: %s [-p] [namn]\n" @@ -1340,6 +1373,13 @@ msgstr "" "\n" "[FrĆ„kopling omgĆ„tt -- innlogging av root er tillete.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1351,13 +1391,6 @@ msgstr "" "\n" "Innlogging gjekk ut pĆ„ tid etter %d sekund.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "" @@ -1776,12 +1809,6 @@ msgstr "Passordautentisering er forbigĆ„tt.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Oppgje ditt EIGE passord for autentisering.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1798,6 +1825,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2317,23 +2350,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: ugyldig telefonnummer, arbeid: Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: fields too long\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: felta er for lange\n" - -#, fuzzy, c-format -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: ugyldig telefonnummer, arbeid: Ā«%sĀ»\n" - -#, fuzzy, c-format -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: ugyldig startmappe Ā«%sĀ»\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: mappa %s finst\n" @@ -2375,6 +2391,23 @@ msgstr "klarte ikke Ć„ endra eigar av mailbox" msgid "failed to rename mailbox" msgstr "klarte ikkje endra namn pĆ„ mailbox" +#, fuzzy, c-format +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: ugyldig telefonnummer, arbeid: Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: fields too long\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: felta er for lange\n" + +#, fuzzy, c-format +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: ugyldig telefonnummer, arbeid: Ā«%sĀ»\n" + +#, fuzzy, c-format +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: ugyldig startmappe Ā«%sĀ»\n" + #, c-format msgid "" "You have modified %s.\n" @@ -2598,9 +2631,6 @@ msgstr "%s: ugyldig startmappe Ā«%sĀ»\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: klarer ikkje skriva ny passordfil\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: klarer ikkje oppdatere passordfil\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: klarer ikkje oppdatere skuggepassordfil\n" diff --git a/po/pl.gmo b/po/pl.gmo deleted file mode 100644 index c90cb8a1..00000000 Binary files a/po/pl.gmo and /dev/null differ diff --git a/po/pl.po b/po/pl.po index bc9248ac..60786613 100644 --- a/po/pl.po +++ b/po/pl.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2007-11-25 20:53+0100\n" "Last-Translator: Tomasz Kłoczko <kloczek@pld.org.pl>\n" "Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n" @@ -1091,6 +1091,11 @@ msgstr "Członek grupy już istnieje\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Nie można ustalić twojej nazwy użytkownika.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1309,6 +1314,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1327,6 +1342,24 @@ msgstr "Użytkownik Port Ostatnio" msgid "**Never logged in**" msgstr "**Nigdy nie zalogowany**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: nie można utworzyć katalogu %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: nie można zaktualizować pliku z hasłami\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Użycie: %s [-p] [nazwa]\n" @@ -1360,6 +1393,14 @@ msgstr "" "\n" "[Rozłączenie pominięte -- zezwolenie na logowanie się roota.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Brak wpisu w utmp. Musisz wykonać \"login\" z najniższego poziomu \"sh\"" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1371,14 +1412,6 @@ msgstr "" "\n" "Limit czasu logowania przekroczony po %d sekundach.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Brak wpisu w utmp. Musisz wykonać \"login\" z najniższego poziomu \"sh\"" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM niepowodzenie, przerwane: %s\n" @@ -1796,12 +1829,6 @@ msgstr "Uwierzytelnianie na podstawie hasła pominięte.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Proszę wpisz swoje WŁASNE hasło jako hasło uwierzytelniające.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1818,6 +1845,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2360,26 +2393,6 @@ msgstr "Członek grupy już istnieje\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: katalog %s istnieje\n" @@ -2422,6 +2435,26 @@ msgstr "zmiana właściciela skrzynki pocztowej nie powiodła się" msgid "failed to rename mailbox" msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3173,9 +3206,6 @@ msgstr "%s: nieprawidłowy katalog bazowy '%s'\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: nie można przepisać pliku z hasłami\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: nie można zaktualizować pliku z hasłami\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: nie można zaktualizować pliku z ukrytymi hasłami\n" diff --git a/po/pt.gmo b/po/pt.gmo deleted file mode 100644 index bd4a9183..00000000 Binary files a/po/pt.gmo and /dev/null differ diff --git a/po/pt.po b/po/pt.po index c286ef21..0bd1e315 100644 --- a/po/pt.po +++ b/po/pt.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-01-14 12:41+0000\n" "Last-Translator: Miguel Figueiredo <elmig@debianpt.org>\n" "Language-Team: Portuguese <traduz@debianpt.org>\n" @@ -1114,6 +1114,14 @@ msgstr "%s: o GID '%lu' jĆ” existe\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: NĆ£o Ć© possĆ­vel configurar o serviƧo cleanup.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr " -r, --reset apagar o contador de logins falhados\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: nĆ£o Ć© possĆ­vel remover a entrada '%s' de %s\n" @@ -1345,6 +1353,26 @@ msgstr "" " -b, --before DIAS escrever apenas registos de lastlog mais\n" " antigos que DIAS\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all mostrar registos do faillog para todos os " +"utilizadores\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all mostrar registos do faillog para todos os " +"utilizadores\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1367,6 +1395,24 @@ msgstr "Utilizador Porto ƚltimo" msgid "**Never logged in**" msgstr "**Nunca entrou no sistema**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Falhou obter a entrada para UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: falhou apagar o registo lastlog para o UID %lu: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "UtilizaĆ§Ć£o: %s [-p] [nome]\n" @@ -1400,14 +1446,6 @@ msgstr "" "\n" "[Encerramento ultrapassado -- login de root permitido.]" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"Tempo de login caducou apĆ³s %u segundos.\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "%s: NĆ£o Ć© possĆ­vel trabalhar sem root\n" @@ -1417,6 +1455,14 @@ msgstr "" "Sem entrada utmp. Tem de executar \"login\" a partir do \"sh\" de nĆ­vel " "mais baixo" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"Tempo de login caducou apĆ³s %u segundos.\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: Falha de PAM, a abortar: %s\n" @@ -1853,12 +1899,6 @@ msgstr "AutenticaĆ§Ć£o por palavra-passe foi contornada.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Por favor introduza a SUA palavra-passe como autenticaĆ§Ć£o.\n" -msgid " ...killed.\n" -msgstr " ...morto.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...Ć” espera que o processo-filho termine.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: NĆ£o Ć© possĆ­vel fazer fork Ć  shell de utilizador.\n" @@ -1874,6 +1914,12 @@ msgstr "%s: mau funcionamento de mĆ”scara de sinal\n" msgid "Session terminated, terminating shell..." msgstr "SessĆ£o terminada, a terminar shell..." +msgid " ...killed.\n" +msgstr " ...morto.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ...Ć” espera que o processo-filho termine.\n" + msgid " ...terminated.\n" msgstr " ...terminado.\n" @@ -2463,26 +2509,6 @@ msgstr "%s: O UID '%lu' jĆ” existe\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s nĆ£o estĆ” autorizado a alterar a palavra-passe de %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: falhou a preparaĆ§Ć£o para a nova %s entrada '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: falhou a preparaĆ§Ć£o para a nova %s entrada '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: falhou a preparaĆ§Ć£o para a nova %s entrada '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: falhou a preparaĆ§Ć£o para a nova %s entrada '%s'\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: o directĆ³rio %s existe\n" @@ -2530,6 +2556,26 @@ msgstr "a alteraĆ§Ć£o do dono da caixa de correio falhou" msgid "failed to rename mailbox" msgstr "falha ao renomear a caixa do correio" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: falhou a preparaĆ§Ć£o para a nova %s entrada '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: falhou a preparaĆ§Ć£o para a nova %s entrada '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: falhou a preparaĆ§Ć£o para a nova %s entrada '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: falhou a preparaĆ§Ć£o para a nova %s entrada '%s'\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/pt_BR.gmo b/po/pt_BR.gmo deleted file mode 100644 index bd075614..00000000 Binary files a/po/pt_BR.gmo and /dev/null differ diff --git a/po/pt_BR.po b/po/pt_BR.po index 2a77339e..6305f561 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.15\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2011-11-25 20:20+0100\n" "Last-Translator: Fred Ulisses MaranhĆ£o <fred.maranhao@gmail.com>\n" "Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n" @@ -1105,6 +1105,15 @@ msgstr "%s: GID '%lu' jĆ” existe\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s : NĆ£o foi possĆ­vel determinar seu nome de usuĆ”rio.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset zera os contadores de falhas de login\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: nĆ£o Ć© possĆ­vel remover entrada '%s' de %s\n" @@ -1330,6 +1339,26 @@ msgstr "" " -b, --before DIAS imprime somente registros lastlog mais\n" " antigos que DIAS\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all mostrar registros de faillog de todos os " +"usuĆ”rios\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all mostrar registros de faillog de todos os " +"usuĆ”rios\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1352,6 +1381,24 @@ msgstr "Nome de UsuĆ”rio Porta ƚltimo" msgid "**Never logged in**" msgstr "**Nunca logou**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Falha ao obter a entrada para o UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s : nĆ£o foi possĆ­vel atualizar arquivo de senhas\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Uso : %s [-p] [nome]\n" @@ -1385,14 +1432,6 @@ msgstr "" "\n" "[DesconexĆ£o contornada -- login de root permitido.]" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"Login expirou apĆ³s %u segundos.\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "%s: talvez nĆ£o seja possĆ­vel trabalhar sem o root efetivamente\n" @@ -1402,6 +1441,14 @@ msgstr "" "Nenhuma entrada utmp. Voce deve executar \"login\" do \"sh\" de nĆ­vel mais " "baixo" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"Login expirou apĆ³s %u segundos.\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: Falha do PAM, abortando: %s\n" @@ -1833,12 +1880,6 @@ msgstr "AutenticaĆ§Ć£o por senha contornada.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Por favor, informe sua PRƓPRIA senha como autenticaĆ§Ć£o.\n" -msgid " ...killed.\n" -msgstr " ...morto.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...esperando o filho terminar.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: NĆ£o posso ramificar shell de usuĆ”rio\n" @@ -1854,6 +1895,12 @@ msgstr "%s: al funcionamento da mĆ”scara do sinal\n" msgid "Session terminated, terminating shell..." msgstr "SessĆ£o terminada, encerrando o shell..." +msgid " ...killed.\n" +msgstr " ...morto.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ...esperando o filho terminar.\n" + msgid " ...terminated.\n" msgstr " ...encerrado.\n" @@ -2452,26 +2499,6 @@ msgstr "%s: UID '%lu' jĆ” existe\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s nĆ£o estĆ” autorizado a trocar a senha de %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: falha ao preparar a nova entrada %s '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: falha ao preparar a nova entrada %s '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: falha ao preparar a nova entrada %s '%s'\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: falha ao preparar a nova entrada %s '%s'\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s : diretĆ³rio %s existe\n" @@ -2515,6 +2542,26 @@ msgstr "falha au mudar o dono da caixa-postal" msgid "failed to rename mailbox" msgstr "falha ao renomear caixa-postal" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: falha ao preparar a nova entrada %s '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: falha ao preparar a nova entrada %s '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: falha ao preparar a nova entrada %s '%s'\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: falha ao preparar a nova entrada %s '%s'\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3211,9 +3258,6 @@ msgstr "%s: falha ao procurar o diretĆ³rio tcb para %s\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s : nĆ£o foi possĆ­vel reescrever arquivo de senhas\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s : nĆ£o foi possĆ­vel atualizar arquivo de senhas\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s : nĆ£o foi possĆ­vel atualizar arquivos de senhas shadow\n" diff --git a/po/quot.sed b/po/quot.sed deleted file mode 100644 index 0122c463..00000000 --- a/po/quot.sed +++ /dev/null @@ -1,6 +0,0 @@ -s/"\([^"]*\)"/ā€œ\1ā€/g -s/`\([^`']*\)'/ā€˜\1ā€™/g -s/ '\([^`']*\)' / ā€˜\1ā€™ /g -s/ '\([^`']*\)'$/ ā€˜\1ā€™/g -s/^'\([^`']*\)' /ā€˜\1ā€™ /g -s/ā€œā€/""/g diff --git a/po/remove-potcdate.sin b/po/remove-potcdate.sin deleted file mode 100644 index 2436c49e..00000000 --- a/po/remove-potcdate.sin +++ /dev/null @@ -1,19 +0,0 @@ -# Sed script that remove the POT-Creation-Date line in the header entry -# from a POT file. -# -# The distinction between the first and the following occurrences of the -# pattern is achieved by looking at the hold space. -/^"POT-Creation-Date: .*"$/{ -x -# Test if the hold space is empty. -s/P/P/ -ta -# Yes it was empty. First occurrence. Remove the line. -g -d -bb -:a -# The hold space was nonempty. Following occurrences. Do nothing. -x -:b -} diff --git a/po/ro.gmo b/po/ro.gmo deleted file mode 100644 index 2ec6a99c..00000000 Binary files a/po/ro.gmo and /dev/null differ diff --git a/po/ro.po b/po/ro.po index 52131688..9baeff78 100644 --- a/po/ro.po +++ b/po/ro.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.17\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2007-11-26 18:18+0100\n" "Last-Translator: Sorin Batariuc <sorin@bonbon.net>\n" "Language-Team: Romanian <debian-l10n-romanian@lists.debian.org>\n" @@ -1086,6 +1086,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Nu vă pot determina numele de utilizator.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1302,6 +1307,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1320,6 +1335,24 @@ msgstr "Nume utilizator Port Cel mai recent" msgid "**Never logged in**" msgstr "**Niciodată autentificat**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: nu pot crea directorul %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: nu pot actualiza fişierul passwd\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Utilizare: %s [-p] [nume]\n" @@ -1353,6 +1386,15 @@ msgstr "" "\n" "[Deconectare ocolită -- autentificare permisă pentru root.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Nici o intrare utmp. Trebuie să executaÅ£i \"login\" de la nivelul cel mai de " +"jos \"sh\"" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1364,15 +1406,6 @@ msgstr "" "\n" "Timp expirat pentru autentificare după %d secunde.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Nici o intrare utmp. Trebuie să executaÅ£i \"login\" de la nivelul cel mai de " -"jos \"sh\"" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "autentificare: eşuare PAM, abandonareĀ : %s\n" @@ -1791,12 +1824,6 @@ msgstr "Autentificare cu parolă ocolită.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Vă rog introduceÅ£i PROPRIA parolă pentru autentificare.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1813,6 +1840,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2358,26 +2391,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%sĀ : eşuare Ć®n abandonarea privilegiilor (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%sĀ : eşuare Ć®n abandonarea privilegiilor (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%sĀ : eşuare Ć®n abandonarea privilegiilor (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%sĀ : eşuare Ć®n abandonarea privilegiilor (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: directorul %s există\n" @@ -2420,6 +2433,26 @@ msgstr "eşuare Ć®n schimbarea proprietarului căsuÅ£ei poştale" msgid "failed to rename mailbox" msgstr "eşuare Ć®n redenumirea căsuÅ£ei poştale" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%sĀ : eşuare Ć®n abandonarea privilegiilor (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%sĀ : eşuare Ć®n abandonarea privilegiilor (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%sĀ : eşuare Ć®n abandonarea privilegiilor (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%sĀ : eşuare Ć®n abandonarea privilegiilor (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3138,9 +3171,6 @@ msgstr "%s: director de bază nevalid '%s'\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: nu pot rescrie fişierul passwd\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: nu pot actualiza fişierul passwd\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: nu pot actualiza fişierul shadow\n" diff --git a/po/ru.gmo b/po/ru.gmo deleted file mode 100644 index ed422c58..00000000 Binary files a/po/ru.gmo and /dev/null differ diff --git a/po/ru.po b/po/ru.po index deb221dc..664e7fd9 100644 --- a/po/ru.po +++ b/po/ru.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.1.5.1-1\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2013-07-29 10:42+0400\n" "Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n" "Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n" @@ -1124,6 +1124,15 @@ msgstr "%s: GID Ā«%luĀ» уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ Š½Š°ŃŃ‚Ń€Š¾Šøть сŠ»ŃƒŠ¶Š±Ńƒ Š¾Ń‡ŠøстŠŗŠø.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset сŠ±Ń€Š¾ŃŠøть счётчŠøŠŗ Š½ŠµŃƒŠ“Š°Ń‡Š½Ń‹Ń… ŠæŠ¾ŠæытŠ¾Šŗ Š²Ń…Š¾Š“Š°\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ уŠ“Š°Š»Šøть Š·Š°ŠæŠøсь Ā«%sĀ» ŠøŠ· %s\n" @@ -1348,6 +1357,26 @@ msgstr "" " -b, --before Š”ŠŠ•Š™ ŠæŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø lastlog Š·Š° ŠæŠ¾ŃŠ»ŠµŠ“Š½ŠøŠµ Š”ŠŠ•Š™ " "Š“Š½ŠµŠ¹\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all ŠæŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø faillog Š“Š»Ń Š²ŃŠµŃ… " +"ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all ŠæŠ¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š·Š°ŠæŠøсŠø faillog Š“Š»Ń Š²ŃŠµŃ… " +"ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŠµŠ¹\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1370,6 +1399,24 @@ msgstr "ŠŸŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒ ŠŸŠ¾Ń€Ń‚ ŠŸŠ¾ŃŠ»ŠµŠ“Š½ŠøŠ¹ рŠ° msgid "**Never logged in**" msgstr "**ŠŠøŠŗŠ¾Š³Š“Š° Š½Šµ Š²Ń…Š¾Š“ŠøŠ» Š² сŠøстŠµŠ¼Ńƒ**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š»ŃƒŃ‡Šøть Š·Š°ŠæŠøсь Š“Š»Ń UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ сŠ±Ń€Š¾ŃŠøть Š·Š°ŠæŠøсь Š² lastlog Š“Š»Ń UID %lu: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Š˜ŃŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Š½ŠøŠµ: %s [-p] [ŠøŠ¼Ń ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń]\n" @@ -1403,14 +1450,6 @@ msgstr "" "\n" "[ŠžŃ‚ŠŗŠ»ŃŽŃ‡ŠµŠ½ŠøŠµ Š½Šµ Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Š¾ ā€” Š²Ń…Š¾Š“ Š² сŠøстŠµŠ¼Ńƒ Š“Š»Ń суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń рŠ°Š·Ń€ŠµŃˆŃ‘Š½.]" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" -"\n" -"Š’Ń€ŠµŠ¼Ń Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Šøя Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ ŠøстŠµŠŗŠ»Š¾ (%u сŠµŠŗуŠ½Š“).\n" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "%s: Š½ŠµŠ²Š¾Š·Š¼Š¾Š¶Š½Š¾ Š²Ń‹ŠæŠ¾Š»Š½Šøть Š±ŠµŠ· ŠæрŠ°Š² суŠæŠµŃ€ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»Ń\n" @@ -1419,6 +1458,14 @@ msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" msgstr "" "ŠŠµŃ‚ Š·Š°ŠæŠøсŠø Š² utmp. Š’Ń‹ Š“Š¾Š»Š¶Š½Ń‹ Š·Š°ŠæусŠŗŠ°Ń‚ŃŒ Ā«loginĀ» ŠøŠ· сŠ°Š¼Š¾Š³Š¾ ŠæŠµŃ€Š²Š¾Š³Š¾ урŠ¾Š²Š½Ń Ā«shĀ»" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" +"\n" +"Š’Ń€ŠµŠ¼Ń Š²Ń‹ŠæŠ¾Š»Š½ŠµŠ½Šøя Š²Ń…Š¾Š“Š° Š² сŠøстŠµŠ¼Ńƒ ŠøстŠµŠŗŠ»Š¾ (%u сŠµŠŗуŠ½Š“).\n" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: Š¾ŃˆŠøŠ±ŠŗŠ° PAM, Š°Š²Š°Ń€ŠøŠ¹Š½Š¾Šµ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½ŠøŠµ рŠ°Š±Š¾Ń‚Ń‹: %s\n" @@ -1851,12 +1898,6 @@ msgstr "ŠŸŃ€Š¾Š²ŠµŃ€ŠŗŠ° ŠæŠ¾Š“Š»ŠøŠ½Š½Š¾ŃŃ‚Šø ŠæŠ¾ ŠæŠ°Ń€Š¾Š»ŃŽ ŠæрŠ¾ŠæущŠµ msgid "Please enter your OWN password as authentication.\n" msgstr "Š’Š²ŠµŠ“ŠøтŠµ Š²Š°Ńˆ Š”ŠžŠ‘Š”Š¢Š’Š•ŠŠŠ«Š™ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š»Ń Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфŠøŠŗŠ°Ń†ŠøŠø.\n" -msgid " ...killed.\n" -msgstr " ā€¦ Š·Š°Š²ŠµŃ€ŃˆŃ‘Š½.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ā€¦ Š¾Š¶ŠøŠ“Š°ŠµŃ‚ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½Šøя ŠæŠ¾Ń‚Š¾Š¼ŠŗŠ°.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: Š½ŠµŠ²Š¾Š·Š¼Š¾Š¶Š½Š¾ Š²Ń‹ŠæŠ¾Š»Š½Šøть fork ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š¹ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠø\n" @@ -1872,6 +1913,12 @@ msgstr "%s: Š½ŠµŠøсŠæрŠ°Š²Š½Š¾ŃŃ‚ŃŒ Š² Š¼Š°ŃŠŗŠøрŠ¾Š²ŠŗŠµ сŠøŠ³Š½Š°Š»Š¾Š²\ msgid "Session terminated, terminating shell..." msgstr "Š”ŠµŠ°Š½Ń Š·Š°Š²ŠµŃ€ŃˆŃ‘Š½, Š²Ń‹ŠæŠ¾Š»Š½ŃŠµŃ‚ся Š·Š°Š²ŠµŃ€ŃˆŠµŠ½ŠøŠµ Š¾Š±Š¾Š»Š¾Ń‡ŠŗŠøā€¦" +msgid " ...killed.\n" +msgstr " ā€¦ Š·Š°Š²ŠµŃ€ŃˆŃ‘Š½.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ā€¦ Š¾Š¶ŠøŠ“Š°ŠµŃ‚ Š·Š°Š²ŠµŃ€ŃˆŠµŠ½Šøя ŠæŠ¾Ń‚Š¾Š¼ŠŗŠ°.\n" + msgid " ...terminated.\n" msgstr " ā€¦ Š·Š°Š²ŠµŃ€ŃˆŃ‘Š½.\n" @@ -2468,26 +2515,6 @@ msgstr "%s: UID Ā«%luĀ» уŠ¶Šµ сущŠµŃŃ‚Š²ŃƒŠµŃ‚\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: у %s Š½ŠµŃ‚ ŠæрŠ°Š² ŠøŠ·Š¼ŠµŠ½ŃŃ‚ŃŒ ŠæŠ°Ń€Š¾Š»ŃŒ %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š“Š³Š¾Ń‚Š¾Š²Šøть Š½Š¾Š²ŃƒŃŽ %s Š·Š°ŠæŠøсь Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š“Š³Š¾Ń‚Š¾Š²Šøть Š½Š¾Š²ŃƒŃŽ %s Š·Š°ŠæŠøсь Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š“Š³Š¾Ń‚Š¾Š²Šøть Š½Š¾Š²ŃƒŃŽ %s Š·Š°ŠæŠøсь Ā«%sĀ»\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š“Š³Š¾Ń‚Š¾Š²Šøть Š½Š¾Š²ŃƒŃŽ %s Š·Š°ŠæŠøсь Ā«%sĀ»\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: ŠŗŠ°Ń‚Š°Š»Š¾Š³ %s сущŠµŃŃ‚Š²ŃƒŠµŃ‚\n" @@ -2535,6 +2562,26 @@ msgstr "Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ сŠ¼ŠµŠ½Šøть Š²Š»Š°Š“ŠµŠ»ŃŒŃ†Š° ŠæŠ¾Ń‡Ń‚Š¾Š²Š¾Š³Š¾ msgid "failed to rename mailbox" msgstr "Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠµŃ€ŠµŠøŠ¼ŠµŠ½Š¾Š²Š°Ń‚ŃŒ ŠæŠ¾Ń‡Ń‚Š¾Š²Ń‹Š¹ ящŠøŠŗ" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š“Š³Š¾Ń‚Š¾Š²Šøть Š½Š¾Š²ŃƒŃŽ %s Š·Š°ŠæŠøсь Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š“Š³Š¾Ń‚Š¾Š²Šøть Š½Š¾Š²ŃƒŃŽ %s Š·Š°ŠæŠøсь Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š“Š³Š¾Ń‚Š¾Š²Šøть Š½Š¾Š²ŃƒŃŽ %s Š·Š°ŠæŠøсь Ā«%sĀ»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: Š½Šµ уŠ“Š°Š»Š¾ŃŃŒ ŠæŠ¾Š“Š³Š¾Ń‚Š¾Š²Šøть Š½Š¾Š²ŃƒŃŽ %s Š·Š°ŠæŠøсь Ā«%sĀ»\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/shadow.pot b/po/shadow.pot index 73a0366c..5fa6d341 100644 --- a/po/shadow.pot +++ b/po/shadow.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -1015,6 +1015,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "" @@ -1220,6 +1225,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1238,6 +1253,22 @@ msgstr "" msgid "**Never logged in**" msgstr "" +#, c-format +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "" + +#, c-format +msgid "%s: Failed to update the lastlog file\n" +msgstr "" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "" @@ -1267,12 +1298,6 @@ msgid "" "[Disconnect bypassed -- root login allowed.]" msgstr "" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "" @@ -1280,6 +1305,12 @@ msgstr "" msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" msgstr "" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "" @@ -1662,12 +1693,6 @@ msgstr "" msgid "Please enter your OWN password as authentication.\n" msgstr "" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "" @@ -1683,6 +1708,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2175,22 +2206,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, c-format -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "" - -#, c-format -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "" - -#, c-format -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "" - -#, c-format -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "" - #, c-format msgid "%s: directory %s exists\n" msgstr "" @@ -2231,6 +2246,22 @@ msgstr "" msgid "failed to rename mailbox" msgstr "" +#, c-format +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "" + +#, c-format +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "" + +#, c-format +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "" + +#, c-format +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/sk.gmo b/po/sk.gmo deleted file mode 100644 index be8336c7..00000000 Binary files a/po/sk.gmo and /dev/null differ diff --git a/po/sk.po b/po/sk.po index db99330f..9828382b 100644 --- a/po/sk.po +++ b/po/sk.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.17\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2011-11-26 22:06+0100\n" "Last-Translator: Ivan MasĆ”r <helix84@centrum.sk>\n" "Language-Team: Slovak <sk-i18n@lists.linux.sk>\n" @@ -1115,6 +1115,15 @@ msgstr "%s: GID ā€ž%luā€œ už existuje\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: vaÅ”e pouÅ¾Ć­vateľskĆ© meno sa nedĆ” zistiÅ„.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset vynuluje počƭtadlĆ” chybnĆ½ch prihlĆ”senĆ­\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: nie je možnĆ© odstrĆ”niÅ„ položku ā€ž%sā€œ z %s\n" @@ -1333,6 +1342,26 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all zobrazĆ­ faillog zĆ”znamy vÅ”etkĆ½ch " +"pouÅ¾Ć­vateľov\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all zobrazĆ­ faillog zĆ”znamy vÅ”etkĆ½ch " +"pouÅ¾Ć­vateľov\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1351,6 +1380,24 @@ msgstr "PouÅ¾Ć­vateľ Port Naposledy" msgid "**Never logged in**" msgstr "**Nebol nikdy prihlĆ”senĆ½**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Nepodarilo sa zĆ­skaÅ„ položku s UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: sĆŗbor s heslami sa nedĆ” aktualizovaÅ„t\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Použitie: %s [-p] [meno]\n" @@ -1384,6 +1431,13 @@ msgstr "" "\n" "[Odpojenie vynechanĆ© -- pouÅ¾Ć­vateľ root sa mĆ“Å¾e prihlĆ”siÅ„.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "Žiaden utmp zĆ”znam. MusĆ­te spustiÅ„ ā€žloginā€œ z najnižŔej inÅ”tancie ā€žshā€œ" + #, c-format msgid "" "\n" @@ -1392,13 +1446,6 @@ msgstr "" "\n" "Uplynul časovĆ½ limit (%u sekĆŗnd) na prihlĆ”senie.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "Žiaden utmp zĆ”znam. MusĆ­te spustiÅ„ ā€žloginā€œ z najnižŔej inÅ”tancie ā€žshā€œ" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "prihlĆ”senie: Chyba PAM, ukončuje sa: %s\n" @@ -1824,12 +1871,6 @@ msgstr "Overenie hesla vynechanĆ©.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Pre overenie zadajte VAÅ E vlastnĆ© heslo.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1846,6 +1887,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2418,26 +2465,6 @@ msgstr "%s: UID ā€ž%luā€œ už existuje\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s nemĆ” oprĆ”vnenie zmeniÅ„ heslo %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: zlyhalo pripravenie novej položky %s ā€ž%sā€œ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: zlyhalo pripravenie novej položky %s ā€ž%sā€œ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: zlyhalo pripravenie novej položky %s ā€ž%sā€œ\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: zlyhalo pripravenie novej položky %s ā€ž%sā€œ\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: adresĆ”r %s už existuje\n" @@ -2484,6 +2511,26 @@ msgstr "chyba pri zmene vlastnĆ­ka schrĆ”nky" msgid "failed to rename mailbox" msgstr "chyba pri premenovanĆ­ schrĆ”nky" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: zlyhalo pripravenie novej položky %s ā€ž%sā€œ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: zlyhalo pripravenie novej položky %s ā€ž%sā€œ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: zlyhalo pripravenie novej položky %s ā€ž%sā€œ\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: zlyhalo pripravenie novej položky %s ā€ž%sā€œ\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3332,9 +3379,6 @@ msgstr "%s: chybnĆ½ zĆ”kladnĆ½ adresĆ”r ā€ž%sā€œ\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: sĆŗbor s heslami sa nedĆ” prepĆ­saÅ„\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: sĆŗbor s heslami sa nedĆ” aktualizovaÅ„t\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: sĆŗbor s tieňovĆ½mi heslami sa nedĆ” aktualizovaÅ„\n" diff --git a/po/sq.gmo b/po/sq.gmo deleted file mode 100644 index 4e415083..00000000 Binary files a/po/sq.gmo and /dev/null differ diff --git a/po/sq.po b/po/sq.po index f5b819ed..e71064ef 100644 --- a/po/sq.po +++ b/po/sq.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.3\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2004-11-20 03:28+0100\n" "Last-Translator: Elian Myftiu <pinguini AT fastwebnet DOT it>\n" "Language-Team: Albanian <gnome-albanian-perkthyesit@lists.sourceforge.net>\n" @@ -1018,6 +1018,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "Kujdes: grup i panjohur %s\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "" @@ -1224,6 +1229,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1242,6 +1257,22 @@ msgstr "" msgid "**Never logged in**" msgstr "" +#, fuzzy, c-format +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "Kujdes: grup i panjohur %s\n" + +#, fuzzy, c-format +msgid "%s: Failed to update the lastlog file\n" +msgstr "Kujdes: grup i panjohur %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "" @@ -1271,12 +1302,6 @@ msgid "" "[Disconnect bypassed -- root login allowed.]" msgstr "" -#, c-format -msgid "" -"\n" -"Login timed out after %u seconds.\n" -msgstr "" - #, c-format msgid "%s: Cannot possibly work without effective root\n" msgstr "" @@ -1284,6 +1309,12 @@ msgstr "" msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" msgstr "" +#, c-format +msgid "" +"\n" +"Login timed out after %u seconds.\n" +msgstr "" + #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "" @@ -1668,12 +1699,6 @@ msgstr "" msgid "Please enter your OWN password as authentication.\n" msgstr "" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format msgid "%s: Cannot fork user shell\n" msgstr "Kujdes: grup i panjohur %s\n" @@ -1689,6 +1714,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2182,22 +2213,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "Kujdes: grup i panjohur %s\n" - -#, c-format -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "" - -#, fuzzy, c-format -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "Kujdes: grup i panjohur %s\n" - -#, c-format -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "" - #, c-format msgid "%s: directory %s exists\n" msgstr "" @@ -2238,6 +2253,22 @@ msgstr "" msgid "failed to rename mailbox" msgstr "" +#, fuzzy, c-format +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "Kujdes: grup i panjohur %s\n" + +#, c-format +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "" + +#, fuzzy, c-format +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "Kujdes: grup i panjohur %s\n" + +#, c-format +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/stamp-po b/po/stamp-po deleted file mode 100644 index 9788f702..00000000 --- a/po/stamp-po +++ /dev/null @@ -1 +0,0 @@ -timestamp diff --git a/po/stats b/po/stats new file mode 100644 index 00000000..386d765f --- /dev/null +++ b/po/stats @@ -0,0 +1,20 @@ +#!/bin/sh +export LANG=C +echo "language translated fuzzy untranslated" +echo "-----------------------------------------" +for i in $(cat LINGUAS | xargs); do + echo -n " $i " + msgfmt -c --statistics -o /dev/null $i.po 2>&1 | + awk -v LNG="$1" '{ + gsub(/ untranslated/, ""); + gsub(/ translated/, ""); + gsub(/ messages/, ""); + gsub(/ message/, ""); + gsub(/ translations/, ""); + gsub(/ translation/, ""); + gsub(/ fuzzy/, ""); + gsub(/[.,]/, ""); + {printf "%8s %8s %8s\n", $1, $2, $3} + }' +done +echo "-----------------------------------------" diff --git a/po/sv.gmo b/po/sv.gmo deleted file mode 100644 index b9d1004f..00000000 Binary files a/po/sv.gmo and /dev/null differ diff --git a/po/sv.po b/po/sv.po index facdc1d3..4be82ba7 100644 --- a/po/sv.po +++ b/po/sv.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.1.1\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2011-11-25 22:08+0100\n" "Last-Translator: Daniel Nylander <yeager@ubuntu.com>\n" "Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n" @@ -1097,6 +1097,15 @@ msgstr "%s: GID \"%lu\" finns redan\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Kan inte faststƤlla ditt anvƤndarnamn.\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset nollstƤlld rƤknarna fƶr inloggningsfel\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%s: kan inte ta bort posten \"%s\" frĆ„n %s\n" @@ -1327,6 +1336,24 @@ msgstr "" "Ƥn\n" " DAGAR\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all visa faillog-poster fƶr alla anvƤndare\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all visa faillog-poster fƶr alla anvƤndare\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1350,6 +1377,24 @@ msgstr "AnvƤndarnamn Port Senast" msgid "**Never logged in**" msgstr "**Aldrig varit inloggad**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Misslyckades med att fĆ„ posten fƶr UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: Misslyckades med att fĆ„ posten fƶr UID %lu\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "AnvƤndning: %s [-p] [namn]\n" @@ -1383,6 +1428,13 @@ msgstr "" "\n" "[Nedkoppling kringgĆ„dd -- rootinloggning tillĆ„ten.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "%s: Kan inte fungera utan en anvƤndbar root\n" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "Ingen utmp post. Du mĆ„ste kƶra \"login\" frĆ„n den lƤgsta nivĆ„n \"sh\"" + #, c-format msgid "" "\n" @@ -1391,13 +1443,6 @@ msgstr "" "\n" "Inloggningen ƶversteg tidsgrƤnsen efter %u sekunder.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "%s: Kan inte fungera utan en anvƤndbar root\n" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "Ingen utmp post. Du mĆ„ste kƶra \"login\" frĆ„n den lƤgsta nivĆ„n \"sh\"" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM misslyckades, avbryter: %s\n" @@ -1829,12 +1874,6 @@ msgstr "Lƶsenordsautentisering kringgĆ„dd.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "VƤnligen ange ditt EGNA lƶsenord fƶr autentisering.\n" -msgid " ...killed.\n" -msgstr " ...dƶdad.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...vƤntar pĆ„ att barn ska termineras.\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%s: Kan inte grena anvƤndarskal\n" @@ -1850,6 +1889,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "Sessionen terminerad, terminerar skal..." +msgid " ...killed.\n" +msgstr " ...dƶdad.\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ...vƤntar pĆ„ att barn ska termineras.\n" + msgid " ...terminated.\n" msgstr " ...terminerad.\n" @@ -2435,26 +2480,6 @@ msgstr "%s: UID \"%lu\" finns redan\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s Ƥr inte behƶrig att Ƥndra lƶsenordet fƶr %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: misslyckades med att fƶrbereda den nya %s-posten \"%s\"\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: misslyckades med att fƶrbereda den nya %s-posten \"%s\"\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: misslyckades med att fƶrbereda den nya %s-posten \"%s\"\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: misslyckades med att fƶrbereda den nya %s-posten \"%s\"\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: katalogen %s finns redan\n" @@ -2502,6 +2527,26 @@ msgstr "misslyckades med att byta Ƥgare pĆ„ postlĆ„da" msgid "failed to rename mailbox" msgstr "misslyckades med att byta namn pĆ„ postlĆ„da" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: misslyckades med att fƶrbereda den nya %s-posten \"%s\"\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: misslyckades med att fƶrbereda den nya %s-posten \"%s\"\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: misslyckades med att fƶrbereda den nya %s-posten \"%s\"\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: misslyckades med att fƶrbereda den nya %s-posten \"%s\"\n" + #, c-format msgid "" "You have modified %s.\n" diff --git a/po/tl.gmo b/po/tl.gmo deleted file mode 100644 index 48512321..00000000 Binary files a/po/tl.gmo and /dev/null differ diff --git a/po/tl.po b/po/tl.po index 40ee8f94..ef0fe7d3 100644 --- a/po/tl.po +++ b/po/tl.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2007-11-26 21:34+0100\n" "Last-Translator: Eric Pareja <xenos@upm.edu.ph>\n" "Language-Team: Tagalog <debian-tl@banwa.upm.edu.ph>\n" @@ -1094,6 +1094,11 @@ msgstr "Mayroon nang kasapi na ganito\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Hindi makilala ang inyong pangalan.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1310,6 +1315,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1328,6 +1343,24 @@ msgstr "Pangalan Puerta Hulihan" msgid "**Never logged in**" msgstr "**Di pumasok kailanman**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: hindi malikha ang directory %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: hindi maapdeyt ang talaksang password\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Pag-gamit: %s [-p] [pangalan]\n" @@ -1361,6 +1394,15 @@ msgstr "" "\n" "[Nilaktawan ang pag-diskonek -- pinayagang makapasok ang root.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Walang nakapasok sa utmp. Kailangan niyong mag-exec \"login\" mula sa " +"pinakamababang antas ng \"sh\"" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1372,15 +1414,6 @@ msgstr "" "\n" "Lumipas ang taning ng pagpasok ng %d segundo.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Walang nakapasok sa utmp. Kailangan niyong mag-exec \"login\" mula sa " -"pinakamababang antas ng \"sh\"" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: kabiguan sa PAM, humihinto: %s\n" @@ -1799,12 +1832,6 @@ msgstr "Linampasan ang password authentication.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Ibigay ang inyong SARILING kontrasenyas bilang authentication.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1821,6 +1848,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2366,26 +2399,6 @@ msgstr "Mayroon nang kasapi na ganito\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: mayroon nang directory na %s\n" @@ -2428,6 +2441,26 @@ msgstr "bigo sa pagpalit ng may-ari ng mailbox" msgid "failed to rename mailbox" msgstr "bigo sa pagpalit ng pangalan ng mailbox" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3160,9 +3193,6 @@ msgstr "%s: hindi tanggap na batayang directory '%s'\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: hindi maisulat-muli ang talaksang password\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: hindi maapdeyt ang talaksang password\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: hindi maapdeyt ang talaksang shadow password\n" diff --git a/po/tr.gmo b/po/tr.gmo deleted file mode 100644 index b3222d79..00000000 Binary files a/po/tr.gmo and /dev/null differ diff --git a/po/tr.po b/po/tr.po index a2530d25..a67f47fb 100644 --- a/po/tr.po +++ b/po/tr.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2008-03-29 20:31+0200\n" "Last-Translator: Mehmet TĆ¼rker <mturker@innova.com.tr>\n" "Language-Team: TĆ¼rkƧe <tr@li.org>\n" @@ -1146,6 +1146,11 @@ msgstr "Ɯye zaten mevcut\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: Kullanıcı isminiz belirlenemedi.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1379,6 +1384,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1397,6 +1412,24 @@ msgstr "Kullanıcı adı Port Sonuncu" msgid "**Never logged in**" msgstr "**HiƧ giriş yapmadı**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: %s dizini yaratılamıyor\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: parola dosyası gĆ¼ncellenemedi\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Kullanım: %s [-p] [isim]\n" @@ -1430,6 +1463,15 @@ msgstr "" "\n" "[Bağlantı kesilmesi atlandı -- root girişi olanaklı.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"Bu bir utmp girişi değil. En dĆ¼ÅŸĆ¼k \"sh\" dĆ¼zeyinde \"login\" i " +"Ƨalıştırmalısınız. " + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1441,15 +1483,6 @@ msgstr "" "\n" "Giriş %d saniye sonra zaman aşımına uğradı.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"Bu bir utmp girişi değil. En dĆ¼ÅŸĆ¼k \"sh\" dĆ¼zeyinde \"login\" i " -"Ƨalıştırmalısınız. " - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM başarısızlığa uğradı, Ƨıkıyor: %s\n" @@ -1897,12 +1930,6 @@ msgstr "Parola yetkilendirmesi atlandı.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "LĆ¼tfen yetkilendirme iƧin KENDÄ° parolanızı girin.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1919,6 +1946,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2540,26 +2573,6 @@ msgstr "Ɯye zaten mevcut\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: %s dizini mevcut\n" @@ -2601,6 +2614,26 @@ msgstr "postakutusu sahibi değiştirilmedi" msgid "failed to rename mailbox" msgstr "postakutusu isim değişikliği başarısız" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n" + #, fuzzy, c-format #| msgid "" #| "You have modified %s.\n" @@ -3466,9 +3499,6 @@ msgstr "%s: geƧersiz ana dizin '%s'\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: parola dosyasına yazılamadı\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: parola dosyası gĆ¼ncellenemedi\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: gƶlge parola dosyası gĆ¼ncellenemedi\n" diff --git a/po/uk.gmo b/po/uk.gmo deleted file mode 100644 index 546863de..00000000 Binary files a/po/uk.gmo and /dev/null differ diff --git a/po/uk.po b/po/uk.po index 345dbdfa..03a34989 100644 --- a/po/uk.po +++ b/po/uk.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.18\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2007-11-26 22:52+0100\n" "Last-Translator: Eugeniy Meshcheryakov <eugen@univ.kiev.ua>\n" "Language-Team: Ukrainian\n" @@ -1088,6 +1088,11 @@ msgstr "Š§Š»ŠµŠ½ Š²Š¶Šµ ісŠ½ŃƒŃ”\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%s: ŠŠµ Š¼Š¾Š¶Ńƒ Š²ŠøŠ·Š½Š°Ń‡ŠøтŠø Š’Š°ŃˆŠµ іŠ¼'я ŠŗŠ¾Ń€ŠøстуŠ²Š°Ń‡Š°.\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1304,6 +1309,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1322,6 +1337,24 @@ msgstr "ŠšŠ¾Ń€ŠøстуŠ²Š°Ń‡ ŠŸŠ¾Ń€Ń‚ ŠžŃŃ‚Š°Š½Š½Ń–Š¹ Š²Ń…Ń–Š“" msgid "**Never logged in**" msgstr "**ŠŃ–ŠŗŠ¾Š»Šø Š½Šµ Š²Ń…Š¾Š“ŠøŠ²**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: Š½Šµ Š¼Š¾Š¶Ńƒ стŠ²Š¾Ń€ŠøтŠø тŠµŠŗу %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: Š½Šµ Š¼Š¾Š¶Ńƒ Š¾Š½Š¾Š²ŠøтŠø фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»Ń–Š²\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "Š’ŠøŠŗŠ¾Ń€ŠøстŠ°Š½Š½Ń: %s [-p] [іŠ¼'я]\n" @@ -1355,6 +1388,14 @@ msgstr "" "\n" "[Š”тŠ°Š»Š¾ŃŃ Š²Ń–Š“ŠŗŠ»ŃŽŃ‡ŠµŠ½Š½Ń -- Š“Š¾Š·Š²Š¾Š»ŠµŠ½Š¾ Š»ŠøшŠµ Š²Ń…Ń–Š“ root-a.]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"ŠŠµŠ¼Š°Ń” Š·Š°ŠæŠøсу utmp. Š’Š°Š¼ ŠæŠ¾Ń‚ріŠ±Š½Š¾ Š²ŠøŠŗŠ¾Š½Š°Ń‚Šø \"login\" Š· \"sh\" Š½Š°Š¹Š½ŠøŠ¶Ń‡Š¾Š³Š¾ ріŠ²Š½Ń" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1366,14 +1407,6 @@ msgstr "" "\n" "Š§Š°Ń Š»Š¾Š³Ń–Š½Ńƒ Š±ŃƒŠ“Šµ Š²ŠøчŠµŃ€ŠæŠ°Š½Š¾ Š·Š° %d сŠµŠŗуŠ½Š“.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"ŠŠµŠ¼Š°Ń” Š·Š°ŠæŠøсу utmp. Š’Š°Š¼ ŠæŠ¾Ń‚ріŠ±Š½Š¾ Š²ŠøŠŗŠ¾Š½Š°Ń‚Šø \"login\" Š· \"sh\" Š½Š°Š¹Š½ŠøŠ¶Ń‡Š¾Š³Š¾ ріŠ²Š½Ń" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: ŠŸŠ¾Š¼ŠøŠ»ŠŗŠ° PAM, ŠæŠµŃ€ŠµŃ€Š²Š°Š½Š¾: %s\n" @@ -1792,12 +1825,6 @@ msgstr "ŠŃƒŃ‚ŠµŠ½Ń‚ŠøфіŠŗŠ°Ń†Ń–ŃŽ ŠæрŠ¾Š¹Š“ŠµŠ½Š¾.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "Š‘ŃƒŠ“ь Š»Š°ŃŠŗŠ° Š²Š²ŠµŠ“іть Š’Š°Ńˆ Š²Š»Š°ŃŠ½ŠøŠ¹ ŠæŠ°Ń€Š¾Š»ŃŒ Š“Š»Ń Š°ŃƒŃ‚ŠµŠ½Ń‚ŠøфіŠŗŠ°Ń†Ń–Ń—.\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1814,6 +1841,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2356,26 +2389,6 @@ msgstr "Š§Š»ŠµŠ½ Š²Š¶Šµ ісŠ½ŃƒŃ”\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: Š½Šµ Š²Š“Š°Š»Š¾ŃŃ сŠŗŠøŠ½ŃƒŃ‚Šø ŠæрŠøŠ²Ń–Š»ŠµŃ— (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: Š½Šµ Š²Š“Š°Š»Š¾ŃŃ сŠŗŠøŠ½ŃƒŃ‚Šø ŠæрŠøŠ²Ń–Š»ŠµŃ— (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: Š½Šµ Š²Š“Š°Š»Š¾ŃŃ сŠŗŠøŠ½ŃƒŃ‚Šø ŠæрŠøŠ²Ń–Š»ŠµŃ— (%s)\n" - -#, fuzzy, c-format -#| msgid "%s: failed to drop privileges (%s)\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: Š½Šµ Š²Š“Š°Š»Š¾ŃŃ сŠŗŠøŠ½ŃƒŃ‚Šø ŠæрŠøŠ²Ń–Š»ŠµŃ— (%s)\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: тŠµŠŗŠ° %s ісŠ½ŃƒŃ”\n" @@ -2417,6 +2430,26 @@ msgstr "Š½Šµ Š¼Š¾Š¶Ńƒ Š·Š¼Ń–Š½ŠøтŠø Š²Š»Š°ŃŠ½ŠøŠŗŠ° ŠæŠ¾ŃˆŃ‚Š¾Š²Š¾Ń— сŠŗрŠø msgid "failed to rename mailbox" msgstr "Š½Šµ Š¼Š¾Š¶Ńƒ ŠæŠµŃ€ŠµŠ¹Š¼ŠµŠ½ŃƒŠ²Š°Ń‚Šø ŠæŠ¾ŃˆŃ‚Š¾Š²Ńƒ сŠŗрŠøŠ½ŃŒŠŗу" +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: Š½Šµ Š²Š“Š°Š»Š¾ŃŃ сŠŗŠøŠ½ŃƒŃ‚Šø ŠæрŠøŠ²Ń–Š»ŠµŃ— (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: Š½Šµ Š²Š“Š°Š»Š¾ŃŃ сŠŗŠøŠ½ŃƒŃ‚Šø ŠæрŠøŠ²Ń–Š»ŠµŃ— (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: Š½Šµ Š²Š“Š°Š»Š¾ŃŃ сŠŗŠøŠ½ŃƒŃ‚Šø ŠæрŠøŠ²Ń–Š»ŠµŃ— (%s)\n" + +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: Š½Šµ Š²Š“Š°Š»Š¾ŃŃ сŠŗŠøŠ½ŃƒŃ‚Šø ŠæрŠøŠ²Ń–Š»ŠµŃ— (%s)\n" + #, c-format msgid "" "You have modified %s.\n" @@ -3174,9 +3207,6 @@ msgstr "%s: Š½ŠµŠ²Ń–Ń€Š½Š° Š±Š°Š·Š¾Š²Š° тŠµŠŗŠ° \"%s\"\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%s: Š½Šµ Š¼Š¾Š¶Ńƒ ŠæŠµŃ€ŠµŠæŠøсŠ°Ń‚Šø фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»Ń–Š²\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%s: Š½Šµ Š¼Š¾Š¶Ńƒ Š¾Š½Š¾Š²ŠøтŠø фŠ°Š¹Š» ŠæŠ°Ń€Š¾Š»Ń–Š²\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%s: Š½Šµ Š¼Š¾Š¶Ńƒ Š¾Š½Š¾Š²ŠøтŠø фŠ°Š¹Š» ŠæрŠøхŠ¾Š²Š°Š½Šøх ŠæŠ°Ń€Š¾Š»Ń–Š²\n" diff --git a/po/vi.gmo b/po/vi.gmo deleted file mode 100644 index e0f5e0ce..00000000 Binary files a/po/vi.gmo and /dev/null differ diff --git a/po/vi.po b/po/vi.po index acdec711..8f066f08 100644 --- a/po/vi.po +++ b/po/vi.po @@ -1,17 +1,15 @@ # Vietnamese translation for Shadow. -# Bįŗ£n dį»‹ch tiįŗæng Viį»‡t dĆ nh cho shadow. -# Copyright Ā© 2014 Free Software Foundation, Inc. +# Copyright Ā© 2009 Free Software Foundation, Inc. # Clytie Siddall <clytie@riverland.net.au>, 2005-2008. -# Trįŗ§n Ngį»c QuĆ¢n <vnwildman@gmail.com>, 2014. # msgid "" msgstr "" "Project-Id-Version: shadow\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" -"PO-Revision-Date: 2014-04-11 15:01+0700\n" -"Last-Translator: Trįŗ§n Ngį»c QuĆ¢n <vnwildman@gmail.com>\n" -"Language-Team: Vietnamese <debian-l10n-vietnamese@lists.debian.org>\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" +"PO-Revision-Date: 2012-01-08 18:13+0100\n" +"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n" +"Language-Team: Vietnamese <vi-VN@googlegroups.com>\n" "Language: vi\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -23,34 +21,34 @@ msgstr "" msgid "" "Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n" msgstr "" -"CĆ³ nhiį»u mį»„c tin mang tĆŖn ā€œ%sā€ trong %s. HĆ£y sį»­a chį»Æa trĘ°į»ng hį»£p nĆ y, dĆ¹ng " +"CĆ³ nhiį»u mį»„c nhįŗ­p tĆŖn Ā« %s Ā» trong %s. HĆ£y sį»­a chį»Æa trĘ°į»ng hį»£p nĆ y, dĆ¹ng " "pwck hoįŗ·c grpck.\n" #, c-format msgid "crypt method not supported by libcrypt? (%s)\n" -msgstr "PhĘ°Ę”ng phĆ”p mĆ£ hoĆ” khĆ“ng đʰį»£c thĘ° viį»‡n libcrypt hį»— trį»£? (%s)\n" +msgstr "PhĘ°Ę”ng phĆ”p mĆ£ hoĆ” khĆ“ng đʰį»£c libcrypt hį»— trį»£ ? (%s)\n" #, c-format msgid "configuration error - cannot parse %s value: '%s'" -msgstr "lį»—i cįŗ„u hƬnh ā€” khĆ“ng thį»ƒ phĆ¢n tĆ­ch cĆŗ phĆ”p cį»§a giĆ” trį»‹ %s: ā€œ%sā€" +msgstr "lį»—i cįŗ„u hƬnh ā€” khĆ“ng thį»ƒ phĆ¢n tĆ­ch cĆŗ phĆ”p cį»§a giĆ” trį»‹ %s: Ā« %s Ā»" msgid "Could not allocate space for config info.\n" msgstr "KhĆ“ng thį»ƒ cįŗ„p phĆ”t sį»©c chį»©a cho thĆ“ng tin cįŗ„u hƬnh.\n" #, c-format msgid "configuration error - unknown item '%s' (notify administrator)\n" -msgstr "lį»—i cįŗ„u hƬnh - khĆ“ng hiį»ƒu mį»„c tin ā€œ%sā€ (bĆ”o cho ngĘ°į»i quįŗ£n trį»‹).\n" +msgstr "lį»—i cįŗ„u hƬnh: khĆ“ng rƵ mį»„c Ā« %s Ā» (bĆ”o quįŗ£n trį»‹).\n" #, c-format msgid "%s: nscd did not terminate normally (signal %d)\n" -msgstr "%s: nscd Ä‘Ć£ kįŗæt thĆŗc bįŗ„t thĘ°į»ng (tĆ­n hiį»‡u %d)\n" +msgstr "" #, c-format msgid "%s: nscd exited with status %d\n" -msgstr "%s: nscd Ä‘Ć£ thoĆ”t vį»›i mĆ£ lĆ  %d\n" +msgstr "" msgid "Password: " -msgstr "Mįŗ­t khįŗ©u: " +msgstr "Mįŗ­t khįŗ©u : " #, c-format msgid "%s's Password: " @@ -58,198 +56,212 @@ msgstr "Mįŗ­t khįŗ©u cį»§a %s: " #, c-format msgid "[libsemanage]: %s\n" -msgstr "[libsemanage]: %s\n" +msgstr "" #, c-format msgid "Cannot create SELinux management handle\n" -msgstr "KhĆ“ng thį»ƒ tįŗ”o bį»™ tiįŗæp hį»£p quįŗ£n lĆ½ SELinux\n" +msgstr "" #, c-format msgid "SELinux policy not managed\n" -msgstr "ChĆ­nh sĆ”ch cho SELinux chĘ°a đʰį»£c quįŗ£n lĆ½\n" +msgstr "" #, c-format msgid "Cannot read SELinux policy store\n" -msgstr "KhĆ“ng thį»ƒ đį»c kho lĘ°u chĆ­nh sĆ”ch SELinux\n" +msgstr "" #, c-format msgid "Cannot establish SELinux management connection\n" -msgstr "KhĆ“ng thį»ƒ thiįŗæt lįŗ­p kįŗæt nį»‘i quįŗ£n lĆ½ SELinux\n" +msgstr "" #, c-format msgid "Cannot begin SELinux transaction\n" -msgstr "KhĆ“ng thį»ƒ bįŗÆt đįŗ§u phiĆŖn giao dį»‹ch SELinux\n" +msgstr "" #, c-format msgid "Could not query seuser for %s\n" -msgstr "KhĆ“ng thį»ƒ truy vįŗ„n seuser cho %s\n" +msgstr "" #, c-format msgid "Could not set serange for %s\n" -msgstr "KhĆ“ng thį»ƒ đįŗ·t serange cho %s\n" +msgstr "" -#, c-format +#, fuzzy, c-format +#| msgid "Could not allocate space for config info.\n" msgid "Could not set sename for %s\n" -msgstr "KhĆ“ng thį»ƒ đįŗ·t sename cho %s\n" +msgstr "KhĆ“ng thį»ƒ cįŗ„p phĆ”t sį»©c chį»©a cho thĆ“ng tin cįŗ„u hƬnh.\n" #, c-format msgid "Could not modify login mapping for %s\n" -msgstr "KhĆ“ng thį»ƒ sį»­a đį»•i Ć”nh xįŗ” đăng nhįŗ­p cho %s\n" +msgstr "" -#, c-format +#, fuzzy, c-format +#| msgid "Changing the aging information for %s\n" msgid "Cannot create SELinux login mapping for %s\n" -msgstr "KhĆ“ng thį»ƒ tįŗ”o Ć”nh xįŗ” đăng nhįŗ­p SELinux cho %s\n" +msgstr "Đang thay đį»•i thĆ“ng tin vį» thį»i gian hoįŗ”t đį»™ng đį»‘i vį»›i %s\n" #, c-format msgid "Could not set name for %s\n" -msgstr "KhĆ“ng thį»ƒ đįŗ·t tĆŖn %s\n" +msgstr "" #, c-format msgid "Could not set SELinux user for %s\n" -msgstr "KhĆ“ng thį»ƒ đįŗ·t ngĘ°į»i dĆ¹ng SELinux cho %s\n" +msgstr "" #, c-format msgid "Could not add login mapping for %s\n" -msgstr "KhĆ“ng thį»ƒ thĆŖm Ć”nh xįŗ” đăng nhįŗ­p cho %s\n" +msgstr "" #, c-format msgid "Cannot init SELinux management\n" -msgstr "KhĆ“ng thį»ƒ khį»Ÿi tįŗ”o bį»™ quįŗ£n lĆ½ SELinux\n" +msgstr "" -#, c-format +#, fuzzy, c-format +#| msgid "%s: Cannot determine your user name.\n" msgid "Cannot create SELinux user key\n" -msgstr "KhĆ“ng thį»ƒ tįŗ”o khĆ³a ngĘ°į»i dĆ¹ng SELinux\n" +msgstr "%s: khĆ“ng thį»ƒ quyįŗæt đį»‹nh tĆŖn ngĘ°į»i dĆ¹ng cį»§a bįŗ”n.\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: Cannot determine your user name.\n" msgid "Cannot verify the SELinux user\n" -msgstr "KhĆ“ng thį»ƒ thįŗ©m đį»‹nh ngĘ°į»i dĆ¹ng SELinux\n" +msgstr "%s: khĆ“ng thį»ƒ quyįŗæt đį»‹nh tĆŖn ngĘ°į»i dĆ¹ng cį»§a bįŗ”n.\n" #, c-format msgid "Cannot modify SELinux user mapping\n" -msgstr "KhĆ“ng thį»ƒ sį»­a đį»•i Ć”nh xįŗ” ngĘ°į»i dĆ¹ng SELinux\n" +msgstr "" #, c-format msgid "Cannot add SELinux user mapping\n" -msgstr "KhĆ“ng thį»ƒ thĆŖm Ć”nh xįŗ” ngĘ°į»i dĆ¹ng SELinux\n" +msgstr "" #, c-format msgid "Cannot commit SELinux transaction\n" -msgstr "KhĆ“ng thį»ƒ chuyį»ƒn giao giao dį»‹ch SELinux\n" +msgstr "" #, c-format msgid "Login mapping for %s is not defined, OK if default mapping was used\n" msgstr "" -"Ɓnh xįŗ” đăng nhįŗ­p cho %s chĘ°a đʰį»£c đį»‹nh nghÄ©a, OK nįŗæu Ć”nh xįŗ” mįŗ·c đį»‹nh đʰį»£c " -"dĆ¹ng\n" #, c-format msgid "Login mapping for %s is defined in policy, cannot be deleted\n" msgstr "" -"Ɓnh xįŗ” đăng nhįŗ­p cho %s đʰį»£c đį»‹nh nghÄ©a trong chĆ­nh sĆ”ch, khĆ“ng thį»ƒ xĆ³a đi\n" #, c-format msgid "Could not delete login mapping for %s" -msgstr "KhĆ“ng thį»ƒ xĆ³a Ć”nh xįŗ” đăng nhįŗ­p cho %s" +msgstr "" #, c-format msgid "%s: out of memory\n" -msgstr "%s: hįŗæt bį»™ nhį»›\n" +msgstr "%s: trĆ n bį»™ nhį»›\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot delete %s\n" msgid "%s: Cannot stat %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ lįŗ„y thį»‘ng kĆŖ vį» %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ xoĆ” %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: %s home directory (%s) not found\n" msgid "%s: %s is neither a directory, nor a symlink.\n" -msgstr "%s: %s khĆ“ng phįŗ£i lĆ  thĘ° mį»„c mĆ  cÅ©ng khĆ“ng phįŗ£i lĆ  liĆŖn kįŗæt mį»m.\n" +msgstr "%s: %s khĆ“ng tƬm thįŗ„y thĘ° mį»„c chĆ­nh (%s)\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot remove entry '%s' from %s\n" msgid "%s: Cannot read symbolic link %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ đį»c liĆŖn kįŗæt mį»m %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ gį»” bį» mį»„c nhįŗ­p Ā« %s Ā» khį»i %s\n" #, c-format msgid "%s: Suspiciously long symlink: %s\n" -msgstr "%s: LiĆŖn kįŗæt mį»m dĆ i mį»™t cĆ”ch điĆŖn rį»“: %s\n" +msgstr "" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "%s: Cannot create directory %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "lastlog: Cannot get the size of %s: %s\n" msgid "%s: Cannot change owner of %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ thay đį»•i ngĘ°į»i sį»Ÿ hį»Æu cį»§a %s: %s\n" +msgstr "lastlog: KhĆ“ng thį»ƒ lįŗ„y kĆ­ch cį»” cį»§a %s: %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: warning: can't remove %s: %s\n" msgid "%s: Cannot change mode of %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ thay đį»•i chįŗæ đį»™ cį»§a %s: %s\n" +msgstr "%s: cįŗ£nh bĆ”o : khĆ“ng thį»ƒ gį»” bį» %s: %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: rename: %s: %s" msgid "%s: unlink: %s: %s\n" -msgstr "%s: unlink: %s: %s\n" +msgstr "%s: thay tĆŖn: %s: %s" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: Cannot remove directory %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ gį»” bį» thĘ° mį»„c %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ thay đį»•i lįŗ”i tĆŖn thĘ° mį»„c %s thĆ nh %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: Cannot rename %s to %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ đį»•i tĆŖn %s thĆ nh %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ thay đį»•i lįŗ”i tĆŖn thĘ° mį»„c %s thĆ nh %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: warning: can't remove %s: %s\n" msgid "%s: Cannot remove %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ gį»” bį» %s: %s\n" +msgstr "%s: cįŗ£nh bĆ”o : khĆ“ng thį»ƒ gį»” bį» %s: %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "%s: Cannot create symbolic link %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ tįŗ”o liĆŖn kįŗæt mį»m %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "lastlog: Cannot get the size of %s: %s\n" msgid "%s: Cannot change owners of %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ thay đį»•i chį»§ sį»Ÿ hį»Æu cį»§a %s: %s\n" +msgstr "lastlog: KhĆ“ng thį»ƒ lįŗ„y kĆ­ch cį»” cį»§a %s: %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot delete %s\n" msgid "%s: Cannot lstat %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ lstat %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ xoĆ” %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: (line %d, user %s) password not changed\n" msgid "%s: Warning, user %s has no tcb shadow file.\n" -msgstr "%s: Cįŗ£nh bĆ”o, ngĘ°į»i dĆ¹ng %s khĆ“ng cĆ³ tįŗ­p tin shadow tcb.\n" +msgstr "%s: (dĆ²ng %d, ngĘ°į»i dĆ¹ng %s) mįŗ­t khįŗ©u chĘ°a thay đį»•i\n" #, c-format msgid "" "%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n" "The account is left locked.\n" msgstr "" -"%s: Khįŗ©n cįŗ„p: shadow tcb cį»§a %s khĆ“ng phįŗ£i lĆ  tįŗ­p tin thĘ°į»ng vį»›i " -"st_nlink=1.\n" -"TĆ i khoįŗ£n vįŗ«n bį»‹ khĆ³a.\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: rename: %s: %s" msgid "%s: mkdir: %s: %s\n" -msgstr "%s: mkdir: %s: %s\n" +msgstr "%s: thay tĆŖn: %s: %s" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot open %s\n" msgid "%s: Cannot open %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ mį»Ÿ %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ mį»Ÿ %s\n" #, c-format msgid "Warning: unknown group %s\n" -msgstr "Cįŗ£nh bĆ”o: khĆ“ng biįŗæt nhĆ³m %s.\n" +msgstr "Cįŗ£nh bĆ”o : khĆ“ng rƵ nhĆ³m %s.\n" msgid "Warning: too many groups\n" -msgstr "Cįŗ£nh bĆ”o: quĆ” nhiį»u nhĆ³m\n" +msgstr "Cįŗ£nh bĆ”o : quĆ” nhiį»u nhĆ³m\n" msgid "Your password has expired." msgstr "Mįŗ­t khįŗ©u cį»§a bįŗ”n Ä‘Ć£ hįŗæt hįŗ”n dĆ¹ng." msgid "Your password is inactive." -msgstr "Mįŗ­t khįŗ©u cį»§a bįŗ”n lĆ  khĆ“ng hoįŗ”t đį»™ng." +msgstr "Mįŗ­t khįŗ©u cį»§a bįŗ”n khĆ“ng phįŗ£i hoįŗ”t đį»™ng." msgid "Your login has expired." msgstr "Đăng nhįŗ­p cį»§a bįŗ”n Ä‘Ć£ hįŗæt hįŗ”n dĆ¹ng." msgid " Contact the system administrator." -msgstr " HĆ£y liĆŖn lįŗ”c vį»›i ngĘ°į»i quįŗ£n trį»‹ hį»‡ thį»‘ng." +msgstr " HĆ£y liĆŖn lįŗ”c vį»›i quįŗ£n trį»‹ hį»‡ thį»‘ng." msgid " Choose a new password." msgstr " HĆ£y chį»n mįŗ­t khįŗ©u mį»›i." @@ -279,12 +291,13 @@ msgstr "" msgid "%s: failed to unlock %s\n" msgstr "%s: lį»—i mį»Ÿ khoĆ” %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: %s\n" msgid "%s: " -msgstr "%s: " +msgstr "%s: %s\n" msgid ": " -msgstr ": " +msgstr "" msgid "Environment overflow\n" msgstr "TrĆ n mĆ“i trĘ°į»ng\n" @@ -306,19 +319,18 @@ msgstr[0] "" #, c-format msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n" -msgstr "%s: Cįŗ„u hƬnh khĆ“ng hį»£p lį»‡: GID_MIN (%lu), GID_MAX (%lu)\n" +msgstr "" #, c-format msgid "" "%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX " "(%lu)\n" msgstr "" -"%s: Cįŗ„u hƬnh khĆ“ng hį»£p lį»‡: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX " -"(%lu)\n" -#, c-format +#, fuzzy, c-format +#| msgid "failed to change mailbox owner" msgid "%s: failed to allocate memory: %s\n" -msgstr "%s: gįŗ·p lį»—i khi cįŗ„p phĆ”t bį»™ nhį»›: %s\n" +msgstr "lį»—i thay đį»•i chį»§ hį»™p thĘ°" #, c-format msgid "%s: Can't get unique system GID (no more available GIDs)\n" @@ -331,15 +343,13 @@ msgstr "%s: KhĆ“ng thį»ƒ lįŗ„y GID duy nhįŗ„t (khĆ“ng cĆ²n cĆ³ sįŗµn GID thĆŖm n #, c-format msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n" -msgstr "%s: Cįŗ„u hƬnh khĆ“ng hį»£p lį»‡: UID_MIN (%lu), UID_MAX (%lu)\n" +msgstr "" #, c-format msgid "" "%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX " "(%lu)\n" msgstr "" -"%s: Cįŗ„u hƬnh khĆ“ng hį»£p lį»‡: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX " -"(%lu)\n" #, c-format msgid "%s: Can't get unique system UID (no more available UIDs)\n" @@ -369,7 +379,7 @@ msgid "a palindrome" msgstr "tį»« đį»c xuĆ“i ngĘ°į»£c đį»u giį»‘ng nhĘ° nhau" msgid "case changes only" -msgstr "chį»‰ thay đį»•i HOA/thĘ°į»ng" +msgstr "chį»‰ thay đį»•i chį»Æ thĘ°į»ng/hoa" msgid "too similar" msgstr "quĆ” tĘ°Ę”ng tį»±" @@ -393,10 +403,10 @@ msgstr "passwd: pam_start() (mįŗ­t khįŗ©u: bįŗÆt đįŗ§u pam) Ä‘Ć£ thįŗ„t bįŗ”i v #, c-format msgid "passwd: %s\n" -msgstr "passwd: %s\n" +msgstr "passwd: (mįŗ­t khįŗ©u) %s\n" msgid "passwd: password unchanged\n" -msgstr "passwd: chĘ°a đį»•i mįŗ­t khįŗ©u\n" +msgstr "passwd: chĘ°a thay đį»•i mįŗ­t khįŗ©u\n" msgid "passwd: password updated successfully\n" msgstr "passwd: mįŗ­t khįŗ©u Ä‘Ć£ đʰį»£c cįŗ­p nhįŗ­t\n" @@ -407,47 +417,50 @@ msgstr "Mįŗ­t khįŗ©u khĆ“ng đĆŗng cho %s .\n" #, c-format msgid "%s: multiple --root options\n" -msgstr "%s: nhiį»u tĆ¹y chį»n --root\n" +msgstr "" #, c-format msgid "%s: option '%s' requires an argument\n" -msgstr "%s: tĆ¹y chį»n ā€œ%sā€ cįŗ§n mį»™t đį»‘i sį»‘\n" +msgstr "" #, c-format msgid "%s: failed to drop privileges (%s)\n" -msgstr "%s: gįŗ·p lį»—i khi xĆ³a bį» đįŗ·c quyį»n (%s)\n" - -#, c-format -msgid "%s: invalid chroot path '%s'\n" -msgstr "%s: đʰį»ng dįŗ«n chroot khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" - -#, c-format -msgid "%s: cannot access chroot directory %s: %s\n" -msgstr "%s: khĆ“ng thį»ƒ truy cįŗ­p thĘ° mį»„c chroot %s: %s\n" +msgstr "%s: lį»—i bį» quyį»n truy cįŗ­p (%s)\n" #, fuzzy, c-format -#| msgid "%s: cannot access chroot directory %s: %s\n" -msgid "%s: cannot chdir to chroot directory %s: %s\n" -msgstr "%s: khĆ“ng thį»ƒ truy cįŗ­p thĘ° mį»„c chroot %s: %s\n" +#| msgid "%s: invalid home phone: '%s'\n" +msgid "%s: invalid chroot path '%s'\n" +msgstr "%s: sį»‘ điį»‡n thoįŗ”i į»Ÿ nhĆ  khĆ“ng hį»£p lį»‡: Ā« %s Ā»\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: cannot access chroot directory %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" + +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: cannot chdir to chroot directory %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" + +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "%s: unable to chroot to directory %s: %s\n" -msgstr "%s: khĆ“ng thį»ƒ thay đį»•i thĘ° mį»„c gį»‘c thĆ nh %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" #, c-format msgid "" "Invalid ENCRYPT_METHOD value: '%s'.\n" "Defaulting to DES.\n" msgstr "" -"PhĘ°Ę”ng phĆ”p mĆ£ hoĆ” (ENCRYPT_METHOD) khĆ“ng hį»£p lį»‡: ā€œ%sā€\n" +"PhĘ°Ę”ng phĆ”p mĆ£ hoĆ” (ENCRYPT_METHOD) khĆ“ng hį»£p lį»‡: Ā« %s Ā»\n" "nĆŖn hoĆ n nguyĆŖn vį» giĆ” trį»‹ mįŗ·c đį»‹nh: DES.\n" #, c-format msgid "Unable to cd to '%s'\n" -msgstr "KhĆ“ng thį»ƒ cd (chuyį»ƒn đį»•i thĘ° mį»„c) sang ā€œ%sā€.\n" +msgstr "KhĆ“ng thį»ƒ cd (chuyį»ƒn đį»•i thĘ° mį»„c) sang Ā« %s Ā».\n" msgid "No directory, logging in with HOME=/" -msgstr "KhĆ“ng cĆ³ thĘ° mį»„c nĆŖn đăng nhįŗ­p vį»›i ā€œHOME=/ā€" +msgstr "KhĆ“ng cĆ³ thĘ° mį»„c nĆŖn đăng nhįŗ­p vį»›i Ā« HOME=/ Ā»" #, c-format msgid "Cannot execute %s" @@ -455,11 +468,11 @@ msgstr "KhĆ“ng thį»ƒ thį»±c hiį»‡n %s" #, c-format msgid "Invalid root directory '%s'\n" -msgstr "ThĘ° mį»„c gį»‘c khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "ThĘ° mį»„c gį»‘c khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "Can't change root directory to '%s'\n" -msgstr "KhĆ“ng thį»ƒ thay đį»•i thĘ° mį»„c gį»‘c thĆ nh ā€œ%sā€\n" +msgstr "KhĆ“ng thį»ƒ thay đį»•i thĘ° mį»„c gį»‘c thĆ nh Ā« %s Ā»\n" msgid "Unable to determine your tty name." msgstr "KhĆ“ng thį»ƒ quyįŗæt đį»‹nh tĆŖn TTY cį»§a bįŗ”n." @@ -473,7 +486,7 @@ msgid "" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [cĆ”c_tuį»³_chį»n] ĐĂNG_NHįŗ¬P\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...] [ĐĂNG_NHįŗ¬P]\n" "\n" "Tuį»³ chį»n:\n" @@ -521,12 +534,12 @@ msgstr "" "khi thay đį»•i mįŗ­t khįŗ©u\n" msgid " -R, --root CHROOT_DIR directory to chroot into\n" -msgstr " -R, --root THĘÆ_Mį»¤C_Đį»”I thĘ° mį»„c đį»ƒ chuyį»ƒn gį»‘c đįŗæn\n" +msgstr "" msgid "" " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n" msgstr "" -" -W, --warndays Sį»_NGƀY đįŗ·t thĆ nh sį»‘ nĆ y sį»‘ cĆ”c ngĆ y gĆ¢y ra cįŗ£nh bĆ”o " +" -W, --warndays Sį» đįŗ·t thĆ nh sį»‘ nĆ y sį»‘ cĆ”c ngĆ y gĆ¢y ra cįŗ£nh bĆ”o " "vį» hįŗæt hįŗ”n dĆ¹ng\n" msgid "Enter the new value, or press ENTER for the default" @@ -566,7 +579,7 @@ msgid "Password inactive\t\t\t\t\t: " msgstr "Mįŗ­t khįŗ©u khĆ“ng hoįŗ”t đį»™ng\t\t\t\t\t: " msgid "Account expires\t\t\t\t\t\t: " -msgstr "TĆ i khoįŗ£n hįŗæt hįŗ”n dĆ¹ng\t\t\t\t\t\t: " +msgstr "TĆ i khoįŗ£n hįŗæt hįŗ”n dĆ¹ng\t\t\t\t\t\t " #, c-format msgid "Minimum number of days between password change\t\t: %ld\n" @@ -582,15 +595,15 @@ msgstr "Sį»‘ ngĆ y cįŗ£nh bĆ”o trĘ°į»›c khi mįŗ­t khįŗ©u hįŗæt hįŗ”n\t: %ld\n" #, c-format msgid "%s: invalid date '%s'\n" -msgstr "%s: ngĆ y khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: ngĆ y khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: invalid numeric argument '%s'\n" -msgstr "%s: đį»‘i sį»‘ thuį»™c sį»‘ khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: đį»‘i sį»‘ thuį»™c sį»‘ khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: do not include \"l\" with other flags\n" -msgstr "%s: đį»«ng dĆ¹ng ā€œlā€ cĆ¹ng vį»›i cį» khĆ”c\n" +msgstr "%s: đį»«ng dĆ¹ng Ā« l Ā» cĆ¹ng vį»›i cį» khĆ”c\n" #, c-format msgid "%s: Permission denied.\n" @@ -598,11 +611,12 @@ msgstr "%s: khĆ“ng đį»§ quyį»n.\n" #, c-format msgid "%s: Cannot determine your user name.\n" -msgstr "%s: KhĆ“ng thį»ƒ phĆ¢n giįŗ£i tĆŖn ngĘ°į»i dĆ¹ng cį»§a bįŗ”n.\n" +msgstr "%s: khĆ“ng thį»ƒ quyįŗæt đį»‹nh tĆŖn ngĘ°į»i dĆ¹ng cį»§a bįŗ”n.\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: %s\n" msgid "%s: PAM: %s\n" -msgstr "%s: PAM: %s\n" +msgstr "%s: %s\n" #, c-format msgid "%s: cannot lock %s; try again later.\n" @@ -618,15 +632,15 @@ msgstr "%s: gįŗ·p lį»—i trong khi ghi thay đį»•i vĆ o %s\n" #, c-format msgid "%s: failed to prepare the new %s entry '%s'\n" -msgstr "%s: gįŗ·p lį»—i khi chuįŗ©n bį»‹ mį»„c tin %s mį»›i ā€œ%sā€\n" +msgstr "%s: lį»—i chuįŗ©n bį»‹ mį»„c nhįŗ­p %s mį»›i Ā« %s Ā»\n" #, c-format msgid "%s: the shadow password file is not present\n" -msgstr "%s: khĆ“ng cĆ³ tįŗ­p tin mįŗ­t khįŗ©u shadow\n" +msgstr "%s: khĆ“ng cĆ³ tįŗ­p tin mįŗ­t khįŗ©u bĆ³ng\n" #, c-format msgid "%s: user '%s' does not exist in %s\n" -msgstr "%s: ngĘ°į»i dĆ¹ng ā€œ%sā€ khĆ“ng tį»“n tįŗ”i trong %s\n" +msgstr "%s: ngĘ°į»i dĆ¹ng Ā« %s Ā» khĆ“ng tį»“n tįŗ”i trong %s\n" #, c-format msgid "Changing the aging information for %s\n" @@ -636,45 +650,47 @@ msgstr "Đang thay đį»•i thĆ“ng tin vį» thį»i gian hoįŗ”t đį»™ng đį»‘i vį»› msgid "%s: error changing fields\n" msgstr "%s: gįŗ·p lį»—i khi thay đį»•i trĘ°į»ng\n" -#, c-format +#, fuzzy, c-format +#| msgid "" +#| "Usage: %s [options]\n" +#| "\n" +#| "Options:\n" msgid "" "Usage: %s [options] [LOGIN]\n" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [tuį»³_chį»n ...] [ĐĂNG_NHįŗ¬P]\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...]\n" "\n" "Tuį»³ chį»n:\n" msgid " -f, --full-name FULL_NAME change user's full name\n" -msgstr " -f, --full-name Hį»Œ_TƊN đį»•i tĆŖn thįŗ­t cį»§a ngĘ°į»i dĆ¹ng\n" +msgstr "" msgid " -h, --home-phone HOME_PHONE change user's home phone number\n" -msgstr " -h, --home-phone ĐIį»†N_THOįŗ I đį»•i sį»‘ điį»‡n thoįŗ”i nhĆ  cį»§a ngĘ°į»i dĆ¹ng\n" +msgstr "" msgid " -o, --other OTHER_INFO change user's other GECOS information\n" -msgstr " -o, --other THƔNG_TIN_KHƁC đį»•i thĆ“ng tin GECOS khĆ”c\n" +msgstr "" msgid " -r, --room ROOM_NUMBER change user's room number\n" -msgstr " -r, --room Sį»_PHƒNG đį»•i sį»‘ phĆ²ng cį»§a ngĘ°į»i dĆ¹ng\n" +msgstr "" msgid " -u, --help display this help message and exit\n" msgstr " -u, --help hiį»ƒn thį»‹ trį»£ giĆŗp nĆ y, sau Ä‘Ć³ thoĆ”t\n" msgid " -w, --work-phone WORK_PHONE change user's office phone number\n" msgstr "" -" -w, --work-phone ĐIį»†N_THOįŗ I_LƀM thay đį»•i sį»‘ điį»‡n thoįŗ”i nĘ”i lĆ m cį»§a ngĘ°į»i " -"dĆ¹ng\n" msgid "Full Name" -msgstr "Hį» vĆ  tĆŖn" +msgstr "Hį» tĆŖn" #, c-format msgid "\t%s: %s\n" msgstr "\t%s: %s\n" msgid "Room Number" -msgstr "Sį»‘ phĆ²ng" +msgstr "Sį»‘ thį»© tį»± phĆ²ng" msgid "Work Phone" msgstr "Điį»‡n thoįŗ”i chį»— lĆ m" @@ -686,51 +702,51 @@ msgid "Other" msgstr "KhĆ”c" msgid "Cannot change ID to root.\n" -msgstr "KhĆ“ng thį»ƒ thay đį»•i mĆ£ sį»‘ thĆ nh siĆŖu quįŗ£n trį»‹ (root).\n" +msgstr "KhĆ“ng thį»ƒ thay đį»•i mĆ£ sį»‘ thĆ nh ngĘ°į»i chį»§ (root).\n" #, c-format msgid "%s: name with non-ASCII characters: '%s'\n" -msgstr "%s: tĆŖn chį»©a kĆ½ tį»± khĆ”c ASCII: ā€œ%sā€\n" +msgstr "%s: tĆŖn chį»©a kĆ½ tį»± khĆ”c ASCII: Ā« %s Ā»\n" #, c-format msgid "%s: invalid name: '%s'\n" -msgstr "%s: tĆŖn khĆ“ng hį»£p lį»‡: ā€œ%sā€\n" +msgstr "%s: tĆŖn khĆ“ng hį»£p lį»‡: Ā« %s Ā»\n" #, c-format msgid "%s: room number with non-ASCII characters: '%s'\n" -msgstr "%s: sį»‘ thį»© tį»± phĆ²ng chį»©a kĆ½ tį»± khĆ”c ASCII: ā€œ%sā€\n" +msgstr "%s: sį»‘ thį»© tį»± phĆ²ng chį»©a kĆ½ tį»± khĆ”c ASCII: Ā« %s Ā»\n" #, c-format msgid "%s: invalid room number: '%s'\n" -msgstr "%s: sį»‘ thį»© tį»± phĆ²ng khĆ“ng hį»£p lį»‡: ā€œ%sā€\n" +msgstr "%s: sį»‘ thį»© tį»± phĆ²ng khĆ“ng hį»£p lį»‡: Ā« %s Ā»\n" #, c-format msgid "%s: invalid work phone: '%s'\n" -msgstr "%s: sį»‘ điį»‡n thoįŗ”i chį»— lĆ m khĆ“ng hį»£p lį»‡: ā€œ%sā€\n" +msgstr "%s: sį»‘ điį»‡n thoįŗ”i chį»— lĆ m khĆ“ng hį»£p lį»‡: Ā« %s Ā»\n" #, c-format msgid "%s: invalid home phone: '%s'\n" -msgstr "%s: sį»‘ điį»‡n thoįŗ”i į»Ÿ nhĆ  khĆ“ng hį»£p lį»‡: ā€œ%sā€\n" +msgstr "%s: sį»‘ điį»‡n thoįŗ”i į»Ÿ nhĆ  khĆ“ng hį»£p lį»‡: Ā« %s Ā»\n" #, c-format msgid "%s: '%s' contains non-ASCII characters\n" -msgstr "%s: ā€œ%sā€ chį»©a kĆ½ tį»± khĆ“ng thuį»™c bįŗ£ng mĆ£ ASCII\n" +msgstr "%s: Ā« %s Ā» chį»©a kĆ½ tį»± khĆ”c ASCII\n" #, c-format msgid "%s: '%s' contains illegal characters\n" -msgstr "%s: ā€œ%sā€ chį»©a kĆ½ tį»± bį»‹ cįŗ„m\n" +msgstr "%s: Ā« %s Ā» chį»©a kĆ½ tį»± cįŗ„m\n" #, c-format msgid "%s: user '%s' does not exist\n" -msgstr "%s: ngĘ°į»i dĆ¹ng ā€œ%sā€ khĆ“ng tį»“n tįŗ”i\n" +msgstr "%s: ngĘ°į»i dĆ¹ng Ā« %s Ā» khĆ“ng tį»“n tįŗ”i\n" #, c-format msgid "%s: cannot change user '%s' on NIS client.\n" -msgstr "%s: khĆ“ng thį»ƒ thay đį»•i ngĘ°į»i dĆ¹ng ā€œ%sā€ trĆŖn į»©ng dį»„ng khĆ”ch NIS.\n" +msgstr "%s: khĆ“ng thį»ƒ thay đį»•i ngĘ°į»i dĆ¹ng Ā« %s Ā» trĆŖn į»©ng dį»„ng khĆ”ch NIS.\n" #, c-format msgid "%s: '%s' is the NIS master for this client.\n" -msgstr "%s: ā€œ%sā€ lĆ  NIS cĆ”i cho į»©ng dį»„ng khĆ”ch nĆ y.\n" +msgstr "%s: Ā« %s Ā» lĆ  NIS cĆ”i cho į»©ng dį»„ng khĆ”ch nĆ y.\n" #, c-format msgid "Changing the user information for %s\n" @@ -746,13 +762,14 @@ msgid "" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [tuį»³_chį»n ...]\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...]\n" "\n" "Tuį»³ chį»n:\n" -#, c-format +#, fuzzy, c-format +#| msgid " -c, --crypt-method the crypt method (one of %s)\n" msgid " -c, --crypt-method METHOD the crypt method (one of %s)\n" -msgstr " -c, --crypt-method PHĘÆĘ NG_THį»ØC phĘ°Ę”ng phĆ”p mįŗ­t mĆ£ (mį»™t trong %s)\n" +msgstr " -c, --crypt-method phĘ°Ę”ng phĆ”p mįŗ­t mĆ£ (mį»™t cį»§a %s)\n" msgid " -e, --encrypted supplied passwords are encrypted\n" msgstr "" @@ -777,11 +794,11 @@ msgstr "%s: cho phĆ©p cį» %s chį»‰ cĆ¹ng vį»›i cį» %s\n" #, c-format msgid "%s: the -c, -e, and -m flags are exclusive\n" -msgstr "%s: cĆ”c cį» ā€œ-cā€, ā€œ-eā€ vĆ  ā€œ-mā€ loįŗ”i tį»« lįŗ«n nhau\n" +msgstr "%s: cĆ”c cį» Ā« -c Ā», Ā« -e Ā» vĆ  Ā« -m Ā» loįŗ”i tį»« lįŗ«n nhau\n" #, c-format msgid "%s: unsupported crypt method: %s\n" -msgstr "%s: phĘ°Ę”ng phĆ”p mĆ£ hoĆ” khĆ“ng đʰį»£c hį»— trį»£: %s\n" +msgstr "%s: phĘ°Ę”ng phĆ”p mĆ£ hoĆ” khĆ“ng đʰį»£c hį»— trį»£ : %s\n" #, c-format msgid "%s: line %d: line too long\n" @@ -792,17 +809,17 @@ msgid "%s: line %d: missing new password\n" msgstr "%s: dĆ²ng %d: thiįŗæu mįŗ­t khįŗ©u mį»›i\n" #, fuzzy, c-format -#| msgid "%s: Failed to write %s: %s\n" +#| msgid "%s: failed to remove %s\n" msgid "%s: failed to crypt password with salt '%s': %s\n" -msgstr "%s: Gįŗ·p lį»—i khi ghi %s: %s\n" +msgstr "%s: khĆ“ng gį»” bį» đʰį»£c %s\n" #, c-format msgid "%s: line %d: group '%s' does not exist\n" -msgstr "%s: dĆ²ng %d, nhĆ³m ā€œ%sā€ khĆ“ng tį»“n tįŗ”i\n" +msgstr "%s: dĆ²ng %d, nhĆ³m Ā« %s Ā» khĆ“ng tį»“n tįŗ”i\n" #, c-format msgid "%s: line %d: failed to prepare the new %s entry '%s'\n" -msgstr "%s: dĆ²ng %d: gįŗ·p lį»—i khi chuįŗ©n bį»‹ mį»„c tin %s mį»›i ā€œ%sā€\n" +msgstr "%s: dĆ²ng %d: lį»—i chuįŗ©n bį»‹ mį»„c nhįŗ­p %s mį»›i Ā« %s Ā»\n" #, c-format msgid "%s: error detected, changes ignored\n" @@ -814,51 +831,51 @@ msgstr "%s: (dĆ²ng %d, ngĘ°į»i dĆ¹ng %s) mįŗ­t khįŗ©u chĘ°a thay đį»•i\n" #, c-format msgid "%s: line %d: user '%s' does not exist\n" -msgstr "%s: dĆ²ng %d: ngĘ°į»i dĆ¹ng ā€œ%sā€ khĆ“ng tį»“n tįŗ”i\n" +msgstr "%s: dĆ²ng %d: ngĘ°į»i dĆ¹ng Ā« %s Ā» khĆ“ng tį»“n tįŗ”i\n" msgid " -s, --shell SHELL new login shell for the user account\n" msgstr "" -" -s, --shell Hį»†_Vį»Ž dĆ¹ng hį»‡ vį» đăng nhįŗ­p mį»›i\n" -" cho tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" +" -s, --shell TRƌNH_BAO trƬnh bao đăng nhįŗ­p mį»›i\n" +" cho tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" msgid "Login Shell" -msgstr "Hį»‡ vį» Đăng nhįŗ­p" +msgstr "TrƬnh bao Đăng nhįŗ­p" #, c-format msgid "You may not change the shell for '%s'.\n" -msgstr "KhĆ“ng cho phĆ©p bįŗ”n thay đį»•i hį»‡ vį» đį»‘i vį»›i ā€œ%sā€.\n" +msgstr "KhĆ“ng cho phĆ©p bįŗ”n thay đį»•i trƬnh bao đį»‘i vį»›i Ā« %s Ā».\n" #, c-format msgid "Changing the login shell for %s\n" -msgstr "Đang thay đį»•i hį»‡ vį» đăng nhįŗ­p đį»‘i vį»›i %s\n" +msgstr "Đang thay đį»•i trƬnh bao đăng nhįŗ­p đį»‘i vį»›i %s\n" #, c-format msgid "%s: Invalid entry: %s\n" -msgstr "%s: mį»„c tin khĆ“ng hį»£p lį»‡: %s\n" +msgstr "%s: Mį»„c nhįŗ­p khĆ“ng hį»£p lį»‡: %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: %s is an invalid shell.\n" msgid "%s: %s is an invalid shell\n" -msgstr "%s: %s khĆ“ng phįŗ£i lĆ  hį»‡ vį» hį»£p lį»‡\n" +msgstr "%s: %s lĆ  mį»™t trƬnh bao khĆ“ng hį»£p lį»‡.\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: user '%s' does not exist\n" msgid "%s: Warning: %s does not exist\n" -msgstr "%s: Cįŗ£nh bĆ”o: %s khĆ“ng tį»“n tįŗ”i\n" +msgstr "%s: ngĘ°į»i dĆ¹ng Ā« %s Ā» khĆ“ng tį»“n tįŗ”i\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: warning: %s not owned by %s\n" msgid "%s: Warning: %s is not executable\n" -msgstr "%s: Cįŗ£nh bĆ”o: %s khĆ“ng cĆ³ quyį»n thį»±c thi\n" +msgstr "%s: cįŗ£nh bĆ”o : %s khĆ“ng phįŗ£i đʰį»£c %s sį»Ÿ hį»Æu\n" msgid " -c, --check check the user's password expiration\n" msgstr "" -" -c, --check kiį»ƒm tra sį»± hįŗæt hįŗ”n cį»§a mįŗ­t khįŗ©u ngĘ°į»i dĆ¹ng\n" msgid "" " -f, --force force password change if the user's " "password\n" " is expired\n" msgstr "" -" -f, --force Ć©p buį»™c đį»•i mįŗ­t khįŗ©u nįŗæu mįŗ­t khįŗ©u cį»§a ngĘ°į»i\n" -" dĆ¹ng hįŗæt hįŗ”n\n" #, c-format msgid "%s: options %s and %s conflict\n" @@ -906,20 +923,20 @@ msgstr "" "đįŗæm\n" " lįŗ§n khĆ“ng đăng nhįŗ­p đʰį»£c vĆ  cĆ”c giį»›i hįŗ”n nhĘ° " "thįŗæ\n" -" (nįŗæu dĆ¹ng vį»›i cį» ā€œ-rā€, ā€œ-mā€ hay ā€œ-lā€ riĆŖng " -"tį»«ng cĆ”i)\n" +" (nįŗæu dĆ¹ng vį»›i cį» Ā« -r Ā», Ā« -m Ā» hay Ā« -l Ā» " +"riĆŖng tį»«ng cĆ”i)\n" " chį»‰ cho mį»—i tĆŖn đăng nhįŗ­p đʰa ra\n" #, c-format msgid "%s: Failed to get the entry for UID %lu\n" -msgstr "%s: KhĆ“ng lįŗ„y đʰį»£c mį»„c tin cho UID %lu\n" +msgstr "%s: KhĆ“ng lįŗ„y đʰį»£c mį»„c nhįŗ­p cho UID %lu\n" msgid "Login Failures Maximum Latest On\n" -msgstr "Đăng nhįŗ­p Bį»‹ lį»—i Tį»‘i đa Mį»›i nhįŗ„t VĆ o\n" +msgstr "Đăng nhįŗ­p\t\tBį»‹ lį»—i\tTį»‘i đa\tMį»›i nhįŗ„t VĆ o\n" #, c-format msgid " [%lus left]" -msgstr " [cĆ²n %lus]" +msgstr " [%lus cĆ²n lįŗ”i]" #, c-format msgid " [%lds lock]" @@ -927,11 +944,11 @@ msgstr " [%lds khĆ³a]" #, c-format msgid "%s: Failed to reset fail count for UID %lu\n" -msgstr "%s: Gįŗ·p lį»—i khi đįŗ·t lįŗ”i sį»‘ đįŗæm cho UID %lu\n" +msgstr "%s: khĆ“ng đįŗ·t lįŗ”i đʰį»£c hĆ m đįŗæm cho UID %lu\n" #, c-format msgid "%s: Failed to set max for UID %lu\n" -msgstr "%s: Gįŗ·p lį»—i khi đįŗ·t sį»‘ tį»‘i đa cho UID %lu\n" +msgstr "%s: khĆ“ng đįŗ·t đʰį»£c sį»‘ tį»‘i đa cho UID %lu\n" #, c-format msgid "%s: Failed to set locktime for UID %lu\n" @@ -945,9 +962,10 @@ msgstr "%s: khĆ“ng nhįŗ­n ra ngĘ°į»i dĆ¹ng hay phįŗ”m vi: %s\n" msgid "%s: Cannot get the size of %s: %s\n" msgstr "%s: KhĆ“ng thį»ƒ lįŗ„y kĆ­ch cį»” cį»§a %s: %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: failed to remove %s\n" msgid "%s: Failed to write %s: %s\n" -msgstr "%s: Gįŗ·p lį»—i khi ghi %s: %s\n" +msgstr "%s: khĆ“ng gį»” bį» đʰį»£c %s\n" #, c-format msgid "" @@ -955,7 +973,7 @@ msgid "" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [tuį»³_chį»n] NHƓM\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n] NHƓM\n" "\n" "Tuį»³ chį»n:\n" @@ -966,7 +984,7 @@ msgid " -d, --delete USER remove USER from GROUP\n" msgstr " -d, --delete NGĘÆį»œI_DƙNG gį»” bį» ngĘ°į»i dĆ¹ng nĆ y khį»i NHƓM\n" msgid " -Q, --root CHROOT_DIR directory to chroot into\n" -msgstr " -Q, --root THĘÆ_Mį»¤C_Đį»”I thĘ° mį»„c gį»‘c sįŗ½ chuyį»ƒn đįŗæn\n" +msgstr "" msgid " -r, --remove-password remove the GROUP's password\n" msgstr " -r, --remove-password gį»” bį» mįŗ­t khįŗ©u cį»§a NHƓM\n" @@ -989,18 +1007,18 @@ msgstr "" " đįŗ·t danh sĆ”ch cĆ”c quįŗ£n trį»‹ cho NHƓM\n" msgid "Except for the -A and -M options, the options cannot be combined.\n" -msgstr "Trį»« hai tuį»³ chį»n ā€œ-Aā€ vĆ  ā€œ-Mā€, khĆ“ng thį»ƒ tį»• hį»£p cĆ”c tuį»³ chį»n.\n" +msgstr "Trį»« hai tuį»³ chį»n Ā« -A Ā» vĆ  Ā« -M Ā», khĆ“ng thį»ƒ tį»• hį»£p cĆ”c tuį»³ chį»n.\n" msgid "The options cannot be combined.\n" msgstr "KhĆ“ng thį»ƒ tį»• hį»£p cĆ”c tuį»³ chį»n.\n" #, c-format msgid "%s: shadow group passwords required for -A\n" -msgstr "%s: mįŗ­t khįŗ©u nhĆ³m shadow cįŗ§n cho tĆ¹y chį»n ā€œ-Aā€\n" +msgstr "%s: mįŗ­t khįŗ©u nhĆ³m bĆ³ng cįŗ§n thiįŗæt cho tĆ¹y chį»n Ā« -A Ā»\n" #, c-format msgid "%s: group '%s' does not exist in %s\n" -msgstr "%s: nhĆ³m ā€œ%sā€ khĆ“ng tį»“n tįŗ”i trong %s\n" +msgstr "%s: nhĆ³m Ā« %s Ā» khĆ“ng tį»“n tįŗ”i trong %s\n" #, c-format msgid "%s: failure while closing read-only %s\n" @@ -1017,11 +1035,11 @@ msgid "Re-enter new password: " msgstr "Nhįŗ­p lįŗ”i mįŗ­t khįŗ©u mį»›i: " msgid "They don't match; try again" -msgstr "Hai mįŗ­t khįŗ©u khĆ“ng khį»›p nhau, hĆ£y thį»­ lįŗ”i" +msgstr "Hai mįŗ­t khįŗ©u khĆ“ng trĆ¹ng thƬ hĆ”y thį»­ lįŗ”i." #, c-format msgid "%s: Try again later\n" -msgstr "%s: HĆ£y thį»­ lįŗ”i sau\n" +msgstr "%s: hĆ£y thį»­ lįŗ”i sau.\n" #, c-format msgid "Adding user %s to group %s\n" @@ -1033,7 +1051,7 @@ msgstr "Đang gį»” bį» ngĘ°į»i dĆ¹ng %s khį»i nhĆ³m %s\n" #, c-format msgid "%s: user '%s' is not a member of '%s'\n" -msgstr "%s: ngĘ°į»i dĆ¹ng ā€œ%sā€ khĆ“ng thuį»™c vį» ā€œ%sā€\n" +msgstr "%s: ngĘ°į»i dĆ¹ng Ā« %s Ā» khĆ“ng thuį»™c vį» Ā« %s Ā»\n" #, c-format msgid "%s: Not a tty\n" @@ -1045,7 +1063,7 @@ msgid "" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [tuį»³_chį»n ...] NHƓM\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...] NHƓM\n" "\n" "Tuį»³ chį»n:\n" @@ -1054,16 +1072,16 @@ msgid "" "exists,\n" " and cancel -g if the GID is already used\n" msgstr "" -" -f, --force thoĆ”t thĆ nh cĆ“ng nįŗæu nhĆ³m Ä‘Ć£ cĆ³, vĆ  \n" -" hį»§y bį» ā€œ-gā€ nįŗæu GID Ä‘Ć£ đʰį»£c dĆ¹ng\n" +" -f, --force thoĆ”t thĆ nh cĆ“ng nįŗæu nhĆ³m Ä‘Ć£ cĆ³, vĆ  hį»§y bį» Ā« " +"-g Ā» nįŗæu GID Ä‘Ć£ đʰį»£c dĆ¹ng\n" msgid " -g, --gid GID use GID for the new group\n" msgstr " -g, --gid GID dĆ¹ng GID nĆ y cho nhĆ³m mį»›i\n" msgid " -K, --key KEY=VALUE override /etc/login.defs defaults\n" msgstr "" -" -K, --key KHOƁ=GIƁ_TRį»Š ghi đĆØ lĆŖn cĆ”c giĆ” trį»‹ mįŗ·c đį»‹nh ā€œ/etc/login." -"defsā€\n" +" -K, --key KHOƁ=GIƁ_TRį»Š ghi đĆØ lĆŖn cĆ”c giĆ” trį»‹ mįŗ·c đį»‹nh Ā« /etc/login." +"defs Ā»\n" msgid "" " -o, --non-unique allow to create groups with duplicate\n" @@ -1083,43 +1101,53 @@ msgstr " -r, --system tįŗ”o mį»™t tĆ i khoįŗ£n hį»‡ thį»‘ng\n" #, c-format msgid "%s: '%s' is not a valid group name\n" -msgstr "%s: ā€œ%sā€ khĆ“ng phįŗ£i lĆ  tĆŖn nhĆ³m hį»£p lį»‡\n" +msgstr "%s: Ā« %s Ā» khĆ“ng phįŗ£i lĆ  tĆŖn nhĆ³m hį»£p lį»‡\n" #, c-format msgid "%s: invalid group ID '%s'\n" -msgstr "%s: mĆ£ sį»‘ nhĆ³m (GID) khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: mĆ£ sį»‘ nhĆ³m (GID) khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: -K requires KEY=VALUE\n" -msgstr "%s: -K cįŗ§n cĆŗ phĆ”p KHƓA=GIƁ_TRį»Š\n" +msgstr "%s: -K cįŗ§n thiįŗæt cĆŗ phĆ”p KHƓA=GIƁ_TRį»Š\n" #, c-format msgid "%s: group '%s' already exists\n" -msgstr "%s: nhĆ³m ā€œ%sā€ Ä‘Ć£ cĆ³\n" +msgstr "%s: nhĆ³m Ā« %s Ā» Ä‘Ć£ cĆ³\n" #, c-format msgid "%s: GID '%lu' already exists\n" -msgstr "%s: GID ā€œ%luā€ Ä‘Ć£ cĆ³\n" +msgstr "%s: GID Ā« %lu Ā» Ä‘Ć£ cĆ³\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: Cannot determine your user name.\n" msgid "%s: Cannot setup cleanup service.\n" -msgstr "%s: KhĆ“ng thį»ƒ cĆ i đįŗ·t dį»‹ch vį»„ dį»n dįŗ¹p.\n" +msgstr "%s: khĆ“ng thį»ƒ quyįŗæt đį»‹nh tĆŖn ngĘ°į»i dĆ¹ng cį»§a bįŗ”n.\n" + +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" +" -r, --reset đįŗ·t lįŗ”i cĆ”c bį»™ đįŗæm lįŗ§n khĆ“ng đăng nhįŗ­p đʰį»£c\n" #, c-format msgid "%s: cannot remove entry '%s' from %s\n" -msgstr "%s: khĆ“ng thį»ƒ gį»” bį» mį»„c tin ā€œ%sā€ khį»i %s\n" +msgstr "%s: khĆ“ng thį»ƒ gį»” bį» mį»„c nhįŗ­p Ā« %s Ā» khį»i %s\n" #, c-format msgid "%s: cannot remove the primary group of user '%s'\n" -msgstr "%s: khĆ“ng thį»ƒ gį»” bį» nhĆ³m chĆ­nh cį»§a ngĘ°į»i dĆ¹ng ā€œ%sā€\n" +msgstr "%s: khĆ“ng thį»ƒ gį»” bį» nhĆ³m chĆ­nh cį»§a ngĘ°į»i dĆ¹ng Ā« %s Ā»\n" #, c-format msgid "%s: group '%s' does not exist\n" -msgstr "%s: nhĆ³m ā€œ%sā€ khĆ“ng tį»“n tįŗ”i\n" +msgstr "%s: nhĆ³m Ā« %s Ā» khĆ“ng tį»“n tįŗ”i\n" #, c-format msgid "%s: group '%s' is a NIS group\n" -msgstr "%s: nhĆ³m ā€œ%sā€ lĆ  mį»™t nhĆ³m kiį»ƒu NIS\n" +msgstr "%s: nhĆ³m Ā« %s Ā» lĆ  mį»™t nhĆ³m kiį»ƒu NIS\n" #, c-format msgid "%s: %s is the NIS master\n" @@ -1127,11 +1155,11 @@ msgstr "%s: %s lĆ  NIS chį»§\n" #, c-format msgid "%s: user '%s' is already a member of '%s'\n" -msgstr "%s: ngĘ°į»i dĆ¹ng ā€œ%sā€ Ä‘Ć£ thuį»™c vį» ā€œ%sā€\n" +msgstr "%s: ngĘ°į»i dĆ¹ng Ā« %s Ā» Ä‘Ć£ thuį»™c vį» Ā« %s Ā»\n" #, c-format msgid "%s: Out of memory. Cannot update %s.\n" -msgstr "%s: Hįŗæt bį»™ nhį»›. KhĆ“ng thį»ƒ cįŗ­p nhįŗ­t %s.\n" +msgstr "%s: KhĆ“ng đį»§ bį»™ nhį»›. KhĆ“ng thį»ƒ cįŗ­p nhįŗ­t %s.\n" #, c-format msgid "" @@ -1139,7 +1167,7 @@ msgid "" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [tuį»³_chį»n ...] [hĆ nh_vi]\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...] [hĆ nh_vi]\n" "\n" "Tuį»³ chį»n:\n" @@ -1148,14 +1176,14 @@ msgid "" "group\n" " (root only)\n" msgstr "" -" -g, --group TƊN_NHƓM thay đį»•i tĆŖn cį»§a nhĆ³m nĆ y thay cho nhĆ³m cį»§a\n" -" ngĘ°į»i dĆ¹ng (chį»‰ siĆŖu quįŗ£n trį»‹)\n" +" -g, --group TƊN_NHƓM thay đį»•i tĆŖn cį»§a nhĆ³m nĆ y thay cho nhĆ³m cį»§a " +"ngĘ°į»i dĆ¹ng (chį»‰ ngĘ°į»i chį»§)\n" msgid "\n" msgstr "\n" msgid "Actions:\n" -msgstr "HĆ nh đį»™ng lĆ :\n" +msgstr "HĆ nh vi:\n" msgid "" " -a, --add username add username to the members of the group\n" @@ -1178,7 +1206,7 @@ msgstr "%s: tĆŖn nhĆ³m cį»§a bįŗ”n khĆ“ng tĘ°Ę”ng į»©ng vį»›i tĆŖn ngĘ°į»i dĆ¹n #, c-format msgid "%s: only root can use the -g/--group option\n" -msgstr "%s: chį»‰ siĆŖu quįŗ£n trį»‹ cĆ³ quyį»n sį»­ dį»„ng tuį»³ chį»n ā€œ-g/--groupā€\n" +msgstr "%s: chį»‰ ngĘ°į»i chį»§ cĆ³ quyį»n sį»­ dį»„ng tuį»³ chį»n Ā« -g/--group Ā»\n" msgid " -g, --gid GID change the group ID to GID\n" msgstr " -g, --gid GID thay đį»•i mĆ£ sį»‘ nhĆ³m sang GID nĆ y\n" @@ -1201,7 +1229,7 @@ msgstr "" #, c-format msgid "%s: invalid group name '%s'\n" -msgstr "%s: tĆŖn nhĆ³m khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: tĆŖn nhĆ³m khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: group %s is a NIS group\n" @@ -1211,57 +1239,70 @@ msgstr "%s: nhĆ³m %s lĆ  mį»™t nhĆ³m kiį»ƒu NIS\n" msgid "%s: unknown user %s\n" msgstr "%s: khĆ“ng rƵ ngĘ°į»i dĆ¹ng %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "" +#| "Usage: %s [options]\n" +#| "\n" +#| "Options:\n" msgid "" "Usage: %s [options] [group [gshadow]]\n" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [cĆ”c_tuį»³_chį»n] [group [gshadow]]\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...]\n" "\n" "Tuį»³ chį»n:\n" -#, c-format +#, fuzzy, c-format +#| msgid "" +#| "Usage: %s [options]\n" +#| "\n" +#| "Options:\n" msgid "" "Usage: %s [options] [group]\n" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [cĆ”c_tuį»³_chį»n] [group]\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...]\n" "\n" "Tuį»³ chį»n:\n" +#, fuzzy +#| msgid "" +#| " -s, --sha-rounds number of SHA rounds for the SHA*\n" +#| " crypt algorithms\n" msgid "" " -r, --read-only display errors and warnings\n" " but do not change files\n" msgstr "" -" -r, --read-only hiį»ƒn thį»‹ lį»—i vĆ  cįŗ£nh bĆ”o\n" -" nhĘ°ng khĆ“ng thay đį»•i cĆ”c tįŗ­p tin\n" +" -s, --sha-rounds sį»‘ vĆ²ng SHA cho thuįŗ­t toĆ”n mĆ£ hoĆ” SHA*\n" +#, fuzzy +#| msgid " -g, --gid GID use GID for the new group\n" msgid " -s, --sort sort entries by UID\n" -msgstr " -s, --sort sįŗÆp xįŗæp cĆ”c mį»„c tin theo UID\n" +msgstr " -g, --gid GID dĆ¹ng GID nĆ y cho nhĆ³m mį»›i\n" #, c-format msgid "%s: -s and -r are incompatible\n" -msgstr "%s: hai tĆ¹y chį»n ā€œ-sā€ vĆ  ā€œ-rā€ khĆ“ng tĘ°Ę”ng thĆ­ch vį»›i nhau\n" +msgstr "%s: hai tĆ¹y chį»n Ā« -s Ā» vĆ  Ā« -r Ā» khĆ“ng tĘ°Ę”ng thĆ­ch vį»›i nhau\n" msgid "invalid group file entry" -msgstr "mį»„c tin tįŗ­p tin nhĆ³m khĆ“ng hį»£p lį»‡" +msgstr "mį»„c nhįŗ­p tįŗ­p tin nhĆ³m khĆ“ng hį»£p lį»‡" #, c-format msgid "delete line '%s'? " -msgstr "xĆ³a dĆ²ng ā€œ%sā€ khĆ“ng? " +msgstr "xĆ³a dĆ²ng Ā« %s Ā» khĆ“ng? " msgid "duplicate group entry" -msgstr "mį»„c tin nhĆ³m trĆ¹ng" +msgstr "mį»„c nhįŗ­p nhĆ³m trĆ¹ng" #, c-format msgid "invalid group name '%s'\n" -msgstr "tĆŖn nhĆ³m khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "tĆŖn nhĆ³m khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "invalid group ID '%lu'\n" -msgstr "mĆ£ sį»‘ nhĆ³m khĆ“ng hį»£p lį»‡ ā€œ%luā€\n" +msgstr "mĆ£ sį»‘ nhĆ³m khĆ“ng hį»£p lį»‡ Ā« %lu Ā»\n" #, c-format msgid "group %s: no user %s\n" @@ -1269,40 +1310,40 @@ msgstr "nhĆ³m %s: khĆ“ng cĆ³ ngĘ°į»i dĆ¹ng %s\n" #, c-format msgid "delete member '%s'? " -msgstr "xĆ³a thĆ nh viĆŖn ā€œ%sā€ khĆ“ng? " +msgstr "xĆ³a thĆ nh viĆŖn Ā« %s Ā» khĆ“ng? " #, c-format msgid "no matching group file entry in %s\n" -msgstr "khĆ“ng cĆ³ mį»„c tin tįŗ­p tin nhĆ³m tĘ°Ę”ng į»©ng trong %s\n" +msgstr "khĆ“ng cĆ³ mį»„c nhįŗ­p tįŗ­p tin nhĆ³m tĘ°Ę”ng į»©ng trong %s\n" #, c-format msgid "add group '%s' in %s? " -msgstr "thĆŖm nhĆ³m ā€œ%sā€ trong %s khĆ“ng?" +msgstr "thĆŖm nhĆ³m Ā« %s Ā» trong %s khĆ“ng?" #, c-format msgid "" "group %s has an entry in %s, but its password field in %s is not set to 'x'\n" msgstr "" -"nhĆ³m %s cĆ³ mį»™t mį»„c tin trong %s, cĆ²n trĘ°į»ng mįŗ­t khįŗ©u trong %s khĆ“ng phįŗ£i " -"đʰį»£c đįŗ·t thĆ nh ā€œxā€\n" +"nhĆ³m %s cĆ³ mį»™t mį»„c nhįŗ­p trong %s, cĆ²n trĘ°į»ng mįŗ­t khįŗ©u trong %s khĆ“ng phįŗ£i " +"đʰį»£c đįŗ·t thĆ nh Ā« x Ā»\n" msgid "invalid shadow group file entry" -msgstr "mį»„c tin tįŗ­p tin nhĆ³m shadow khĆ“ng hį»£p lį»‡" +msgstr "mį»„c nhįŗ­p tįŗ­p tin nhĆ³m bĆ³ng khĆ“ng hį»£p lį»‡" msgid "duplicate shadow group entry" -msgstr "mį»„c tin nhĆ³m shadow trĆ¹ng" +msgstr "mį»„c nhįŗ­p nhĆ³m bĆ³ng trĆ¹ng" #, c-format msgid "shadow group %s: no administrative user %s\n" -msgstr "nhĆ³m shadow %s: khĆ“ng cĆ³ ngĘ°į»i dĆ¹ng quįŗ£n trį»‹ %s\n" +msgstr "nhĆ³m bĆ³ng %s: khĆ“ng cĆ³ ngĘ°į»i dĆ¹ng quįŗ£n trį»‹ %s\n" #, c-format msgid "delete administrative member '%s'? " -msgstr "xĆ³a thĆ nh viĆŖn quįŗ£n trį»‹ ā€œ%sā€ khĆ“ng? " +msgstr "xĆ³a thĆ nh viĆŖn quįŗ£n trį»‹ Ā« %s Ā» khĆ“ng? " #, c-format msgid "shadow group %s: no user %s\n" -msgstr "nhĆ³m shadow %s: khĆ“ng cĆ³ ngĘ°į»i dĆ¹ng %s\n" +msgstr "nhĆ³m bĆ³ng %s: khĆ“ng cĆ³ ngĘ°į»i dĆ¹ng %s\n" #, c-format msgid "%s: the files have been updated\n" @@ -1317,10 +1358,10 @@ msgid "%s: cannot delete %s\n" msgstr "%s: khĆ“ng thį»ƒ xoĆ” %s\n" msgid "Usage: id [-a]\n" -msgstr "CĆ”ch dĆ¹ng: id [-a]\n" +msgstr "Sį»­ dį»„ng: id [-a]\n" msgid "Usage: id\n" -msgstr "CĆ”ch dĆ¹ng: id\n" +msgstr "Sį»­ dį»„ng: id\n" msgid " groups=" msgstr " nhĆ³m=" @@ -1328,16 +1369,35 @@ msgstr " nhĆ³m=" msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" -" -b, --before Sį» hiį»ƒn thį»‹ chį»‰ nhį»Æng bįŗ£n ghi lastlog cÅ© hĘ”n Sį» " -"ngĆ y\n" +" -b, --before Sį» hiį»ƒn thį»‹ chį»‰ nhį»Æng bįŗ£n ghi lastlog\n" " cÅ© hĘ”n sį»‘ ngĆ y nĆ y (_trĘ°į»›c_)\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" +" -a, --all hiį»ƒn thį»‹ cĆ”c mį»„c ghi faillog cho mį»i ngĘ°į»i " +"dĆ¹ng\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" +" -a, --all hiį»ƒn thį»‹ cĆ”c mį»„c ghi faillog cho mį»i ngĘ°į»i " +"dĆ¹ng\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" msgstr "" " -t, --time Sį» hiį»ƒn thį»‹ chį»‰ nhį»Æng mį»„c ghi lastlog\n" -" mį»›i hĘ”n sį»‘ ngĆ y nĆ y (_thį»i gian_)\n" +" mį»›i hĘ”n sį»‘ ngĆ y nĆ y (_thį»i gian_)\n" msgid "" " -u, --user LOGIN print lastlog record of the specified LOGIN\n" @@ -1346,17 +1406,35 @@ msgstr "" "tĆŖn nĆ y\n" msgid "Username Port From Latest" -msgstr "TĆ i_khoįŗ£n Cį»•ng Tį»« Mį»›i nhįŗ„t" +msgstr "TĆŖn dĆ¹ng\t\t Cį»•ng Tį»«\t\tMį»›i nhįŗ„t" msgid "Username Port Latest" -msgstr "NgĘ°į»i dĆ¹ng Cį»•ng Mį»›i nhįŗ„t" +msgstr "TĆŖn dĆ¹ng\t\t\t Cį»•ng Mį»›i nhįŗ„t" msgid "**Never logged in**" msgstr "**ChĘ°a bao giį» đăng nhįŗ­p**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%s: KhĆ“ng lįŗ„y đʰį»£c mį»„c nhįŗ­p cho UID %lu\n" + +#, fuzzy, c-format +#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%s: khĆ“ng đįŗ·t lįŗ”i đʰį»£c mį»„c nhįŗ­p lastlog cį»§a UID %lu: %s\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" -msgstr "CĆ”ch dĆ¹ng: %s [-p] [tĆŖn]\n" +msgstr "Sį»­ dį»„ng: %s [-p] [tĆŖn]\n" #, c-format msgid " %s [-p] [-h host] [-f name]\n" @@ -1368,7 +1446,7 @@ msgstr " %s [-p] -r mĆ”y\n" #, c-format msgid "configuration error - cannot parse %s value: '%d'" -msgstr "lį»—i cįŗ„u hƬnh ā€” khĆ“ng thį»ƒ phĆ¢n tĆ­ch cĆŗ phĆ”p cį»§a giĆ” trį»‹ %s: ā€œ%dā€" +msgstr "lį»—i cįŗ„u hƬnh ā€” khĆ“ng thį»ƒ phĆ¢n tĆ­ch cĆŗ phĆ”p cį»§a giĆ” trį»‹ %s: Ā« %d Ā»" msgid "Invalid login time" msgstr "Thį»i gian đăng nhįŗ­p khĆ“ng hį»£p lį»‡" @@ -1385,7 +1463,16 @@ msgid "" "[Disconnect bypassed -- root login allowed.]" msgstr "" "\n" -"[Chį»©c năng ngįŗÆt kįŗæt nį»‘i Ä‘Ć£ bį»‹ vĆ²ng: cho phĆ©p siĆŖu quįŗ£n trį»‹ đăng nhįŗ­p.]" +"[Chį»©c năng ngįŗÆt kįŗæt nį»‘i Ä‘Ć£ bį»‹ vĆ²ng: cho phĆ©p ngĘ°į»i chį»§ đăng nhįŗ­p.]" + +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "%s: KhĆ“ng thį»ƒ lĆ m viį»‡c mĆ  khĆ“ng cĆ³ gį»‘c cĆ³ hiį»‡u lį»±c\n" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" +"KhĆ“ng cĆ³ mį»„c nhįŗ­p utmp. VƬ thįŗæ bįŗ”n cįŗ§n phįŗ£i thį»±c hiį»‡n Ā« login Ā» (đăng nhįŗ­p) " +"tį»« Ā« sh Ā» (trƬnh bao) cįŗ„p dĘ°į»›i cĆ¹ng." #, c-format msgid "" @@ -1395,18 +1482,9 @@ msgstr "" "\n" "Đăng nhįŗ­p Ä‘Ć£ quĆ” hįŗ”n sau %u giĆ¢y.\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "%s: KhĆ“ng thį»ƒ lĆ m viį»‡c mĆ  khĆ“ng cĆ³ gį»‘c cĆ³ hiį»‡u lį»±c\n" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" -"KhĆ“ng cĆ³ mį»„c tin utmp. VƬ thįŗæ bįŗ”n cįŗ§n phįŗ£i thį»±c hiį»‡n ā€œloginā€ (đăng nhįŗ­p) tį»« " -"ā€œshā€ (hį»‡ vį») cįŗ„p dĘ°į»›i cĆ¹ng." - #, c-format msgid "login: PAM Failure, aborting: %s\n" -msgstr "login: (đăng nhįŗ­p) PAM bį»‹ lį»—i nĆŖn hį»§y bį»: %s\n" +msgstr "login: (đăng nhįŗ­p) PAM bį»‹ lį»—i nĆŖn hį»§y bį» : %s\n" #, c-format msgid "%s login: " @@ -1425,9 +1503,10 @@ msgstr "login: (đăng nhįŗ­p) PAM Ä‘Ć£ yĆŖu cįŗ§u hį»§y bį»\n" msgid "Login incorrect" msgstr "Đăng nhįŗ­p khĆ“ng đĆŗng" -#, c-format +#, fuzzy, c-format +#| msgid "%s: Cannot determine your user name.\n" msgid "Cannot find user (%s)\n" -msgstr "KhĆ“ng thį»ƒ tƬm thįŗ„y ngĘ°į»i dĆ¹ng (%s)\n" +msgstr "%s: khĆ“ng thį»ƒ quyįŗæt đį»‹nh tĆŖn ngĘ°į»i dĆ¹ng cį»§a bįŗ”n.\n" #, c-format msgid "" @@ -1446,7 +1525,7 @@ msgid "TIOCSCTTY failed on %s" msgstr "TIOCSCTTY bį»‹ lį»—i vĆ o %s" msgid "Warning: login re-enabled after temporary lockout." -msgstr "Cįŗ£nh bĆ”o: đăng nhįŗ­p Ä‘Ć£ bįŗ­t lįŗ”i sau bį»‹ khoĆ” ra tįŗ”m thį»i." +msgstr "Cįŗ£nh bĆ”o : đăng nhįŗ­p Ä‘Ć£ bįŗ­t lįŗ”i sau bį»‹ khoĆ” ra tįŗ”m thį»i." #, c-format msgid "Last login: %s on %s" @@ -1468,22 +1547,22 @@ msgstr "" "\n" msgid "Usage: logoutd\n" -msgstr "CĆ”ch dĆ¹ng: logoutd\n" +msgstr "Usage: logoutd\n" msgid "Usage: newgrp [-] [group]\n" msgstr "" -"CĆ”ch dĆ¹ng: newgrp [-] [nhĆ³m]\n" +"Sį»­ dį»„ng: newgrp [-] [nhĆ³m]\n" "[newgrp: nhĆ³m mį»›i]\n" msgid "Usage: sg group [[-c] command]\n" msgstr "" -"CĆ”ch dĆ¹ng: sg group [[-c] lį»‡nh]\n" +"Sį»­ dį»„ng: sg group [[-c] lį»‡nh]\n" "[group: nhĆ³m]\n" #, fuzzy, c-format -#| msgid "%s: Failed to write %s: %s\n" +#| msgid "%s: failed to remove %s\n" msgid "%s: failed to crypt password with previous salt: %s\n" -msgstr "%s: Gįŗ·p lį»—i khi ghi %s: %s\n" +msgstr "%s: khĆ“ng gį»” bį» đʰį»£c %s\n" msgid "Invalid password.\n" msgstr "Mįŗ­t khįŗ©u khĆ“ng hį»£p lį»‡.\n" @@ -1494,7 +1573,7 @@ msgstr "%s: lį»—i tįŗ”o tiįŗæn trƬnh con: %s\n" #, c-format msgid "%s: GID '%lu' does not exist\n" -msgstr "%s: GID ā€œ%luā€ khĆ“ng tį»“n tįŗ”i\n" +msgstr "%s: GID Ā« %lu Ā» khĆ“ng tį»“n tįŗ”i\n" msgid "too many groups\n" msgstr "quĆ” nhiį»u nhĆ³m\n" @@ -1505,15 +1584,15 @@ msgstr " -r, --system tįŗ”o cĆ”c tĆ i khoįŗ£n hį»‡ thį»‘ng\n" #, c-format msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n" msgstr "" -"%s: nhĆ³m ā€œ%sā€ lĆ  mį»™t nhĆ³m shadow, nhĘ°ng khĆ“ng tį»“n tįŗ”i trong ā€œ/etc/groupā€\n" +"%s: nhĆ³m Ā« %s Ā» lĆ  mį»™t nhĆ³m bĆ³ng, nhĘ°ng khĆ“ng tį»“n tįŗ”i trong Ā« /etc/group Ā»\n" #, c-format msgid "%s: invalid user ID '%s'\n" -msgstr "%s: mĆ£ sį»‘ ngĘ°į»i dĆ¹ng khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: mĆ£ sį»‘ ngĘ°į»i dĆ¹ng khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: invalid user name '%s'\n" -msgstr "%s: tĆŖn dĆ¹ng khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: tĆŖn dĆ¹ng khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: line %d: invalid line\n" @@ -1522,7 +1601,7 @@ msgstr "%s: dĆ²ng %d: dĆ²ng khĆ“ng hį»£p lį»‡\n" #, c-format msgid "%s: cannot update the entry of user %s (not in the passwd database)\n" msgstr "" -"%s: khĆ“ng thį»ƒ cįŗ­p nhįŗ­t mį»„c tin cį»§a ngĘ°į»i dĆ¹ng %s (khĆ“ng cĆ³ trong cĘ” sį»Ÿ dį»Æ " +"%s: khĆ“ng thį»ƒ cįŗ­p nhįŗ­t mį»„c nhįŗ­p cį»§a ngĘ°į»i dĆ¹ng %s (khĆ“ng cĆ³ trong cĘ” sį»Ÿ dį»Æ " "liį»‡u mįŗ­t khįŗ©u passwd)\n" #, c-format @@ -1535,7 +1614,7 @@ msgstr "%s: dĆ²ng %d: khĆ“ng thį»ƒ tįŗ”o nhĆ³m\n" #, c-format msgid "%s: line %d: user '%s' does not exist in %s\n" -msgstr "%s: dĆ²ng %d: ngĘ°į»i dĆ¹ng ā€œ%sā€ khĆ“ng tį»“n tįŗ”i trong %s\n" +msgstr "%s: dĆ²ng %d: ngĘ°į»i dĆ¹ng Ā« %s Ā» khĆ“ng tį»“n tįŗ”i trong %s\n" #, c-format msgid "%s: line %d: can't update password\n" @@ -1551,12 +1630,12 @@ msgstr "%s: dĆ²ng %d: lį»—i chown (thay đį»•i quyį»n sį»Ÿ hį»Æu) %s: %s\n" #, c-format msgid "%s: line %d: can't update entry\n" -msgstr "%s: dĆ²ng %d: khĆ“ng thį»ƒ cįŗ­p nhįŗ­t mį»„c tin\n" +msgstr "%s: dĆ²ng %d: khĆ“ng thį»ƒ cįŗ­p nhįŗ­t mį»„c nhįŗ­p\n" #, fuzzy, c-format #| msgid "%s: failed to prepare the new %s entry '%s'\n" msgid "%s: failed to prepare new %s entry\n" -msgstr "%s: gįŗ·p lį»—i khi chuįŗ©n bį»‹ mį»„c tin %s mį»›i ā€œ%sā€\n" +msgstr "%s: lį»—i chuįŗ©n bį»‹ mį»„c nhįŗ­p %s mį»›i Ā« %s Ā»\n" #, fuzzy, c-format #| msgid "%s: can't create user\n" @@ -1640,7 +1719,7 @@ msgstr "" "khi thay đį»•i đʰį»£c mįŗ­t khįŗ©u\n" msgid "Old password: " -msgstr "Mįŗ­t khįŗ©u cÅ©: " +msgstr "Mįŗ­t khįŗ©u cÅ© : " #, c-format msgid "" @@ -1669,7 +1748,7 @@ msgid "" "Warning: weak password (enter it again to use it anyway)." msgstr "" "\n" -"Cįŗ£nh bĆ”o: mįŗ­t khįŗ©u yįŗæu (nhįŗ­p lįŗ”i đį»ƒ vįŗ«n chį»n)" +"Cįŗ£nh bĆ”o : mįŗ­t khįŗ©u yįŗæu (nhįŗ­p lįŗ”i đį»ƒ vįŗ«n chį»n)" msgid "They don't match; try again.\n" msgstr "Hai mįŗ­t khįŗ©u khĆ“ng trĆ¹ng: hĆ£y thį»­ lįŗ”i.\n" @@ -1689,8 +1768,8 @@ msgid "" "account.\n" msgstr "" "%s: mį»Ÿ khoĆ” mįŗ­t khįŗ©u thƬ gĆ¢y ra mį»™t tĆ i khoįŗ£n khĆ“ng cĆ³ mįŗ­t khįŗ©u.\n" -"Bįŗ”n nĆŖn đįŗ·t mį»™t mįŗ­t khįŗ©u dĆ¹ng cĆ¢u lį»‡nh ā€œusermod -pā€ đį»ƒ mį»Ÿ khoĆ” mįŗ­t khįŗ©u cį»§a " -"tĆ i khoįŗ£n nĆ y.\n" +"Bįŗ”n nĆŖn đįŗ·t mį»™t mįŗ­t khįŗ©u dĆ¹ng cĆ¢u lį»‡nh Ā« usermod -p Ā» đį»ƒ mį»Ÿ khoĆ” mįŗ­t khįŗ©u " +"cį»§a tĆ i khoįŗ£n nĆ y.\n" #, c-format msgid "%s: repository %s not supported\n" @@ -1721,96 +1800,109 @@ msgstr "%s: mįŗ­t khįŗ©u Ä‘Ć£ thay đį»•i.\n" msgid "%s: password expiry information changed.\n" msgstr "%s: thĆ“ng tin Ä‘Ć£ thay đį»•i vį» sį»± hįŗæt hįŗ”n sį»­ dį»„ng mįŗ­t khįŗ©u.\n" -#, c-format +#, fuzzy, c-format +#| msgid "" +#| "Usage: %s [options]\n" +#| "\n" +#| "Options:\n" msgid "" "Usage: %s [options] [passwd]\n" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [cĆ”c_tuį»³_chį»n] [passwd]\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...]\n" "\n" "Tuį»³ chį»n:\n" -#, c-format +#, fuzzy, c-format +#| msgid "" +#| "Usage: %s [options]\n" +#| "\n" +#| "Options:\n" msgid "" "Usage: %s [options] [passwd [shadow]]\n" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [cĆ”c_tuį»³_chį»n] [passwd [shadow]]\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...]\n" "\n" "Tuį»³ chį»n:\n" +#, fuzzy +#| msgid " -g, --gid GID use GID for the new group\n" msgid " -q, --quiet report errors only\n" -msgstr " -q, --quiet chį»‰ bĆ”o cĆ”o lį»—i\n" +msgstr " -g, --gid GID dĆ¹ng GID nĆ y cho nhĆ³m mį»›i\n" #, c-format msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n" msgstr "" -"%s: khĆ“ng cho phĆ©p tįŗ­p tin shadow thay thįŗæ khi mĆ  biįŗæn USE_TCB đʰį»£c đįŗ·t.\n" msgid "invalid password file entry" -msgstr "mį»„c tin tįŗ­p tin mįŗ­t khįŗ©u khĆ“ng hį»£p lį»‡" +msgstr "Mį»„c nhįŗ­p tįŗ­p tin mįŗ­t khįŗ©u khĆ“ng hį»£p lį»‡" msgid "duplicate password entry" -msgstr "mį»„c tin mįŗ­t khįŗ©u trĆ¹ng" +msgstr "mį»„c nhįŗ­p mįŗ­t khįŗ©u trĆ¹ng" #, c-format msgid "invalid user name '%s'\n" -msgstr "tĆŖn ngĘ°į»i dĆ¹ng khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "tĆŖn ngĘ°į»i dĆ¹ng khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "invalid user ID '%lu'\n" -msgstr "mĆ£ sį»‘ ngĘ°į»i dĆ¹ng khĆ“ng hį»£p lį»‡ ā€œ%luā€\n" +msgstr "mĆ£ sį»‘ ngĘ°į»i dĆ¹ng khĆ“ng hį»£p lį»‡ Ā« %lu Ā»\n" #, c-format msgid "user '%s': no group %lu\n" -msgstr "ngĘ°į»i dĆ¹ng ā€œ%sā€: khĆ“ng cĆ³ nhĆ³m %lu\n" +msgstr "ngĘ°į»i dĆ¹ng Ā« %s Ā»: khĆ“ng cĆ³ nhĆ³m %lu\n" #, c-format msgid "user '%s': directory '%s' does not exist\n" -msgstr "ngĘ°į»i dĆ¹ng ā€œ%sā€: thĘ° mį»„c ā€œ%sā€ khĆ“ng tį»“n tįŗ”i\n" +msgstr "ngĘ°į»i dĆ¹ng Ā« %s Ā»: thĘ° mį»„c Ā« %s Ā» khĆ“ng tį»“n tįŗ”i\n" #, c-format msgid "user '%s': program '%s' does not exist\n" -msgstr "ngĘ°į»i dĆ¹ng ā€œ%sā€: chĘ°Ę”ng trƬnh ā€œ%sā€ khĆ“ng tį»“n tįŗ”i\n" +msgstr "ngĘ°į»i dĆ¹ng Ā« %s Ā»: chĘ°Ę”ng trƬnh Ā« %s Ā» khĆ“ng tį»“n tįŗ”i\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "no tcb directory for %s\n" -msgstr "khĆ“ng cĆ³ thĘ° mį»„c tcb cho %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "create tcb directory for %s?" -msgstr "tįŗ”o thĘ° mį»„c tcb %s khĆ“ng?" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "failed to create tcb directory for %s\n" -msgstr "gįŗ·p lį»—i khi tįŗ”o thĘ° mį»„c tcb cho %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot open %s\n" msgid "%s: cannot lock %s.\n" -msgstr "%s: khĆ“ng thį»ƒ khĆ³a %s.\n" +msgstr "%s: khĆ“ng thį»ƒ mį»Ÿ %s\n" #, c-format msgid "no matching password file entry in %s\n" -msgstr "khĆ“ng cĆ³ mį»„c tin tįŗ­p tin mįŗ­t khįŗ©u tĘ°Ę”ng į»©ng trong %s\n" +msgstr "khĆ“ng cĆ³ mį»„c nhįŗ­p tįŗ­p tin mįŗ­t khįŗ©u tĘ°Ę”ng į»©ng trong %s\n" #, c-format msgid "add user '%s' in %s? " -msgstr "thĆŖm ngĘ°į»i dĆ¹ng ā€œ%sā€ trong %s khĆ“ng?" +msgstr "thĆŖm ngĘ°į»i dĆ¹ng Ā« %s Ā» trong %s khĆ“ng?" #, c-format msgid "" "user %s has an entry in %s, but its password field in %s is not set to 'x'\n" msgstr "" -"ngĘ°į»i dĆ¹ng %s cĆ³ mį»™t mį»„c tin trong %s, cĆ²n trĘ°į»ng mįŗ­t khįŗ©u trong %s khĆ“ng " -"phįŗ£i đʰį»£c đįŗ·t thĆ nh ā€œsā€\n" +"ngĘ°į»i dĆ¹ng %s cĆ³ mį»™t mį»„c nhįŗ­p trong %s, cĆ²n trĘ°į»ng mįŗ­t khįŗ©u trong %s khĆ“ng " +"phįŗ£i đʰį»£c đįŗ·t thĆ nh Ā« s Ā»\n" msgid "invalid shadow password file entry" -msgstr "mį»„c tin tįŗ­p tin mįŗ­t khįŗ©u shadow khĆ“ng hį»£p lį»‡" +msgstr "mį»„c nhįŗ­p tįŗ­p tin mįŗ­t khįŗ©u bĆ³ng khĆ“ng hį»£p lį»‡" msgid "duplicate shadow password entry" -msgstr "mį»„c tin mįŗ­t khįŗ©u shadow trĆ¹ng" +msgstr "mį»„c nhįŗ­p mįŗ­t khįŗ©u bĆ³ng trĆ¹ng" #, c-format msgid "user %s: last password change in the future\n" @@ -1818,18 +1910,18 @@ msgstr "ngĘ°į»i dĆ¹ng %s: lįŗ§n thay đį»•i mįŗ­t khįŗ©u cuį»‘i cĆ¹ng nįŗ±m tro #, c-format msgid "%s: cannot sort entries in %s\n" -msgstr "%s: khĆ“ng thį»ƒ sįŗÆp xįŗæp cĆ”c mį»„c tin trong %s\n" +msgstr "%s: khĆ“ng thį»ƒ sįŗÆp xįŗæp cĆ”c mį»„c nhįŗ­p trong %s\n" #, c-format msgid "%s: can't work with tcb enabled\n" -msgstr "%s: khĆ“ng thį»ƒ lĆ m viį»‡c khi tcb đʰį»£c bįŗ­t\n" +msgstr "" #, c-format msgid "%s: failed to change the mode of %s to 0600\n" msgstr "%s: khĆ“ng thay đį»•i đʰį»£c chįŗæ đį»™ cį»§a %s thĆ nh 0600\n" msgid "Access to su to that account DENIED.\n" -msgstr "Truy cįŗ­p ā€œsuā€ vĆ o tĆ i khoįŗ£n Ä‘Ć³ Bį»Š Tį»Ŗ CHį»I.\n" +msgstr "Truy cįŗ­p Ā« su Ā» vĆ o tĆ i khoįŗ£n Ä‘Ć³ Bį»Š Tį»Ŗ CHį»I.\n" msgid "Password authentication bypassed.\n" msgstr "XĆ”c thį»±c mįŗ­t khįŗ©u bį»‹ đi vĆ²ng.\n" @@ -1837,29 +1929,30 @@ msgstr "XĆ”c thį»±c mįŗ­t khįŗ©u bį»‹ đi vĆ²ng.\n" msgid "Please enter your OWN password as authentication.\n" msgstr "HĆ£y nhįŗ­p mįŗ­t khįŗ©u cį»§a MƌNH đį»ƒ xĆ”c thį»±c.\n" -msgid " ...killed.\n" -msgstr " ...Ä‘Ć£ chįŗæt.\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...đang đį»£i tiįŗæn con chįŗ„m dį»©t.\n" - -#, c-format +#, fuzzy, c-format +#| msgid "%s: Cannot determine your user name.\n" msgid "%s: Cannot fork user shell\n" -msgstr "%s: KhĆ“ng thį»ƒ rįŗ½ nhĆ”nh tiįŗæn trƬnh hį»‡ vį» ngĘ°į»i dĆ¹ng\n" +msgstr "%s: khĆ“ng thį»ƒ quyįŗæt đį»‹nh tĆŖn ngĘ°į»i dĆ¹ng cį»§a bįŗ”n.\n" #, c-format msgid "%s: signal malfunction\n" -msgstr "%s: tĆ­n hiį»‡u trį»„c trįŗ·c\n" +msgstr "" #, c-format msgid "%s: signal masking malfunction\n" -msgstr "%s: trį»„c trįŗ·c mįŗ·t nįŗ” tĆ­n hiį»‡u\n" +msgstr "" msgid "Session terminated, terminating shell..." -msgstr "PhiĆŖn lĆ m viį»‡c Ä‘Ć£ kįŗæt thĆŗc, nĆŖn kįŗæt thĆŗc hį»‡ vį»..." +msgstr "" + +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" msgid " ...terminated.\n" -msgstr " ...Ä‘Ć£ chįŗ„m dį»©t.\n" +msgstr "" #, c-format msgid "%s: %s\n" @@ -1878,20 +1971,20 @@ msgid "" " -s, --shell SHELL use SHELL instead of the default in passwd\n" "\n" msgstr "" -"CĆ”ch dĆ¹ng: su [tĆ¹y_chį»n...] [đăng_nhįŗ­p]\n" +"Sį»­ dį»„ng: su [tĆ¹y_chį»n...] [đăng_nhįŗ­p]\n" "\n" "[su: siĆŖu ngĘ°į»i dĆ¹ng]\n" "\n" "TĆ¹y chį»n:\n" -" -c, --command Lį»†NH gį»Ÿi lį»‡nh nĆ y qua cho hį»‡ vį» Ä‘Ć£ gį»i\n" +" -c, --command Lį»†NH gį»Ÿi lį»‡nh nĆ y qua cho trƬnh bao Ä‘Ć£ gį»i\n" " -h, --help hiį»ƒn thį»‹ _trį»£ giĆŗp_ nĆ y rį»“i thoĆ”t\n" -" -, -l, --login lįŗ­p hį»‡ vį» lĆ  hį»‡ vį» _đăng nhįŗ­p_\n" +" -, -l, --login lįŗ­p trƬnh bao lĆ  trƬnh bao _đăng nhįŗ­p_\n" " -m, -p,\n" -" --preserve-environment đį»«ng đįŗ·t lįŗ”i cĆ”c biįŗæn _mĆ“i trĘ°į»ng_, vĆ  " +" --preserve-environment đį»«ng lįŗ­p lįŗ”i cĆ”c biįŗæn _mĆ“i trĘ°į»ng_, vĆ  " "_giį»Æ_\n" -" hį»‡ vį» hiį»‡n cĆ³\n" -" -s, --shell Hį»†_Vį»Ž dĆ¹ng hį»‡ vį» nĆ y thay cho trƬnh mįŗ·c đį»‹nh trong " -"passwd\n" +" trƬnh bao hiį»‡n cĆ³\n" +" -s, --shell TRƌNH_BAO sį»­ dį»„ng trƬnh bao nĆ y thay cho trƬnh mįŗ·c " +"đį»‹nh trong passwd\n" "\n" #, c-format @@ -1900,11 +1993,11 @@ msgid "" "(Ignored)\n" msgstr "" "%s: %s\n" -"(Bį»‹ bį» qua)\n" +"(Bį»‹ bo qua)\n" #, c-format msgid "You are not authorized to su %s\n" -msgstr "Bįŗ”n khĆ“ng cĆ³ quyį»n sį»­ dį»„ng lį»‡nh ā€œsuā€ (siĆŖu ngĘ°į»i dĆ¹ng) vį»›i %s.\n" +msgstr "Bįŗ”n khĆ“ng cĆ³ quyį»n sį»­ dį»„ng lį»‡nh Ā« su Ā» (siĆŖu ngĘ°į»i dĆ¹ng) vį»›i %s.\n" msgid "(Enter your own password)" msgstr "(Nhįŗ­p mįŗ­t khįŗ©u cį»§a mƬnh)" @@ -1916,11 +2009,12 @@ msgstr "%s: lį»—i xĆ”c thį»±c\n" #, c-format msgid "%s: You are not authorized to su at that time\n" msgstr "" -"%s: Bįŗ”n khĆ“ng cĆ³ quyį»n sį»­ dį»„ng lį»‡nh ā€œsuā€ (siĆŖu ngĘ°į»i dĆ¹ng) vĆ o lĆŗc Ä‘Ć³\n" +"%s: Bįŗ”n khĆ“ng cĆ³ quyį»n sį»­ dį»„ng lį»‡nh Ā« su Ā» (siĆŖu ngĘ°į»i dĆ¹ng) vĆ o lĆŗc Ä‘Ć³\n" -#, c-format +#, fuzzy, c-format +#| msgid "No password entry for 'root'" msgid "No passwd entry for user '%s'\n" -msgstr "KhĆ“ng cĆ³ mį»„c tin mįŗ­t khįŗ©u cho tĆ i khoįŗ£n '%s'\n" +msgstr "KhĆ“ng cĆ³ mį»„c nhįŗ­p mįŗ­t khįŗ©u cho Ā« root Ā» (ngĘ°į»i chį»§)" #, c-format msgid "%s: must be run from a terminal\n" @@ -1930,13 +2024,15 @@ msgstr "%s: phįŗ£i chįŗ”y tį»« thiįŗæt bį»‹ cuį»‘i\n" msgid "%s: pam_start: error %d\n" msgstr "%s: pam_start: (pam bįŗÆt đįŗ§u) lį»—i %d\n" -#, c-format +#, fuzzy, c-format +#| msgid "lastlog: Cannot get the size of %s: %s\n" msgid "%s: Cannot drop the controlling terminal\n" -msgstr "%s: KhĆ“ng thį»ƒ xĆ³a thiįŗæt bį»‹ cuį»‘i điį»u khiį»ƒn\n" +msgstr "lastlog: KhĆ“ng thį»ƒ lįŗ„y kĆ­ch cį»” cį»§a %s: %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "Cannot execute %s" msgid "Cannot execute %s\n" -msgstr "KhĆ“ng thį»ƒ thį»±c thi %s\n" +msgstr "KhĆ“ng thį»ƒ thį»±c hiį»‡n %s" msgid "No password file" msgstr "KhĆ“ng cĆ³ tįŗ­p tin mįŗ­t khįŗ©u" @@ -1945,7 +2041,7 @@ msgid "TIOCSCTTY failed" msgstr "TIOCSCTTY bį»‹ lį»—i" msgid "No password entry for 'root'" -msgstr "KhĆ“ng cĆ³ mį»„c tin mįŗ­t khįŗ©u cho ā€œrootā€ (siĆŖu quįŗ£n trį»‹)" +msgstr "KhĆ“ng cĆ³ mį»„c nhįŗ­p mįŗ­t khįŗ©u cho Ā« root Ā» (ngĘ°į»i chį»§)" msgid "" "\n" @@ -1954,14 +2050,14 @@ msgid "" msgstr "" "\n" "HĆ£y gƵ tį»• hį»£p phĆ­m Ctrl-D đį»ƒ tiįŗæp tį»„c khį»Ÿi đį»™ng bƬnh thĘ°į»ng,\n" -"(hoįŗ·c nhįŗ­p mįŗ­t khįŗ©u siĆŖu quįŗ£n trį»‹ đį»ƒ bįŗ£o dĘ°į»”ng hį»‡ thį»‘ng):" +"(hoįŗ·c nhįŗ­p mįŗ­t khįŗ©u ngĘ°į»i chį»§ đį»ƒ bįŗ£o dĘ°į»”ng hį»‡ thį»‘ng):" msgid "Entering System Maintenance Mode" msgstr "Đang vĆ o Chįŗæ đį»™ Bįŗ£o dĘ°į»”ng Hį»‡ thį»‘ng" #, c-format msgid "%s: %s was created, but could not be removed\n" -msgstr "%s: %s Ä‘Ć£ đʰį»£c tįŗ”o, nhĘ°ng khĆ“ng thį»ƒ bį»‹ gį»” bį»\n" +msgstr "" #, c-format msgid "%s: the %s configuration in %s will be ignored\n" @@ -1979,9 +2075,10 @@ msgstr "%s: khĆ“ng thį»ƒ mį»Ÿ tįŗ­p tin mįŗ·c đį»‹nh mį»›i\n" msgid "%s: line too long in %s: %s..." msgstr "%s: dĆ²ng quĆ” dĆ i trong %s: %s..." -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "%s: Cannot create backup file (%s): %s\n" -msgstr "%s: KhĆ“ng thį»ƒ tįŗ”o tįŗ­p tin sao lĘ°u dį»± phĆ²ng (%s): %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" #, c-format msgid "%s: rename: %s: %s\n" @@ -1989,13 +2086,17 @@ msgstr "%s: thay tĆŖn: %s: %s\n" #, c-format msgid "%s: group '%s' is a NIS group.\n" -msgstr "%s: nhĆ³m ā€œ%sā€ lĆ  nhĆ³m kiį»ƒu NIS.\n" +msgstr "%s: nhĆ³m Ā« %s Ā» lĆ  nhĆ³m kiį»ƒu NIS.\n" #, c-format msgid "%s: too many groups specified (max %d).\n" msgstr "%s: ghi rƵ quĆ” nhiį»u nhĆ³m (tį»‘i đa %d).\n" -#, c-format +#, fuzzy, c-format +#| msgid "" +#| "Usage: %s [options]\n" +#| "\n" +#| "Options:\n" msgid "" "Usage: %s [options] LOGIN\n" " %s -D\n" @@ -2003,9 +2104,7 @@ msgid "" "\n" "Options:\n" msgstr "" -"CĆ”ch dĆ¹ng: %s [cĆ”c_tuį»³_chį»n] LOGIN\n" -" %s -D\n" -" %s -D [cĆ”c-tĆ¹y-chį»n]\n" +"Sį»­ dį»„ng: %s [tuį»³_chį»n ...]\n" "\n" "Tuį»³ chį»n:\n" @@ -2014,62 +2113,63 @@ msgid "" "the\n" " new account\n" msgstr "" -" -b, --base-dir THĘÆ_Mį»¤C đįŗ·t thĘ° mį»„c cĘ” bįŗ£n cho thĘ° mį»„c riĆŖng cį»§a tĆ i " +" -b, --base-dir THĘÆ_Mį»¤C đįŗ·t thĘ° mį»„c cĘ” bįŗ£n cho thĘ° mį»„c chĆ­nh cį»§a tĆ i " "khoįŗ£n mį»›i\n" msgid " -c, --comment COMMENT GECOS field of the new account\n" msgstr " -c, --comment GHI_CHƚ trĘ°į»ng GECOS cį»§a tĆ i khoįŗ£n mį»›i\n" msgid " -d, --home-dir HOME_DIR home directory of the new account\n" -msgstr " -d, --home-dir THĘÆ_Mį»¤C thĘ° mį»„c riĆŖng cį»§a tĆ i khoįŗ£n mį»›i\n" +msgstr " -d, --home-dir THĘÆ_Mį»¤C thĘ° mį»„c chĆ­nh cį»§a tĆ i khoįŗ£n mį»›i\n" msgid "" " -D, --defaults print or change default useradd " "configuration\n" msgstr "" -" -D, --defaults in hay thay đį»•i cįŗ„u hƬnh useradd mįŗ·c đį»‹nh\n" +" -D, --defaults ra ra hay thay đį»•i cįŗ„u hƬnh useradd mįŗ·c " +"đį»‹nh\n" msgid " -e, --expiredate EXPIRE_DATE expiration date of the new account\n" -msgstr " -e, --expiredate NGƀY ngĆ y hįŗæt hįŗ”n sį»­ dį»„ng tĆ i khoįŗ£n mį»›i\n" +msgstr " -e, --expiredate NGƀY ngĆ y hįŗæt hįŗ”n sį»­ dį»„ng tĆ i khoįŗ£n mį»›i\n" msgid "" " -f, --inactive INACTIVE password inactivity period of the new " "account\n" msgstr "" -" -f, --inactive KHOįŗ¢NG khoįŗ£ng thį»i gian khĆ“ng hoįŗ”t đį»™ng cį»§a tĆ i " -"khoįŗ£n mį»›i\n" +" -f, --inactive KHOįŗ¢NG khoįŗ£ng thį»i gian khĆ“ng hoįŗ”t đį»™ng cį»§a tĆ i khoįŗ£n " +"mį»›i\n" msgid "" " -g, --gid GROUP name or ID of the primary group of the new\n" " account\n" msgstr "" -" -g, --gid NHƓM tĆŖn cį»§a mĆ£ sį»‘ cį»§a nhĆ³m chĆ­nh cį»§a tĆ i khoįŗ£n " +" -g, --gid NHƓM tĆŖn cį»§a mĆ£ sį»‘ cį»§a nhĆ³m chĆ­nh cį»§a tĆ i khoįŗ£n " "mį»›i\n" msgid "" " -G, --groups GROUPS list of supplementary groups of the new\n" " account\n" msgstr "" -" -G, --groups NHƓM danh sĆ”ch cĆ”c nhĆ³m phį»„ cį»§a tĆ i khoįŗ£n mį»›i\n" +" -G, --groups NHƓM danh sĆ”ch cĆ”c nhĆ³m phį»„ cį»§a tĆ i khoįŗ£n mį»›i\n" msgid "" " -k, --skel SKEL_DIR use this alternative skeleton directory\n" -msgstr " -k, --skel THĘÆ_Mį»¤C dĆ¹ng thĘ° mį»„c khung sĘ°į»n thay thįŗæ\n" +msgstr " -k, --skel THĘÆ_Mį»¤C dĆ¹ng thĘ° mį»„c khung sĘ°į»n xen kįŗ½\n" msgid "" " -l, --no-log-init do not add the user to the lastlog and\n" " faillog databases\n" msgstr "" -" -l, --no-log-init đį»«ng thĆŖm ngĘ°į»i dĆ¹ng vĆ o cĆ”c cĘ” sį»Ÿ \n" -" dį»Æ liį»‡u faillog vĆ  lastlog\n" +" -l, --no-log-init đį»«ng thĆŖm ngĘ°į»i dĆ¹ng vĆ o cĆ”c cĘ” sį»Ÿ dį»Æ liį»‡u " +"faillog vĆ  lastlog\n" msgid " -m, --create-home create the user's home directory\n" -msgstr " -m, --create-home tįŗ”o thĘ° mį»„c riĆŖng cį»§a ngĘ°į»i dĆ¹ng\n" +msgstr " -m, --create-home tįŗ”o thĘ° mį»„c chĆ­nh cį»§a ngĘ°į»i dĆ¹ng\n" msgid "" " -M, --no-create-home do not create the user's home directory\n" msgstr "" -" -M, --no-create-home khĆ“ng tįŗ”o thĘ° mį»„c riĆŖng cį»§a ngĘ°į»i dĆ¹ng\n" +" -M, --no-create-home đį»«ng tįŗ”o thĘ° mį»„c chĆ­nh cį»§a ngĘ°į»i dĆ¹ng\n" msgid "" " -N, --no-user-group do not create a group with the same name as\n" @@ -2081,15 +2181,16 @@ msgid "" " -o, --non-unique allow to create users with duplicate\n" " (non-unique) UID\n" msgstr "" -" -o, --non-unique cho phĆ©p tįŗ”o ngĘ°į»i dĆ¹ng cĆ³ UID trĆ¹ng\n" -" (khĆ“ng duy nhįŗ„t)\n" +" -o, --non-unique cho phĆ©p tįŗ”o ngĘ°į»i dĆ¹ng cĆ³ UID trĆ¹ng (khĆ“ng " +"duy nhįŗ„t)\n" msgid " -p, --password PASSWORD encrypted password of the new account\n" msgstr "" " -p, --password Mįŗ¬T_KHįŗØU mįŗ­t khįŗ©u đʰį»£c mįŗ­t mĆ£ cį»§a tĆ i khoįŗ£n mį»›i\n" msgid " -s, --shell SHELL login shell of the new account\n" -msgstr " -s, --shell Hį»†_Vį»Ž hį»‡ vį» đăng nhįŗ­p cį»§a tĆ i khoįŗ£n mį»›i\n" +msgstr "" +" -s, --shell TRƌNH_BAO trƬnh bao đăng nhįŗ­p cį»§a tĆ i khoįŗ£n mį»›i\n" msgid " -u, --uid UID user ID of the new account\n" msgstr " -u, --uid UID mĆ£ sį»‘ ngĘ°į»i dĆ¹ng cį»§a tĆ i khoįŗ£n mį»›i\n" @@ -2103,53 +2204,53 @@ msgid "" " -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user " "mapping\n" msgstr "" -" -Z, --selinux-user SEUSER dĆ¹ng mį»™t ngĘ°į»i dĆ¹ng SE (SEUSER) riĆŖng cho sį»± " -"Ć”nh xįŗ” ngĘ°į»i dĆ¹ng SELinux\n" +" -Z, --selinux-user SEUSER sį»­ dį»„ng mį»™t ngĘ°į»i dĆ¹ng SE (SEUSER) riĆŖng cho " +"sį»± Ć”nh xįŗ” ngĘ°į»i dĆ¹ng SELinux\n" #, c-format msgid "%s: invalid base directory '%s'\n" -msgstr "%s: thĘ° mį»„c cĘ” sį»Ÿ khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: thĘ° mį»„c cĘ” ban khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: invalid comment '%s'\n" -msgstr "%s: ghi chĆŗ khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: ghi chĆŗ khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: invalid home directory '%s'\n" -msgstr "%s: thĘ° mį»„c riĆŖng khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: thĘ° mį»„c chĆ­nh khĆ“ng hį»£p lĆŖ Ā« %s Ā»\n" #, c-format msgid "%s: shadow passwords required for -e\n" -msgstr "%s: cįŗ§n mįŗ­t khįŗ©u shadow cho tĆ¹y chį»n ā€œ-eā€\n" +msgstr "%s: cįŗ§n thiįŗæt mįŗ­t khįŗ©u bĆ³ng cho tĆ¹y chį»n Ā« -e Ā»\n" #, c-format msgid "%s: shadow passwords required for -f\n" -msgstr "%s: cįŗ§n mįŗ­t khįŗ©u shadow cho tĆ¹y chį»n ā€œ-fā€\n" +msgstr "%s: cįŗ§n thiįŗæt mįŗ­t khįŗ©u bĆ³ng cho tĆ¹y chį»n Ā« -f Ā»\n" #, c-format msgid "%s: invalid field '%s'\n" -msgstr "%s: trĘ°į»ng khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: trĘ°į»ng khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: invalid shell '%s'\n" -msgstr "%s: hį»‡ vį» khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: trƬnh bao khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, c-format msgid "%s: -Z requires SELinux enabled kernel\n" -msgstr "%s: ā€œ-Zā€ yĆŖu cįŗ§u nhĆ¢n bįŗ­t tĆ­nh năng hį»— trį»£ SELinux\n" +msgstr "%s: Ā« -Z Ā» yĆŖu cįŗ§u hįŗ”t nhĆ¢n hiį»‡u lį»±c SELinux\n" #, c-format msgid "%s: failed to reset the faillog entry of UID %lu: %s\n" -msgstr "%s: khĆ“ng đįŗ·t lįŗ”i đʰį»£c mį»„c tin faillog cį»§a UID %lu: %s\n" +msgstr "%s: khĆ“ng đįŗ·t lįŗ”i đʰį»£c mį»„c nhįŗ­p faillog cį»§a UID %lu: %s\n" #, c-format msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n" -msgstr "%s: gįŗ·p lį»—i khi đįŗ·t lįŗ”i mį»„c tin lastlog cį»§a UID %lu: %s\n" +msgstr "%s: khĆ“ng đįŗ·t lįŗ”i đʰį»£c mį»„c nhįŗ­p lastlog cį»§a UID %lu: %s\n" #, fuzzy, c-format #| msgid "%s: failed to prepare the new %s entry '%s'\n" msgid "%s: failed to prepare the new %s entry\n" -msgstr "%s: gįŗ·p lį»—i khi chuįŗ©n bį»‹ mį»„c tin %s mį»›i ā€œ%sā€\n" +msgstr "%s: lį»—i chuįŗ©n bį»‹ mį»„c nhįŗ­p %s mį»›i Ā« %s Ā»\n" #, c-format msgid "%s: cannot create directory %s\n" @@ -2161,20 +2262,21 @@ msgstr "Đang tįŗ”o tįŗ­p tin hį»™p thĘ°" msgid "" "Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n" msgstr "" -"KhĆ“ng tƬm thįŗ„y nhĆ³m ā€œmailā€ (thĘ° tĆ­n). VƬ thįŗæ đang tįŗ”o tįŗ­p tin hį»™p thĘ° ngĘ°į»i " -"dĆ¹ng vį»›i chįŗæ đį»™ 0600.\n" +"KhĆ“ng tƬm thįŗ„y nhĆ³m Ā« mail Ā» (thĘ° tĆ­n). VƬ thįŗæ đang tįŗ”o tįŗ­p tin hį»™p thĘ° " +"ngĘ°į»i dĆ¹ng vį»›i chįŗæ đį»™ 0600.\n" msgid "Setting mailbox file permissions" msgstr "Đang đįŗ·t quyį»n truy cįŗ­p tįŗ­p tin hį»™p thĘ°" #, c-format msgid "%s: user '%s' already exists\n" -msgstr "%s: ngĘ°į»i dĆ¹ng ā€œ%sā€ Ä‘Ć£ cĆ³\n" +msgstr "%s: ngĘ°į»i dĆ¹ng Ā« %s Ā» Ä‘Ć£ cĆ³\n" #, c-format msgid "" "%s: group %s exists - if you want to add this user to that group, use -g.\n" -msgstr "%s: nhĆ³m %s Ä‘Ć£ cĆ³. Muį»‘n thĆŖm hį» vĆ o nhĆ³m Ä‘Ć³ thƬ dĆ¹ng tĆ¹y chį»n ā€œ-gā€.\n" +msgstr "" +"%s: nhĆ³m %s Ä‘Ć£ cĆ³. Muį»‘n thĆŖm hį» vĆ o nhĆ³m Ä‘Ć³ thƬ dĆ¹ng tĆ¹y chį»n Ā« -g Ā».\n" #, c-format msgid "%s: can't create user\n" @@ -2184,9 +2286,10 @@ msgstr "%s: khĆ“ng thį»ƒ tįŗ”o ngĘ°į»i dĆ¹ng\n" msgid "%s: UID %lu is not unique\n" msgstr "%s: UID %lu khĆ“ng phįŗ£i duy nhįŗ„t\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "%s: Failed to create tcb directory for %s\n" -msgstr "%s: Gįŗ·p lį»—i khi tįŗ”o thĘ° mį»„c tcb cho %s\n" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" #, c-format msgid "%s: can't create group\n" @@ -2207,42 +2310,45 @@ msgid "" "%s: warning: the home directory already exists.\n" "Not copying any file from skel directory into it.\n" msgstr "" -"%s: cįŗ£nh bĆ”o: thĘ° mį»„c riĆŖng Ä‘Ć£ cĆ³.\n" -"VƬ vįŗ­y khĆ“ng sao chĆ©p vĆ o nĆ³ tįŗ­p tin nĆ o tį»« thĘ° mį»„c ā€œskelā€.\n" +"%s: cįŗ£nh bĆ”o : thĘ° mį»„c chĆ­nh Ä‘Ć£ cĆ³.\n" +"VƬ vįŗ­y khĆ“ng sao chĆ©p vĆ o nĆ³ tįŗ­p tin nĆ o tį»« thĘ° mį»„c Ā« skel Ā».\n" #, c-format msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n" msgstr "" -"%s: cįŗ£nh bĆ”o: lį»—i Ć”nh xįŗ” tĆŖn ngĘ°į»i dĆ¹ng %s tį»›i ngĘ°į»i dĆ¹ng SELinux %s.\n" +"%s: cįŗ£nh bĆ”o : lį»—i Ć”nh xįŗ” tĆŖn ngĘ°į»i dĆ¹ng %s tį»›i ngĘ°į»i dĆ¹ng SELinux %s.\n" msgid "" " -f, --force force removal of files,\n" " even if not owned by user\n" msgstr "" " -f, --force Ć©p buį»™c gį»” bį» tįŗ­p tin, thįŗ­m chĆ­ nįŗæu khĆ“ng\n" -" đʰį»£c sį»Ÿ hį»Æu bį»Ÿi ngĘ°į»i dĆ¹ng\n" +" đʰį»£c sį»Ÿ hį»Æu bį»Ÿi ngĘ°į»i dĆ¹ng\n" msgid " -r, --remove remove home directory and mail spool\n" msgstr "" -" -r, --remove gį»” bį» thĘ° mį»„c riĆŖng vĆ  į»‘ng chį»‰ thĘ° tĆ­n\n" +" -r, --remove gį»” bį» thĘ° mį»„c chĆ­nh vĆ  į»‘ng chį»‰ thĘ° tĆ­n\n" +#, fuzzy +#| msgid "" +#| " -Z, --selinux-user new SELinux user mapping for the user " +#| "account\n" msgid "" " -Z, --selinux-user remove any SELinux user mapping for the " "user\n" msgstr "" -" -Z, --selinux-user gį»” bį» bįŗ„t kį»³ Ć”nh xįŗ” SELinux nĆ o cho tĆ i " -"khoįŗ£n ngĘ°į»i dĆ¹ng\n" +" -Z, --selinux-user sį»± Ć”nh xįŗ” SELinux mį»›i cho tĆ i khoįŗ£n ngĘ°į»i " +"dĆ¹ng\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot remove the primary group of user '%s'\n" msgid "" "%s: group %s not removed because it is not the primary group of user %s.\n" -msgstr "" -"%s: khĆ“ng gį»” bį» nhĆ³m %s bį»Ÿi vƬ nĆ³ khĆ“ng phįŗ£i lĆ  nhĆ³m chĆ­nh cį»§a ngĘ°į»i dĆ¹ng " -"ā€œ%sā€.\n" +msgstr "%s: khĆ“ng thį»ƒ gį»” bį» nhĆ³m chĆ­nh cį»§a ngĘ°į»i dĆ¹ng Ā« %s Ā»\n" #, c-format msgid "%s: group %s not removed because it has other members.\n" -msgstr "%s: khĆ“ng thį»ƒ gį»” bį» nhĆ³m %s bį»Ÿi vƬ nĆ³ cĆ³ thĆ nh viĆŖn khĆ”c nį»Æa.\n" +msgstr "" #, c-format msgid "%s: group %s is the primary group of another user and is not removed.\n" @@ -2252,15 +2358,16 @@ msgstr "" #, fuzzy, c-format #| msgid "%s: cannot remove entry '%s' from %s\n" msgid "%s: cannot remove entry %lu from %s\n" -msgstr "%s: khĆ“ng thį»ƒ gį»” bį» mį»„c tin ā€œ%sā€ khį»i %s\n" +msgstr "%s: khĆ“ng thį»ƒ gį»” bį» mį»„c nhįŗ­p Ā« %s Ā» khį»i %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: %s home directory (%s) not found\n" msgid "%s: %s mail spool (%s) not found\n" -msgstr "%s: khĆ“ng tƬm thįŗ„y bį»ƒ thĘ° %s (%s)\n" +msgstr "%s: %s khĆ“ng tƬm thįŗ„y thĘ° mį»„c chĆ­nh (%s)\n" #, c-format msgid "%s: warning: can't remove %s: %s\n" -msgstr "%s: cįŗ£nh bĆ”o: khĆ“ng thį»ƒ gį»” bį» %s: %s\n" +msgstr "%s: cįŗ£nh bĆ”o : khĆ“ng thį»ƒ gį»” bį» %s: %s\n" #, c-format msgid "%s: %s not owned by %s, not removing\n" @@ -2268,19 +2375,22 @@ msgstr "%s: %s khĆ“ng phįŗ£i đʰį»£c %s sį»Ÿ hį»Æu nĆŖn khĆ“ng gį»” bį» nĆ³\n" #, c-format msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n" -msgstr "%s: KhĆ“ng thį»ƒ phĆ¢n bį»• bį»™ nhį»›, mį»„c tin tcb cho %s chĘ°a đʰį»£c gį»” bį».\n" +msgstr "" -#, c-format +#, fuzzy, c-format +#| msgid "%s: failed to drop privileges (%s)\n" msgid "%s: Cannot drop privileges: %s\n" -msgstr "%s: Gįŗ·p lį»—i khi xĆ³a bį» đįŗ·c quyį»n: %s\n" +msgstr "%s: lį»—i bį» quyį»n truy cįŗ­p (%s)\n" -#, c-format +#, fuzzy, c-format +#| msgid "lastlog: Cannot get the size of %s: %s\n" msgid "%s: Cannot remove the content of %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ gį»” bį» nį»™i dung cį»§a %s: %s\n" +msgstr "lastlog: KhĆ“ng thį»ƒ lįŗ„y kĆ­ch cį»” cį»§a %s: %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot remove entry '%s' from %s\n" msgid "%s: Cannot remove tcb files for %s: %s\n" -msgstr "%s: KhĆ“ng thį»ƒ gį»” bį» tįŗ­p tin tcb cho %s: %s\n" +msgstr "%s: khĆ“ng thį»ƒ gį»” bį» mį»„c nhįŗ­p Ā« %s Ā» khį»i %s\n" #, c-format msgid "%s: user %s is a NIS user\n" @@ -2288,21 +2398,23 @@ msgstr "%s: ngĘ°į»i dĆ¹ng %s lĆ  ngĘ°į»i dĆ¹ng kiį»ƒu NIS\n" #, c-format msgid "%s: %s home directory (%s) not found\n" -msgstr "%s: %s khĆ“ng tƬm thįŗ„y thĘ° mį»„c riĆŖng (%s)\n" +msgstr "%s: %s khĆ“ng tƬm thįŗ„y thĘ° mį»„c chĆ­nh (%s)\n" #, c-format msgid "%s: not removing directory %s (would remove home of user %s)\n" msgstr "" -"%s: sįŗ½ khĆ“ng gį»” bį» thĘ° mį»„c %s (vƬ cÅ©ng gį»” bį» thĘ° mį»„c riĆŖng cį»§a ngĘ°į»i dĆ¹ng " +"%s: sįŗ½ khĆ“ng gį»” bį» thĘ° mį»„c %s (vƬ cÅ©ng gį»” bį» thĘ° mį»„c chĆ­nh cį»§a ngĘ°į»i dĆ¹ng " "%s)\n" #, c-format msgid "%s: error removing directory %s\n" msgstr "%s: gįŗ·p lį»—i khi gį»” bį» thĘ° mį»„c %s\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n" msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n" -msgstr "%s: cįŗ£nh bĆ”o: gįŗ·p lį»—i khi gį»” bį» Ć”nh xįŗ” ngĘ°į»i dĆ¹ng %s tį»›i SELinux.\n" +msgstr "" +"%s: cįŗ£nh bĆ”o : lį»—i Ć”nh xįŗ” tĆŖn ngĘ°į»i dĆ¹ng %s tį»›i ngĘ°į»i dĆ¹ng SELinux %s.\n" msgid " -c, --comment COMMENT new value of the GECOS field\n" msgstr " -c, --comment GHI_LĘÆU giĆ” trį»‹ mį»›i cį»§a trĘ°į»ng GECOS\n" @@ -2310,7 +2422,7 @@ msgstr " -c, --comment GHI_LĘÆU giĆ” trį»‹ mį»›i cį»§a trĘ°į»ng GECOS\ msgid "" " -d, --home HOME_DIR new home directory for the user account\n" msgstr "" -" -d, --home THĘÆ_Mį»¤C thĘ° mį»„c riĆŖng mį»›i cho tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" +" -d, --home THĘÆ_Mį»¤C thĘ° mį»„c chĆ­nh mį»›i cho tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" msgid "" " -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n" @@ -2338,8 +2450,8 @@ msgid "" " mentioned by the -G option without removing\n" " him/her from other groups\n" msgstr "" -" -a, --append thĆŖm ngĘ°į»i dĆ¹ng vĆ o cĆ”c nhĆ³m phį»„\n" -" đʰa ra bį»Ÿi tuį»³ chį»n ā€œ-Gā€ mĆ  khĆ“ng gį»” bį» ta " +" -a, --append phį»„ thĆŖm ngĘ°į»i dĆ¹ng vĆ o cĆ”c nhĆ³m phį»„\n" +" đʰa ra bį»Ÿi tuį»³ chį»n Ā« -G Ā» mĆ  khĆ“ng gį»” bį» ta " "khį»i nhĆ³m khĆ”c\n" msgid " -l, --login NEW_LOGIN new value of the login name\n" @@ -2352,9 +2464,9 @@ msgid "" " -m, --move-home move contents of the home directory to the\n" " new location (use only with -d)\n" msgstr "" -" -m, --move-home di chuyį»ƒn nį»™i dung cį»§a thĘ° mį»„c riĆŖng sang vį»‹ " +" -m, --move-home di chuyį»ƒn nį»™i dung cį»§a thĘ° mį»„c chĆ­nh sang vį»‹ " "trĆ­ mį»›i\n" -" (chį»‰ dĆ¹ng cĆ¹ng vį»›i ā€œ-dā€)\n" +" (chį»‰ dĆ¹ng cĆ¹ng vį»›i Ā« -d Ā»)\n" msgid "" " -o, --non-unique allow using duplicate (non-unique) UID\n" @@ -2383,11 +2495,16 @@ msgstr "" msgid " -W, --del-subgids FIRST-LAST remove range of subordinate gids\n" msgstr "" +#, fuzzy +#| msgid "" +#| " -Z, --selinux-user new SELinux user mapping for the user " +#| "account\n" msgid "" " -Z, --selinux-user SEUSER new SELinux user mapping for the user " "account\n" msgstr "" -" -Z, --selinux-user SEUSER Ć”nh xįŗ” SELinux mį»›i cho tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" +" -Z, --selinux-user sį»± Ć”nh xįŗ” SELinux mį»›i cho tĆ i khoįŗ£n ngĘ°į»i " +"dĆ¹ng\n" #, c-format msgid "" @@ -2396,64 +2513,45 @@ msgid "" msgstr "" "%s: mį»Ÿ khoĆ” mįŗ­t khįŗ©u cį»§a ngĘ°į»i dĆ¹ng thƬ gĆ¢y ra mį»™t tĆ i khoįŗ£n khĆ“ng cĆ³ mįŗ­t " "khįŗ©u.\n" -"Bįŗ”n nĆŖn đįŗ·t mį»™t mįŗ­t khįŗ©u dĆ¹ng ā€œusermod -pā€ đį»ƒ mį»Ÿ khoĆ” mįŗ­t khįŗ©u cį»§a ngĘ°į»i " +"Bįŗ”n nĆŖn đįŗ·t mį»™t mįŗ­t khįŗ©u dĆ¹ng Ā« usermod -p Ā» đį»ƒ mį»Ÿ khoĆ” mįŗ­t khįŗ©u cį»§a ngĘ°į»i " "dĆ¹ng nĆ y.\n" #, c-format msgid "%s: user '%s' already exists in %s\n" -msgstr "%s: ngĘ°į»i dĆ¹ng ā€œ%sā€ Ä‘Ć£ cĆ³ trong %s\n" +msgstr "%s: ngĘ°į»i dĆ¹ng Ā« %s Ā» Ä‘Ć£ cĆ³ trong %s\n" #, fuzzy, c-format #| msgid "%s: invalid date '%s'\n" msgid "%s: invalid subordinate uid range '%s'\n" -msgstr "%s: ngĆ y khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: ngĆ y khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #, fuzzy, c-format #| msgid "%s: invalid date '%s'\n" msgid "%s: invalid subordinate gid range '%s'\n" -msgstr "%s: ngĆ y khĆ“ng hį»£p lį»‡ ā€œ%sā€\n" +msgstr "%s: ngĆ y khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot open %s\n" msgid "%s: no options\n" -msgstr "%s: khĆ“ng tĆ¹y chį»n\n" +msgstr "%s: khĆ“ng thį»ƒ mį»Ÿ %s\n" #, c-format msgid "%s: the -L, -p, and -U flags are exclusive\n" -msgstr "%s: cĆ”c cį» ā€œ-Lā€, ā€œ-pā€ vĆ  ā€œ-Uā€ loįŗ”i tį»« lįŗ«n nhau\n" +msgstr "%s: cĆ”c cį» Ā« -L Ā», Ā« -p Ā» vĆ  Ā« -U Ā» loįŗ”i tį»« lįŗ«n nhau\n" #, c-format msgid "%s: shadow passwords required for -e and -f\n" -msgstr "%s: mįŗ­t khįŗ©u shadow cįŗ§n cho hai tĆ¹y chį»n ā€œ-eā€ vĆ  ā€œ-fā€\n" +msgstr "%s: mįŗ­t khįŗ©u bĆ³ng cįŗ§n thiįŗæt cho hai tĆ¹y chį»n Ā« -e Ā» vĆ  Ā« -f Ā»\n" #, c-format msgid "%s: UID '%lu' already exists\n" -msgstr "%s: UID ā€œ%luā€ Ä‘Ć£ cĆ³\n" +msgstr "%s: UID Ā« %lu Ā» Ä‘Ć£ cĆ³\n" #, fuzzy, c-format #| msgid "%s: %s is not authorized to change the password of %s\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%s: %s khĆ“ng cĆ³ quyį»n thay đį»•i mįŗ­t khįŗ©u cį»§a %s\n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%s: gįŗ·p lį»—i khi chuįŗ©n bį»‹ mį»„c tin %s mį»›i ā€œ%sā€\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%s: gįŗ·p lį»—i khi chuįŗ©n bį»‹ mį»„c tin %s mį»›i ā€œ%sā€\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%s: gįŗ·p lį»—i khi chuįŗ©n bį»‹ mį»„c tin %s mį»›i ā€œ%sā€\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%s: gįŗ·p lį»—i khi chuįŗ©n bį»‹ mį»„c tin %s mį»›i ā€œ%sā€\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%s: thĘ° mį»„c %s Ä‘Ć£ cĆ³\n" @@ -2463,16 +2561,15 @@ msgid "" "%s: The previous home directory (%s) was not a directory. It is not removed " "and no home directories are created.\n" msgstr "" -"%s: ThĘ° mį»„c riĆŖng trĘ°į»›c Ä‘Ć³ (%s) khĆ“ng lĆ  mį»™t thĘ° mį»„c. NĆ³ chĘ°a đʰį»£c gį»” bį» vĆ  " -"chĘ°a tįŗ”o thĘ° mį»„c riĆŖng (home).\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" msgid "%s: Failed to change ownership of the home directory" -msgstr "%s: Gįŗ·p lį»—i khi thay đį»•i chį»§ sį»Ÿ hį»Æu cį»§a thĘ° mį»„c home (riĆŖng)" +msgstr "%s: khĆ“ng thį»ƒ tįŗ”o thĘ° mį»„c %s\n" #, c-format msgid "%s: warning: failed to completely remove old home directory %s" -msgstr "%s: cįŗ£nh bĆ”o: gįŗ·p lį»—i khi gį»” bį» hoĆ n toĆ n thĘ° mį»„c riĆŖng cÅ© %s" +msgstr "%s: cįŗ£nh bĆ”o : lį»—i gį»” bį» hoĆ n toĆ n thĘ° mį»„c chĆ­nh cÅ© %s" #, c-format msgid "%s: cannot rename directory %s to %s\n" @@ -2481,24 +2578,44 @@ msgstr "%s: khĆ“ng thį»ƒ thay đį»•i lįŗ”i tĆŖn thĘ° mį»„c %s thĆ nh %s\n" #, c-format msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n" msgstr "" -"%s: gįŗ·p lį»—i khi sao chĆ©p mį»„c tin lastlog cį»§a ngĘ°į»i dĆ¹ng %lu sang ngĘ°į»i dĆ¹ng " +"%s: khĆ“ng sao chĆ©p đʰį»£c mį»„c nhįŗ­p lastlog cį»§a ngĘ°į»i dĆ¹ng %lu sang ngĘ°į»i dĆ¹ng " "%lu: %s\n" #, c-format msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n" msgstr "" -"%s: khĆ“ng sao chĆ©p đʰį»£c mį»„c tin faillog cį»§a ngĘ°į»i dĆ¹ng %lu sang ngĘ°į»i dĆ¹ng " +"%s: khĆ“ng sao chĆ©p đʰį»£c mį»„c nhįŗ­p faillog cį»§a ngĘ°į»i dĆ¹ng %lu sang ngĘ°į»i dĆ¹ng " "%lu: %s\n" #, c-format msgid "%s: warning: %s not owned by %s\n" -msgstr "%s: cįŗ£nh bĆ”o: %s khĆ“ng do %s sį»Ÿ hį»Æu\n" +msgstr "%s: cįŗ£nh bĆ”o : %s khĆ“ng phįŗ£i đʰį»£c %s sį»Ÿ hį»Æu\n" msgid "failed to change mailbox owner" -msgstr "gįŗ·p lį»—i khi thay đį»•i chį»§ hį»™p thĘ°" +msgstr "lį»—i thay đį»•i chį»§ hį»™p thĘ°" msgid "failed to rename mailbox" -msgstr "gįŗ·p lį»—i khi thay đį»•i tĆŖn cį»§a hį»™p thĘ°" +msgstr "lį»—i thay đį»•i tĆŖn cį»§a hį»™p thĘ°" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%s: lį»—i chuįŗ©n bį»‹ mį»„c nhįŗ­p %s mį»›i Ā« %s Ā»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%s: lį»—i chuįŗ©n bį»‹ mį»„c nhįŗ­p %s mį»›i Ā« %s Ā»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%s: lį»—i chuįŗ©n bį»‹ mį»„c nhįŗ­p %s mį»›i Ā« %s Ā»\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%s: lį»—i chuįŗ©n bį»‹ mį»„c nhįŗ­p %s mį»›i Ā« %s Ā»\n" #, c-format msgid "" @@ -2508,7 +2625,7 @@ msgid "" msgstr "" "Bįŗ”n Ä‘Ć£ sį»­a đį»•i %s.\n" "Đį»ƒ thį»‘ng nhįŗ„t thƬ bįŗ”n cÅ©ng cĆ³ thį»ƒ cįŗ§n sį»­a đį»•i %s.\n" -"HĆ£y sį»­ dį»„ng cĆ¢u lį»‡nh ā€œ%sā€ đį»ƒ lĆ m nhĘ° thįŗæ.\n" +"HĆ£y sį»­ dį»„ng cĆ¢u lį»‡nh Ā« %s Ā» đį»ƒ lĆ m nhĘ° thįŗæ.\n" msgid " -g, --group edit group database\n" msgstr " -g, --group sį»­a đį»•i cĘ” sį»Ÿ dį»Æ liį»‡u nhĆ³m\n" @@ -2520,22 +2637,28 @@ msgid " -s, --shadow edit shadow or gshadow database\n" msgstr "" " -s, --shadow sį»­a đį»•i cĘ” sį»Ÿ dį»Æ liį»‡u shadow hay gshadow\n" +#, fuzzy +#| msgid " -u, --uid UID user ID of the new account\n" msgid " -u, --user which user's tcb shadow file to edit\n" -msgstr " -u, --user sį»­a tįŗ­p tin shadow tcb cį»§a ngĘ°į»i nĆ y\n" +msgstr " -u, --uid UID mĆ£ sį»‘ ngĘ°į»i dĆ¹ng cį»§a tĆ i khoįŗ£n mį»›i\n" #, c-format msgid "%s: failed to remove %s\n" -msgstr "%s: gįŗ·p lį»—i khi gį»” bį» %s\n" +msgstr "%s: khĆ“ng gį»” bį» đʰį»£c %s\n" #, c-format msgid "%s: %s is unchanged\n" msgstr "%s: %s chĘ°a thay đį»•i\n" +#, fuzzy +#| msgid "failed to rename mailbox" msgid "failed to create scratch directory" -msgstr "gįŗ·p lį»—i khi tįŗ”o thĘ° mį»„c hį»—n tįŗ”p" +msgstr "lį»—i thay đį»•i tĆŖn cį»§a hį»™p thĘ°" +#, fuzzy +#| msgid "%s: failed to drop privileges (%s)\n" msgid "failed to drop privileges" -msgstr "gįŗ·p lį»—i khi xĆ³a đįŗ·c quyį»n" +msgstr "%s: lį»—i bį» quyį»n truy cįŗ­p (%s)\n" msgid "Couldn't get file context" msgstr "KhĆ“ng thį»ƒ lįŗ„y ngį»Æ cįŗ£nh tįŗ­p tin" @@ -2543,8 +2666,10 @@ msgstr "KhĆ“ng thį»ƒ lįŗ„y ngį»Æ cįŗ£nh tįŗ­p tin" msgid "setfscreatecon () failed" msgstr "setfscreatecon () bį»‹ lį»—i" +#, fuzzy +#| msgid "%s: failed to drop privileges (%s)\n" msgid "failed to gain privileges" -msgstr "gįŗ·p lį»—i khi cįŗ„p đįŗ·c quyį»n" +msgstr "%s: lį»—i bį» quyį»n truy cįŗ­p (%s)\n" msgid "Couldn't lock file" msgstr "KhĆ“ng thį»ƒ khoĆ” tįŗ­p tin" @@ -2553,41 +2678,51 @@ msgid "Couldn't make backup" msgstr "KhĆ“ng thį»ƒ sao lĘ°u" #, fuzzy, c-format -#| msgid "%s: PAM: %s\n" +#| msgid "%s: %s\n" msgid "%s: %s: %s\n" -msgstr "%s: PAM: %s\n" +msgstr "%s: %s\n" -#, fuzzy, c-format -#| msgid "%s: nscd exited with status %d\n" +#, c-format msgid "%s: %s returned with status %d\n" -msgstr "%s: nscd Ä‘Ć£ thoĆ”t vį»›i mĆ£ lĆ  %d\n" +msgstr "" #, c-format msgid "%s: %s killed by signal %d\n" msgstr "" +#, fuzzy +#| msgid "failed to rename mailbox" msgid "failed to open scratch file" -msgstr "gįŗ·p lį»—i khi mį»Ÿ tįŗ­p tin hį»—n tįŗ”p" +msgstr "lį»—i thay đį»•i tĆŖn cį»§a hį»™p thĘ°" +#, fuzzy +#| msgid "%s: failed to unlock %s\n" msgid "failed to unlink scratch file" -msgstr "gįŗ·p lį»—i khi bį» liĆŖn kįŗæt tįŗ­p tin hį»—n tįŗ”p" +msgstr "%s: lį»—i mį»Ÿ khoĆ” %s\n" +#, fuzzy +#| msgid "failed to rename mailbox" msgid "failed to stat edited file" -msgstr "gįŗ·p lį»—i khi lįŗ„y thį»‘ng kĆŖ tįŗ­p tin Ä‘Ć£ sį»­a" +msgstr "lį»—i thay đį»•i tĆŖn cį»§a hį»™p thĘ°" +#, fuzzy +#| msgid "failed to change mailbox owner" msgid "failed to allocate memory" -msgstr "gįŗ·p lį»—i khi phĆ¢n bį»• bį»™ nhį»›" +msgstr "lį»—i thay đį»•i chį»§ hį»™p thĘ°" +#, fuzzy +#| msgid "failed to rename mailbox" msgid "failed to create backup file" -msgstr "khĆ“ng thį»ƒ tįŗ”o tįŗ­p tin sao lĘ°u dį»± phĆ²ng" +msgstr "lį»—i thay đį»•i tĆŖn cį»§a hį»™p thĘ°" #, c-format msgid "%s: can't restore %s: %s (your changes are in %s)\n" msgstr "%s: khĆ“ng thį»ƒ phį»„c hį»“i %s: %s (cĆ”c thay đį»•i cį»§a bįŗ”n nįŗ±m trong %s)\n" -#, c-format +#, fuzzy, c-format +#| msgid "%s: invalid base directory '%s'\n" msgid "%s: failed to find tcb directory for %s\n" -msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" +msgstr "%s: thĘ° mį»„c cĘ” ban khĆ“ng hį»£p lį»‡ Ā« %s Ā»\n" #~ msgid " -c, --crypt-method the crypt method (one of %s)\n" #~ msgstr " -c, --crypt-method phĘ°Ę”ng phĆ”p mįŗ­t mĆ£ (mį»™t cį»§a %s)\n" @@ -2597,7 +2732,7 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ "\n" #~ "Options:\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: vipw [tuį»³_chį»n ...]\n" +#~ "Sį»­ dį»„ng: vipw [tuį»³_chį»n ...]\n" #~ "\n" #~ "Tuį»³ chį»n:\n" @@ -2625,7 +2760,7 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n" #~ "\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: chage [tuį»³_chį»n ...] [ĐĂNG_NHįŗ¬P]\n" +#~ "Sį»­ dį»„ng: chage [tuį»³_chį»n ...] [ĐĂNG_NHįŗ¬P]\n" #~ "\n" #~ "Tuį»³ chį»n:\n" #~ " -d, --lastday NGƀY_CUį»I đįŗ·t ngĆ y thay đį»•i mįŗ­t khįŗ©u cuį»‘i cĆ¹ng " @@ -2653,12 +2788,12 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n" #~ "\t[-h home_ph] [-o other] [user]\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: %s [-f hį»_tĆŖn] [-r sį»‘_phĆ²ng] [-w điį»‡n_thoįŗ”i_chį»—_lĆ m]\n" +#~ "Sį»­ dį»„ng: %s [-f hį»_tĆŖn] [-r sį»‘_phĆ²ng] [-w điį»‡n_thoįŗ”i_chį»—_lĆ m]\n" #~ "\t[-h điį»‡n_thoįŗ”i_į»Ÿ_nhĆ ] [-o khĆ”c] [ngĘ°į»i_dĆ¹ng]\n" #~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: %s [-f hį»_tĆŖn] [-r sį»‘_phĆ²ng] [-w điį»‡n_thoįŗ”i_chį»—_lĆ m]\n" +#~ "Sį»­ dį»„ng: %s [-f hį»_tĆŖn] [-r sį»‘_phĆ²ng] [-w điį»‡n_thoįŗ”i_chį»—_lĆ m]\n" #~ "\t[-h điį»‡n_thoįŗ”i_į»Ÿ_nhĆ ]\n" #~ msgid "" @@ -2672,7 +2807,7 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ " the MD5 algorithm\n" #~ "%s\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: %s [tĆ¹y_chį»n]\n" +#~ "Sį»­ dį»„ng: %s [tĆ¹y_chį»n]\n" #~ "\n" #~ "TĆ¹y chį»n:\n" #~ " -c, --crypt-method phĘ°Ę”ng phĆ”p mĆ£ hoĆ” (mį»™t cį»§a %s)\n" @@ -2689,21 +2824,21 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ " -s, --shell SHELL new login shell for the user account\n" #~ "\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: chsh [tĆ¹y_chį»n...] [ĐĂNG_NHįŗ¬P]\n" +#~ "Sį»­ dį»„ng: chsh [tĆ¹y_chį»n...] [ĐĂNG_NHįŗ¬P]\n" #~ "\n" #~ "TĆ¹y chį»n:\n" #~ " -h, --help hiį»‡n _trį»£ giĆŗp_ nĆ y rį»“i thoĆ”t\n" -#~ " -s, --shell TRƌNH_BAO hį»‡ vį» đăng nhįŗ­p mį»›i\n" +#~ " -s, --shell TRƌNH_BAO trƬnh bao đăng nhįŗ­p mį»›i\n" #~ "\t\t\t\t\t\tcho tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" #~ "\n" #~ msgid "Usage: expiry {-f|-c}\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: expiry {-f|-c}\n" +#~ "Sį»­ dį»„ng: expiry {-f|-c}\n" #~ "[expiry: mĆ£n hįŗ”n]\n" #~ msgid "faillog: Failed to get the entry for UID %lu\n" -#~ msgstr "faillog: khĆ“ng lįŗ„y đʰį»£c mį»„c tin cho UID %lu\n" +#~ msgstr "faillog: khĆ“ng lįŗ„y đʰį»£c mį»„c nhįŗ­p cho UID %lu\n" #~ msgid "faillog: Cannot open %s: %s\n" #~ msgstr "faillog: khĆ“ng thį»ƒ mį»Ÿ %s: %s\n" @@ -2713,23 +2848,23 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ msgid "Usage: groupdel group\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: groupdel nhĆ³m\n" +#~ "Sį»­ dį»„ng: groupdel nhĆ³m\n" #~ "[groupdel: xoĆ” nhĆ³m]\n" #~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n" -#~ msgstr "CĆ”ch dĆ¹ng: %s [-r] [-s] [nhĆ³m [gshadow]]\n" +#~ msgstr "Sį»­ dį»„ng: %s [-r] [-s] [nhĆ³m [gshadow]]\n" #~ msgid "Usage: %s [-r] [-s] [group]\n" -#~ msgstr "CĆ”ch dĆ¹ng: %s [-r] [-s] [nhĆ³m]\n" +#~ msgstr "Sį»­ dį»„ng: %s [-r] [-s] [nhĆ³m]\n" #~ msgid "%s: -s and -r are incompatibile\n" -#~ msgstr "%s: hai tĆ¹y chį»n ā€œ-sā€ vĆ  ā€œ-rā€ khĆ“ng tĘ°Ę”ng thĆ­ch vį»›i nhau\n" +#~ msgstr "%s: hai tĆ¹y chį»n Ā« -s Ā» vĆ  Ā« -r Ā» khĆ“ng tĘ°Ę”ng thĆ­ch vį»›i nhau\n" #~ msgid "Usage: grpconv\n" -#~ msgstr "CĆ”ch dĆ¹ng: grpconv\n" +#~ msgstr "Sį»­ dį»„ng: grpconv\n" #~ msgid "Usage: grpunconv\n" -#~ msgstr "CĆ”ch dĆ¹ng: grpunconv\n" +#~ msgstr "Sį»­ dį»„ng: grpunconv\n" #~ msgid "" #~ "Usage: lastlog [options]\n" @@ -2744,7 +2879,7 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ "LOGIN\n" #~ "\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: lastlog [tĆ¹y_chį»n...]\n" +#~ "Sį»­ dį»„ng: lastlog [tĆ¹y_chį»n...]\n" #~ "\n" #~ "[lastlog: bįŗ£n ghi cuį»‘i cĆ¹ng]\n" #~ "\n" @@ -2786,7 +2921,7 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ " change to MAX_DAYS\n" #~ "\n" #~ msgstr "" -#~ "CĆ”ch dĆ¹ng: passwd [tuį»³_chį»n ...] [ĐĂNG_NHįŗ¬P]\n" +#~ "Sį»­ dį»„ng: passwd [tuį»³_chį»n ...] [ĐĂNG_NHįŗ¬P]\n" #~ "\n" #~ "Tuį»³ chį»n:\n" #~ " -a, --all\t\t\tthĆ“ng bĆ”o trįŗ”ng thĆ”i mįŗ­t khįŗ©u vį» mį»i tĆ i khoįŗ£n\n" @@ -2811,3 +2946,218 @@ msgstr "%s: gįŗ·p lį»—i khi tƬm thĘ° mį»„c tcb cho %s\n" #~ " -x, --maxdays NGƀY\tđįŗ·t thĆ nh sį»‘ nĆ y sį»‘ tį»‘i đa cĆ”c ngĆ y trĘ°į»›c khi thay " #~ "đį»•i đʰį»£c mįŗ­t khįŗ©u\n" #~ "\n" + +#, fuzzy +#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n" +#~ msgid "Usage: %s [-q] [-r] [passwd]\n" +#~ msgstr "" +#~ "Sį»­ dį»„ng: %s [-q] [-r] [-s] [passwd [shadow]]\n" +#~ "[passwd: mįŗ­t khįŗ©u\n" +#~ "shadow: bĆ³ng]\n" + +#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n" +#~ msgstr "" +#~ "Sį»­ dį»„ng: %s [-q] [-r] [-s] [passwd [shadow]]\n" +#~ "[passwd: mįŗ­t khįŗ©u\n" +#~ "shadow: bĆ³ng]\n" + +#~ msgid "Usage: pwconv\n" +#~ msgstr "Sį»­ dį»„ng: pwconv\n" + +#~ msgid "Usage: pwunconv\n" +#~ msgstr "Sį»­ dį»„ng: pwunconv\n" + +#~ msgid "Unknown id: %s\n" +#~ msgstr "KhĆ“ng rƵ mĆ£ sį»‘ : %s\n" + +#~ msgid "No shell\n" +#~ msgstr "KhĆ“ng cĆ³ trƬnh bao\n" + +#~ msgid "" +#~ "Usage: userdel [options] LOGIN\n" +#~ "\n" +#~ "Options:\n" +#~ " -f, --force force removal of files,\n" +#~ " even if not owned by user\n" +#~ " -h, --help display this help message and exit\n" +#~ " -r, --remove remove home directory and mail spool\n" +#~ "\n" +#~ msgstr "" +#~ "Sį»­ dį»„ng: userdel [tĆ¹y_chį»n...] ĐĂNG_NHįŗ¬P\n" +#~ "\n" +#~ "TĆ¹y chį»n:\n" +#~ " -f, --force Ć©p buį»™c gį»” bį» tįŗ­p tin, thįŗ­m chĆ­ nįŗæu " +#~ "khĆ“ng\n" +#~ " đʰį»£c sį»Ÿ hį»Æu bį»Ÿi ngĘ°į»i dĆ¹ng\n" +#~ " -h, --help hiį»ƒn thį»‹ trį»£ giĆŗp nĆ y, sau Ä‘Ć³ thoĆ”t\n" +#~ " -r, --remove gį»” bį» thĘ° mį»„c chĆ­nh vĆ  į»‘ng chį»‰ thĘ° tĆ­n\n" +#~ "\n" + +#~ msgid "%s: user %s is currently logged in\n" +#~ msgstr "%s: ngĘ°į»i dĆ¹ng %s hiį»‡n thį»i đʰį»£c đăng nhįŗ­p\n" + +#~ msgid "" +#~ "Usage: usermod [options] LOGIN\n" +#~ "\n" +#~ "Options:\n" +#~ " -c, --comment COMMENT new value of the GECOS field\n" +#~ " -d, --home HOME_DIR new home directory for the user account\n" +#~ " -e, --expiredate EXPIRE_DATE set account expiration date to " +#~ "EXPIRE_DATE\n" +#~ " -f, --inactive INACTIVE set password inactive after expiration\n" +#~ " to INACTIVE\n" +#~ " -g, --gid GROUP force use GROUP as new primary group\n" +#~ " -G, --groups GROUPS new list of supplementary GROUPS\n" +#~ " -a, --append append the user to the supplemental " +#~ "GROUPS\n" +#~ " mentioned by the -G option without " +#~ "removing\n" +#~ " him/her from other groups\n" +#~ " -h, --help display this help message and exit\n" +#~ " -l, --login NEW_LOGIN new value of the login name\n" +#~ " -L, --lock lock the user account\n" +#~ " -m, --move-home move contents of the home directory to " +#~ "the\n" +#~ " new location (use only with -d)\n" +#~ " -o, --non-unique allow using duplicate (non-unique) UID\n" +#~ " -p, --password PASSWORD use encrypted password for the new " +#~ "password\n" +#~ " -s, --shell SHELL new login shell for the user account\n" +#~ " -u, --uid UID new UID for the user account\n" +#~ " -U, --unlock unlock the user account\n" +#~ "%s\n" +#~ msgstr "" +#~ "Sį»­ dį»„ng: usermod [tuį»³_chį»n...] ĐĂNG_NHįŗ¬P\n" +#~ "\n" +#~ "Tuį»³ chį»n:\n" +#~ " -c, --comment GHI_LĘÆU\t\tgiĆ” trį»‹ mį»›i cį»§a trĘ°į»ng GECOS\n" +#~ " -d, --home THĘÆ_Mį»¤C \tthĘ° mį»„c chĆ­nh mį»›i cho tĆ i khoįŗ£n ngĘ°į»i " +#~ "dĆ¹ng\n" +#~ " -e, --expiredate NGƀY \t\tđįŗ·t thĆ nh ngĆ y nĆ y ngĆ y hįŗæt hįŗ”n dĆ¹ng tĆ i " +#~ "khoįŗ£n\n" +#~ " -f, --inactive INACTIVE \tđįŗ·t thĆ nh INACTIVE mįŗ­t khįŗ©u khĆ“ng cĆ²n " +#~ "hoįŗ”t đį»™ng lįŗ”i\n" +#~ "\t\t\t\t\t\tsau khi hįŗæt hįŗ”n dĆ¹ng\n" +#~ " -g, --gid NHƓM \t\tĆ©p buį»™c sį»­ dį»„ng nhĆ³m nĆ y lĆ m nhĆ³m " +#~ "chĆ­nh mį»›i\n" +#~ " -G, --groups NHƓM \tdanh sĆ”ch mį»›i chį»©a cĆ”c nhĆ³m phį»„\n" +#~ " -a, --append \t\tphį»„ thĆŖm ngĘ°į»i dĆ¹ng vĆ o cĆ”c nhĆ³m phį»„\n" +#~ "\t\t\t\t\t\tđʰa ra bį»Ÿi tuį»³ chį»n Ā« -G Ā» mĆ  khĆ“ng gį»” bį» ta khį»i nhĆ³m khĆ”c\n" +#~ " -h, --help \t\thiį»ƒn thį»‹ trį»£ giĆŗp nĆ y, sau Ä‘Ć³ thoĆ”t\n" +#~ " -l, --login ĐĂNG_NHįŗ¬P \tgiĆ” trį»‹ mį»›i cį»§a tĆŖn đăng nhįŗ­p\n" +#~ " -L, --lock \t\tkhoĆ” tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" +#~ " -m, --move-home \tdi chuyį»ƒn nį»™i dung cį»§a thĘ° mį»„c chĆ­nh " +#~ "sang vį»‹ trĆ­ mį»›i\n" +#~ "\t\t\t\t\t\t(chį»‰ dĆ¹ng cĆ¹ng vį»›i Ā« -d Ā»)\n" +#~ " -o, --non-unique \t\tcho phĆ©p sį»­ dį»„ng UID trĆ¹ng (khĆ“ng duy " +#~ "nhįŗ„t)\n" +#~ " -p, --password Mįŗ¬T_KHįŗØU \tmįŗ­t mĆ£ hoĆ” mįŗ­t khįŗ©u mį»›i\n" +#~ " -s, --shell TRƌNH_BAO trƬnh bao đăng nhįŗ­p mį»›i cho tĆ i khoįŗ£n " +#~ "ngĘ°į»i dĆ¹ng\n" +#~ " -u, --uid UID \t\tUID mį»›i cho tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" +#~ " -U, --unlock \t\tmį»Ÿ khoĆ” tĆ i khoįŗ£n ngĘ°į»i dĆ¹ng\n" +#~ "%s\n" + +#~ msgid "%s: no flags given\n" +#~ msgstr "%s: chĘ°a đʰa ra cį»\n" + +#, fuzzy +#~| msgid "" +#~| "Usage: vipw [options]\n" +#~| "\n" +#~| "Options:\n" +#~| " -g, --group edit group database\n" +#~| " -h, --help display this help message and exit\n" +#~| " -p, --passwd edit passwd database\n" +#~| " -q, --quiet quiet mode\n" +#~| " -s, --shadow edit shadow or gshadow database\n" +#~| "\n" +#~ msgid "" +#~ "Usage: vipw [options]\n" +#~ "\n" +#~ "Options:\n" +#~ " -g, --group edit group database\n" +#~ " -h, --help display this help message and exit\n" +#~ " -p, --passwd edit passwd database\n" +#~ " -q, --quiet quiet mode\n" +#~ " -s, --shadow edit shadow or gshadow database\n" +#~ " -u, --user which user's tcb shadow file to edit\n" +#~ "\n" +#~ msgstr "" +#~ "Sį»­ dį»„ng: vipw [tĆ¹y_chį»n...]\n" +#~ "\n" +#~ "TĆ¹y chį»n:\n" +#~ " -g, --group sį»­a đį»•i cĘ” sį»Ÿ dį»Æ liį»‡u nhĆ³m\n" +#~ " -h, --help hiį»ƒn thį»‹ trį»£ giĆŗp nĆ y, sau Ä‘Ć³ thoĆ”t\n" +#~ " -p, --passwd sį»­a đį»•i cĘ” sį»Ÿ dį»Æ liį»‡u passwd\n" +#~ " -q, --quiet chįŗæ đį»™ im (khĆ“ng xuįŗ„t chi tiįŗæt)\n" +#~ " -s, --shadow sį»­a đį»•i cĘ” sį»Ÿ dį»Æ liį»‡u shadow hay gshadow\n" +#~ "\n" + +#~ msgid "" +#~ "Usage: %s [option] GROUP\n" +#~ "\n" +#~ "Options:\n" +#~ " -a, --add USER add USER to GROUP\n" +#~ " -d, --delete USER remove USER from GROUP\n" +#~ " -r, --remove-password remove the GROUP's password\n" +#~ " -R, --restrict restrict access to GROUP to its members\n" +#~ " -M, --members USER,... set the list of members of GROUP\n" +#~ "%s\n" +#~ "\n" +#~ msgstr "" +#~ "Sį»­ dį»„ng: %s [tuį»³_chį»n] NHƓM\n" +#~ "\n" +#~ "Tuį»³ chį»n:\n" +#~ " -a, --add NGĘÆį»œI_DƙNG\tthĆŖm ngĘ°į»i dĆ¹ng nĆ y vĆ o NHƓM\n" +#~ " -d, --delete NGĘÆį»œI_DƙNG \tgį»” bį» ngĘ°į»i dĆ¹ng nĆ y khį»i NHƓM\n" +#~ " -r, --remove-password \tgį»” bį» mįŗ­t khįŗ©u cį»§a NHƓM\n" +#~ " -R, --restrict \t\t\t\thįŗ”n chįŗæ truy cįŗ­p đįŗæn NHƓM thĆ nh cĆ”c thĆ nh viĆŖn " +#~ "cį»§a nĆ³\n" +#~ " -M, --members NGĘÆį»œI_DƙNG,...\t\tđįŗ·t danh sĆ”ch cĆ”c thĆ nh viĆŖn cį»§a NHƓM\n" +#~ "%s\n" +#~ "\n" + +#~ msgid "" +#~ "Usage: groupmems [options] [action]\n" +#~ "\n" +#~ "Options:\n" +#~ " -g, --group groupname change groupname instead of the user's " +#~ "group\n" +#~ " (root only)\n" +#~ "\n" +#~ "Actions:\n" +#~ " -a, --add username add username to the members of the group\n" +#~ " -d, --delete username remove username from the members of the " +#~ "group\n" +#~ " -p, --purge purge all members from the group\n" +#~ " -l, --list list the members of the group\n" +#~ "\n" +#~ msgstr "" +#~ "Sį»­ dį»„ng: groupmems [tuį»³_chį»n ...] [hĆ nh_vi]\n" +#~ "\n" +#~ "Tuį»³ chį»n:\n" +#~ " -g, --group TƊN_NHƓM thay đį»•i tĆŖn cį»§a nhĆ³m nĆ y thay cho nhĆ³m cį»§a " +#~ "ngĘ°į»i dĆ¹ng (chį»‰ ngĘ°į»i chį»§)\n" +#~ "\n" +#~ "HĆ nh vi:\n" +#~ " -a, --add TƊN\t\t\tthĆŖm tĆŖn ngĘ°į»i dĆ¹ng nĆ y vĆ o nhĆ³m\n" +#~ " -d, --delete TƊN \tgį»” bį» tĆŖn nĆ y khį»i nhĆ³m\n" +#~ " -p, --purge \ttįŗ©y mį»i ngĘ°į»i ra nhĆ³m\n" +#~ " -l, --list \t\tliį»‡t kĆŖ nhį»Æng ngĘ°į»i trong nhĆ³m\n" +#~ "\n" + +#~ msgid "" +#~ "Usage: useradd [options] LOGIN\n" +#~ "\n" +#~ "Options:\n" +#~ msgstr "" +#~ "Sį»­ dį»„ng: useradd [tuį»³_chį»n ...] ĐĂNG_NHįŗ¬P\n" +#~ "\n" +#~ "Tuį»³ chį»n:\n" + +#~ msgid "%s: can't create %s\n" +#~ msgstr "%s: khĆ“ng thį»ƒ tįŗ”o %s\n" + +#~ msgid "%s: can't chown %s\n" +#~ msgstr "%s: khĆ“ng thį»ƒ chown (thay đį»•i quyį»n sį»Ÿ hį»Æu) %s\n" diff --git a/po/zh_CN.gmo b/po/zh_CN.gmo deleted file mode 100644 index 7428ec10..00000000 Binary files a/po/zh_CN.gmo and /dev/null differ diff --git a/po/zh_CN.po b/po/zh_CN.po index 6b4d9c0e..7a84df72 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.15\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2012-01-10 01:23+0800\n" "Last-Translator: YunQiang Su <wzssyqa@gmail.com>\n" "Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n" @@ -1055,6 +1055,14 @@ msgstr "%sļ¼šGID ā€œ%luā€å·²ē»å­˜åœØ\n" msgid "%s: Cannot setup cleanup service.\n" msgstr "%sļ¼šę— ę³•ē”®å®šę‚Øēš„ē”Øęˆ·åć€‚\n" +#, fuzzy +#| msgid "" +#| " -r, --reset reset the counters of login failures\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr " -r, --reset\t\t重ē½®ē™»é™†å¤±č“„讔ꕰ\n" + #, c-format msgid "%s: cannot remove entry '%s' from %s\n" msgstr "%1$sļ¼šę— ę³•ä»Ž %3$s äø­ē§»é™¤ %2$s\n" @@ -1270,6 +1278,22 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr " -b, --before DAYS ä»…ę‰“å°ę—©äŗŽ DAYS ēš„ęœ€čæ‘ē™»å½•č®°å½•\n" +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr " -a, --all\t\t\täøŗꉀ꜉ē”Øęˆ·ę˜¾ē¤ŗē™»é™†å¤±č“„č®°å½•\n" + +#, fuzzy +#| msgid "" +#| " -a, --all display faillog records for all users\n" +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr " -a, --all\t\t\täøŗꉀ꜉ē”Øęˆ·ę˜¾ē¤ŗē™»é™†å¤±č“„č®°å½•\n" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1288,6 +1312,24 @@ msgstr "ē”Øęˆ·å ē«Æ口 ęœ€åŽē™»é™†ę—¶é—“" msgid "**Never logged in**" msgstr "**从ęœŖē™»å½•čæ‡**" +#, fuzzy, c-format +#| msgid "%s: Failed to get the entry for UID %lu\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%sļ¼ščŽ·å– UID %lu ēš„ę”ē›®å¤±č“„\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%sļ¼šę— ę³•ę›“ꖰåƆē ę–‡ä»¶\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "ē”Øę³•ļ¼š%s [-p] [名ē§°]\n" @@ -1321,6 +1363,13 @@ msgstr "" "\n" "[åæ½ē•„ꖭēŗæ要걂 -- 允č®ø root ē™»å½•ć€‚]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "%sļ¼šę²”꜉꜉ꕈ root ēš„ęƒ…å†µäø‹ļ¼ŒäøåÆčƒ½å·„ä½œ\n" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "ę²”ęœ‰ utmp ę”ē›®ć€‚ę‚Øåæ…é”»åœØ꜀åŗ•å±‚ēš„ā€œshā€é‡Œę‰§č”Œā€œloginā€" + #, c-format msgid "" "\n" @@ -1329,13 +1378,6 @@ msgstr "" "\n" "%u ē§’后ē™»å½•č¶…ꗶ怂\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "%sļ¼šę²”꜉꜉ꕈ root ēš„ęƒ…å†µäø‹ļ¼ŒäøåÆčƒ½å·„ä½œ\n" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "ę²”ęœ‰ utmp ę”ē›®ć€‚ę‚Øåæ…é”»åœØ꜀åŗ•å±‚ēš„ā€œshā€é‡Œę‰§č”Œā€œloginā€" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "login: PAM 错čÆÆļ¼Œę­£åœØ退å‡ŗļ¼š%s\n" @@ -1744,12 +1786,6 @@ msgstr "åæ½ē•„åƆē č®¤čƁ\n" msgid "Please enter your OWN password as authentication.\n" msgstr "čÆ·č¾“å…„ę‚Ø*č‡Ŗå·±*ēš„åƆē ä½œäøŗéŖŒčÆć€‚\n" -msgid " ...killed.\n" -msgstr " ...å·²č¢«ę€ę­»ć€‚\n" - -msgid " ...waiting for child to terminate.\n" -msgstr " ...ē­‰å¾…子čæ›ē؋ē»“ęŸć€‚\n" - #, c-format msgid "%s: Cannot fork user shell\n" msgstr "%sļ¼šę— ę³• fork ē”Øꈷ shell\n" @@ -1765,6 +1801,12 @@ msgstr "%sļ¼šäæ”å·å±č”½(mask)ꕅ障\n" msgid "Session terminated, terminating shell..." msgstr "会čƝē»“ęŸļ¼Œē»“ęŸ shell ..." +msgid " ...killed.\n" +msgstr " ...å·²č¢«ę€ę­»ć€‚\n" + +msgid " ...waiting for child to terminate.\n" +msgstr " ...ē­‰å¾…子čæ›ē؋ē»“ęŸć€‚\n" + msgid " ...terminated.\n" msgstr " ...å·²ē»“ęŸć€‚\n" @@ -2293,26 +2335,6 @@ msgstr "%sļ¼šUID ā€œ%luā€å·²ē»å­˜åœØ\n" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "%sļ¼š%s ę²”ęœ‰č¢«ęŽˆęƒę›“ę”¹ %s ēš„åƆē \n" -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%sļ¼šå‡†å¤‡ę–° %s ę”ē›®ā€œ%sā€å¤±č“„\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%sļ¼šå‡†å¤‡ę–° %s ę”ē›®ā€œ%sā€å¤±č“„\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%sļ¼šå‡†å¤‡ę–° %s ę”ē›®ā€œ%sā€å¤±č“„\n" - -#, fuzzy, c-format -#| msgid "%s: failed to prepare the new %s entry '%s'\n" -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%sļ¼šå‡†å¤‡ę–° %s ę”ē›®ā€œ%sā€å¤±č“„\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%sļ¼šē›®å½• %s äøå­˜åœØ\n" @@ -2353,6 +2375,26 @@ msgstr "ę”¹å˜äæ”ē®±ę‰€ęœ‰č€…å¤±č“„" msgid "failed to rename mailbox" msgstr "ę— ę³•äøŗäæ”ē®±ę”¹å" +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%sļ¼šå‡†å¤‡ę–° %s ę”ē›®ā€œ%sā€å¤±č“„\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%sļ¼šå‡†å¤‡ę–° %s ę”ē›®ā€œ%sā€å¤±č“„\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%sļ¼šå‡†å¤‡ę–° %s ę”ē›®ā€œ%sā€å¤±č“„\n" + +#, fuzzy, c-format +#| msgid "%s: failed to prepare the new %s entry '%s'\n" +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%sļ¼šå‡†å¤‡ę–° %s ę”ē›®ā€œ%sā€å¤±č“„\n" + #, c-format msgid "" "You have modified %s.\n" @@ -2939,9 +2981,6 @@ msgstr "%sļ¼šę— ę³•äøŗā€œ%sā€ę‰¾åˆ° tcb ē›®å½•\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%sļ¼šę— ę³•é‡å†™åƆē ę–‡ä»¶\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%sļ¼šę— ę³•ę›“ꖰåƆē ę–‡ä»¶\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%sļ¼šę— ę³•ę›“ę–°å½±å­åƆē ę–‡ä»¶\n" diff --git a/po/zh_TW.gmo b/po/zh_TW.gmo deleted file mode 100644 index 69e1385e..00000000 Binary files a/po/zh_TW.gmo and /dev/null differ diff --git a/po/zh_TW.po b/po/zh_TW.po index 4bbe28ee..ee174c40 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: shadow 4.0.9\n" "Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n" -"POT-Creation-Date: 2014-05-09 12:52+0200\n" +"POT-Creation-Date: 2016-09-18 14:03-0500\n" "PO-Revision-Date: 2005-06-02 22:20+0800\n" "Last-Translator: Asho Yeh <asho@debian.org.tw>\n" "Language-Team: Chinese (traditional) <zh-l10n@linux.org.tw>\n" @@ -1075,6 +1075,11 @@ msgstr "" msgid "%s: Cannot setup cleanup service.\n" msgstr "%sļ¼šē„”ę³•ē¢ŗ定ę‚Øēš„ä½æē”Øč€…åēØ±ć€‚\n" +msgid "" +" -f, --force delete group even if it is the primary group " +"of a user\n" +msgstr "" + #, fuzzy, c-format #| msgid "%s: cannot rename directory %s to %s\n" msgid "%s: cannot remove entry '%s' from %s\n" @@ -1288,6 +1293,16 @@ msgid "" " -b, --before DAYS print only lastlog records older than DAYS\n" msgstr "" +msgid "" +" -C, --clear clear lastlog record of an user (usable only " +"with -u)\n" +msgstr "" + +msgid "" +" -S, --set set lastlog record to current time (usable " +"only with -u)\n" +msgstr "" + msgid "" " -t, --time DAYS print only lastlog records more recent than " "DAYS\n" @@ -1306,6 +1321,24 @@ msgstr "ä½æē”Øč€…å åŸ č™Ÿ ęœ€å¾Œē™»å…„Ꙃ間" msgid "**Never logged in**" msgstr "**從ęœŖē™»å…„過**" +#, fuzzy, c-format +#| msgid "%s: cannot create directory %s\n" +msgid "%s: Failed to update the entry for UID %lu\n" +msgstr "%sļ¼šē„”ę³•å»ŗē«‹ē›®éŒ„ %s\n" + +#, fuzzy, c-format +#| msgid "%s: can't update password file\n" +msgid "%s: Failed to update the lastlog file\n" +msgstr "%sļ¼šē„”ę³•ę›“ę–°åƆē¢¼ęŖ”ę”ˆ\n" + +#, c-format +msgid "%s: Option -C cannot be used together with option -S\n" +msgstr "" + +#, c-format +msgid "%s: Options -C and -S require option -u to specify the user\n" +msgstr "" + #, c-format msgid "Usage: %s [-p] [name]\n" msgstr "ē”Øę³•ļ¼š%s [-p] [名ēر]\n" @@ -1339,6 +1372,13 @@ msgstr "" "\n" "[åæ½ē•„ę–·ē·šč¦ę±‚ -- 允čر root ē™»å…„怂]" +#, c-format +msgid "%s: Cannot possibly work without effective root\n" +msgstr "" + +msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" +msgstr "" + #, fuzzy, c-format #| msgid "" #| "\n" @@ -1350,13 +1390,6 @@ msgstr "" "\n" "ē™»å…„é€¾ę™‚ %d ē§’\n" -#, c-format -msgid "%s: Cannot possibly work without effective root\n" -msgstr "" - -msgid "No utmp entry. You must exec \"login\" from the lowest level \"sh\"" -msgstr "" - #, c-format msgid "login: PAM Failure, aborting: %s\n" msgstr "" @@ -1775,12 +1808,6 @@ msgstr "åæ½ē•„åƆē¢¼čŖčؼ\n" msgid "Please enter your OWN password as authentication.\n" msgstr "č«‹č¼øå…„ę‚Øč‡Ŗå·±ēš„åƆē¢¼ä½œē‚ŗ驗čØ¼ć€‚\n" -msgid " ...killed.\n" -msgstr "" - -msgid " ...waiting for child to terminate.\n" -msgstr "" - #, fuzzy, c-format #| msgid "%s: cannot lock file %s\n" msgid "%s: Cannot fork user shell\n" @@ -1797,6 +1824,12 @@ msgstr "" msgid "Session terminated, terminating shell..." msgstr "" +msgid " ...killed.\n" +msgstr "" + +msgid " ...waiting for child to terminate.\n" +msgstr "" + msgid " ...terminated.\n" msgstr "" @@ -2314,23 +2347,6 @@ msgstr "" msgid "%s: %s does not exist, you cannot use the flags %s or %s\n" msgstr "" -#, fuzzy, c-format -msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" -msgstr "%sļ¼šē„”ꕈēš„å·„ä½œé›»č©±ļ¼šā€œ%sā€\n" - -#, fuzzy, c-format -#| msgid "%s: fields too long\n" -msgid "%s: failed to add uid range %lu-%lu from '%s'\n" -msgstr "%sļ¼šå­—ꮵå¤Ŗ長\n" - -#, fuzzy, c-format -msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" -msgstr "%sļ¼šē„”ꕈēš„å·„ä½œé›»č©±ļ¼šā€œ%sā€\n" - -#, fuzzy, c-format -msgid "%s: failed to add gid range %lu-%lu from '%s'\n" -msgstr "%sļ¼šē„”ꕈēš„äø»ē›®éŒ„ā€œ%sā€\n" - #, c-format msgid "%s: directory %s exists\n" msgstr "%sļ¼šē›®éŒ„ %s äøå­˜åœØ\n" @@ -2372,6 +2388,23 @@ msgstr "ę”¹č®Šäæ”ē®±ę‰€ęœ‰č€…å¤±ę•—" msgid "failed to rename mailbox" msgstr "ē„”ę³•ē‚ŗäæ”ē®±ę”¹å" +#, fuzzy, c-format +msgid "%s: failed to remove uid range %lu-%lu from '%s'\n" +msgstr "%sļ¼šē„”ꕈēš„å·„ä½œé›»č©±ļ¼šā€œ%sā€\n" + +#, fuzzy, c-format +#| msgid "%s: fields too long\n" +msgid "%s: failed to add uid range %lu-%lu from '%s'\n" +msgstr "%sļ¼šå­—ꮵå¤Ŗ長\n" + +#, fuzzy, c-format +msgid "%s: failed to remove gid range %lu-%lu from '%s'\n" +msgstr "%sļ¼šē„”ꕈēš„å·„ä½œé›»č©±ļ¼šā€œ%sā€\n" + +#, fuzzy, c-format +msgid "%s: failed to add gid range %lu-%lu from '%s'\n" +msgstr "%sļ¼šē„”ꕈēš„äø»ē›®éŒ„ā€œ%sā€\n" + #, c-format msgid "" "You have modified %s.\n" @@ -2768,9 +2801,6 @@ msgstr "%sļ¼šē„”ꕈēš„äø»ē›®éŒ„ā€œ%sā€\n" #~ msgid "%s: can't rewrite password file\n" #~ msgstr "%sļ¼šē„”ę³•é‡åÆ«åƆē¢¼ęŖ”ę”ˆ\n" -#~ msgid "%s: can't update password file\n" -#~ msgstr "%sļ¼šē„”ę³•ę›“ę–°åƆē¢¼ęŖ”ę”ˆ\n" - #~ msgid "%s: can't update shadow password file\n" #~ msgstr "%sļ¼šē„”ę³•ę›“ę–°shadowåƆē¢¼ęŖ”ę”ˆ\n" diff --git a/src/.gitignore b/src/.gitignore new file mode 100644 index 00000000..d5716b98 --- /dev/null +++ b/src/.gitignore @@ -0,0 +1,35 @@ +/chage +/chfn +/chgpasswd +/chpasswd +/chsh +/expiry +/faillog +/gpasswd +/groupadd +/groupdel +/groupmems +/groupmod +/groups +/grpck +/grpconv +/grpunconv +/id +/lastlog +/login +/logoutd +/newgrp +/newgidmap +/newuidmap +/newusers +/nologin +/passwd +/pwck +/pwconv +/pwunconv +/su +/sulogin +/useradd +/userdel +/usermod +/vipw diff --git a/src/Makefile.am b/src/Makefile.am index 25e288d3..dc520b5d 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -52,10 +52,13 @@ usbin_PROGRAMS = \ noinst_PROGRAMS = id sulogin suidbins = su -suidubins = chage chfn chsh expiry gpasswd newgrp passwd newuidmap newgidmap +suidubins = chage chfn chsh expiry gpasswd newgrp passwd if ACCT_TOOLS_SETUID suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod endif +if ENABLE_SUBIDS + suidubins += newgidmap newuidmap +endif if WITH_TCB suidubins -= passwd @@ -95,6 +98,7 @@ groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) grpck_LDADD = $(LDADD) $(LIBSELINUX) grpconv_LDADD = $(LDADD) $(LIBSELINUX) grpunconv_LDADD = $(LDADD) $(LIBSELINUX) +lastlog_LDADD = $(LDADD) $(LIBAUDIT) login_SOURCES = \ login.c \ login_nopam.c diff --git a/src/Makefile.in b/src/Makefile.in deleted file mode 100644 index d846ea9d..00000000 --- a/src/Makefile.in +++ /dev/null @@ -1,1239 +0,0 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -bin_PROGRAMS = groups$(EXEEXT) login$(EXEEXT) su$(EXEEXT) -sbin_PROGRAMS = nologin$(EXEEXT) -ubin_PROGRAMS = faillog$(EXEEXT) lastlog$(EXEEXT) chage$(EXEEXT) \ - chfn$(EXEEXT) chsh$(EXEEXT) expiry$(EXEEXT) gpasswd$(EXEEXT) \ - newgrp$(EXEEXT) passwd$(EXEEXT) $(am__EXEEXT_1) -@ENABLE_SUBIDS_TRUE@am__append_1 = newgidmap newuidmap -usbin_PROGRAMS = chgpasswd$(EXEEXT) chpasswd$(EXEEXT) \ - groupadd$(EXEEXT) groupdel$(EXEEXT) groupmems$(EXEEXT) \ - groupmod$(EXEEXT) grpck$(EXEEXT) grpconv$(EXEEXT) \ - grpunconv$(EXEEXT) logoutd$(EXEEXT) newusers$(EXEEXT) \ - pwck$(EXEEXT) pwconv$(EXEEXT) pwunconv$(EXEEXT) \ - useradd$(EXEEXT) userdel$(EXEEXT) usermod$(EXEEXT) \ - vipw$(EXEEXT) -noinst_PROGRAMS = id$(EXEEXT) sulogin$(EXEEXT) -subdir = src -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/depcomp -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" \ - "$(DESTDIR)$(ubindir)" "$(DESTDIR)$(usbindir)" -@ENABLE_SUBIDS_TRUE@am__EXEEXT_1 = newgidmap$(EXEEXT) \ -@ENABLE_SUBIDS_TRUE@ newuidmap$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) $(sbin_PROGRAMS) \ - $(ubin_PROGRAMS) $(usbin_PROGRAMS) -chage_SOURCES = chage.c -chage_OBJECTS = chage.$(OBJEXT) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -@ACCT_TOOLS_SETUID_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_1) -chage_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -AM_V_lt = $(am__v_lt_@AM_V@) -am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) -am__v_lt_0 = --silent -am__v_lt_1 = -chfn_SOURCES = chfn.c -chfn_OBJECTS = chfn.$(OBJEXT) -@USE_PAM_FALSE@am__DEPENDENCIES_4 = $(am__DEPENDENCIES_1) -chfn_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_4) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -chgpasswd_SOURCES = chgpasswd.c -chgpasswd_OBJECTS = chgpasswd.$(OBJEXT) -chgpasswd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -chpasswd_SOURCES = chpasswd.c -chpasswd_OBJECTS = chpasswd.$(OBJEXT) -chpasswd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -chsh_SOURCES = chsh.c -chsh_OBJECTS = chsh.$(OBJEXT) -chsh_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_4) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -expiry_SOURCES = expiry.c -expiry_OBJECTS = expiry.$(OBJEXT) -expiry_LDADD = $(LDADD) -expiry_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -faillog_SOURCES = faillog.c -faillog_OBJECTS = faillog.$(OBJEXT) -faillog_LDADD = $(LDADD) -faillog_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -gpasswd_SOURCES = gpasswd.c -gpasswd_OBJECTS = gpasswd.$(OBJEXT) -gpasswd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -groupadd_SOURCES = groupadd.c -groupadd_OBJECTS = groupadd.$(OBJEXT) -groupadd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -groupdel_SOURCES = groupdel.c -groupdel_OBJECTS = groupdel.$(OBJEXT) -groupdel_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -groupmems_SOURCES = groupmems.c -groupmems_OBJECTS = groupmems.$(OBJEXT) -groupmems_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -groupmod_SOURCES = groupmod.c -groupmod_OBJECTS = groupmod.$(OBJEXT) -groupmod_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -groups_SOURCES = groups.c -groups_OBJECTS = groups.$(OBJEXT) -groups_LDADD = $(LDADD) -groups_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -grpck_SOURCES = grpck.c -grpck_OBJECTS = grpck.$(OBJEXT) -grpck_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -grpconv_SOURCES = grpconv.c -grpconv_OBJECTS = grpconv.$(OBJEXT) -grpconv_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -grpunconv_SOURCES = grpunconv.c -grpunconv_OBJECTS = grpunconv.$(OBJEXT) -grpunconv_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -id_SOURCES = id.c -id_OBJECTS = id.$(OBJEXT) -id_LDADD = $(LDADD) -id_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -lastlog_SOURCES = lastlog.c -lastlog_OBJECTS = lastlog.$(OBJEXT) -lastlog_LDADD = $(LDADD) -lastlog_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -am_login_OBJECTS = login.$(OBJEXT) login_nopam.$(OBJEXT) -login_OBJECTS = $(am_login_OBJECTS) -login_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_4) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -logoutd_SOURCES = logoutd.c -logoutd_OBJECTS = logoutd.$(OBJEXT) -logoutd_LDADD = $(LDADD) -logoutd_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -newgidmap_SOURCES = newgidmap.c -newgidmap_OBJECTS = newgidmap.$(OBJEXT) -newgidmap_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -newgrp_SOURCES = newgrp.c -newgrp_OBJECTS = newgrp.$(OBJEXT) -newgrp_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -newuidmap_SOURCES = newuidmap.c -newuidmap_OBJECTS = newuidmap.$(OBJEXT) -newuidmap_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -newusers_SOURCES = newusers.c -newusers_OBJECTS = newusers.$(OBJEXT) -newusers_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -nologin_SOURCES = nologin.c -nologin_OBJECTS = nologin.$(OBJEXT) -nologin_DEPENDENCIES = -passwd_SOURCES = passwd.c -passwd_OBJECTS = passwd.$(OBJEXT) -passwd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_4) -pwck_SOURCES = pwck.c -pwck_OBJECTS = pwck.$(OBJEXT) -pwck_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -pwconv_SOURCES = pwconv.c -pwconv_OBJECTS = pwconv.$(OBJEXT) -pwconv_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -pwunconv_SOURCES = pwunconv.c -pwunconv_OBJECTS = pwunconv.$(OBJEXT) -pwunconv_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -am_su_OBJECTS = su.$(OBJEXT) suauth.$(OBJEXT) -su_OBJECTS = $(am_su_OBJECTS) -su_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_4) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -sulogin_SOURCES = sulogin.c -sulogin_OBJECTS = sulogin.$(OBJEXT) -sulogin_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -useradd_SOURCES = useradd.c -useradd_OBJECTS = useradd.$(OBJEXT) -useradd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -userdel_SOURCES = userdel.c -userdel_OBJECTS = userdel.$(OBJEXT) -userdel_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -usermod_SOURCES = usermod.c -usermod_OBJECTS = usermod.$(OBJEXT) -usermod_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -vipw_SOURCES = vipw.c -vipw_OBJECTS = vipw.$(OBJEXT) -vipw_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -am__mv = mv -f -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ - $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ - $(AM_CFLAGS) $(CFLAGS) -AM_V_CC = $(am__v_CC_@AM_V@) -am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -am__v_CC_0 = @echo " CC " $@; -am__v_CC_1 = -CCLD = $(CC) -LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(AM_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_CCLD = $(am__v_CCLD_@AM_V@) -am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -am__v_CCLD_0 = @echo " CCLD " $@; -am__v_CCLD_1 = -SOURCES = chage.c chfn.c chgpasswd.c chpasswd.c chsh.c expiry.c \ - faillog.c gpasswd.c groupadd.c groupdel.c groupmems.c \ - groupmod.c groups.c grpck.c grpconv.c grpunconv.c id.c \ - lastlog.c $(login_SOURCES) logoutd.c newgidmap.c newgrp.c \ - newuidmap.c newusers.c nologin.c passwd.c pwck.c pwconv.c \ - pwunconv.c $(su_SOURCES) sulogin.c useradd.c userdel.c \ - usermod.c vipw.c -DIST_SOURCES = chage.c chfn.c chgpasswd.c chpasswd.c chsh.c expiry.c \ - faillog.c gpasswd.c groupadd.c groupdel.c groupmems.c \ - groupmod.c groups.c grpck.c grpconv.c grpunconv.c id.c \ - lastlog.c $(login_SOURCES) logoutd.c newgidmap.c newgrp.c \ - newuidmap.c newusers.c nologin.c passwd.c pwck.c pwconv.c \ - pwunconv.c $(su_SOURCES) sulogin.c useradd.c userdel.c \ - usermod.c vipw.c -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -EXTRA_DIST = \ - .indent.pro - -ubindir = ${prefix}/bin -usbindir = ${prefix}/sbin -suidperms = 4755 -sgidperms = 2755 -INCLUDES = \ - -I${top_srcdir}/lib \ - -I$(top_srcdir)/libmisc - -suidbins = su -suidubins = chage chfn chsh expiry gpasswd newgrp passwd newuidmap newgidmap -@WITH_TCB_TRUE@shadowsgidubins = passwd -LDADD = $(INTLLIBS) \ - $(LIBTCB) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la - -AM_CPPFLAGS = -DLOCALEDIR=\"$(datadir)/locale\" -@ACCT_TOOLS_SETUID_FALSE@LIBPAM_SUID = -@ACCT_TOOLS_SETUID_TRUE@LIBPAM_SUID = $(LIBPAM) -@USE_PAM_FALSE@LIBCRYPT_NOPAM = $(LIBCRYPT) -@USE_PAM_TRUE@LIBCRYPT_NOPAM = -chage_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) -newuidmap_LDADD = $(LDADD) $(LIBSELINUX) -newgidmap_LDADD = $(LDADD) $(LIBSELINUX) -chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) -chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) -chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) -chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) -gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) -groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) -groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) -groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) -groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) -grpck_LDADD = $(LDADD) $(LIBSELINUX) -grpconv_LDADD = $(LDADD) $(LIBSELINUX) -grpunconv_LDADD = $(LDADD) $(LIBSELINUX) -login_SOURCES = \ - login.c \ - login_nopam.c - -login_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) -newgrp_LDADD = $(LDADD) $(LIBAUDIT) $(LIBCRYPT) -newusers_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) -nologin_LDADD = -passwd_LDADD = $(LDADD) $(LIBPAM) $(LIBCRACK) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) -pwck_LDADD = $(LDADD) $(LIBSELINUX) -pwconv_LDADD = $(LDADD) $(LIBSELINUX) -pwunconv_LDADD = $(LDADD) $(LIBSELINUX) -su_SOURCES = \ - su.c \ - suauth.c - -su_LDADD = $(LDADD) $(LIBPAM) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) -sulogin_LDADD = $(LDADD) $(LIBCRYPT) -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) -userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) -vipw_LDADD = $(LDADD) $(LIBSELINUX) -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu src/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \ - fi; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p \ - || test -f $$p1 \ - ; then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' \ - -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' \ - `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(bindir)" && rm -f $$files - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(sbindir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(sbindir)" || exit 1; \ - fi; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p \ - || test -f $$p1 \ - ; then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' \ - -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' \ - `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(sbindir)" && rm -f $$files - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list -install-ubinPROGRAMS: $(ubin_PROGRAMS) - @$(NORMAL_INSTALL) - @list='$(ubin_PROGRAMS)'; test -n "$(ubindir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(ubindir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(ubindir)" || exit 1; \ - fi; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p \ - || test -f $$p1 \ - ; then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' \ - -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(ubindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(ubindir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-ubinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(ubin_PROGRAMS)'; test -n "$(ubindir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' \ - `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(ubindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(ubindir)" && rm -f $$files - -clean-ubinPROGRAMS: - @list='$(ubin_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list -install-usbinPROGRAMS: $(usbin_PROGRAMS) - @$(NORMAL_INSTALL) - @list='$(usbin_PROGRAMS)'; test -n "$(usbindir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(usbindir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(usbindir)" || exit 1; \ - fi; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p \ - || test -f $$p1 \ - ; then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' \ - -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(usbindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(usbindir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-usbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(usbin_PROGRAMS)'; test -n "$(usbindir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' \ - `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(usbindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(usbindir)" && rm -f $$files - -clean-usbinPROGRAMS: - @list='$(usbin_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list - -chage$(EXEEXT): $(chage_OBJECTS) $(chage_DEPENDENCIES) $(EXTRA_chage_DEPENDENCIES) - @rm -f chage$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(chage_OBJECTS) $(chage_LDADD) $(LIBS) - -chfn$(EXEEXT): $(chfn_OBJECTS) $(chfn_DEPENDENCIES) $(EXTRA_chfn_DEPENDENCIES) - @rm -f chfn$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(chfn_OBJECTS) $(chfn_LDADD) $(LIBS) - -chgpasswd$(EXEEXT): $(chgpasswd_OBJECTS) $(chgpasswd_DEPENDENCIES) $(EXTRA_chgpasswd_DEPENDENCIES) - @rm -f chgpasswd$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(chgpasswd_OBJECTS) $(chgpasswd_LDADD) $(LIBS) - -chpasswd$(EXEEXT): $(chpasswd_OBJECTS) $(chpasswd_DEPENDENCIES) $(EXTRA_chpasswd_DEPENDENCIES) - @rm -f chpasswd$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(chpasswd_OBJECTS) $(chpasswd_LDADD) $(LIBS) - -chsh$(EXEEXT): $(chsh_OBJECTS) $(chsh_DEPENDENCIES) $(EXTRA_chsh_DEPENDENCIES) - @rm -f chsh$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(chsh_OBJECTS) $(chsh_LDADD) $(LIBS) - -expiry$(EXEEXT): $(expiry_OBJECTS) $(expiry_DEPENDENCIES) $(EXTRA_expiry_DEPENDENCIES) - @rm -f expiry$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(expiry_OBJECTS) $(expiry_LDADD) $(LIBS) - -faillog$(EXEEXT): $(faillog_OBJECTS) $(faillog_DEPENDENCIES) $(EXTRA_faillog_DEPENDENCIES) - @rm -f faillog$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(faillog_OBJECTS) $(faillog_LDADD) $(LIBS) - -gpasswd$(EXEEXT): $(gpasswd_OBJECTS) $(gpasswd_DEPENDENCIES) $(EXTRA_gpasswd_DEPENDENCIES) - @rm -f gpasswd$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(gpasswd_OBJECTS) $(gpasswd_LDADD) $(LIBS) - -groupadd$(EXEEXT): $(groupadd_OBJECTS) $(groupadd_DEPENDENCIES) $(EXTRA_groupadd_DEPENDENCIES) - @rm -f groupadd$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(groupadd_OBJECTS) $(groupadd_LDADD) $(LIBS) - -groupdel$(EXEEXT): $(groupdel_OBJECTS) $(groupdel_DEPENDENCIES) $(EXTRA_groupdel_DEPENDENCIES) - @rm -f groupdel$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(groupdel_OBJECTS) $(groupdel_LDADD) $(LIBS) - -groupmems$(EXEEXT): $(groupmems_OBJECTS) $(groupmems_DEPENDENCIES) $(EXTRA_groupmems_DEPENDENCIES) - @rm -f groupmems$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(groupmems_OBJECTS) $(groupmems_LDADD) $(LIBS) - -groupmod$(EXEEXT): $(groupmod_OBJECTS) $(groupmod_DEPENDENCIES) $(EXTRA_groupmod_DEPENDENCIES) - @rm -f groupmod$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(groupmod_OBJECTS) $(groupmod_LDADD) $(LIBS) - -groups$(EXEEXT): $(groups_OBJECTS) $(groups_DEPENDENCIES) $(EXTRA_groups_DEPENDENCIES) - @rm -f groups$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(groups_OBJECTS) $(groups_LDADD) $(LIBS) - -grpck$(EXEEXT): $(grpck_OBJECTS) $(grpck_DEPENDENCIES) $(EXTRA_grpck_DEPENDENCIES) - @rm -f grpck$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(grpck_OBJECTS) $(grpck_LDADD) $(LIBS) - -grpconv$(EXEEXT): $(grpconv_OBJECTS) $(grpconv_DEPENDENCIES) $(EXTRA_grpconv_DEPENDENCIES) - @rm -f grpconv$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(grpconv_OBJECTS) $(grpconv_LDADD) $(LIBS) - -grpunconv$(EXEEXT): $(grpunconv_OBJECTS) $(grpunconv_DEPENDENCIES) $(EXTRA_grpunconv_DEPENDENCIES) - @rm -f grpunconv$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(grpunconv_OBJECTS) $(grpunconv_LDADD) $(LIBS) - -id$(EXEEXT): $(id_OBJECTS) $(id_DEPENDENCIES) $(EXTRA_id_DEPENDENCIES) - @rm -f id$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(id_OBJECTS) $(id_LDADD) $(LIBS) - -lastlog$(EXEEXT): $(lastlog_OBJECTS) $(lastlog_DEPENDENCIES) $(EXTRA_lastlog_DEPENDENCIES) - @rm -f lastlog$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(lastlog_OBJECTS) $(lastlog_LDADD) $(LIBS) - -login$(EXEEXT): $(login_OBJECTS) $(login_DEPENDENCIES) $(EXTRA_login_DEPENDENCIES) - @rm -f login$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(login_OBJECTS) $(login_LDADD) $(LIBS) - -logoutd$(EXEEXT): $(logoutd_OBJECTS) $(logoutd_DEPENDENCIES) $(EXTRA_logoutd_DEPENDENCIES) - @rm -f logoutd$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(logoutd_OBJECTS) $(logoutd_LDADD) $(LIBS) - -newgidmap$(EXEEXT): $(newgidmap_OBJECTS) $(newgidmap_DEPENDENCIES) $(EXTRA_newgidmap_DEPENDENCIES) - @rm -f newgidmap$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(newgidmap_OBJECTS) $(newgidmap_LDADD) $(LIBS) - -newgrp$(EXEEXT): $(newgrp_OBJECTS) $(newgrp_DEPENDENCIES) $(EXTRA_newgrp_DEPENDENCIES) - @rm -f newgrp$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(newgrp_OBJECTS) $(newgrp_LDADD) $(LIBS) - -newuidmap$(EXEEXT): $(newuidmap_OBJECTS) $(newuidmap_DEPENDENCIES) $(EXTRA_newuidmap_DEPENDENCIES) - @rm -f newuidmap$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(newuidmap_OBJECTS) $(newuidmap_LDADD) $(LIBS) - -newusers$(EXEEXT): $(newusers_OBJECTS) $(newusers_DEPENDENCIES) $(EXTRA_newusers_DEPENDENCIES) - @rm -f newusers$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(newusers_OBJECTS) $(newusers_LDADD) $(LIBS) - -nologin$(EXEEXT): $(nologin_OBJECTS) $(nologin_DEPENDENCIES) $(EXTRA_nologin_DEPENDENCIES) - @rm -f nologin$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(nologin_OBJECTS) $(nologin_LDADD) $(LIBS) - -passwd$(EXEEXT): $(passwd_OBJECTS) $(passwd_DEPENDENCIES) $(EXTRA_passwd_DEPENDENCIES) - @rm -f passwd$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(passwd_OBJECTS) $(passwd_LDADD) $(LIBS) - -pwck$(EXEEXT): $(pwck_OBJECTS) $(pwck_DEPENDENCIES) $(EXTRA_pwck_DEPENDENCIES) - @rm -f pwck$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(pwck_OBJECTS) $(pwck_LDADD) $(LIBS) - -pwconv$(EXEEXT): $(pwconv_OBJECTS) $(pwconv_DEPENDENCIES) $(EXTRA_pwconv_DEPENDENCIES) - @rm -f pwconv$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(pwconv_OBJECTS) $(pwconv_LDADD) $(LIBS) - -pwunconv$(EXEEXT): $(pwunconv_OBJECTS) $(pwunconv_DEPENDENCIES) $(EXTRA_pwunconv_DEPENDENCIES) - @rm -f pwunconv$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(pwunconv_OBJECTS) $(pwunconv_LDADD) $(LIBS) - -su$(EXEEXT): $(su_OBJECTS) $(su_DEPENDENCIES) $(EXTRA_su_DEPENDENCIES) - @rm -f su$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(su_OBJECTS) $(su_LDADD) $(LIBS) - -sulogin$(EXEEXT): $(sulogin_OBJECTS) $(sulogin_DEPENDENCIES) $(EXTRA_sulogin_DEPENDENCIES) - @rm -f sulogin$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(sulogin_OBJECTS) $(sulogin_LDADD) $(LIBS) - -useradd$(EXEEXT): $(useradd_OBJECTS) $(useradd_DEPENDENCIES) $(EXTRA_useradd_DEPENDENCIES) - @rm -f useradd$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(useradd_OBJECTS) $(useradd_LDADD) $(LIBS) - -userdel$(EXEEXT): $(userdel_OBJECTS) $(userdel_DEPENDENCIES) $(EXTRA_userdel_DEPENDENCIES) - @rm -f userdel$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(userdel_OBJECTS) $(userdel_LDADD) $(LIBS) - -usermod$(EXEEXT): $(usermod_OBJECTS) $(usermod_DEPENDENCIES) $(EXTRA_usermod_DEPENDENCIES) - @rm -f usermod$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(usermod_OBJECTS) $(usermod_LDADD) $(LIBS) - -vipw$(EXEEXT): $(vipw_OBJECTS) $(vipw_DEPENDENCIES) $(EXTRA_vipw_DEPENDENCIES) - @rm -f vipw$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(vipw_OBJECTS) $(vipw_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chage.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chfn.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chgpasswd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chpasswd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chsh.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/expiry.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faillog.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gpasswd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupadd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupdel.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupmems.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupmod.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groups.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/grpck.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/grpconv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/grpunconv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/id.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lastlog.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/login.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/login_nopam.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/logoutd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newgidmap.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newgrp.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newuidmap.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newusers.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nologin.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/passwd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwck.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwconv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwunconv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/su.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/suauth.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sulogin.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/useradd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userdel.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/usermod.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vipw.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-am -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-am - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscopelist: cscopelist-am - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(PROGRAMS) -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(ubindir)" "$(DESTDIR)$(usbindir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libtool \ - clean-noinstPROGRAMS clean-sbinPROGRAMS clean-ubinPROGRAMS \ - clean-usbinPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-ubinPROGRAMS install-usbinPROGRAMS - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: install-binPROGRAMS install-sbinPROGRAMS - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-sbinPROGRAMS \ - uninstall-ubinPROGRAMS uninstall-usbinPROGRAMS - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean \ - clean-binPROGRAMS clean-generic clean-libtool \ - clean-noinstPROGRAMS clean-sbinPROGRAMS clean-ubinPROGRAMS \ - clean-usbinPROGRAMS cscopelist-am ctags ctags-am distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-sbinPROGRAMS install-strip \ - install-ubinPROGRAMS install-usbinPROGRAMS installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-am uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-sbinPROGRAMS uninstall-ubinPROGRAMS \ - uninstall-usbinPROGRAMS - -@ACCT_TOOLS_SETUID_TRUE@ suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod - -@WITH_TCB_TRUE@suidubins -= passwd - -install-am: all-am - $(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - ln -sf newgrp $(DESTDIR)$(ubindir)/sg - ln -sf vipw $(DESTDIR)$(usbindir)/vigr - for i in $(suidbins); do \ - chmod -f $(suidperms) $(DESTDIR)$(bindir)/$$i; \ - done - for i in $(suidubins); do \ - chmod -f $(suidperms) $(DESTDIR)$(ubindir)/$$i; \ - done -@WITH_TCB_TRUE@ for i in $(shadowsgidubins); do \ -@WITH_TCB_TRUE@ chown root:shadow $(DESTDIR)$(ubindir)/$$i; \ -@WITH_TCB_TRUE@ chmod -f $(sgidperms) $(DESTDIR)$(ubindir)/$$i; \ -@WITH_TCB_TRUE@ done - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/src/chage.c b/src/chage.c index 2df65a94..617e90f1 100644 --- a/src/chage.c +++ b/src/chage.c @@ -592,7 +592,7 @@ static void open_files (bool readonly) } pw_locked = true; } - if (pw_open (readonly ? O_RDONLY: O_RDWR) == 0) { + if (pw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ())); fail_exit (E_NOPERM); @@ -613,7 +613,7 @@ static void open_files (bool readonly) } spw_locked = true; } - if (spw_open (readonly ? O_RDONLY: O_RDWR) == 0) { + if (spw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ())); diff --git a/src/chfn.c b/src/chfn.c index a022c1a3..18aa3de7 100644 --- a/src/chfn.c +++ b/src/chfn.c @@ -463,7 +463,7 @@ static void update_gecos (const char *user, char *gecos) fail_exit (E_NOPERM); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (E_NOPERM); diff --git a/src/chgpasswd.c b/src/chgpasswd.c index 4dd5fbab..13203a46 100644 --- a/src/chgpasswd.c +++ b/src/chgpasswd.c @@ -316,7 +316,7 @@ static void open_files (void) fail_exit (1); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (1); @@ -332,7 +332,7 @@ static void open_files (void) fail_exit (1); } sgr_locked = true; - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); fail_exit (1); diff --git a/src/chpasswd.c b/src/chpasswd.c index 78436d6a..21008f58 100644 --- a/src/chpasswd.c +++ b/src/chpasswd.c @@ -313,7 +313,7 @@ static void open_files (void) fail_exit (1); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (1); @@ -328,7 +328,7 @@ static void open_files (void) fail_exit (1); } spw_locked = true; - if (spw_open (O_RDWR) == 0) { + if (spw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); diff --git a/src/chsh.c b/src/chsh.c index 393a79ff..c89708b9 100644 --- a/src/chsh.c +++ b/src/chsh.c @@ -373,7 +373,7 @@ static void update_shell (const char *user, char *newshell) fail_exit (1); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ())); fail_exit (1); diff --git a/src/expiry.c b/src/expiry.c index 4ae47703..41add942 100644 --- a/src/expiry.c +++ b/src/expiry.c @@ -58,7 +58,7 @@ static void process_flags (int argc, char **argv); */ static RETSIGTYPE catch_signals (unused int sig) { - exit (10); + _exit (10); } /* diff --git a/src/gpasswd.c b/src/gpasswd.c index 8959a35a..c4a492b1 100644 --- a/src/gpasswd.c +++ b/src/gpasswd.c @@ -169,9 +169,8 @@ static RETSIGTYPE catch_signals (int killed) } if (0 != killed) { - (void) putchar ('\n'); - (void) fflush (stdout); - exit (killed); + (void) write (STDOUT_FILENO, "\n", 1); + _exit (killed); } } @@ -370,7 +369,7 @@ static void open_files (void) add_cleanup (log_gpasswd_failure_system, NULL); - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); @@ -380,7 +379,7 @@ static void open_files (void) #ifdef SHADOWGRP if (is_shadowgrp) { - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); diff --git a/src/groupadd.c b/src/groupadd.c index 39b4ec02..179438fb 100644 --- a/src/groupadd.c +++ b/src/groupadd.c @@ -346,7 +346,7 @@ static void open_files (void) add_cleanup (cleanup_report_add_group, group_name); /* And now open the databases */ - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ())); exit (E_GRP_UPDATE); @@ -354,7 +354,7 @@ static void open_files (void) #ifdef SHADOWGRP if (is_shadow_grp) { - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); diff --git a/src/groupdel.c b/src/groupdel.c index da993475..11e522b1 100644 --- a/src/groupdel.c +++ b/src/groupdel.c @@ -60,6 +60,7 @@ const char *Prog; static char *group_name; static gid_t group_id = -1; +static bool check_group_busy = true; #ifdef SHADOWGRP static bool is_shadow_grp; @@ -96,6 +97,7 @@ static /*@noreturn@*/void usage (int status) Prog); (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); + (void) fputs (_(" -f, --force delete group even if it is the primary group of a user\n"), usageout); (void) fputs ("\n", usageout); exit (status); } @@ -246,7 +248,7 @@ static void open_files (void) add_cleanup (cleanup_report_del_group, group_name); /* An now open the databases */ - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); @@ -255,7 +257,7 @@ static void open_files (void) } #ifdef SHADOWGRP if (is_shadow_grp) { - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); @@ -321,7 +323,7 @@ static void process_flags (int argc, char **argv) {NULL, 0, NULL, '\0'} }; - while ((c = getopt_long (argc, argv, "hR:", + while ((c = getopt_long (argc, argv, "hfR:", long_options, NULL)) != -1) { switch (c) { case 'h': @@ -329,6 +331,9 @@ static void process_flags (int argc, char **argv) /*@notreached@*/break; case 'R': /* no-op, handled in process_root_flag () */ break; + case 'f': + check_group_busy = false; + break; default: usage (E_USAGE); } @@ -465,7 +470,9 @@ int main (int argc, char **argv) /* * Make sure this isn't the primary group of anyone. */ - group_busy (group_id); + if (check_group_busy) { + group_busy (group_id); + } /* * Do the hard stuff - open the files, delete the group entries, diff --git a/src/groupmems.c b/src/groupmems.c index e4f107f9..4a49e10b 100644 --- a/src/groupmems.c +++ b/src/groupmems.c @@ -536,14 +536,14 @@ static void open_files (void) #endif } - if (gr_open (list ? O_RDONLY : O_RDWR) == 0) { + if (gr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (EXIT_GROUP_FILE); } #ifdef SHADOWGRP if (is_shadowgrp) { - if (sgr_open (list ? O_RDONLY : O_RDWR) == 0) { + if (sgr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); fail_exit (EXIT_GROUP_FILE); } diff --git a/src/groupmod.c b/src/groupmod.c index d9d38071..757c1a40 100644 --- a/src/groupmod.c +++ b/src/groupmod.c @@ -663,7 +663,7 @@ static void lock_files (void) */ static void open_files (void) { - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ())); exit (E_GRP_UPDATE); @@ -672,7 +672,7 @@ static void open_files (void) #ifdef SHADOWGRP if ( is_shadow_grp && (pflg || nflg)) { - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); @@ -683,7 +683,7 @@ static void open_files (void) #endif /* SHADOWGRP */ if (gflg) { - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); diff --git a/src/grpck.c b/src/grpck.c index 9d1ed903..ea5d3b39 100644 --- a/src/grpck.c +++ b/src/grpck.c @@ -299,7 +299,7 @@ static void open_files (void) * Open the files. Use O_RDONLY if we are in read_only mode, * O_RDWR otherwise. */ - if (gr_open (read_only ? O_RDONLY : O_RDWR) == 0) { + if (gr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, grp_file); if (use_system_grp_file) { @@ -308,7 +308,7 @@ static void open_files (void) fail_exit (E_CANT_OPEN); } #ifdef SHADOWGRP - if (is_shadow && (sgr_open (read_only ? O_RDONLY : O_RDWR) == 0)) { + if (is_shadow && (sgr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_file); if (use_system_sgr_file) { diff --git a/src/grpconv.c b/src/grpconv.c index ece8095d..f681f07f 100644 --- a/src/grpconv.c +++ b/src/grpconv.c @@ -163,7 +163,7 @@ int main (int argc, char **argv) fail_exit (5); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (1); } diff --git a/src/grpunconv.c b/src/grpunconv.c index ea8914cb..253f06f5 100644 --- a/src/grpunconv.c +++ b/src/grpunconv.c @@ -166,7 +166,7 @@ int main (int argc, char **argv) fail_exit (5); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (1); diff --git a/src/lastlog.c b/src/lastlog.c index ed9484aa..965691db 100644 --- a/src/lastlog.c +++ b/src/lastlog.c @@ -71,6 +71,8 @@ static struct stat statbuf; /* fstat buffer for file size */ static bool uflg = false; /* print only an user of range of users */ static bool tflg = false; /* print is restricted to most recent days */ static bool bflg = false; /* print excludes most recent days */ +static bool Cflg = false; /* clear record for user */ +static bool Sflg = false; /* set record for user */ #define NOW (time ((time_t *) 0)) @@ -83,8 +85,10 @@ static /*@noreturn@*/void usage (int status) "Options:\n"), Prog); (void) fputs (_(" -b, --before DAYS print only lastlog records older than DAYS\n"), usageout); + (void) fputs (_(" -C, --clear clear lastlog record of an user (usable only with -u)\n"), usageout); (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); + (void) fputs (_(" -S, --set set lastlog record to current time (usable only with -u)\n"), usageout); (void) fputs (_(" -t, --time DAYS print only lastlog records more recent than DAYS\n"), usageout); (void) fputs (_(" -u, --user LOGIN print lastlog record of the specified LOGIN\n"), usageout); (void) fputs ("\n", usageout); @@ -194,6 +198,80 @@ static void print (void) } } +static void update_one (/*@null@*/const struct passwd *pw) +{ + off_t offset; + struct lastlog ll; + int err; + + if (NULL == pw) { + return; + } + + offset = (off_t) pw->pw_uid * sizeof (ll); + /* fseeko errors are not really relevant for us. */ + err = fseeko (lastlogfile, offset, SEEK_SET); + assert (0 == err); + + memzero (&ll, sizeof (ll)); + + if (Sflg) { + ll.ll_time = NOW; +#ifdef HAVE_LL_HOST + strcpy (ll.ll_host, "localhost"); +#endif + strcpy (ll.ll_line, "lastlog"); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ACCT_UNLOCK, Prog, + "clearing-lastlog", + pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS); +#endif + } +#ifdef WITH_AUDIT + else { + audit_logger (AUDIT_ACCT_UNLOCK, Prog, + "refreshing-lastlog", + pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS); + } +#endif + + if (fwrite (&ll, sizeof(ll), 1, lastlogfile) != 1) { + fprintf (stderr, + _("%s: Failed to update the entry for UID %lu\n"), + Prog, (unsigned long int)pw->pw_uid); + exit (EXIT_FAILURE); + } +} + +static void update (void) +{ + const struct passwd *pwent; + + if (!uflg) /* safety measure */ + return; + + if (has_umin && has_umax && (umin == umax)) { + update_one (getpwuid ((uid_t)umin)); + } else { + setpwent (); + while ( (pwent = getpwent ()) != NULL ) { + if ((has_umin && (pwent->pw_uid < (uid_t)umin)) + || (has_umax && (pwent->pw_uid > (uid_t)umax))) { + continue; + } + update_one (pwent); + } + endpwent (); + } + + if (fflush (lastlogfile) != 0 || fsync (fileno (lastlogfile)) != 0) { + fprintf (stderr, + _("%s: Failed to update the lastlog file\n"), + Prog); + exit (EXIT_FAILURE); + } +} + int main (int argc, char **argv) { /* @@ -208,18 +286,24 @@ int main (int argc, char **argv) process_root_flag ("-R", argc, argv); +#ifdef WITH_AUDIT + audit_help_open (); +#endif + { int c; static struct option const longopts[] = { {"before", required_argument, NULL, 'b'}, + {"clear", no_argument, NULL, 'C'}, {"help", no_argument, NULL, 'h'}, {"root", required_argument, NULL, 'R'}, + {"set", no_argument, NULL, 'S'}, {"time", required_argument, NULL, 't'}, {"user", required_argument, NULL, 'u'}, {NULL, 0, NULL, '\0'} }; - while ((c = getopt_long (argc, argv, "b:hR:t:u:", longopts, + while ((c = getopt_long (argc, argv, "b:ChR:St:u:", longopts, NULL)) != -1) { switch (c) { case 'b': @@ -235,11 +319,21 @@ int main (int argc, char **argv) bflg = true; break; } + case 'C': + { + Cflg = true; + break; + } case 'h': usage (EXIT_SUCCESS); /*@notreached@*/break; case 'R': /* no-op, handled in process_root_flag () */ break; + case 'S': + { + Sflg = true; + break; + } case 't': { unsigned long days; @@ -294,9 +388,21 @@ int main (int argc, char **argv) Prog, argv[optind]); usage (EXIT_FAILURE); } + if (Cflg && Sflg) { + fprintf (stderr, + _("%s: Option -C cannot be used together with option -S\n"), + Prog); + usage (EXIT_FAILURE); + } + if ((Cflg || Sflg) && !uflg) { + fprintf (stderr, + _("%s: Options -C and -S require option -u to specify the user\n"), + Prog); + usage (EXIT_FAILURE); + } } - lastlogfile = fopen (LASTLOG_FILE, "r"); + lastlogfile = fopen (LASTLOG_FILE, (Cflg || Sflg)?"r+":"r"); if (NULL == lastlogfile) { perror (LASTLOG_FILE); exit (EXIT_FAILURE); @@ -310,7 +416,10 @@ int main (int argc, char **argv) exit (EXIT_FAILURE); } - print (); + if (Cflg || Sflg) + update (); + else + print (); (void) fclose (lastlogfile); diff --git a/src/login.c b/src/login.c index d610844d..2d2e704e 100644 --- a/src/login.c +++ b/src/login.c @@ -103,7 +103,7 @@ static bool hflg = false; static bool preauth_flag = false; static bool amroot; -static unsigned int timeout; +static char tmsg[256]; /* * External identifiers. @@ -416,8 +416,8 @@ static void init_env (void) static RETSIGTYPE alarm_handler (unused int sig) { - fprintf (stderr, _("\nLogin timed out after %u seconds.\n"), timeout); - exit (0); + write (STDERR_FILENO, tmsg, strlen (tmsg)); + _exit (0); } #ifdef USE_PAM @@ -532,6 +532,7 @@ int main (int argc, char **argv) bool is_console; #endif int err; + unsigned int timeout; const char *cp; const char *tmp; char fromhost[512]; @@ -698,8 +699,10 @@ int main (int argc, char **argv) top: /* only allow ALARM sec. for login */ - (void) signal (SIGALRM, alarm_handler); timeout = getdef_unum ("LOGIN_TIMEOUT", ALARM); + snprintf (tmsg, sizeof tmsg, + _("\nLogin timed out after %u seconds.\n"), timeout); + (void) signal (SIGALRM, alarm_handler); if (timeout > 0) { (void) alarm (timeout); } diff --git a/src/newgidmap.c b/src/newgidmap.c index 1527a615..b1e33513 100644 --- a/src/newgidmap.c +++ b/src/newgidmap.c @@ -56,7 +56,7 @@ static bool verify_range(struct passwd *pw, struct map_range *range) if (have_sub_gids(pw->pw_name, range->lower, range->count)) return true; - /* Allow a process to map it's own gid */ + /* Allow a process to map its own gid */ if ((range->count == 1) && (pw->pw_gid == range->lower)) return true; @@ -94,7 +94,7 @@ static void usage(void) */ int main(int argc, char **argv) { - char proc_dir_name[PATH_MAX]; + char proc_dir_name[32]; char *target_str; pid_t target, parent; int proc_dir_fd; @@ -113,13 +113,14 @@ int main(int argc, char **argv) if (argc < 2) usage(); - /* Find the process that needs it's user namespace + /* Find the process that needs its user namespace * gid mapping set. */ target_str = argv[1]; if (!get_pid(target_str, &target)) usage(); + /* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */ written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/", target); if ((written <= 0) || (written >= sizeof(proc_dir_name))) { @@ -160,8 +161,10 @@ int main(int argc, char **argv) (getgid() != pw->pw_gid) || (pw->pw_uid != st.st_uid) || (pw->pw_gid != st.st_gid)) { - fprintf(stderr, _( "%s: Target %u is owned by a different user\n" ), - Prog, target); + fprintf(stderr, _( "%s: Target %u is owned by a different user: uid:%lu pw_uid:%lu st_uid:%lu, gid:%lu pw_gid:%lu st_gid:%lu\n" ), + Prog, target, + (unsigned long int)getuid(), (unsigned long int)pw->pw_uid, (unsigned long int)st.st_uid, + (unsigned long int)getgid(), (unsigned long int)pw->pw_gid, (unsigned long int)st.st_gid); return EXIT_FAILURE; } diff --git a/src/newgrp.c b/src/newgrp.c index 49dd1512..b8d3ddc8 100644 --- a/src/newgrp.c +++ b/src/newgrp.c @@ -255,12 +255,15 @@ static void syslog_sg (const char *name, const char *group) { const char *loginname = getlogin (); const char *tty = ttyname (0); + char *free_login = NULL, *free_tty = NULL; if (loginname != NULL) { - loginname = xstrdup (loginname); + free_login = xstrdup (loginname); + loginname = free_login; } if (tty != NULL) { - tty = xstrdup (tty); + free_tty = xstrdup (tty); + tty = free_tty; } if (loginname == NULL) { @@ -372,6 +375,8 @@ static void syslog_sg (const char *name, const char *group) (void) signal (SIGTTOU, SIG_DFL); } #endif /* USE_PAM */ + free(free_login); + free(free_tty); } #endif /* USE_SYSLOG */ diff --git a/src/newuidmap.c b/src/newuidmap.c index 69c50940..1ba25e7a 100644 --- a/src/newuidmap.c +++ b/src/newuidmap.c @@ -56,7 +56,7 @@ static bool verify_range(struct passwd *pw, struct map_range *range) if (have_sub_uids(pw->pw_name, range->lower, range->count)) return true; - /* Allow a process to map it's own uid */ + /* Allow a process to map its own uid */ if ((range->count == 1) && (pw->pw_uid == range->lower)) return true; @@ -94,7 +94,7 @@ void usage(void) */ int main(int argc, char **argv) { - char proc_dir_name[PATH_MAX]; + char proc_dir_name[32]; char *target_str; pid_t target, parent; int proc_dir_fd; @@ -113,13 +113,14 @@ int main(int argc, char **argv) if (argc < 2) usage(); - /* Find the process that needs it's user namespace + /* Find the process that needs its user namespace * uid mapping set. */ target_str = argv[1]; if (!get_pid(target_str, &target)) usage(); + /* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */ written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/", target); if ((written <= 0) || (written >= sizeof(proc_dir_name))) { @@ -160,8 +161,10 @@ int main(int argc, char **argv) (getgid() != pw->pw_gid) || (pw->pw_uid != st.st_uid) || (pw->pw_gid != st.st_gid)) { - fprintf(stderr, _( "%s: Target %u is owned by a different user\n" ), - Prog, target); + fprintf(stderr, _( "%s: Target process %u is owned by a different user: uid:%lu pw_uid:%lu st_uid:%lu, gid:%lu pw_gid:%lu st_gid:%lu\n" ), + Prog, target, + (unsigned long int)getuid(), (unsigned long int)pw->pw_uid, (unsigned long int)st.st_uid, + (unsigned long int)getgid(), (unsigned long int)pw->pw_gid, (unsigned long int)st.st_gid); return EXIT_FAILURE; } diff --git a/src/newusers.c b/src/newusers.c index 85822db1..724cbb40 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -805,27 +805,27 @@ static void open_files (void) } #endif /* ENABLE_SUBIDS */ - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (EXIT_FAILURE); } - if (is_shadow && (spw_open (O_RDWR) == 0)) { + if (is_shadow && (spw_open (O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); fail_exit (EXIT_FAILURE); } - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (EXIT_FAILURE); } #ifdef SHADOWGRP - if (is_shadow_grp && (sgr_open (O_RDWR) == 0)) { + if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); fail_exit (EXIT_FAILURE); } #endif #ifdef ENABLE_SUBIDS if (is_sub_uid) { - if (sub_uid_open (O_RDWR) == 0) { + if (sub_uid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); @@ -833,7 +833,7 @@ static void open_files (void) } } if (is_sub_gid) { - if (sub_gid_open (O_RDWR) == 0) { + if (sub_gid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); @@ -988,8 +988,8 @@ int main (int argc, char **argv) is_shadow_grp = sgr_file_present (); #endif #ifdef ENABLE_SUBIDS - is_sub_uid = sub_uid_file_present () && !rflg; - is_sub_gid = sub_gid_file_present () && !rflg; + is_sub_uid = sub_uid_file_present (); + is_sub_gid = sub_gid_file_present (); #endif /* ENABLE_SUBIDS */ open_files (); diff --git a/src/passwd.c b/src/passwd.c index 3424f3bf..1191111d 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -573,7 +573,7 @@ static void update_noshadow (void) exit (E_PWDBUSY); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); @@ -627,7 +627,7 @@ static void update_shadow (void) exit (E_PWDBUSY); } spw_locked = true; - if (spw_open (O_RDWR) == 0) { + if (spw_open (O_CREAT | O_RDWR) == 0) { (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); diff --git a/src/pwck.c b/src/pwck.c index 05df68ec..523135f6 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -281,7 +281,7 @@ static void open_files (void) * Open the files. Use O_RDONLY if we are in read_only mode, O_RDWR * otherwise. */ - if (pw_open (read_only ? O_RDONLY : O_RDWR) == 0) { + if (pw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); if (use_system_pw_file) { @@ -290,7 +290,7 @@ static void open_files (void) fail_exit (E_CANTOPEN); } if (is_shadow && !use_tcb) { - if (spw_open (read_only ? O_RDONLY : O_RDWR) == 0) { + if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); if (use_system_spw_file) { @@ -566,7 +566,7 @@ static void check_pw_file (int *errors, bool *changed) continue; } spw_locked = true; - if (spw_open (read_only ? O_RDONLY : O_RDWR) == 0) { + if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); diff --git a/src/pwconv.c b/src/pwconv.c index 515eba19..e2d61f87 100644 --- a/src/pwconv.c +++ b/src/pwconv.c @@ -200,7 +200,7 @@ int main (int argc, char **argv) fail_exit (E_PWDBUSY); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (E_MISSING); @@ -305,7 +305,8 @@ int main (int argc, char **argv) } /* /etc/passwd- (backup file) */ - if (chmod (PASSWD_FILE "-", 0600) != 0) { + errno = 0; + if ((chmod (PASSWD_FILE "-", 0600) != 0) && (errno != ENOENT)) { fprintf (stderr, _("%s: failed to change the mode of %s to 0600\n"), Prog, PASSWD_FILE "-"); diff --git a/src/pwunconv.c b/src/pwunconv.c index 62e2af04..fabf0237 100644 --- a/src/pwunconv.c +++ b/src/pwunconv.c @@ -166,7 +166,7 @@ int main (int argc, char **argv) fail_exit (5); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); diff --git a/src/su.c b/src/su.c index 37042172..93ffd2fb 100644 --- a/src/su.c +++ b/src/su.c @@ -105,6 +105,8 @@ static char caller_name[BUFSIZ]; static bool change_environment = true; #ifdef USE_PAM +static char kill_msg[256]; +static char wait_msg[256]; static pam_handle_t *pamh = NULL; static int caught = 0; /* PID of the child, in case it needs to be killed */ @@ -161,8 +163,7 @@ static RETSIGTYPE die (int killed) } if (killed != 0) { - closelog (); - exit (128+killed); + _exit (128+killed); } } @@ -182,12 +183,11 @@ static RETSIGTYPE kill_child (int unused(s)) { if (0 != pid_child) { (void) kill (-pid_child, SIGKILL); - (void) fputs (_(" ...killed.\n"), stderr); + (void) write (STDERR_FILENO, kill_msg, strlen (kill_msg)); } else { - (void) fputs (_(" ...waiting for child to terminate.\n"), - stderr); + (void) write (STDERR_FILENO, wait_msg, strlen (wait_msg)); } - exit (255); + _exit (255); } #endif /* USE_PAM */ @@ -373,6 +373,9 @@ static void prepare_pam_close_session (void) stderr); (void) kill (-pid_child, caught); + snprintf (kill_msg, 256, _(" ...killed.\n")); + snprintf (wait_msg, 256, _(" ...waiting for child to terminate.\n")); + (void) signal (SIGALRM, kill_child); (void) alarm (2); @@ -422,7 +425,7 @@ static void check_perms_pam (const struct passwd *pw) int ret; ret = pam_authenticate (pamh, 0); if (PAM_SUCCESS != ret) { - SYSLOG ((LOG_ERR, "pam_authenticate: %s", + SYSLOG (((pw->pw_uid != 0)? LOG_NOTICE : LOG_WARN, "pam_authenticate: %s", pam_strerror (pamh, ret))); fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret)); (void) pam_end (pamh, ret); @@ -585,7 +588,7 @@ static /*@only@*/struct passwd * check_perms (void) if (NULL == pw) { (void) fprintf (stderr, _("No passwd entry for user '%s'\n"), name); - SYSLOG ((LOG_ERR, "No passwd entry for user '%s'", name)); + SYSLOG ((LOG_NOTICE, "No passwd entry for user '%s'", name)); su_failure (caller_tty, true); } @@ -615,7 +618,7 @@ static /*@only@*/struct passwd * check_perms (void) (void) fprintf (stderr, _("No passwd entry for user '%s'\n"), name); - SYSLOG ((LOG_ERR, + SYSLOG ((LOG_NOTICE, "No passwd entry for user '%s'", name)); su_failure (caller_tty, true); } diff --git a/src/sulogin.c b/src/sulogin.c index ccbf2c5d..4264099b 100644 --- a/src/sulogin.c +++ b/src/sulogin.c @@ -70,7 +70,7 @@ static RETSIGTYPE catch_signals (int); static RETSIGTYPE catch_signals (unused int sig) { - exit (1); + _exit (1); } /* diff --git a/src/useradd.c b/src/useradd.c index a8a1f767..fefa234c 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -1537,7 +1537,7 @@ static void open_files (void) exit (E_PW_UPDATE); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (E_PW_UPDATE); } @@ -1554,7 +1554,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (E_GRP_UPDATE); } @@ -1567,7 +1567,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } sgr_locked = true; - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); @@ -1584,7 +1584,7 @@ static void open_files (void) fail_exit (E_SUB_UID_UPDATE); } sub_uid_locked = true; - if (sub_uid_open (O_RDWR) == 0) { + if (sub_uid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); @@ -1599,7 +1599,7 @@ static void open_files (void) fail_exit (E_SUB_GID_UPDATE); } sub_gid_locked = true; - if (sub_gid_open (O_RDWR) == 0) { + if (sub_gid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); @@ -1621,7 +1621,7 @@ static void open_shadow (void) fail_exit (E_PW_UPDATE); } spw_locked = true; - if (spw_open (O_RDWR) == 0) { + if (spw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); @@ -1993,9 +1993,10 @@ int main (int argc, char **argv) #endif /* USE_PAM */ #endif /* ACCT_TOOLS_SETUID */ - /* Needed for userns check */ +#ifdef ENABLE_SUBIDS uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL); uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); +#endif /* * Get my name so that I can use it to report errors. @@ -2025,6 +2026,9 @@ int main (int argc, char **argv) #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif + + process_flags (argc, argv); + #ifdef ENABLE_SUBIDS is_sub_uid = sub_uid_file_present () && !rflg && (!user_id || (user_id <= uid_max && user_id >= uid_min)); @@ -2034,8 +2038,6 @@ int main (int argc, char **argv) get_defaults (); - process_flags (argc, argv); - #ifdef ACCT_TOOLS_SETUID #ifdef USE_PAM { diff --git a/src/userdel.c b/src/userdel.c index 19b12bc4..9092b5c1 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -565,7 +565,7 @@ static void open_files (void) fail_exit (E_PW_UPDATE); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); #ifdef WITH_AUDIT @@ -590,7 +590,7 @@ static void open_files (void) fail_exit (E_PW_UPDATE); } spw_locked = true; - if (spw_open (O_RDWR) == 0) { + if (spw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); @@ -616,7 +616,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); #ifdef WITH_AUDIT audit_logger (AUDIT_DEL_USER, Prog, @@ -641,7 +641,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } sgr_locked= true; - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); #ifdef WITH_AUDIT @@ -669,7 +669,7 @@ static void open_files (void) fail_exit (E_SUB_UID_UPDATE); } sub_uid_locked = true; - if (sub_uid_open (O_RDWR) == 0) { + if (sub_uid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); #ifdef WITH_AUDIT @@ -695,7 +695,7 @@ static void open_files (void) fail_exit (E_SUB_GID_UPDATE); } sub_gid_locked = true; - if (sub_gid_open (O_RDWR) == 0) { + if (sub_gid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); #ifdef WITH_AUDIT diff --git a/src/usermod.c b/src/usermod.c index e7d43513..687487d9 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -1361,6 +1361,7 @@ static void process_flags (int argc, char **argv) exit (E_UID_IN_USE); } +#ifdef ENABLE_SUBIDS if ( (vflg || Vflg) && !is_sub_uid) { fprintf (stderr, @@ -1376,6 +1377,7 @@ static void process_flags (int argc, char **argv) Prog, sub_gid_dbname (), "-w", "-W"); exit (E_USAGE); } +#endif /* ENABLE_SUBIDS */ } /* @@ -1530,7 +1532,7 @@ static void open_files (void) fail_exit (E_PW_UPDATE); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); @@ -1543,7 +1545,7 @@ static void open_files (void) fail_exit (E_PW_UPDATE); } spw_locked = true; - if (is_shadow_pwd && (spw_open (O_RDWR) == 0)) { + if (is_shadow_pwd && (spw_open (O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); @@ -1562,7 +1564,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); @@ -1576,7 +1578,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } sgr_locked = true; - if (is_shadow_grp && (sgr_open (O_RDWR) == 0)) { + if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); @@ -1593,7 +1595,7 @@ static void open_files (void) fail_exit (E_SUB_UID_UPDATE); } sub_uid_locked = true; - if (sub_uid_open (O_RDWR) == 0) { + if (sub_uid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); @@ -1608,7 +1610,7 @@ static void open_files (void) fail_exit (E_SUB_GID_UPDATE); } sub_gid_locked = true; - if (sub_gid_open (O_RDWR) == 0) { + if (sub_gid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); @@ -1717,60 +1719,6 @@ static void usr_update (void) fail_exit (E_PW_UPDATE); } } -#ifdef ENABLE_SUBIDS - if (Vflg) { - struct ulong_range_list_entry *ptr; - for (ptr = del_sub_uids; ptr != NULL; ptr = ptr->next) { - unsigned long count = ptr->range.last - ptr->range.first + 1; - if (sub_uid_remove(user_name, ptr->range.first, count) == 0) { - fprintf (stderr, - _("%s: failed to remove uid range %lu-%lu from '%s'\n"), - Prog, ptr->range.first, ptr->range.last, - sub_uid_dbname ()); - fail_exit (E_SUB_UID_UPDATE); - } - } - } - if (vflg) { - struct ulong_range_list_entry *ptr; - for (ptr = add_sub_uids; ptr != NULL; ptr = ptr->next) { - unsigned long count = ptr->range.last - ptr->range.first + 1; - if (sub_uid_add(user_name, ptr->range.first, count) == 0) { - fprintf (stderr, - _("%s: failed to add uid range %lu-%lu from '%s'\n"), - Prog, ptr->range.first, ptr->range.last, - sub_uid_dbname ()); - fail_exit (E_SUB_UID_UPDATE); - } - } - } - if (Wflg) { - struct ulong_range_list_entry *ptr; - for (ptr = del_sub_gids; ptr != NULL; ptr = ptr->next) { - unsigned long count = ptr->range.last - ptr->range.first + 1; - if (sub_gid_remove(user_name, ptr->range.first, count) == 0) { - fprintf (stderr, - _("%s: failed to remove gid range %lu-%lu from '%s'\n"), - Prog, ptr->range.first, ptr->range.last, - sub_gid_dbname ()); - fail_exit (E_SUB_GID_UPDATE); - } - } - } - if (wflg) { - struct ulong_range_list_entry *ptr; - for (ptr = add_sub_gids; ptr != NULL; ptr = ptr->next) { - unsigned long count = ptr->range.last - ptr->range.first + 1; - if (sub_gid_add(user_name, ptr->range.first, count) == 0) { - fprintf (stderr, - _("%s: failed to add gid range %lu-%lu from '%s'\n"), - Prog, ptr->range.first, ptr->range.last, - sub_gid_dbname ()); - fail_exit (E_SUB_GID_UPDATE); - } - } - } -#endif /* ENABLE_SUBIDS */ } /* @@ -2174,16 +2122,66 @@ int main (int argc, char **argv) */ open_files (); if ( cflg || dflg || eflg || fflg || gflg || Lflg || lflg || pflg - || sflg || uflg || Uflg -#ifdef ENABLE_SUBIDS - || vflg || Vflg || wflg || Wflg -#endif /* ENABLE_SUBIDS */ - ) { + || sflg || uflg || Uflg) { usr_update (); } if (Gflg || lflg) { grp_update (); } +#ifdef ENABLE_SUBIDS + if (Vflg) { + struct ulong_range_list_entry *ptr; + for (ptr = del_sub_uids; ptr != NULL; ptr = ptr->next) { + unsigned long count = ptr->range.last - ptr->range.first + 1; + if (sub_uid_remove(user_name, ptr->range.first, count) == 0) { + fprintf (stderr, + _("%s: failed to remove uid range %lu-%lu from '%s'\n"), + Prog, ptr->range.first, ptr->range.last, + sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + } + } + if (vflg) { + struct ulong_range_list_entry *ptr; + for (ptr = add_sub_uids; ptr != NULL; ptr = ptr->next) { + unsigned long count = ptr->range.last - ptr->range.first + 1; + if (sub_uid_add(user_name, ptr->range.first, count) == 0) { + fprintf (stderr, + _("%s: failed to add uid range %lu-%lu from '%s'\n"), + Prog, ptr->range.first, ptr->range.last, + sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + } + } + if (Wflg) { + struct ulong_range_list_entry *ptr; + for (ptr = del_sub_gids; ptr != NULL; ptr = ptr->next) { + unsigned long count = ptr->range.last - ptr->range.first + 1; + if (sub_gid_remove(user_name, ptr->range.first, count) == 0) { + fprintf (stderr, + _("%s: failed to remove gid range %lu-%lu from '%s'\n"), + Prog, ptr->range.first, ptr->range.last, + sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } + } + } + if (wflg) { + struct ulong_range_list_entry *ptr; + for (ptr = add_sub_gids; ptr != NULL; ptr = ptr->next) { + unsigned long count = ptr->range.last - ptr->range.first + 1; + if (sub_gid_add(user_name, ptr->range.first, count) == 0) { + fprintf (stderr, + _("%s: failed to add gid range %lu-%lu from '%s'\n"), + Prog, ptr->range.first, ptr->range.last, + sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } + } + } +#endif /* ENABLE_SUBIDS */ close_files (); #ifdef WITH_TCB diff --git a/tests/README b/tests/README new file mode 100644 index 00000000..54844a57 --- /dev/null +++ b/tests/README @@ -0,0 +1,21 @@ +This testsuite is NOT SECURE: it will temporarily change your passwords file +with known passwords. +You should run it on a chroot, or on a secured dedicated system. + + + +To test a Debian system: + $ mkdir sid-chroot + $ sudo debootstrap sid sid-chroot/ http://ftp.fr.debian.org/debian/ +edit or copy a sources.list + $ sudo cp /etc/apt/sources.list sid-chroot/etc/apt/ +edit or copy a resolv.conf + $ sudo cp /etc/resolv.conf sid-chroot/etc/ + $ su - root -c "chroot sid-chroot/ /bin/bash" + # mount -t proc proc /proc + # mount -t devpts devpts /dev/pts + # aptitude update + # aptitude install expect + # cd /dev ; mknod --mode=666 /dev/ptmx c 5 2 + + diff --git a/tests/bug332198-test.exp b/tests/bug332198-test.exp new file mode 100755 index 00000000..fd365bb6 --- /dev/null +++ b/tests/bug332198-test.exp @@ -0,0 +1,61 @@ +#!/usr/bin/expect -f + +# This is a script for repeatedly logging into the localhost +# using `rlogin` in order to apparently see a symptoms described +# in bug #332198. +# As described in the bug log, sometimes `rlogind` will fail to +# establish a connection, because it starts "login" process and +# the latter fails with "unable to determine TTY name, got /dev/pts/1" +# message. +# +# BUGS +# +# * the script rlogins to localhost +# * the script doesn't handle passwdord prompt, because it's intended +# to use .rhosts auth and expects shell prompt immediately after +# `rlogin` +# * the regexp for shell prompt is hardcoded + +log_user 0 +match_max 8192 + +while {1} { + set rlogin_spawn [spawn rlogin localhost] + if { $rlogin_spawn == 0 } { exit 1 } + expect { + -timeout 10 -re "^.*(Last login\[^\r\n\]*).*\n(\[^\r\n\]*\[#$\] )$" { + send_error "$expect_out(1,string)\n" + send_error "$expect_out(2,string)\n" +# send_error "$expect_out(0,string)\n" + } + timeout { + send_error "TIMEOUT/prompt\n" + send_error "$expect_out(buffer)\n" + send_error "RETRYING\n" + log_user 1 + send "tty /\r" + expect -timeout 2 -re "^.*\r?\n(\[^\r\n\]*# )$" {} + send "tty /\r" + expect -timeout 2 -re "^.*\r?\n(\[^\r\n\]*# )$" {} + send_error "\n" + exit 2 + } + } + send "tty\r" + expect { + -timeout 4 -re "tty\r?\n(\[^\r\n\]*)\r?\n(\[^\r\n\]*\[#$\] )$" { + send_error "$expect_out(2,string)$expect_out(1,string)\n" +# send_error "$expect_out(0,string)\n" + } + timeout { send_error "TIMEOUT/tty\n" ; exit 3 } + } + send "exit\r" + expect { + -timeout 2 eof { +# send_error "OK4: EOF\n" + } + timeout { send_error "TIMEOUT/eof\n" ; exit 4 } + } + wait +} +# vi: set sw=4: diff --git a/tests/bug334803-test.exp b/tests/bug334803-test.exp new file mode 100755 index 00000000..05c7a915 --- /dev/null +++ b/tests/bug334803-test.exp @@ -0,0 +1,83 @@ +#!/usr/bin/expect -- + +# This is a script for switching to another user and then +# suspending (`suspend -f`) and resuming (`fg`) his shell + +package require cmdline +set opts { + {s.arg "sudo su -" "user switching method"} + {u.arg "" "username to switch to"} +} +set usage ": \[options]\noptions:" +array set conf [::cmdline::getoptions argv $opts $usage] + +log_user 1 +match_max 8192 +expect_after { + timeout { send_error "TIMEOUT\n" ; exit 1 } + eof { send_error "EXITED\n" ; exit 2 } +} +set timeout 2 + +# user switching command, by default `sudo su -` +set swcmd $conf(s) +# ending of typicall shell prompt (zsh/sh): +set shpmt "(%|#|\\$) \\Z" +catch {set shpmt $env(EXPECT_PROMPT)} +# initial username: +set user0 [exec id -un] +# user we switch to (with $swcmd), by default initial user +if {$conf(u) != ""} {set swuser $conf(u)} else {set swuser $user0} + +# 1. start shell +spawn bash +expect -re "$shpmt" {} + +# 2. sudo-ing swuser's shell: +send "$swcmd $swuser\r" +expect { + -re "$swuser.*$shpmt" {} + -re "assword: ?\\Z" { + stty -echo + expect_user -timeout -1 -re "(.*)\n" {set swpwd $expect_out(1,string)} + stty echo + send "$swpwd\r" + expect -re "$swuser.*$shpmt" {} + } +} + +# 3. getting pid and ppid of swuser's shell (needed for 5b): +send "echo \$\$:\$PPID\r" +expect -re "(?n)^(\[\[:digit:\]\]*):(\[\[:digit:\]\]*)\r?\n(.*)$shpmt" {} +set swpid $expect_out(1,string) +set swppid $expect_out(2,string) + +#send_error "$user0:$swpid:$swppid\n" + +# 4. suspending swuser's shell (trying to return to parent shell): +send "suspend -f\r" +expect { + -re "$shpmt" { + # 5a. got to parent shell -- resuming swuser's shell by `fg`: + send "fg\r" + set hung no + } + timeout { + # 5b. `suspend -f` has hung -- resuming swuser's shell by SIGCONT: + send_error "kill $swppid\n" + send_error [exec kill -CONT $swppid] + set hung yes + } +} +expect -re "$shpmt" {} + +# 6. exiting [both] shells +#set swstat [wait -nowait] +#send_error [pid]:[exp_pid]:$swstat\n +send "exit\rexit\r" +expect eof {} +#send_error [wait -nowait]\n +#exec kill -KILL -[exp_pid] +if {$hung} {send_error "BUGGY\n" ; exit 3 } + +# vi:set sw=4: diff --git a/tests/chage/01/data/chage1 b/tests/chage/01/data/chage1 new file mode 100644 index 00000000..64754ca5 --- /dev/null +++ b/tests/chage/01/data/chage1 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/01/data/chage2 b/tests/chage/01/data/chage2 new file mode 100644 index 00000000..7efdc0cd --- /dev/null +++ b/tests/chage/01/data/chage2 @@ -0,0 +1,7 @@ +Last password change : Jul 28, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 1 +Maximum number of days between password change : 99996 +Number of days of warning before password expires : 5 diff --git a/tests/chage/01/data/chage3 b/tests/chage/01/data/chage3 new file mode 100644 index 00000000..a263db9d --- /dev/null +++ b/tests/chage/01/data/chage3 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : Jan 01, 1970 +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/01/data/chage4 b/tests/chage/01/data/chage4 new file mode 100644 index 00000000..11e2f2d9 --- /dev/null +++ b/tests/chage/01/data/chage4 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : Jan 02, 1970 +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/01/data/chage5 b/tests/chage/01/data/chage5 new file mode 100644 index 00000000..64754ca5 --- /dev/null +++ b/tests/chage/01/data/chage5 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/01/data/chage6 b/tests/chage/01/data/chage6 new file mode 100644 index 00000000..64754ca5 --- /dev/null +++ b/tests/chage/01/data/chage6 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/01/data/chage7 b/tests/chage/01/data/chage7 new file mode 100644 index 00000000..64754ca5 --- /dev/null +++ b/tests/chage/01/data/chage7 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/01/data/chage7b b/tests/chage/01/data/chage7b new file mode 100644 index 00000000..0cea901f --- /dev/null +++ b/tests/chage/01/data/chage7b @@ -0,0 +1,7 @@ +Last password change : Jul 26, 2005 +Password expires : Aug 09, 2005 +Password inactive : Sep 13, 2005 +Account expires : Jul 27, 2012 +Minimum number of days between password change : 13 +Maximum number of days between password change : 14 +Number of days of warning before password expires : 9 diff --git a/tests/chage/01/data/chage8 b/tests/chage/01/data/chage8 new file mode 100644 index 00000000..25151a28 --- /dev/null +++ b/tests/chage/01/data/chage8 @@ -0,0 +1 @@ +chage: user 'myuser8' does not exist in /etc/passwd diff --git a/tests/chage/01/data/group b/tests/chage/01/data/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/01/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/01/data/gshadow b/tests/chage/01/data/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/01/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/01/data/passwd b/tests/chage/01/data/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/01/data/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/01/data/shadow b/tests/chage/01/data/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/01/data/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/01/data/usage b/tests/chage/01/data/usage new file mode 100644 index 00000000..31df15c1 --- /dev/null +++ b/tests/chage/01/data/usage @@ -0,0 +1,16 @@ +Usage: chage [options] LOGIN + +Options: + -d, --lastday LAST_DAY set date of last password change to LAST_DAY + -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -h, --help display this help message and exit + -I, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --list show account aging information + -m, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -M, --maxdays MAX_DAYS set maximim number of days before password + change to MAX_DAYS + -R, --root CHROOT_DIR directory to chroot into + -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + diff --git a/tests/chage/01/run b/tests/chage/01/run new file mode 100755 index 00000000..df64325c --- /dev/null +++ b/tests/chage/01/run @@ -0,0 +1,206 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test chage options + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + [ -f /etc/$i- ] && cp /etc/$i- tmp/$i- + done + + true +} + +restore() +{ + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + [ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i- + done + rm -f tmp/out + rmdir tmp +} + +save + +# restore the files on exit +trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0 + +for i in passwd group shadow gshadow +do + cp data/$i /etc +done + +echo -n "testing option -l" +chage -l myuser1 > tmp/out +diff -au data/chage1 tmp/out +echo -n . +chage -l myuser2 > tmp/out +diff -au data/chage2 tmp/out +echo -n . +chage -l myuser3 > tmp/out +diff -au data/chage3 tmp/out +echo -n . +chage -l myuser4 > tmp/out +diff -au data/chage4 tmp/out +echo -n . +chage -l myuser5 > tmp/out +diff -au data/chage5 tmp/out +echo -n . +chage -l myuser6 > tmp/out +diff -au data/chage6 tmp/out +echo -n . +chage --list myuser7 > tmp/out +diff -au data/chage7 tmp/out +echo -n . +msg=$(chage -l myuser8 2> tmp/out) || err=$? +[ "$err" = "1" ] && [ "$msg" = "" ] || exit 1 +diff -au data/chage8 tmp/out +echo . + +echo "testing option -d" +chage -d 2001-10-02 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:11597:0:99999:7:1::' ] || exit 1 +echo "testing option -d -1" +chage -d -1 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:1::' ] || exit 1 +echo "testing option -d 0" +chage -d 0 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:99999:7:1::' ] || exit 1 +echo "testing option --lastday" +chage --lastday 2011-11-02 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1::' ] || exit 1 + +echo "testing option -E" +chage -E 2010-10-02 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:14884:' ] || exit 1 +echo "testing option -E -1" +chage -E -1 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1::' ] || exit 1 +echo "testing option -E 0" +chage -E 0 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:0:' ] || exit 1 +echo "testing option --expiredate" +chage --expiredate 2020-02-02 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:18294:' ] || exit 1 + +echo "testing option -I" +# NOTE: I could pass a date to -I +chage -I 42 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:42:18294:' ] || exit 1 +echo "testing option -I -1" +# NOTE: this behavior is not documented +chage -I -1 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7::18294:' ] || exit 1 +echo "testing option -I 0" +# NOTE: We should check that this is the expected behavior +chage -I 0 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:0:18294:' ] || exit 1 +echo "testing option --inactive" +chage --inactive 12 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:12:18294:' ] || exit 1 + +echo "testing option -m" +chage -m 24 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:24:99999:7:12:18294:' ] || exit 1 +echo "testing option -m -1" +# NOTE: this behavior is not documented +chage -m -1 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280::99999:7:12:18294:' ] || exit 1 +echo "testing option -m 0" +chage -m 0 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:12:18294:' ] || exit 1 +echo "testing option --mindays" +chage --min 1 myuser7 +# NOTE: that shouldn't have work +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:99999:7:12:18294:' ] || exit 1 + +echo "testing option -M" +chage -M 25 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:25:7:12:18294:' ] || exit 1 +echo "testing option -M -1" +# NOTE: this behavior is not documented +chage -M -1 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1::7:12:18294:' ] || exit 1 +echo "testing option -M 0" +chage -M 0 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:0:7:12:18294:' ] || exit 1 +echo "testing option --maxdays" +chage --max 2 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:7:12:18294:' ] || exit 1 + +echo "testing option -W" +chage -W 26 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:26:12:18294:' ] || exit 1 +echo "testing option -W -1" +# NOTE: this behavior is not documented +chage -W -1 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2::12:18294:' ] || exit 1 +echo "testing option -W 0" +chage -W 0 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:0:12:18294:' ] || exit 1 +echo "testing option --warndays" +chage --warndays 3 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:3:12:18294:' ] || exit 1 + +echo "testing with all options" +chage -d 2030-03-02 -E 1979-11-24 -I 10 -m 11 -M 12 --warndays 4 myuser7 +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:21975:11:12:4:10:3614:' ] || exit 1 + +echo "interractive test" +./run1.exp +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548:' ] || exit 1 + +echo "interractive test (default)" +./run2.exp +ent=$(getent shadow myuser7) +[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548:' ] || exit 1 +chage -l myuser7 > tmp/out +diff -au data/chage7b tmp/out + +echo "usage" +chage -h > tmp/out || { + if [ "$?" != "2" ]; then false; fi +} +diff -au data/usage tmp/out + +echo "OK" diff --git a/tests/chage/01/run1.exp b/tests/chage/01/run1.exp new file mode 100755 index 00000000..0160fb15 --- /dev/null +++ b/tests/chage/01/run1.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser7 +expect -re "Minimum Password Age .11\]: " +send "13\r" +expect -re "Maximum Password Age .12\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2030-03-02\]: " +send "2005-07-26\r" +expect -re "Password Expiration Warning .4\]: " +send "9\r" +expect -re "Password Inactive .10\]: " +send "35\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .1979-11-24\]: " +send "2012-07-27\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/01/run2.exp b/tests/chage/01/run2.exp new file mode 100755 index 00000000..f4f342fb --- /dev/null +++ b/tests/chage/01/run2.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser7 +expect -re "Minimum Password Age .13\]: " +send "\r" +expect -re "Maximum Password Age .14\]: " +send "\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-26\]: " +send "\r" +expect -re "Password Expiration Warning .9\]: " +send "\r" +expect -re "Password Inactive .35\]: " +send "\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .2012-07-27\]: " +send "\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/02/data/group b/tests/chage/02/data/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/02/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/02/data/gshadow b/tests/chage/02/data/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/02/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/02/data/passwd b/tests/chage/02/data/passwd new file mode 100644 index 00000000..5bec3749 --- /dev/null +++ b/tests/chage/02/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/02/data/shadow b/tests/chage/02/data/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chage/02/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chage/02/run b/tests/chage/02/run new file mode 100755 index 00000000..74ac2682 --- /dev/null +++ b/tests/chage/02/run @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test chage with bogus inputs + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + [ -f /etc/$i- ] && cp /etc/$i- tmp/$i- + done + + true +} + +restore() +{ + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + [ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i- + done + rm -f tmp/out + rmdir tmp +} + +save + +# restore the files on exit +trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0 + +for i in passwd group shadow gshadow +do + cp data/$i /etc +done + +echo "interractive test" +./run.exp $(date "+%Y-%m-%d") + +echo "OK" diff --git a/tests/chage/02/run.exp b/tests/chage/02/run.exp new file mode 100755 index 00000000..0dbb27d0 --- /dev/null +++ b/tests/chage/02/run.exp @@ -0,0 +1,83 @@ +#!/usr/bin/expect + +set timeout 5 + +proc expect_error {} { + expect { + "chage: error changing fields" { + expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } + } + } default { + puts "\nFAIL" + exit 1 + } + } +} + + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser +expect -re "Minimum Password Age .0\]: " +send -- "-2\r" +expect_error + +spawn /usr/bin/chage myuser +expect -re "Minimum Password Age .0\]: " +send "foo\r" +expect_error + +# chage accepts to be given only spaces +#spawn /usr/bin/chage myuser +#expect -re "Minimum Password Age .0\]: " +#send -- " \r" +#expect_error +# +#chage may not parse all the arguments. +#This may be a problem is a date is provided instead of just a number +#spawn /usr/bin/chage myuser +#expect -re "Minimum Password Age .0\]: " +#send -- "1 2\r" +#expect_error + +spawn /usr/bin/chage myuser +expect -re "Minimum Password Age .0\]: " +send "11\r" +expect -re "Maximum Password Age .99999\]: " +send -- "-2\r" +expect_error + +spawn /usr/bin/chage myuser +expect -re "Minimum Password Age .0\]: " +send "\r" +expect -re "Maximum Password Age .99999\]: " +send "foo\r" +expect_error + +# chage should verify the range of the arguments +#spawn /usr/bin/chage myuser +#expect -re "Minimum Password Age .0\]: " +#send "\r" +#expect -re "Maximum Password Age .99999\]: " +#send "100000\r" +#expect_error + +#spawn /usr/bin/chage myuser +#expect -re "Minimum Password Age .0\]: " +#send "\r" +#expect -re "Maximum Password Age .99999\]: " +#send "\r" +#expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-25]: " +#send "12\n" +#expect_error + + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/03_chsh_usage/chage.test b/tests/chage/03_chsh_usage/chage.test new file mode 100755 index 00000000..db6200c5 --- /dev/null +++ b/tests/chage/03_chsh_usage/chage.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get chage usage (chage -h)..." +chage -h >tmp/usage.out +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/03_chsh_usage/config.txt b/tests/chage/03_chsh_usage/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/03_chsh_usage/config/etc/group b/tests/chage/03_chsh_usage/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/03_chsh_usage/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/03_chsh_usage/config/etc/gshadow b/tests/chage/03_chsh_usage/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/03_chsh_usage/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/03_chsh_usage/config/etc/passwd b/tests/chage/03_chsh_usage/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/03_chsh_usage/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/03_chsh_usage/config/etc/shadow b/tests/chage/03_chsh_usage/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/03_chsh_usage/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/03_chsh_usage/data/usage.out b/tests/chage/03_chsh_usage/data/usage.out new file mode 100644 index 00000000..31df15c1 --- /dev/null +++ b/tests/chage/03_chsh_usage/data/usage.out @@ -0,0 +1,16 @@ +Usage: chage [options] LOGIN + +Options: + -d, --lastday LAST_DAY set date of last password change to LAST_DAY + -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -h, --help display this help message and exit + -I, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --list show account aging information + -m, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -M, --maxdays MAX_DAYS set maximim number of days before password + change to MAX_DAYS + -R, --root CHROOT_DIR directory to chroot into + -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + diff --git a/tests/chage/04_chsh_usage_invalid_option/chage.test b/tests/chage/04_chsh_usage_invalid_option/chage.test new file mode 100755 index 00000000..1ba81630 --- /dev/null +++ b/tests/chage/04_chsh_usage_invalid_option/chage.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage displays its usage message when an invalid option is used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use chage with an invalid option (chage -Z bin)..." +chage -Z bin 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/04_chsh_usage_invalid_option/config.txt b/tests/chage/04_chsh_usage_invalid_option/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/group b/tests/chage/04_chsh_usage_invalid_option/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow b/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd b/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow b/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/04_chsh_usage_invalid_option/data/usage.out b/tests/chage/04_chsh_usage_invalid_option/data/usage.out new file mode 100644 index 00000000..21f71d61 --- /dev/null +++ b/tests/chage/04_chsh_usage_invalid_option/data/usage.out @@ -0,0 +1,17 @@ +chage: invalid option -- 'Z' +Usage: chage [options] LOGIN + +Options: + -d, --lastday LAST_DAY set date of last password change to LAST_DAY + -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -h, --help display this help message and exit + -I, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --list show account aging information + -m, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -M, --maxdays MAX_DAYS set maximim number of days before password + change to MAX_DAYS + -R, --root CHROOT_DIR directory to chroot into + -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + diff --git a/tests/chage/05_chsh_usage_2_users/chage.test b/tests/chage/05_chsh_usage_2_users/chage.test new file mode 100755 index 00000000..5860393c --- /dev/null +++ b/tests/chage/05_chsh_usage_2_users/chage.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage displays its usage message when 2 users are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use chage with 2 users (chage -I 12 bin nobody)..." +chage -I 12 bin nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/05_chsh_usage_2_users/config.txt b/tests/chage/05_chsh_usage_2_users/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/group b/tests/chage/05_chsh_usage_2_users/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/05_chsh_usage_2_users/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/gshadow b/tests/chage/05_chsh_usage_2_users/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/05_chsh_usage_2_users/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/passwd b/tests/chage/05_chsh_usage_2_users/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/05_chsh_usage_2_users/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/shadow b/tests/chage/05_chsh_usage_2_users/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/05_chsh_usage_2_users/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/05_chsh_usage_2_users/data/usage.out b/tests/chage/05_chsh_usage_2_users/data/usage.out new file mode 100644 index 00000000..31df15c1 --- /dev/null +++ b/tests/chage/05_chsh_usage_2_users/data/usage.out @@ -0,0 +1,16 @@ +Usage: chage [options] LOGIN + +Options: + -d, --lastday LAST_DAY set date of last password change to LAST_DAY + -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -h, --help display this help message and exit + -I, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --list show account aging information + -m, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -M, --maxdays MAX_DAYS set maximim number of days before password + change to MAX_DAYS + -R, --root CHROOT_DIR directory to chroot into + -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + diff --git a/tests/chage/06_chsh_usage_no_users/chage.test b/tests/chage/06_chsh_usage_no_users/chage.test new file mode 100755 index 00000000..0851d6e3 --- /dev/null +++ b/tests/chage/06_chsh_usage_no_users/chage.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage displays its usage message when no users are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use chage without an user (chage -I 12)..." +chage -I 12 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/06_chsh_usage_no_users/config.txt b/tests/chage/06_chsh_usage_no_users/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/group b/tests/chage/06_chsh_usage_no_users/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/06_chsh_usage_no_users/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/gshadow b/tests/chage/06_chsh_usage_no_users/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/06_chsh_usage_no_users/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/passwd b/tests/chage/06_chsh_usage_no_users/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/06_chsh_usage_no_users/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/shadow b/tests/chage/06_chsh_usage_no_users/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/06_chsh_usage_no_users/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/06_chsh_usage_no_users/data/usage.out b/tests/chage/06_chsh_usage_no_users/data/usage.out new file mode 100644 index 00000000..31df15c1 --- /dev/null +++ b/tests/chage/06_chsh_usage_no_users/data/usage.out @@ -0,0 +1,16 @@ +Usage: chage [options] LOGIN + +Options: + -d, --lastday LAST_DAY set date of last password change to LAST_DAY + -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -h, --help display this help message and exit + -I, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --list show account aging information + -m, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -M, --maxdays MAX_DAYS set maximim number of days before password + change to MAX_DAYS + -R, --root CHROOT_DIR directory to chroot into + -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + diff --git a/tests/chage/07_chsh_usage-l_exclusive/chage.test b/tests/chage/07_chsh_usage-l_exclusive/chage.test new file mode 100755 index 00000000..9036f09c --- /dev/null +++ b/tests/chage/07_chsh_usage-l_exclusive/chage.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage displays its usage message when -l is used with another option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +for opt in "-m 12" "-M 12" "-d 2011-09-11" "-W 12" "-I 12" "-E 2011-09-11" +do + echo -n "Use chage with -l and $opt (chage -l $opt bin)..." + chage -l $opt bin 2>tmp/usage.out && exit 1 || { + status=$? + } + echo "OK" + + echo -n "Check returned status ($status)..." + test "$status" = "2" + echo "OK" + + echo "chage reported:" + echo "=======================================================================" + cat tmp/usage.out + echo "=======================================================================" + echo -n "Check the usage message..." + diff -au data/usage.out tmp/usage.out + echo "usage message OK." + rm -f tmp/usage.out +done + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/07_chsh_usage-l_exclusive/config.txt b/tests/chage/07_chsh_usage-l_exclusive/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/group b/tests/chage/07_chsh_usage-l_exclusive/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow b/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd b/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow b/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/07_chsh_usage-l_exclusive/data/usage.out b/tests/chage/07_chsh_usage-l_exclusive/data/usage.out new file mode 100644 index 00000000..b006b608 --- /dev/null +++ b/tests/chage/07_chsh_usage-l_exclusive/data/usage.out @@ -0,0 +1,17 @@ +chage: do not include "l" with other flags +Usage: chage [options] LOGIN + +Options: + -d, --lastday LAST_DAY set date of last password change to LAST_DAY + -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -h, --help display this help message and exit + -I, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --list show account aging information + -m, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -M, --maxdays MAX_DAYS set maximim number of days before password + change to MAX_DAYS + -R, --root CHROOT_DIR directory to chroot into + -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + diff --git a/tests/chage/08_chsh_usage_invalid_date/chage.test b/tests/chage/08_chsh_usage_invalid_date/chage.test new file mode 100755 index 00000000..90007fc7 --- /dev/null +++ b/tests/chage/08_chsh_usage_invalid_date/chage.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage displays its usage message when -l is used with another option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +for opt in "-d 2011-09" "-E 2011-09-09-11" +do + echo -n "Use chage with an invalid date (chage $opt bin)..." + chage $opt bin 2>tmp/usage.out && exit 1 || { + status=$? + } + echo "OK" + + echo -n "Check returned status ($status)..." + test "$status" = "2" + echo "OK" + + echo "chage reported:" + echo "=======================================================================" + cat tmp/usage.out + echo "=======================================================================" + d=$(echo $opt | cut -d' ' -f2) + sed -e "s/'$d'/'DATE'/" -i tmp/usage.out + echo -n "Check the usage message..." + diff -au data/usage.out tmp/usage.out + echo "usage message OK." + rm -f tmp/usage.out +done + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/08_chsh_usage_invalid_date/config.txt b/tests/chage/08_chsh_usage_invalid_date/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/group b/tests/chage/08_chsh_usage_invalid_date/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow b/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd b/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow b/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/08_chsh_usage_invalid_date/data/usage.out b/tests/chage/08_chsh_usage_invalid_date/data/usage.out new file mode 100644 index 00000000..cb49bf8f --- /dev/null +++ b/tests/chage/08_chsh_usage_invalid_date/data/usage.out @@ -0,0 +1,17 @@ +chage: invalid date 'DATE' +Usage: chage [options] LOGIN + +Options: + -d, --lastday LAST_DAY set date of last password change to LAST_DAY + -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -h, --help display this help message and exit + -I, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --list show account aging information + -m, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -M, --maxdays MAX_DAYS set maximim number of days before password + change to MAX_DAYS + -R, --root CHROOT_DIR directory to chroot into + -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test b/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test new file mode 100755 index 00000000..36d11e59 --- /dev/null +++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage displays its usage message when -l is used with another option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +for opt in "-I -12" "-m -12" "-M -12" "-W -12" "-I a" "-m 12.5" "-M 12a" "-W a12" +do + echo -n "Use chage with an invalid date (chage $opt bin)..." + chage $opt bin 2>tmp/usage.out && exit 1 || { + status=$? + } + echo "OK" + + echo -n "Check returned status ($status)..." + test "$status" = "2" + echo "OK" + + echo "chage reported:" + echo "=======================================================================" + cat tmp/usage.out + echo "=======================================================================" + v=$(echo $opt | cut -d' ' -f2) + sed -e "s/'$v'/'VAL'/" -i tmp/usage.out + echo -n "Check the usage message..." + diff -au data/usage.out tmp/usage.out + echo "usage message OK." + rm -f tmp/usage.out +done + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt b/tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out b/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out new file mode 100644 index 00000000..9fb70d60 --- /dev/null +++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out @@ -0,0 +1,17 @@ +chage: invalid numeric argument 'VAL' +Usage: chage [options] LOGIN + +Options: + -d, --lastday LAST_DAY set date of last password change to LAST_DAY + -E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -h, --help display this help message and exit + -I, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --list show account aging information + -m, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -M, --maxdays MAX_DAYS set maximim number of days before password + change to MAX_DAYS + -R, --root CHROOT_DIR directory to chroot into + -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + diff --git a/tests/chage/10_chsh-l/chage.test b/tests/chage/10_chsh-l/chage.test new file mode 100755 index 00000000..394c9813 --- /dev/null +++ b/tests/chage/10_chsh-l/chage.test @@ -0,0 +1,51 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage displays its usage message when -l is used with another option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +for user in $(ls data/) +do + echo -n "Get $user aging info (chage -l $user)..." + chage -l $user >tmp/$user + echo "OK" + + echo "chage reported:" + echo "=======================================================================" + cat tmp/$user + echo "=======================================================================" + echo -n "Compare with expected output..." + diff -au data/$user tmp/$user + echo "OK" + rm -f tmp/$user +done + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/10_chsh-l/config.txt b/tests/chage/10_chsh-l/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/10_chsh-l/config/etc/group b/tests/chage/10_chsh-l/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/10_chsh-l/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/10_chsh-l/config/etc/gshadow b/tests/chage/10_chsh-l/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/10_chsh-l/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/10_chsh-l/config/etc/passwd b/tests/chage/10_chsh-l/config/etc/passwd new file mode 100644 index 00000000..31046cf6 --- /dev/null +++ b/tests/chage/10_chsh-l/config/etc/passwd @@ -0,0 +1,32 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash +myuser8:x:424249:424242::/home:/bin/bash +myuser9:x:424250:424242::/home:/bin/bash +myuser10:x:424251:424242::/home:/bin/bash +myuser11:x:424252:424242::/home:/bin/bash +myuser12:x:424253:424242::/home:/bin/bash +myuser13:x:424254:424242::/home:/bin/bash diff --git a/tests/chage/10_chsh-l/config/etc/shadow b/tests/chage/10_chsh-l/config/etc/shadow new file mode 100644 index 00000000..4b81469b --- /dev/null +++ b/tests/chage/10_chsh-l/config/etc/shadow @@ -0,0 +1,30 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1:: +myuser8:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:9999:7:1:: +myuser9:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:9999:7:1:: +myuser10:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0::7:1:: +#myuser11:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1:: diff --git a/tests/chage/10_chsh-l/data/myuser1 b/tests/chage/10_chsh-l/data/myuser1 new file mode 100644 index 00000000..64754ca5 --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser1 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/10_chsh-l/data/myuser10 b/tests/chage/10_chsh-l/data/myuser10 new file mode 100644 index 00000000..8a9e5d12 --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser10 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : -1 +Number of days of warning before password expires : 7 diff --git a/tests/chage/10_chsh-l/data/myuser11 b/tests/chage/10_chsh-l/data/myuser11 new file mode 100644 index 00000000..a54ec7a7 --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser11 @@ -0,0 +1,7 @@ +Last password change : never +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : -1 +Maximum number of days between password change : -1 +Number of days of warning before password expires : -1 diff --git a/tests/chage/10_chsh-l/data/myuser2 b/tests/chage/10_chsh-l/data/myuser2 new file mode 100644 index 00000000..7efdc0cd --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser2 @@ -0,0 +1,7 @@ +Last password change : Jul 28, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 1 +Maximum number of days between password change : 99996 +Number of days of warning before password expires : 5 diff --git a/tests/chage/10_chsh-l/data/myuser3 b/tests/chage/10_chsh-l/data/myuser3 new file mode 100644 index 00000000..a263db9d --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser3 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : Jan 01, 1970 +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/10_chsh-l/data/myuser4 b/tests/chage/10_chsh-l/data/myuser4 new file mode 100644 index 00000000..11e2f2d9 --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser4 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : Jan 02, 1970 +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/10_chsh-l/data/myuser5 b/tests/chage/10_chsh-l/data/myuser5 new file mode 100644 index 00000000..64754ca5 --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser5 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/10_chsh-l/data/myuser6 b/tests/chage/10_chsh-l/data/myuser6 new file mode 100644 index 00000000..64754ca5 --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser6 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/10_chsh-l/data/myuser7 b/tests/chage/10_chsh-l/data/myuser7 new file mode 100644 index 00000000..63debfb9 --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser7 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : Dec 11, 2032 +Password inactive : Dec 12, 2032 +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 9999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/10_chsh-l/data/myuser8 b/tests/chage/10_chsh-l/data/myuser8 new file mode 100644 index 00000000..4a3f4bd3 --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser8 @@ -0,0 +1,7 @@ +Last password change : never +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 9999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/10_chsh-l/data/myuser9 b/tests/chage/10_chsh-l/data/myuser9 new file mode 100644 index 00000000..09f6fdca --- /dev/null +++ b/tests/chage/10_chsh-l/data/myuser9 @@ -0,0 +1,7 @@ +Last password change : password must be changed +Password expires : password must be changed +Password inactive : password must be changed +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 9999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/11_chsh_usage_invalid_user/chage.test b/tests/chage/11_chsh_usage_invalid_user/chage.test new file mode 100755 index 00000000..46d9d656 --- /dev/null +++ b/tests/chage/11_chsh_usage_invalid_user/chage.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage warns in case of invalid user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use chage with an invalid user (chage -I 12 foo)..." +chage -I 12 foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/11_chsh_usage_invalid_user/config.txt b/tests/chage/11_chsh_usage_invalid_user/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/group b/tests/chage/11_chsh_usage_invalid_user/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow b/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd b/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow b/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/11_chsh_usage_invalid_user/data/usage.out b/tests/chage/11_chsh_usage_invalid_user/data/usage.out new file mode 100644 index 00000000..cdc8a1fa --- /dev/null +++ b/tests/chage/11_chsh_usage_invalid_user/data/usage.out @@ -0,0 +1 @@ +chage: user 'foo' does not exist in /etc/passwd diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/chage.test b/tests/chage/12_chsh_usage-l_invalid_user2/chage.test new file mode 100755 index 00000000..d3b5255c --- /dev/null +++ b/tests/chage/12_chsh_usage-l_invalid_user2/chage.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage warns in case of invalid user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use chage with an invalid user (chage -l foo)..." +chage -l foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config.txt b/tests/chage/12_chsh_usage-l_invalid_user2/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out b/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out new file mode 100644 index 00000000..cdc8a1fa --- /dev/null +++ b/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out @@ -0,0 +1 @@ +chage: user 'foo' does not exist in /etc/passwd diff --git a/tests/chage/13_chsh_locked_passwd/chage.test b/tests/chage/13_chsh_locked_passwd/chage.test new file mode 100755 index 00000000..aeeb412a --- /dev/null +++ b/tests/chage/13_chsh_locked_passwd/chage.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage warns when passwd is already locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Use chage with an invalid user (chage -I 12 bin)..." +chage -I 12 bin 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/13_chsh_locked_passwd/config.txt b/tests/chage/13_chsh_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/group b/tests/chage/13_chsh_locked_passwd/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/13_chsh_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/gshadow b/tests/chage/13_chsh_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/13_chsh_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/passwd b/tests/chage/13_chsh_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/13_chsh_locked_passwd/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/shadow b/tests/chage/13_chsh_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/13_chsh_locked_passwd/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/13_chsh_locked_passwd/data/usage.out b/tests/chage/13_chsh_locked_passwd/data/usage.out new file mode 100644 index 00000000..caa44b5f --- /dev/null +++ b/tests/chage/13_chsh_locked_passwd/data/usage.out @@ -0,0 +1,2 @@ +chage: existing lock file /etc/passwd.lock without a PID +chage: cannot lock /etc/passwd; try again later. diff --git a/tests/chage/14_chsh_locked_shadow/chage.test b/tests/chage/14_chsh_locked_shadow/chage.test new file mode 100755 index 00000000..3474d953 --- /dev/null +++ b/tests/chage/14_chsh_locked_shadow/chage.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage warns when shadow is already locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Use chage with an invalid user (chage -I 12 bin)..." +chage -I 12 bin 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" +rm -f /etc/shadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/14_chsh_locked_shadow/config.txt b/tests/chage/14_chsh_locked_shadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/group b/tests/chage/14_chsh_locked_shadow/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/14_chsh_locked_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/gshadow b/tests/chage/14_chsh_locked_shadow/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/14_chsh_locked_shadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/passwd b/tests/chage/14_chsh_locked_shadow/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/14_chsh_locked_shadow/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/shadow b/tests/chage/14_chsh_locked_shadow/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/14_chsh_locked_shadow/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/14_chsh_locked_shadow/data/usage.out b/tests/chage/14_chsh_locked_shadow/data/usage.out new file mode 100644 index 00000000..f396f3ca --- /dev/null +++ b/tests/chage/14_chsh_locked_shadow/data/usage.out @@ -0,0 +1,2 @@ +chage: existing lock file /etc/shadow.lock without a PID +chage: cannot lock /etc/shadow; try again later. diff --git a/tests/chage/15_chage-I_no_shadow_entry/chage.test b/tests/chage/15_chage-I_no_shadow_entry/chage.test new file mode 100755 index 00000000..77a06a26 --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change bin's inactivity period (chage -I 12 bin)..." +chage -I 12 bin +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/15_chage-I_no_shadow_entry/config.txt b/tests/chage/15_chage-I_no_shadow_entry/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/group b/tests/chage/15_chage-I_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow b/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs b/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd b/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow b/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..88faec23 --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/chage/15_chage-I_no_shadow_entry/data/passwd b/tests/chage/15_chage-I_no_shadow_entry/data/passwd new file mode 100644 index 00000000..d9ad1e23 --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/15_chage-I_no_shadow_entry/data/shadow b/tests/chage/15_chage-I_no_shadow_entry/data/shadow new file mode 100644 index 00000000..d32d937b --- /dev/null +++ b/tests/chage/15_chage-I_no_shadow_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bin:*:::::12:: diff --git a/tests/chage/16_chage-m_no_shadow_entry/chage.test b/tests/chage/16_chage-m_no_shadow_entry/chage.test new file mode 100755 index 00000000..778a65aa --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change bin's mindays (chage -m 12 bin)..." +chage -m 12 bin +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/16_chage-m_no_shadow_entry/config.txt b/tests/chage/16_chage-m_no_shadow_entry/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/group b/tests/chage/16_chage-m_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow b/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs b/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd b/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow b/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..88faec23 --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/chage/16_chage-m_no_shadow_entry/data/passwd b/tests/chage/16_chage-m_no_shadow_entry/data/passwd new file mode 100644 index 00000000..d9ad1e23 --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/16_chage-m_no_shadow_entry/data/shadow b/tests/chage/16_chage-m_no_shadow_entry/data/shadow new file mode 100644 index 00000000..dc6bc8bb --- /dev/null +++ b/tests/chage/16_chage-m_no_shadow_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bin:*::12::::: diff --git a/tests/chage/17_chage-M_no_shadow_entry/chage.test b/tests/chage/17_chage-M_no_shadow_entry/chage.test new file mode 100755 index 00000000..6b70f066 --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change bin's mindays (chage -M 12 bin)..." +chage -M 12 bin +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/17_chage-M_no_shadow_entry/config.txt b/tests/chage/17_chage-M_no_shadow_entry/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/group b/tests/chage/17_chage-M_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow b/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs b/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd b/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow b/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..88faec23 --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/chage/17_chage-M_no_shadow_entry/data/passwd b/tests/chage/17_chage-M_no_shadow_entry/data/passwd new file mode 100644 index 00000000..d9ad1e23 --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/17_chage-M_no_shadow_entry/data/shadow b/tests/chage/17_chage-M_no_shadow_entry/data/shadow new file mode 100644 index 00000000..fb623f7c --- /dev/null +++ b/tests/chage/17_chage-M_no_shadow_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bin:*:::12:::: diff --git a/tests/chage/18_chage-d_no_shadow_entry/chage.test b/tests/chage/18_chage-d_no_shadow_entry/chage.test new file mode 100755 index 00000000..fb56cef8 --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change bin's mindays (chage -d 2011-09-11 bin)..." +chage -d 2011-09-11 bin +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/18_chage-d_no_shadow_entry/config.txt b/tests/chage/18_chage-d_no_shadow_entry/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/group b/tests/chage/18_chage-d_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow b/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs b/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd b/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow b/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..88faec23 --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/chage/18_chage-d_no_shadow_entry/data/passwd b/tests/chage/18_chage-d_no_shadow_entry/data/passwd new file mode 100644 index 00000000..d9ad1e23 --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/18_chage-d_no_shadow_entry/data/shadow b/tests/chage/18_chage-d_no_shadow_entry/data/shadow new file mode 100644 index 00000000..df82e6ca --- /dev/null +++ b/tests/chage/18_chage-d_no_shadow_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bin:*:15228:::::: diff --git a/tests/chage/19_chage-W_no_shadow_entry/chage.test b/tests/chage/19_chage-W_no_shadow_entry/chage.test new file mode 100755 index 00000000..410ccbb9 --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change bin's mindays (chage -W 12 bin)..." +chage -W 12 bin +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/19_chage-W_no_shadow_entry/config.txt b/tests/chage/19_chage-W_no_shadow_entry/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/group b/tests/chage/19_chage-W_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow b/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs b/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd b/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow b/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..88faec23 --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/chage/19_chage-W_no_shadow_entry/data/passwd b/tests/chage/19_chage-W_no_shadow_entry/data/passwd new file mode 100644 index 00000000..d9ad1e23 --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/19_chage-W_no_shadow_entry/data/shadow b/tests/chage/19_chage-W_no_shadow_entry/data/shadow new file mode 100644 index 00000000..32654238 --- /dev/null +++ b/tests/chage/19_chage-W_no_shadow_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bin:*::::12::: diff --git a/tests/chage/20_chage-E_no_shadow_entry/chage.test b/tests/chage/20_chage-E_no_shadow_entry/chage.test new file mode 100755 index 00000000..52079f7e --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change bin's mindays (chage -E 2011-09-11 bin)..." +chage -E 2011-09-11 bin +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/20_chage-E_no_shadow_entry/config.txt b/tests/chage/20_chage-E_no_shadow_entry/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/group b/tests/chage/20_chage-E_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow b/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs b/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd b/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow b/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..88faec23 --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/chage/20_chage-E_no_shadow_entry/data/passwd b/tests/chage/20_chage-E_no_shadow_entry/data/passwd new file mode 100644 index 00000000..d9ad1e23 --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/chage/20_chage-E_no_shadow_entry/data/shadow b/tests/chage/20_chage-E_no_shadow_entry/data/shadow new file mode 100644 index 00000000..752a49af --- /dev/null +++ b/tests/chage/20_chage-E_no_shadow_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bin:*::::::15228: diff --git a/tests/chage/21_chage_no_shadow_file/chage.test b/tests/chage/21_chage_no_shadow_file/chage.test new file mode 100755 index 00000000..c2e8d0ed --- /dev/null +++ b/tests/chage/21_chage_no_shadow_file/chage.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage warns when shadow is not enabled" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Use chage with an invalid user (chage -I 12 bin)..." +chage -I 12 bin 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "15" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/21_chage_no_shadow_file/config.txt b/tests/chage/21_chage_no_shadow_file/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/group b/tests/chage/21_chage_no_shadow_file/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/21_chage_no_shadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/gshadow b/tests/chage/21_chage_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/21_chage_no_shadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/passwd b/tests/chage/21_chage_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/21_chage_no_shadow_file/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/shadow b/tests/chage/21_chage_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/21_chage_no_shadow_file/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/21_chage_no_shadow_file/data/usage.out b/tests/chage/21_chage_no_shadow_file/data/usage.out new file mode 100644 index 00000000..07d7a30e --- /dev/null +++ b/tests/chage/21_chage_no_shadow_file/data/usage.out @@ -0,0 +1 @@ +chage: the shadow password file is not present diff --git a/tests/chage/22_chage_myuser-l/chage.test b/tests/chage/22_chage_myuser-l/chage.test new file mode 100755 index 00000000..34ad36d2 --- /dev/null +++ b/tests/chage/22_chage_myuser-l/chage.test @@ -0,0 +1,51 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage can be used to show one's aging info" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +for user in $(ls data/) +do + echo -n "Get $user aging info (chage -l $user)..." + su myuser1 -c "chage -l $user" >tmp/$user + echo "OK" + + echo "chage reported:" + echo "=======================================================================" + cat tmp/$user + echo "=======================================================================" + echo -n "Compare with expected output..." + diff -au data/$user tmp/$user + echo "OK" + rm -f tmp/$user +done + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/22_chage_myuser-l/config.txt b/tests/chage/22_chage_myuser-l/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/22_chage_myuser-l/config/etc/group b/tests/chage/22_chage_myuser-l/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/22_chage_myuser-l/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/22_chage_myuser-l/config/etc/gshadow b/tests/chage/22_chage_myuser-l/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/22_chage_myuser-l/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/22_chage_myuser-l/config/etc/passwd b/tests/chage/22_chage_myuser-l/config/etc/passwd new file mode 100644 index 00000000..31046cf6 --- /dev/null +++ b/tests/chage/22_chage_myuser-l/config/etc/passwd @@ -0,0 +1,32 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash +myuser8:x:424249:424242::/home:/bin/bash +myuser9:x:424250:424242::/home:/bin/bash +myuser10:x:424251:424242::/home:/bin/bash +myuser11:x:424252:424242::/home:/bin/bash +myuser12:x:424253:424242::/home:/bin/bash +myuser13:x:424254:424242::/home:/bin/bash diff --git a/tests/chage/22_chage_myuser-l/config/etc/shadow b/tests/chage/22_chage_myuser-l/config/etc/shadow new file mode 100644 index 00000000..4b81469b --- /dev/null +++ b/tests/chage/22_chage_myuser-l/config/etc/shadow @@ -0,0 +1,30 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1:: +myuser8:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:9999:7:1:: +myuser9:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:9999:7:1:: +myuser10:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0::7:1:: +#myuser11:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1:: diff --git a/tests/chage/22_chage_myuser-l/data/myuser1 b/tests/chage/22_chage_myuser-l/data/myuser1 new file mode 100644 index 00000000..64754ca5 --- /dev/null +++ b/tests/chage/22_chage_myuser-l/data/myuser1 @@ -0,0 +1,7 @@ +Last password change : Jul 27, 2005 +Password expires : never +Password inactive : never +Account expires : never +Minimum number of days between password change : 0 +Maximum number of days between password change : 99999 +Number of days of warning before password expires : 7 diff --git a/tests/chage/23_chage_myuser-I/chage.test b/tests/chage/23_chage_myuser-I/chage.test new file mode 100755 index 00000000..0bd70435 --- /dev/null +++ b/tests/chage/23_chage_myuser-I/chage.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage forbids to change aging info" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myusers1 uses chage to change myuser1 aging info (chage -I 12 myuser2)..." +su myuser1 -c "chage -I 12 myuser1" 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/23_chage_myuser-I/config.txt b/tests/chage/23_chage_myuser-I/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/23_chage_myuser-I/config/etc/group b/tests/chage/23_chage_myuser-I/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/23_chage_myuser-I/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/23_chage_myuser-I/config/etc/gshadow b/tests/chage/23_chage_myuser-I/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/23_chage_myuser-I/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/23_chage_myuser-I/config/etc/passwd b/tests/chage/23_chage_myuser-I/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/23_chage_myuser-I/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/23_chage_myuser-I/config/etc/shadow b/tests/chage/23_chage_myuser-I/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/23_chage_myuser-I/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/23_chage_myuser-I/data/usage.out b/tests/chage/23_chage_myuser-I/data/usage.out new file mode 100644 index 00000000..dc0d6ca5 --- /dev/null +++ b/tests/chage/23_chage_myuser-I/data/usage.out @@ -0,0 +1 @@ +chage: Permission denied. diff --git a/tests/chage/24_chage_myuser-l_other/chage.test b/tests/chage/24_chage_myuser-l_other/chage.test new file mode 100755 index 00000000..ef2f8e23 --- /dev/null +++ b/tests/chage/24_chage_myuser-l_other/chage.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage forbids to get other accounts aging info" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myusers1 uses chage to get myuser2 aging info (chage -l myuser2)..." +su myuser1 -c "chage -l myuser2" 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/24_chage_myuser-l_other/config.txt b/tests/chage/24_chage_myuser-l_other/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/group b/tests/chage/24_chage_myuser-l_other/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chage/24_chage_myuser-l_other/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/gshadow b/tests/chage/24_chage_myuser-l_other/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chage/24_chage_myuser-l_other/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/passwd b/tests/chage/24_chage_myuser-l_other/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/24_chage_myuser-l_other/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/shadow b/tests/chage/24_chage_myuser-l_other/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/24_chage_myuser-l_other/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/24_chage_myuser-l_other/data/usage.out b/tests/chage/24_chage_myuser-l_other/data/usage.out new file mode 100644 index 00000000..dc0d6ca5 --- /dev/null +++ b/tests/chage/24_chage_myuser-l_other/data/usage.out @@ -0,0 +1 @@ +chage: Permission denied. diff --git a/tests/chage/25_chage_interractive/chage.test b/tests/chage/25_chage_interractive/chage.test new file mode 100755 index 00000000..01f957f4 --- /dev/null +++ b/tests/chage/25_chage_interractive/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/25_chage_interractive/config.txt b/tests/chage/25_chage_interractive/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/25_chage_interractive/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/25_chage_interractive/config/etc/group b/tests/chage/25_chage_interractive/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/25_chage_interractive/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/25_chage_interractive/config/etc/gshadow b/tests/chage/25_chage_interractive/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/25_chage_interractive/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/25_chage_interractive/config/etc/login.defs b/tests/chage/25_chage_interractive/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/25_chage_interractive/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/25_chage_interractive/config/etc/passwd b/tests/chage/25_chage_interractive/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/25_chage_interractive/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/25_chage_interractive/config/etc/shadow b/tests/chage/25_chage_interractive/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/25_chage_interractive/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/25_chage_interractive/data/shadow b/tests/chage/25_chage_interractive/data/shadow new file mode 100644 index 00000000..334494ac --- /dev/null +++ b/tests/chage/25_chage_interractive/data/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/25_chage_interractive/run.exp b/tests/chage/25_chage_interractive/run.exp new file mode 100755 index 00000000..5b4b1d0b --- /dev/null +++ b/tests/chage/25_chage_interractive/run.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "2005-07-26\r" +expect -re "Password Expiration Warning .7\]: " +send "9\r" +expect -re "Password Inactive .-1\]: " +send "35\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +send "2012-07-27\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/26_chage_interractive_date_0/chage.test b/tests/chage/26_chage_interractive_date_0/chage.test new file mode 100755 index 00000000..01f957f4 --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/26_chage_interractive_date_0/config.txt b/tests/chage/26_chage_interractive_date_0/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/group b/tests/chage/26_chage_interractive_date_0/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/gshadow b/tests/chage/26_chage_interractive_date_0/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/login.defs b/tests/chage/26_chage_interractive_date_0/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/passwd b/tests/chage/26_chage_interractive_date_0/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/shadow b/tests/chage/26_chage_interractive_date_0/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/26_chage_interractive_date_0/data/shadow b/tests/chage/26_chage_interractive_date_0/data/shadow new file mode 100644 index 00000000..293987c1 --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/data/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:13:14:9:35:0: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/26_chage_interractive_date_0/run.exp b/tests/chage/26_chage_interractive_date_0/run.exp new file mode 100755 index 00000000..2f97abbd --- /dev/null +++ b/tests/chage/26_chage_interractive_date_0/run.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "0\r" +expect -re "Password Expiration Warning .7\]: " +send "9\r" +expect -re "Password Inactive .-1\]: " +send "35\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +send "0\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/27_chage_interractive_date_-1/chage.test b/tests/chage/27_chage_interractive_date_-1/chage.test new file mode 100755 index 00000000..01f957f4 --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/27_chage_interractive_date_-1/config.txt b/tests/chage/27_chage_interractive_date_-1/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/group b/tests/chage/27_chage_interractive_date_-1/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow b/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs b/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/passwd b/tests/chage/27_chage_interractive_date_-1/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/shadow b/tests/chage/27_chage_interractive_date_-1/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/27_chage_interractive_date_-1/data/shadow b/tests/chage/27_chage_interractive_date_-1/data/shadow new file mode 100644 index 00000000..800f1a22 --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/data/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::13:14:9:35:: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/27_chage_interractive_date_-1/run.exp b/tests/chage/27_chage_interractive_date_-1/run.exp new file mode 100755 index 00000000..f4c20a1b --- /dev/null +++ b/tests/chage/27_chage_interractive_date_-1/run.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send -- "-1\r" +expect -re "Password Expiration Warning .7\]: " +send "9\r" +expect -re "Password Inactive .-1\]: " +send "35\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +send -- "-1\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/28_chage_interractive_date_EPOCH/chage.test b/tests/chage/28_chage_interractive_date_EPOCH/chage.test new file mode 100755 index 00000000..01f957f4 --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config.txt b/tests/chage/28_chage_interractive_date_EPOCH/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/28_chage_interractive_date_EPOCH/data/shadow b/tests/chage/28_chage_interractive_date_EPOCH/data/shadow new file mode 100644 index 00000000..293987c1 --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/data/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:13:14:9:35:0: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/28_chage_interractive_date_EPOCH/run.exp b/tests/chage/28_chage_interractive_date_EPOCH/run.exp new file mode 100755 index 00000000..a93e8cc9 --- /dev/null +++ b/tests/chage/28_chage_interractive_date_EPOCH/run.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "1970-01-01\r" +expect -re "Password Expiration Warning .7\]: " +send "9\r" +expect -re "Password Inactive .-1\]: " +send "35\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +send "1970-01-01\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test b/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test new file mode 100755 index 00000000..99f2df4d --- /dev/null +++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt b/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp b/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp new file mode 100755 index 00000000..a43fd042 --- /dev/null +++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "1900-01-01\r" +expect "chage: error changing fields\r\n" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test b/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test new file mode 100755 index 00000000..99f2df4d --- /dev/null +++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp b/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp new file mode 100755 index 00000000..9c3c5db0 --- /dev/null +++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp @@ -0,0 +1,32 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "1970-01-01\r" +expect -re "Password Expiration Warning .7\]: " +send "9\r" +expect -re "Password Inactive .-1\]: " +send "35\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +send "1900-01-01\r" +expect "chage: error changing fields\r\n" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/31_chage_interractive_date_invalid/chage.test b/tests/chage/31_chage_interractive_date_invalid/chage.test new file mode 100755 index 00000000..84e9390a --- /dev/null +++ b/tests/chage/31_chage_interractive_date_invalid/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock /etc/shadow.lock' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/31_chage_interractive_date_invalid/config.txt b/tests/chage/31_chage_interractive_date_invalid/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/31_chage_interractive_date_invalid/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/group b/tests/chage/31_chage_interractive_date_invalid/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow b/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs b/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd b/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow b/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/31_chage_interractive_date_invalid/run.exp b/tests/chage/31_chage_interractive_date_invalid/run.exp new file mode 100755 index 00000000..91551d4a --- /dev/null +++ b/tests/chage/31_chage_interractive_date_invalid/run.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "2000-13-42\r" +expect "chage: error changing fields\r\n" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/32_chage_interractive_date_invalid2/chage.test b/tests/chage/32_chage_interractive_date_invalid2/chage.test new file mode 100755 index 00000000..99f2df4d --- /dev/null +++ b/tests/chage/32_chage_interractive_date_invalid2/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/32_chage_interractive_date_invalid2/config.txt b/tests/chage/32_chage_interractive_date_invalid2/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/32_chage_interractive_date_invalid2/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/group b/tests/chage/32_chage_interractive_date_invalid2/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow b/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs b/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd b/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow b/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/32_chage_interractive_date_invalid2/run.exp b/tests/chage/32_chage_interractive_date_invalid2/run.exp new file mode 100755 index 00000000..edc3f78b --- /dev/null +++ b/tests/chage/32_chage_interractive_date_invalid2/run.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "2000-mm-42\r" +expect "chage: error changing fields\r\n" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/33_chage_interractive-W_invalid1/chage.test b/tests/chage/33_chage_interractive-W_invalid1/chage.test new file mode 100755 index 00000000..fc4dd9d2 --- /dev/null +++ b/tests/chage/33_chage_interractive-W_invalid1/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage interractive session checks field validity" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/33_chage_interractive-W_invalid1/config.txt b/tests/chage/33_chage_interractive-W_invalid1/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/33_chage_interractive-W_invalid1/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/group b/tests/chage/33_chage_interractive-W_invalid1/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow b/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs b/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd b/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow b/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/33_chage_interractive-W_invalid1/run.exp b/tests/chage/33_chage_interractive-W_invalid1/run.exp new file mode 100755 index 00000000..ac50231b --- /dev/null +++ b/tests/chage/33_chage_interractive-W_invalid1/run.exp @@ -0,0 +1,32 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "0\r" +expect -re "Password Expiration Warning .7\]: " +send "9a\r" +#expect -re "Password Inactive .-1\]: " +#send "35\r" +#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +#send "0\r" +expect "chage: error changing fields\r\n" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/34_chage_interractive-W_invalid2/chage.test b/tests/chage/34_chage_interractive-W_invalid2/chage.test new file mode 100755 index 00000000..fc4dd9d2 --- /dev/null +++ b/tests/chage/34_chage_interractive-W_invalid2/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage interractive session checks field validity" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/34_chage_interractive-W_invalid2/config.txt b/tests/chage/34_chage_interractive-W_invalid2/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/34_chage_interractive-W_invalid2/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/group b/tests/chage/34_chage_interractive-W_invalid2/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow b/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs b/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd b/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow b/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/34_chage_interractive-W_invalid2/run.exp b/tests/chage/34_chage_interractive-W_invalid2/run.exp new file mode 100755 index 00000000..04b6f57d --- /dev/null +++ b/tests/chage/34_chage_interractive-W_invalid2/run.exp @@ -0,0 +1,32 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "13\r" +expect -re "Maximum Password Age .99999\]: " +send "14\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "0\r" +expect -re "Password Expiration Warning .7\]: " +send -- "-2\r" +#expect -re "Password Inactive .-1\]: " +#send "35\r" +#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +#send "0\r" +expect "chage: error changing fields\r\n" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/35_chage_interractive-W-1/chage.test b/tests/chage/35_chage_interractive-W-1/chage.test new file mode 100755 index 00000000..01f957f4 --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/35_chage_interractive-W-1/config.txt b/tests/chage/35_chage_interractive-W-1/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/group b/tests/chage/35_chage_interractive-W-1/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/gshadow b/tests/chage/35_chage_interractive-W-1/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/login.defs b/tests/chage/35_chage_interractive-W-1/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/passwd b/tests/chage/35_chage_interractive-W-1/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/shadow b/tests/chage/35_chage_interractive-W-1/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/35_chage_interractive-W-1/data/shadow b/tests/chage/35_chage_interractive-W-1/data/shadow new file mode 100644 index 00000000..4b74f15d --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/data/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/35_chage_interractive-W-1/run.exp b/tests/chage/35_chage_interractive-W-1/run.exp new file mode 100755 index 00000000..84fd749c --- /dev/null +++ b/tests/chage/35_chage_interractive-W-1/run.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "\r" +expect -re "Maximum Password Age .99999\]: " +send "\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "\r" +expect -re "Password Expiration Warning .7\]: " +send -- "-1\r" +expect -re "Password Inactive .-1\]: " +send "\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +send "\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/36_chage_interractive-I_invalid1/chage.test b/tests/chage/36_chage_interractive-I_invalid1/chage.test new file mode 100755 index 00000000..fc4dd9d2 --- /dev/null +++ b/tests/chage/36_chage_interractive-I_invalid1/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage interractive session checks field validity" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/36_chage_interractive-I_invalid1/config.txt b/tests/chage/36_chage_interractive-I_invalid1/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/36_chage_interractive-I_invalid1/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/group b/tests/chage/36_chage_interractive-I_invalid1/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow b/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs b/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd b/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow b/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/36_chage_interractive-I_invalid1/run.exp b/tests/chage/36_chage_interractive-I_invalid1/run.exp new file mode 100755 index 00000000..1e3087b4 --- /dev/null +++ b/tests/chage/36_chage_interractive-I_invalid1/run.exp @@ -0,0 +1,32 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "\r" +expect -re "Maximum Password Age .99999\]: " +send "\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "\r" +expect -re "Password Expiration Warning .7\]: " +send "\r" +expect -re "Password Inactive .-1\]: " +send "9a\r" +#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +#send "0\r" +expect "chage: error changing fields\r\n" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/37_chage_interractive-I_invalid2/chage.test b/tests/chage/37_chage_interractive-I_invalid2/chage.test new file mode 100755 index 00000000..fc4dd9d2 --- /dev/null +++ b/tests/chage/37_chage_interractive-I_invalid2/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage interractive session checks field validity" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/37_chage_interractive-I_invalid2/config.txt b/tests/chage/37_chage_interractive-I_invalid2/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/37_chage_interractive-I_invalid2/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/group b/tests/chage/37_chage_interractive-I_invalid2/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow b/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs b/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd b/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow b/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/37_chage_interractive-I_invalid2/run.exp b/tests/chage/37_chage_interractive-I_invalid2/run.exp new file mode 100755 index 00000000..b059117a --- /dev/null +++ b/tests/chage/37_chage_interractive-I_invalid2/run.exp @@ -0,0 +1,32 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "\r" +expect -re "Maximum Password Age .99999\]: " +send "\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "\r" +expect -re "Password Expiration Warning .7\]: " +send "\r" +expect -re "Password Inactive .-1\]: " +send -- "-2\r" +#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +#send "0\r" +expect "chage: error changing fields\r\n" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/38_chage_interractive-I-1/chage.test b/tests/chage/38_chage_interractive-I-1/chage.test new file mode 100755 index 00000000..01f957f4 --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/38_chage_interractive-I-1/config.txt b/tests/chage/38_chage_interractive-I-1/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/group b/tests/chage/38_chage_interractive-I-1/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/gshadow b/tests/chage/38_chage_interractive-I-1/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/login.defs b/tests/chage/38_chage_interractive-I-1/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/passwd b/tests/chage/38_chage_interractive-I-1/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/shadow b/tests/chage/38_chage_interractive-I-1/config/etc/shadow new file mode 100644 index 00000000..922d9551 --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:3:: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/38_chage_interractive-I-1/data/shadow b/tests/chage/38_chage_interractive-I-1/data/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/data/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/38_chage_interractive-I-1/run.exp b/tests/chage/38_chage_interractive-I-1/run.exp new file mode 100755 index 00000000..94eb4630 --- /dev/null +++ b/tests/chage/38_chage_interractive-I-1/run.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "\r" +expect -re "Maximum Password Age .99999\]: " +send "\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: " +send "\r" +expect -re "Password Expiration Warning .7\]: " +send "\r" +expect -re "Password Inactive .3\]: " +send -- "-1\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +send "\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chage/39_chage_interractive-d-1/chage.test b/tests/chage/39_chage_interractive-d-1/chage.test new file mode 100755 index 00000000..01f957f4 --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/chage.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chage creates a shadow entry if there were none" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "chage interractive session as myuser1..." +./run.exp +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chage/39_chage_interractive-d-1/config.txt b/tests/chage/39_chage_interractive-d-1/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/group b/tests/chage/39_chage_interractive-d-1/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/gshadow b/tests/chage/39_chage_interractive-d-1/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/login.defs b/tests/chage/39_chage_interractive-d-1/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/passwd b/tests/chage/39_chage_interractive-d-1/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/shadow b/tests/chage/39_chage_interractive-d-1/config/etc/shadow new file mode 100644 index 00000000..a1afc129 --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:3:: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/39_chage_interractive-d-1/data/shadow b/tests/chage/39_chage_interractive-d-1/data/shadow new file mode 100644 index 00000000..a1afc129 --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/data/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:3:: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chage/39_chage_interractive-d-1/run.exp b/tests/chage/39_chage_interractive-d-1/run.exp new file mode 100755 index 00000000..362436b6 --- /dev/null +++ b/tests/chage/39_chage_interractive-d-1/run.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 5 + +# I've not been able to put the opening bracket in the regular expressions +# If anyone knows... + +spawn /usr/bin/chage myuser1 +expect -re "Minimum Password Age .0\]: " +send "\r" +expect -re "Maximum Password Age .99999\]: " +send "\r" +expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .-1\]: " +send -- "-1\r" +expect -re "Password Expiration Warning .7\]: " +send "\r" +expect -re "Password Inactive .3\]: " +send "\r" +expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: " +send "\r" +expect { + eof { + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chroot/chage/01_chage--root/chage.test b/tests/chroot/chage/01_chage--root/chage.test new file mode 100755 index 00000000..df9aad55 --- /dev/null +++ b/tests/chroot/chage/01_chage--root/chage.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chage can change user's data in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Change root's last day in chroot (chage --root $PWD/tmp/root -d 2012-12-12 root)..." +chage --root $PWD/tmp/root -d 2012-12-12 root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/chage/01_chage--root/config.txt b/tests/chroot/chage/01_chage--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/chage/01_chage--root/config/etc/default/useradd b/tests/chroot/chage/01_chage--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/chage/01_chage--root/config/etc/group b/tests/chroot/chage/01_chage--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/chage/01_chage--root/config/etc/gshadow b/tests/chroot/chage/01_chage--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/chage/01_chage--root/config/etc/passwd b/tests/chroot/chage/01_chage--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/chage/01_chage--root/config/etc/shadow b/tests/chroot/chage/01_chage--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/group b/tests/chroot/chage/01_chage--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow b/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs b/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd b/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow b/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/chage/01_chage--root/data/shadow b/tests/chroot/chage/01_chage--root/data/shadow new file mode 100644 index 00000000..c9e698bc --- /dev/null +++ b/tests/chroot/chage/01_chage--root/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:15686:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test b/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test new file mode 100755 index 00000000..afbdb4bb --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can change a group in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Change nobody and lp's password in chroot..." +echo 'nogroup:test +lp:test2' | chgpasswd --root $PWD/tmp/root -c SHA256 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt b/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group new file mode 100644 index 00000000..d2a4b10a --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +staff:x:50: +root:x:0: +tty:x:5: +daemon:x:1: +bin:x:2: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +sys:x:3: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +adm:x:4: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +disk:x:6: diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow new file mode 100644 index 00000000..2ea5fcad --- /dev/null +++ b/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_SHA256 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA256 test@:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test b/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test new file mode 100755 index 00000000..17282f90 --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can change a group in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Change nobody and lp's password in chroot..." +echo 'nobody:test +lp:test2' | chpasswd --root $PWD/tmp/root -c SHA256 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/shadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group new file mode 100644 index 00000000..d2a4b10a --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group @@ -0,0 +1,42 @@ +staff:x:50: +root:x:0: +tty:x:5: +daemon:x:1: +bin:x:2: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +sys:x:3: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +adm:x:4: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +disk:x:6: diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow new file mode 100644 index 00000000..8a67bed3 --- /dev/null +++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test b/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test new file mode 100755 index 00000000..2e2f8952 --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can change a group in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Change nobody and lp's password in chroot..." +echo 'nobody:test +lp:test2' | chpasswd --root $PWD/tmp/root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/shadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt b/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group new file mode 100644 index 00000000..d2a4b10a --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group @@ -0,0 +1,42 @@ +staff:x:50: +root:x:0: +tty:x:5: +daemon:x:1: +bin:x:2: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +sys:x:3: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +adm:x:4: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +disk:x:6: diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd new file mode 100644 index 00000000..da2adcc9 --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd @@ -0,0 +1,5 @@ +# The PAM configuration file for the Shadow 'chpasswd' service +# + +@include common-password + diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password new file mode 100644 index 00000000..cb8c7b71 --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow new file mode 100644 index 00000000..5839a29d --- /dev/null +++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/chsh/01_chsh--root/chsh.test b/tests/chroot/chsh/01_chsh--root/chsh.test new file mode 100755 index 00000000..b99cbb46 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/chsh.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chsh can change a user in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Change user in chroot (chsh --root $PWD/tmp/root -s /bin/dash root)..." +chsh --root $PWD/tmp/root -s /bin/dash root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/chsh/01_chsh--root/config.txt b/tests/chroot/chsh/01_chsh--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd b/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/group b/tests/chroot/chsh/01_chsh--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/gshadow b/tests/chroot/chsh/01_chsh--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/passwd b/tests/chroot/chsh/01_chsh--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/shadow b/tests/chroot/chsh/01_chsh--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot.list b/tests/chroot/chsh/01_chsh--root/config_chroot.list new file mode 100644 index 00000000..166e5212 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot.list @@ -0,0 +1 @@ +/bin/dash diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh new file mode 100644 index 00000000..7eb604d7 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh @@ -0,0 +1,20 @@ +# +# The PAM configuration file for the Shadow `chsh' service +# + +# This will not allow a user to change their shell unless +# their current one is listed in /etc/shells. This keeps +# accounts with special shells from changing them. +auth required pam_shells.so + +# This allows root to change user shell without being +# prompted for a password +auth sufficient pam_rootok.so + +# The standard Unix authentication modules, used with +# NIS (man nsswitch) as well as normal /etc/passwd and +# /etc/shadow entries. +@include common-auth +@include common-account +@include common-session + diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account new file mode 100644 index 00000000..316b1733 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-account - authorization settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authorization modules that define +# the central access policy for use on the system. The default is to +# only deny service to users whose accounts are expired in /etc/shadow. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. +# + +# here are the per-package modules (the "Primary" block) +account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so +# here's the fallback if no module succeeds +account requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +account required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth new file mode 100644 index 00000000..5facfa29 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +auth [success=1 default=ignore] pam_unix.so nullok_secure +# here's the fallback if no module succeeds +auth requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +auth required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session new file mode 100644 index 00000000..4ad17292 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-session - session-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define tasks to be performed +# at the start and end of sessions of *any* kind (both interactive and +# non-interactive). +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +session [default=1] pam_permit.so +# here's the fallback if no module succeeds +session requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +session required pam_permit.so +# and here are more per-package modules (the "Additional" block) +session required pam_unix.so +# end of pam-auth-update config diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells new file mode 100644 index 00000000..3cf5cc4f --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells @@ -0,0 +1,3 @@ +# /etc/shells: valid login shells +/bin/bash +/bin/dash diff --git a/tests/chroot/chsh/01_chsh--root/data/passwd b/tests/chroot/chsh/01_chsh--root/data/passwd new file mode 100644 index 00000000..72c8a866 --- /dev/null +++ b/tests/chroot/chsh/01_chsh--root/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/dash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config.txt b/tests/chroot/gpasswd/01_gpasswd--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group new file mode 100644 index 00000000..d2a4b10a --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +staff:x:50: +root:x:0: +tty:x:5: +daemon:x:1: +bin:x:2: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +sys:x:3: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +adm:x:4: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +disk:x:6: diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/gpasswd/01_gpasswd--root/data/group b/tests/chroot/gpasswd/01_gpasswd--root/data/group new file mode 100644 index 00000000..5c28b637 --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/data/group @@ -0,0 +1,42 @@ +staff:x:50: +root:x:0: +tty:x:5: +daemon:x:1: +bin:x:2: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +sys:x:3: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +adm:x:4: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +disk:x:6: diff --git a/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow new file mode 100644 index 00000000..7b869c21 --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test b/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test new file mode 100755 index 00000000..8e861aac --- /dev/null +++ b/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change a group in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +ls tmp/root/lib + +echo -n "Chang group in chroot (gpasswd -a root users -Q $PWD/tmp/root)..." +gpasswd -a root users -Q $PWD/tmp/root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/groupadd/01_groupadd--root/config.txt b/tests/chroot/groupadd/01_groupadd--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd b/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/group b/tests/chroot/groupadd/01_groupadd--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow b/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd b/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow b/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/groupadd/01_groupadd--root/data/group b/tests/chroot/groupadd/01_groupadd--root/data/group new file mode 100644 index 00000000..ffc452fd --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +foo:x:1000: diff --git a/tests/chroot/groupadd/01_groupadd--root/data/gshadow b/tests/chroot/groupadd/01_groupadd--root/data/gshadow new file mode 100644 index 00000000..e4b350df --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: +foo:!:: diff --git a/tests/chroot/groupadd/01_groupadd--root/groupadd.test b/tests/chroot/groupadd/01_groupadd--root/groupadd.test new file mode 100755 index 00000000..26f4c9b7 --- /dev/null +++ b/tests/chroot/groupadd/01_groupadd--root/groupadd.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can add a group in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Add group foo in chroot (groupadd --root $PWD/tmp/root foo)..." +groupadd --root $PWD/tmp/root foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/groupdel/01_groupdel--root/config.txt b/tests/chroot/groupdel/01_groupdel--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd b/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/group b/tests/chroot/groupdel/01_groupdel--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow b/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd b/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow b/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/groupdel/01_groupdel--root/data/group b/tests/chroot/groupdel/01_groupdel--root/data/group new file mode 100644 index 00000000..9ee4d568 --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/groupdel/01_groupdel--root/data/gshadow b/tests/chroot/groupdel/01_groupdel--root/data/gshadow new file mode 100644 index 00000000..b969cf25 --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/groupdel/01_groupdel--root/groupdel.test b/tests/chroot/groupdel/01_groupdel--root/groupdel.test new file mode 100755 index 00000000..6d7fa5af --- /dev/null +++ b/tests/chroot/groupdel/01_groupdel--root/groupdel.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmodd can delete a group in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Delete group users in chroot (groupdel --root $PWD/tmp/root users)..." +groupdel --root $PWD/tmp/root users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/groupmod/01_groupmod--root/config.txt b/tests/chroot/groupmod/01_groupmod--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd b/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/group b/tests/chroot/groupmod/01_groupmod--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow b/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd b/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow b/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/groupmod/01_groupmod--root/data/group b/tests/chroot/groupmod/01_groupmod--root/data/group new file mode 100644 index 00000000..068bdf57 --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +utilisateurs:x:100: diff --git a/tests/chroot/groupmod/01_groupmod--root/data/gshadow b/tests/chroot/groupmod/01_groupmod--root/data/gshadow new file mode 100644 index 00000000..249ec498 --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: +utilisateurs:*:: diff --git a/tests/chroot/groupmod/01_groupmod--root/groupmod.test b/tests/chroot/groupmod/01_groupmod--root/groupmod.test new file mode 100755 index 00000000..853df8f5 --- /dev/null +++ b/tests/chroot/groupmod/01_groupmod--root/groupmod.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change a group in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Change group in chroot (groupmod --root $PWD/tmp/root -n utilisateurs users)..." +groupmod --root $PWD/tmp/root -n utilisateurs users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/grpck/01_grpck--root/config.txt b/tests/chroot/grpck/01_grpck--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd b/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/group b/tests/chroot/grpck/01_grpck--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/gshadow b/tests/chroot/grpck/01_grpck--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/passwd b/tests/chroot/grpck/01_grpck--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/shadow b/tests/chroot/grpck/01_grpck--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group new file mode 100644 index 00000000..d2a4b10a --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +staff:x:50: +root:x:0: +tty:x:5: +daemon:x:1: +bin:x:2: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +sys:x:3: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +adm:x:4: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +disk:x:6: diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/grpck/01_grpck--root/data/group b/tests/chroot/grpck/01_grpck--root/data/group new file mode 100644 index 00000000..dd74ea83 --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +crontab:x:101: +Debian-exim:x:102: +nogroup:x:65534: +myuser:x:424242: diff --git a/tests/chroot/grpck/01_grpck--root/data/gshadow b/tests/chroot/grpck/01_grpck--root/data/gshadow new file mode 100644 index 00000000..5b9b1d49 --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: +nogroup:*:: +myuser:x:: diff --git a/tests/chroot/grpck/01_grpck--root/grpck.test b/tests/chroot/grpck/01_grpck--root/grpck.test new file mode 100755 index 00000000..93867d02 --- /dev/null +++ b/tests/chroot/grpck/01_grpck--root/grpck.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck can sort groups in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Sort groups in chroot (grpck --sort --root $PWD/tmp/root)..." +grpck --sort --root $PWD/tmp/root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/grpconv/01_grpconv--root/config.txt b/tests/chroot/grpconv/01_grpconv--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd b/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/group b/tests/chroot/grpconv/01_grpconv--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow b/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd b/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow b/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group new file mode 100644 index 00000000..27f1e9a2 --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0: +daemon:*:1: +bin:*:2: +sys:*:3: +adm:*:4: +tty:*:5: +disk:*:6: +lp:*:7: +mail:*:8: +news:*:9: +uucp:*:10: +man:*:12: +proxy:*:13: +kmem:*:15: +dialout:*:20: +fax:*:21: +voice:*:22: +cdrom:*:24: +floppy:*:25: +tape:*:26: +sudo:*:27: +audio:*:29: +dip:*:30: +www-data:*:33: +backup:*:34: +operator:*:37: +list:*:38: +irc:*:39: +src:*:40: +gnats:*:41: +shadow:*:42: +utmp:*:43: +video:*:44: +sasl:*:45: +plugdev:*:46: +staff:*:50: +games:*:60: +users:foo:100: +nogroup::65534: +crontab:*:101: +Debian-exim:!:102: +myuser:*:424242: diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/grpconv/01_grpconv--root/data/group b/tests/chroot/grpconv/01_grpconv--root/data/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/grpconv/01_grpconv--root/data/gshadow b/tests/chroot/grpconv/01_grpconv--root/data/gshadow new file mode 100644 index 00000000..5f81b8f9 --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/data/gshadow @@ -0,0 +1,42 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:foo:: +nogroup::: +crontab:*:: +Debian-exim:!:: +myuser:*:: diff --git a/tests/chroot/grpconv/01_grpconv--root/grpconv.test b/tests/chroot/grpconv/01_grpconv--root/grpconv.test new file mode 100755 index 00000000..92e1bf06 --- /dev/null +++ b/tests/chroot/grpconv/01_grpconv--root/grpconv.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpconv can change a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "grpconv in a chroot (grpconv --root $PWD/tmp/root)..." +grpconv --root $PWD/tmp/root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/gshadow +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config.txt b/tests/chroot/grpunconv/01_grpunconv--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow new file mode 100644 index 00000000..b21489b2 --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..86f5654a --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:: diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/grpunconv/01_grpunconv--root/data/group b/tests/chroot/grpunconv/01_grpunconv--root/data/group new file mode 100644 index 00000000..9a037038 --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/data/group @@ -0,0 +1,42 @@ +root:*:0: +daemon:*:1: +bin:*:2: +sys:*:3: +adm:*:4: +tty:*:5: +disk:*:6: +lp:*:7: +mail:*:8: +news:*:9: +uucp:*:10: +man:*:12: +proxy:*:13: +kmem:*:15: +dialout:*:20: +fax:*:21: +voice:*:22: +cdrom:*:24: +floppy:*:25: +tape:*:26: +sudo:*:27: +audio:*:29: +dip:*:30: +www-data:*:33: +backup:*:34: +operator:*:37: +list:*:38: +irc:*:39: +src:*:40: +gnats:*:41: +shadow:*:42: +utmp:*:43: +video:*:44: +sasl:*:45: +plugdev:*:46: +staff:*:50: +games:*:60: +users:*:100: +nogroup:*:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242: diff --git a/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test b/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test new file mode 100755 index 00000000..5d6edd58 --- /dev/null +++ b/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpunconv can change a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "grpunconv in a chroot (grpunconv --root $PWD/tmp/root)..." +grpunconv --root $PWD/tmp/root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +test ! -f tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/lastlog/01_lastlog--root/config.txt b/tests/chroot/lastlog/01_lastlog--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd b/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/group b/tests/chroot/lastlog/01_lastlog--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow b/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd b/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow b/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group new file mode 100644 index 00000000..d2a4b10a --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +staff:x:50: +root:x:0: +tty:x:5: +daemon:x:1: +bin:x:2: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +sys:x:3: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +adm:x:4: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +disk:x:6: diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/lastlog/01_lastlog--root/data/group b/tests/chroot/lastlog/01_lastlog--root/data/group new file mode 100644 index 00000000..5c28b637 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/data/group @@ -0,0 +1,42 @@ +staff:x:50: +root:x:0: +tty:x:5: +daemon:x:1: +bin:x:2: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +sys:x:3: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +adm:x:4: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +disk:x:6: diff --git a/tests/chroot/lastlog/01_lastlog--root/data/gshadow b/tests/chroot/lastlog/01_lastlog--root/data/gshadow new file mode 100644 index 00000000..7b869c21 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list b/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list new file mode 100644 index 00000000..e95b2053 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list @@ -0,0 +1,2 @@ +Username +myuser diff --git a/tests/chroot/lastlog/01_lastlog--root/lastlog.test b/tests/chroot/lastlog/01_lastlog--root/lastlog.test new file mode 100755 index 00000000..d61d9a70 --- /dev/null +++ b/tests/chroot/lastlog/01_lastlog--root/lastlog.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change a group in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; rm -f tmp/root/var/log/lastlog; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Create an empty /var/log/lastlog in the chroot..." +> tmp/root/var/log/lastlog +echo "OK" + +echo -n "lastlog --root $PWD/tmp/root -u 424242..." +lastlog --root $PWD/tmp/root -u 424242> tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list +rm -f tmp/root/var/log/lastlog + +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/login/01_login_sublogin/config.txt b/tests/chroot/login/01_login_sublogin/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/chroot/login/01_login_sublogin/config/etc/group b/tests/chroot/login/01_login_sublogin/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/login/01_login_sublogin/config/etc/gshadow b/tests/chroot/login/01_login_sublogin/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/login/01_login_sublogin/config/etc/login.defs b/tests/chroot/login/01_login_sublogin/config/etc/login.defs new file mode 100644 index 00000000..8605f437 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/login/01_login_sublogin/config/etc/passwd b/tests/chroot/login/01_login_sublogin/config/etc/passwd new file mode 100644 index 00000000..7b82b884 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/nonexistent:*/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/login/01_login_sublogin/config/etc/shadow b/tests/chroot/login/01_login_sublogin/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/login/01_login_sublogin/config_chroot.list b/tests/chroot/login/01_login_sublogin/config_chroot.list new file mode 100644 index 00000000..e22e8e82 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot.list @@ -0,0 +1,3 @@ +/bin/dash +/bin/sh +/usr/bin/id diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/group b/tests/chroot/login/01_login_sublogin/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow b/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs b/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs new file mode 100644 index 00000000..8605f437 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account new file mode 100644 index 00000000..316b1733 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-account - authorization settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authorization modules that define +# the central access policy for use on the system. The default is to +# only deny service to users whose accounts are expired in /etc/shadow. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. +# + +# here are the per-package modules (the "Primary" block) +account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so +# here's the fallback if no module succeeds +account requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +account required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth new file mode 100644 index 00000000..5facfa29 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +auth [success=1 default=ignore] pam_unix.so nullok_secure +# here's the fallback if no module succeeds +auth requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +auth required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password new file mode 100644 index 00000000..cb8c7b71 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session new file mode 100644 index 00000000..4ad17292 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-session - session-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define tasks to be performed +# at the start and end of sessions of *any* kind (both interactive and +# non-interactive). +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +session [default=1] pam_permit.so +# here's the fallback if no module succeeds +session requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +session required pam_permit.so +# and here are more per-package modules (the "Additional" block) +session required pam_unix.so +# end of pam-auth-update config diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive new file mode 100644 index 00000000..c9144d54 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-session-noninteractive - session-related modules +# common to all non-interactive services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define tasks to be performed +# at the start and end of all non-interactive sessions. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +session [default=1] pam_permit.so +# here's the fallback if no module succeeds +session requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +session required pam_permit.so +# and here are more per-package modules (the "Additional" block) +session required pam_unix.so +# end of pam-auth-update config diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login new file mode 100644 index 00000000..f1e43b21 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login @@ -0,0 +1,107 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other new file mode 100644 index 00000000..59d776c9 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other @@ -0,0 +1,16 @@ +# +# /etc/pam.d/other - specify the PAM fallback behaviour +# +# Note that this file is used for any unspecified service; for example +#if /etc/pam.d/cron specifies no session modules but cron calls +#pam_open_session, the session module out of /etc/pam.d/other is +#used. If you really want nothing to happen then use pam_permit.so or +#pam_deny.so as appropriate. + +# We fall back to the system default in /etc/pam.d/common-* +# + +@include common-auth +@include common-account +@include common-password +@include common-session diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd b/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty b/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty new file mode 100644 index 00000000..4d705440 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty @@ -0,0 +1,390 @@ +# /etc/securetty: list of terminals on which root is allowed to login. +# See securetty(5) and login(1). + +console + +# Local X displays (allows empty passwords with pam_unix's nullok_secure) +:0 +:0.0 +:0.1 +:1 +:1.0 +:1.1 +:2 +:2.0 +:2.1 +:3 +:3.0 +:3.1 +#... + + +# ========================================================== +# +# TTYs sorted by major number according to Documentation/devices.txt +# +# ========================================================== + +# Virtual consoles +tty1 +tty2 +tty3 +tty4 +tty5 +tty6 +tty7 +tty8 +tty9 +tty10 +tty11 +tty12 +tty13 +tty14 +tty15 +tty16 +tty17 +tty18 +tty19 +tty20 +tty21 +tty22 +tty23 +tty24 +tty25 +tty26 +tty27 +tty28 +tty29 +tty30 +tty31 +tty32 +tty33 +tty34 +tty35 +tty36 +tty37 +tty38 +tty39 +tty40 +tty41 +tty42 +tty43 +tty44 +tty45 +tty46 +tty47 +tty48 +tty49 +tty50 +tty51 +tty52 +tty53 +tty54 +tty55 +tty56 +tty57 +tty58 +tty59 +tty60 +tty61 +tty62 +tty63 + +# UART serial ports +ttyS0 +ttyS1 +ttyS2 +ttyS3 +ttyS4 +ttyS5 +#...ttyS191 + +# Serial Mux devices (Linux/PA-RISC only) +ttyB0 +ttyB1 +#... + +# Chase serial card +ttyH0 +ttyH1 +#... + +# Cyclades serial cards +ttyC0 +ttyC1 +#...ttyC31 + +# Digiboard serial cards +ttyD0 +ttyD1 +#... + +# Stallion serial cards +ttyE0 +ttyE1 +#...ttyE255 + +# Specialix serial cards +ttyX0 +ttyX1 +#... + +# Comtrol Rocketport serial cards +ttyR0 +ttyR1 +#... + +# SDL RISCom serial cards +ttyL0 +ttyL1 +#... + +# Hayes ESP serial card +ttyP0 +ttyP1 +#... + +# Computone IntelliPort II serial card +ttyF0 +ttyF1 +#...ttyF255 + +# Specialix IO8+ serial card +ttyW0 +ttyW1 +#... + +# Comtrol VS-1000 serial controller +ttyV0 +ttyV1 +#... + +# ISI serial card +ttyM0 +ttyM1 +#... + +# Technology Concepts serial card +ttyT0 +ttyT1 +#... + +# Specialix RIO serial card +ttySR0 +ttySR1 +#...ttySR511 + +# Chase Research AT/PCI-Fast serial card +ttyCH0 +ttyCH1 +#...ttyCH63 + +# Moxa Intellio serial card +ttyMX0 +ttyMX1 +#...ttyMX127 + +# SmartIO serial card +ttySI0 +ttySI1 +#... + +# USB dongles +ttyUSB0 +ttyUSB1 +ttyUSB2 +#... + +# LinkUp Systems L72xx UARTs +ttyLU0 +ttyLU1 +ttyLU2 +ttyLU3 + +# StrongARM builtin serial ports +ttySA0 +ttySA1 +ttySA2 + +# SCI serial port (SuperH) ports and SC26xx serial ports +ttySC0 +ttySC1 +ttySC2 +ttySC3 + +# ARM "AMBA" serial ports +ttyAM0 +ttyAM1 +ttyAM2 +ttyAM3 +ttyAM4 +ttyAM5 +ttyAM6 +ttyAM7 +ttyAM8 +ttyAM9 +ttyAM10 +ttyAM11 +ttyAM12 +ttyAM13 +ttyAM14 +ttyAM15 + +# Embedded ARM AMBA PL011 ports (e.g. emulated by QEMU) +ttyAMA0 +ttyAMA1 +ttyAMA2 +ttyAMA3 + +# DataBooster serial ports +ttyDB0 +ttyDB1 +ttyDB2 +ttyDB3 +ttyDB4 +ttyDB5 +ttyDB6 +ttyDB7 + +# SGI Altix console ports +ttySG0 + +# Motorola i.MX ports +ttySMX0 +ttySMX1 +ttySMX2 + +# Marvell MPSC ports +ttyMM0 +ttyMM1 + +# PPC CPM (SCC or SMC) ports +ttyCPM0 +ttyCPM1 +ttyCPM2 +ttyCPM3 +ttyCPM4 +ttyCPM5 + +# Altix serial cards +ttyIOC0 +ttyIOC1 +#...ttyIOC31 + +# NEC VR4100 series SIU +ttyVR0 + +# NEC VR4100 series SSIU +ttyVR1 + +# Altix ioc4 serial cards +ttyIOC84 +ttyIOC85 +#...ttyIOC115 + +# Altix ioc3 serial cards +ttySIOC0 +ttySIOC1 +#...ttySIOC31 + +# PPC PSC ports +ttyPSC0 +ttyPSC1 +ttyPSC2 +ttyPSC3 +ttyPSC4 +ttyPSC5 + +# ATMEL serial ports +ttyAT0 +ttyAT1 +#...ttyAT15 + +# Hilscher netX serial port +ttyNX0 +ttyNX1 +#...ttyNX15 + +# Xilinx uartlite - port +ttyUL0 +ttyUL1 +ttyUL2 +ttyUL3 + +# Xen virtual console - port 0 +xvc0 + +# pmac_zilog - port +ttyPZ0 +ttyPZ1 +ttyPZ2 +ttyPZ3 + +# TX39/49 serial port +ttyTX0 +ttyTX1 +ttyTX2 +ttyTX3 +ttyTX4 +ttyTX5 +ttyTX6 +ttyTX7 + +# SC26xx serial ports (see SCI serial ports (SuperH)) + +# MAX3100 serial ports +ttyMAX0 +ttyMAX1 +ttyMAX2 +ttyMAX3 + +# OMAP serial ports +ttyO0 +ttyO1 +ttyO2 +ttyO3 + +# User space serial ports +ttyU0 +ttyU1 + +# A2232 serial card +ttyY0 +ttyY1 + +# IBM 3270 terminal Unix tty access +3270/tty1 +3270/tty2 +#... + +# IBM iSeries/pSeries virtual console +hvc0 +hvc1 +#... +#IBM pSeries console ports +hvsi0 +hvsi1 +hvsi2 + +# Equinox SST multi-port serial boards +ttyEQ0 +ttyEQ1 +#...ttyEQ1027 + +# ========================================================== +# +# Not in Documentation/Devicess.txt +# +# ========================================================== + +# Embedded Freescale i.MX ports +ttymxc0 +ttymxc1 +ttymxc2 +ttymxc3 +ttymxc4 +ttymxc5 + +# Serial Console for MIPS Swarm +duart0 +duart1 diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf b/tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf new file mode 100644 index 00000000..e69de29b diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow b/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/login/01_login_sublogin/login.exp b/tests/chroot/login/01_login_sublogin/login.exp new file mode 100755 index 00000000..86253bcf --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/login.exp @@ -0,0 +1,25 @@ +#!/usr/bin/expect + +set timeout 10 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "strace -s 1000 -o /tmp/login.strace login\r" +expect " login: " +send "myuser\r" +expect "Password: " +send "myuserF00barbaz\r" +expect "Password: " +send "myuserF00barbaz\r" +expect "$ " + +send "# expect uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " +send "id\r" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " +send "exit\r" + +exit 0 diff --git a/tests/chroot/login/01_login_sublogin/login.test b/tests/chroot/login/01_login_sublogin/login.test new file mode 100755 index 00000000..f5d271ba --- /dev/null +++ b/tests/chroot/login/01_login_sublogin/login.test @@ -0,0 +1,33 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +testname=$(basename $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "try regular login with user prompt" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +usermod -d $PWD/tmp/root myuser + +prepare_chroot + +./login.exp +echo + +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/pwck/01_pwck--root/config.txt b/tests/chroot/pwck/01_pwck--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd b/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/group b/tests/chroot/pwck/01_pwck--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/gshadow b/tests/chroot/pwck/01_pwck--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/passwd b/tests/chroot/pwck/01_pwck--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/shadow b/tests/chroot/pwck/01_pwck--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd new file mode 100644 index 00000000..76c6fc38 --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd @@ -0,0 +1,23 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash +testsuite::424244:424244::/home:/bin/bash +testsuite1::424243:424243::/home:/bin/bash diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/pwck/01_pwck--root/data/pwck.out b/tests/chroot/pwck/01_pwck--root/data/pwck.out new file mode 100644 index 00000000..92a56706 --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/data/pwck.out @@ -0,0 +1,59 @@ +user 'root': program '/bin/bash' does not exist +user 'daemon': directory '/usr/sbin' does not exist +user 'daemon': program '/bin/sh' does not exist +user 'bin': directory '/bin' does not exist +user 'bin': program '/bin/sh' does not exist +user 'sys': directory '/dev' does not exist +user 'sys': program '/bin/sh' does not exist +user 'sync': directory '/bin' does not exist +user 'sync': program '/bin/sync' does not exist +user 'games': directory '/usr/games' does not exist +user 'games': program '/bin/sh' does not exist +user 'man': directory '/var/cache/man' does not exist +user 'man': program '/bin/sh' does not exist +user 'lp': directory '/var/spool/lpd' does not exist +user 'lp': program '/bin/sh' does not exist +user 'mail': directory '/var/mail' does not exist +user 'mail': program '/bin/sh' does not exist +user 'news': directory '/var/spool/news' does not exist +user 'news': program '/bin/sh' does not exist +user 'uucp': directory '/var/spool/uucp' does not exist +user 'uucp': program '/bin/sh' does not exist +user 'proxy': directory '/bin' does not exist +user 'proxy': program '/bin/sh' does not exist +user 'www-data': directory '/var/www' does not exist +user 'www-data': program '/bin/sh' does not exist +user 'backup': directory '/var/backups' does not exist +user 'backup': program '/bin/sh' does not exist +user 'list': directory '/var/list' does not exist +user 'list': program '/bin/sh' does not exist +user 'irc': directory '/var/run/ircd' does not exist +user 'irc': program '/bin/sh' does not exist +user 'gnats': directory '/var/lib/gnats' does not exist +user 'gnats': program '/bin/sh' does not exist +user 'nobody': directory '/nonexistent' does not exist +user 'nobody': program '/bin/sh' does not exist +user 'Debian-exim': directory '/var/spool/exim4' does not exist +user 'Debian-exim': program '/bin/false' does not exist +user 'myuser': directory '/home/' does not exist +user 'myuser': program '/bin/sh' does not exist +duplicate password entry +delete line 'testsuite::424243:424243::/home:/bin/bash'? No +user 'testsuite': no group 424243 +user 'testsuite': directory '/home' does not exist +user 'testsuite': program '/bin/bash' does not exist +no matching password file entry in /etc/shadow +add user 'testsuite' in /etc/shadow? No +duplicate password entry +delete line 'testsuite::424244:424244::/home:/bin/bash'? No +user 'testsuite': no group 424244 +user 'testsuite': directory '/home' does not exist +user 'testsuite': program '/bin/bash' does not exist +no matching password file entry in /etc/shadow +add user 'testsuite' in /etc/shadow? No +user 'testsuite1': no group 424243 +user 'testsuite1': directory '/home' does not exist +user 'testsuite1': program '/bin/bash' does not exist +no matching password file entry in /etc/shadow +add user 'testsuite1' in /etc/shadow? No +pwck: no changes diff --git a/tests/chroot/pwck/01_pwck--root/pwck.test b/tests/chroot/pwck/01_pwck--root/pwck.test new file mode 100755 index 00000000..25cba9f0 --- /dev/null +++ b/tests/chroot/pwck/01_pwck--root/pwck.test @@ -0,0 +1,67 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck can change a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "pwck in a chroot (pwck --read-only --root $PWD/tmp/root)..." +pwck --read-only --root $PWD/tmp/root >tmp/pwck.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.out +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.out tmp/pwck.out +echo "error message OK." +rm -f tmp/pwck.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/pwconv/01_pwconv--root/config.txt b/tests/chroot/pwconv/01_pwconv--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd b/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/group b/tests/chroot/pwconv/01_pwconv--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow b/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd b/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow b/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd new file mode 100644 index 00000000..1a85284e --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:!:102:102::/var/spool/exim4:/bin/false +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/pwconv/01_pwconv--root/data/passwd b/tests/chroot/pwconv/01_pwconv--root/data/passwd new file mode 100644 index 00000000..89b69625 --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite:x:424243:424243::/home:/bin/bash diff --git a/tests/chroot/pwconv/01_pwconv--root/data/shadow b/tests/chroot/pwconv/01_pwconv--root/data/shadow new file mode 100644 index 00000000..38bf30c5 --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/data/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:@TODAY@:0:99999:7::: +daemon:*:@TODAY@:0:99999:7::: +bin:*:@TODAY@:0:99999:7::: +sys:*:@TODAY@:0:99999:7::: +sync:*:@TODAY@:0:99999:7::: +games:*:@TODAY@:0:99999:7::: +man:*:@TODAY@:0:99999:7::: +lp:*:@TODAY@:0:99999:7::: +mail:*:@TODAY@:0:99999:7::: +news:*:@TODAY@:0:99999:7::: +uucp:*:@TODAY@:0:99999:7::: +proxy:*:@TODAY@:0:99999:7::: +www-data:*:@TODAY@:0:99999:7::: +backup:*:@TODAY@:0:99999:7::: +list:*:@TODAY@:0:99999:7::: +irc:*:@TODAY@:0:99999:7::: +gnats:*:@TODAY@:0:99999:7::: +nobody:*:@TODAY@:0:99999:7::: +Debian-exim:!:@TODAY@:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:@TODAY@:0:99999:7::: +testsuite::@TODAY@:0:99999:7::: diff --git a/tests/chroot/pwconv/01_pwconv--root/pwconv.test b/tests/chroot/pwconv/01_pwconv--root/pwconv.test new file mode 100755 index 00000000..3b92ab4b --- /dev/null +++ b/tests/chroot/pwconv/01_pwconv--root/pwconv.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwconv can change a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "pwconv in a chroot (pwconv --root $PWD/tmp/root)..." +pwconv --root $PWD/tmp/root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/shadow +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config.txt b/tests/chroot/pwunconv/01_pwunconv--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/pwunconv/01_pwunconv--root/data/passwd b/tests/chroot/pwunconv/01_pwunconv--root/data/passwd new file mode 100644 index 00000000..1a85284e --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/data/passwd @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:!:102:102::/var/spool/exim4:/bin/false +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test b/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test new file mode 100755 index 00000000..60c25529 --- /dev/null +++ b/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwunconv can change a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "pwunconv in a chroot (pwunconv --root $PWD/tmp/root)..." +pwunconv --root $PWD/tmp/root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +test ! -f tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/useradd/01_useradd--root/config.txt b/tests/chroot/useradd/01_useradd--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd b/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/group b/tests/chroot/useradd/01_useradd--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/gshadow b/tests/chroot/useradd/01_useradd--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/passwd b/tests/chroot/useradd/01_useradd--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/shadow b/tests/chroot/useradd/01_useradd--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/useradd/01_useradd--root/data/group b/tests/chroot/useradd/01_useradd--root/data/group new file mode 100644 index 00000000..ffc452fd --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +foo:x:1000: diff --git a/tests/chroot/useradd/01_useradd--root/data/gshadow b/tests/chroot/useradd/01_useradd--root/data/gshadow new file mode 100644 index 00000000..e4b350df --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: +foo:!:: diff --git a/tests/chroot/useradd/01_useradd--root/data/passwd b/tests/chroot/useradd/01_useradd--root/data/passwd new file mode 100644 index 00000000..102186a6 --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/data/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash +foo:x:1000:1000::/home/foo: diff --git a/tests/chroot/useradd/01_useradd--root/data/shadow b/tests/chroot/useradd/01_useradd--root/data/shadow new file mode 100644 index 00000000..258cf2b9 --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/data/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +foo:!:@TODAY@:0:99999:7::: diff --git a/tests/chroot/useradd/01_useradd--root/useradd.test b/tests/chroot/useradd/01_useradd--root/useradd.test new file mode 100755 index 00000000..aa9dd35a --- /dev/null +++ b/tests/chroot/useradd/01_useradd--root/useradd.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd can add an user in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..." +useradd --root $PWD/tmp/root foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config.txt b/tests/chroot/useradd/02_useradd--root_login.defs/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs new file mode 100644 index 00000000..e2291282 --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 2000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1500 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/group b/tests/chroot/useradd/02_useradd--root_login.defs/data/group new file mode 100644 index 00000000..eb04ceda --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +foo:x:2000: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow new file mode 100644 index 00000000..e4b350df --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: +foo:!:: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd new file mode 100644 index 00000000..25d10d6a --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash +foo:x:2000:2000::/home/foo: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow new file mode 100644 index 00000000..258cf2b9 --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +foo:!:@TODAY@:0:99999:7::: diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test b/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test new file mode 100755 index 00000000..aa9dd35a --- /dev/null +++ b/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd can add an user in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..." +useradd --root $PWD/tmp/root foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt b/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd new file mode 100644 index 00000000..5051e1d9 --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/group b/tests/chroot/useradd/03_useradd--root_useradd.default/data/group new file mode 100644 index 00000000..ffc452fd --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: +foo:x:1000: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow new file mode 100644 index 00000000..e4b350df --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: +foo:!:: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd new file mode 100644 index 00000000..22fa7447 --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash +foo:x:1000:1000::/tmp/foo:/bin/sh diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow new file mode 100644 index 00000000..f4c9dfbd --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test b/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test new file mode 100755 index 00000000..aa9dd35a --- /dev/null +++ b/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd can add an user in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..." +useradd --root $PWD/tmp/root foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt b/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd new file mode 100644 index 00000000..5051e1d9 --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out b/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out new file mode 100644 index 00000000..581c0555 --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out @@ -0,0 +1,7 @@ +GROUP=10 +HOME=/tmp +INACTIVE=12 +EXPIRE=2007-12-02 +SHELL=/bin/sh +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test b/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test new file mode 100755 index 00000000..069e7042 --- /dev/null +++ b/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test @@ -0,0 +1,61 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd can list defaults from a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "List defaults in chroot (useradd --root $PWD/tmp/root foo)..." +useradd -D --root $PWD/tmp/root > tmp/useradd.out +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.out tmp/useradd.out +echo "OK." +rm -f tmp/useradd.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc//group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd new file mode 100644 index 00000000..d1406e44 --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=100 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default new file mode 100644 index 00000000..aaca91a5 --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default @@ -0,0 +1,38 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=424242 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2012-12-12 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test new file mode 100755 index 00000000..97059dad --- /dev/null +++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd can list defaults from a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "List defaults in chroot (useradd -D --root $PWD/tmp/root -e 2012-12-12 -g 424242)..." +useradd -D --root $PWD/tmp/root -e 2012-12-12 -g 424242 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc//group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" +echo -n "Check the useradd's default file..." +diff -au data/useradd.default tmp/root/etc/default/useradd +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +rm -f tmp/root/etc/default/useradd- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/userdel/01_userdel--root/config.txt b/tests/chroot/userdel/01_userdel--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd b/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/group b/tests/chroot/userdel/01_userdel--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/gshadow b/tests/chroot/userdel/01_userdel--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/passwd b/tests/chroot/userdel/01_userdel--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/shadow b/tests/chroot/userdel/01_userdel--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/userdel/01_userdel--root/data/group b/tests/chroot/userdel/01_userdel--root/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/userdel/01_userdel--root/data/gshadow b/tests/chroot/userdel/01_userdel--root/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/userdel/01_userdel--root/data/passwd b/tests/chroot/userdel/01_userdel--root/data/passwd new file mode 100644 index 00000000..4736f1c9 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/userdel/01_userdel--root/data/shadow b/tests/chroot/userdel/01_userdel--root/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/userdel/01_userdel--root/userdel.test b/tests/chroot/userdel/01_userdel--root/userdel.test new file mode 100755 index 00000000..4ee203e2 --- /dev/null +++ b/tests/chroot/userdel/01_userdel--root/userdel.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel can change a user in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Delete a user in chroot (userdel --root $PWD/tmp/root myuser)..." +userdel --root $PWD/tmp/root myuser +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chroot/usermod/01_usermod--root/config.txt b/tests/chroot/usermod/01_usermod--root/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd b/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/group b/tests/chroot/usermod/01_usermod--root/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/gshadow b/tests/chroot/usermod/01_usermod--root/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/passwd b/tests/chroot/usermod/01_usermod--root/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/shadow b/tests/chroot/usermod/01_usermod--root/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chroot/usermod/01_usermod--root/data/passwd b/tests/chroot/usermod/01_usermod--root/data/passwd new file mode 100644 index 00000000..1f47aafa --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/data/passwd @@ -0,0 +1,21 @@ +root:x:0:100:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/chroot/usermod/01_usermod--root/usermod.test b/tests/chroot/usermod/01_usermod--root/usermod.test new file mode 100755 index 00000000..14f7a08b --- /dev/null +++ b/tests/chroot/usermod/01_usermod--root/usermod.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can change a user in a chroot" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0 + +change_config + +prepare_chroot + +echo -n "Change user in chroot (usermod --root $PWD/tmp/root -g users root)..." +usermod --root $PWD/tmp/root -g users root +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/root/etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow +echo "OK" + +rm -f tmp/root/etc/.pwd.lock +rm -f tmp/root/etc/passwd- +rm -f tmp/root/etc/group- +rm -f tmp/root/etc/shadow- +rm -f tmp/root/etc/gshadow- +clean_chroot + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/01/data/chsh1 b/tests/chsh/01/data/chsh1 new file mode 100644 index 00000000..01b3d539 --- /dev/null +++ b/tests/chsh/01/data/chsh1 @@ -0,0 +1 @@ +You may not change the shell for 'myuser'. diff --git a/tests/chsh/01/data/chsh2 b/tests/chsh/01/data/chsh2 new file mode 100644 index 00000000..b017d6dd --- /dev/null +++ b/tests/chsh/01/data/chsh2 @@ -0,0 +1 @@ +You may not change the shell for 'myuser2'. diff --git a/tests/chsh/01/data/group b/tests/chsh/01/data/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/01/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/01/data/gshadow b/tests/chsh/01/data/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/01/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/01/data/passwd b/tests/chsh/01/data/passwd new file mode 100644 index 00000000..37b04674 --- /dev/null +++ b/tests/chsh/01/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/01/data/shadow b/tests/chsh/01/data/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/01/data/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/01/data/shells b/tests/chsh/01/data/shells new file mode 100644 index 00000000..4fd4378e --- /dev/null +++ b/tests/chsh/01/data/shells @@ -0,0 +1,16 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +/bin/zsh +/usr/bin/esh +/bin/bash +/bin/rbash diff --git a/tests/chsh/01/run b/tests/chsh/01/run new file mode 100755 index 00000000..72760c26 --- /dev/null +++ b/tests/chsh/01/run @@ -0,0 +1,143 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test chage options + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow shells + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + [ -f /etc/$i- ] && cp /etc/$i- tmp/$i- + done + + true +} + +restore() +{ + for i in passwd group shadow gshadow shells + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + [ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i- + done + rm -f tmp/out + rm -f tmp/shell tmp/sh:ell + rmdir tmp +} + +save + +# restore the files on exit +trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0 + +for i in passwd group shadow gshadow shells +do + cp data/$i /etc +done + +echo -n "changing to a restricted shell, by root..." +cp /bin/bash tmp/shell +chsh -s $(pwd)/tmp/shell myuser +ent=$(getent passwd myuser) +[ "$ent" = "myuser:x:424242:424242::/home:"$(pwd)"/tmp/shell" ] || exit 1 +echo "OK" + +echo -n "changing from a restricted shell, by myuser..." +su myuser -c "chsh -s /bin/bash" 2> tmp/out && exit 1 +ent=$(getent passwd myuser) +[ "$ent" = "myuser:x:424242:424242::/home:"$(pwd)"/tmp/shell" ] || exit 1 +diff -au data/chsh1 tmp/out +echo "OK" + +echo -n "changing from a restricted shell, by root..." +chsh -s /bin/bash myuser +ent=$(getent passwd myuser) +[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1 +echo "OK" + +# Need to be done by expect now (chage asks for a passwd if not root) +#echo -n "changing to a restricted shell, by myuser..." +#su myuser -c "chsh -s $(pwd)/tmp/shell" 2> tmp/out && exit 1 +#ent=$(getent passwd myuser) +#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1 +#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null +#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1 +#echo "OK" + +#echo -n "changing to a new valid shell, by myuser..." +#echo $(pwd)/tmp/shell >> /tmp/shells +#su myuser -c "chsh -s $(pwd)/tmp/shell" 2> tmp/out && exit 1 +#ent=$(getent passwd myuser) +#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1 +#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null +#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1 +#echo "OK" + +echo -n "changing another user's shell..." +su myuser -c "chsh -s /bin/sh myuser2" 2> tmp/out && exit 1 +ent=$(getent passwd myuser2) +[ "$ent" = "myuser2:x:424243:424242::/home:/bin/sh" ] || exit 1 +diff -au data/chsh2 tmp/out +echo "OK" + +#echo -n "changing to a non-executable shell..." +#chmod a-x tmp/shell +#su myuser -c "chsh -s $(pwd)/tmp/shell myuser" 2> tmp/out && exit 1 +#ent=$(getent passwd myuser) +#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1 +#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null +#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1 +#echo "OK" + +echo -n "changing to an invalid shell name..." +cp /bin/bash tmp/sh:ell +echo $(pwd)/tmp/sh:ell >> /etc/shells +chsh -s $(pwd)/tmp/sh:ell myuser 2> tmp/out && exit 1 +ent=$(getent passwd myuser) +[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1 +egrep "chsh: Invalid entry: .*/tmp/sh:ell" tmp/out > /dev/null +[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1 +echo "OK" + +echo "testing the interactive mode (1)..." +rm -f tmp/out +./run.exp /bin/bash myuser +[ -f tmp/out ] && exit 1 +ent=$(getent passwd myuser) +[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1 +echo "OK" + +#echo "testing the interactive mode (2)..." +#rm -f tmp/out +#su myuser -c "./run.exp /bin/bash" +#[ -f tmp/out ] && exit 1 +#ent=$(getent passwd myuser) +#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1 +#echo "OK" + +echo "testing the interactive mode (3)..." +rm -f tmp/out +./run.exp /bin/sh myuser +[ -f tmp/out ] && exit 1 +ent=$(getent passwd myuser) +[ "$ent" = "myuser:x:424242:424242::/home:/bin/sh" ] || exit 1 +echo "OK" + +echo "testing the interactive mode (4)..." +rm -f tmp/out +./run.exp $(pwd)/tmp/sh:ell myuser && exit 1 +egrep "chsh: Invalid entry: .*/tmp/sh:ell" tmp/out > /dev/null +ent=$(getent passwd myuser) +[ "$ent" = "myuser:x:424242:424242::/home:/bin/sh" ] || exit 1 +echo "OK" + diff --git a/tests/chsh/01/run.exp b/tests/chsh/01/run.exp new file mode 100755 index 00000000..4890193f --- /dev/null +++ b/tests/chsh/01/run.exp @@ -0,0 +1,38 @@ +#!/usr/bin/expect + +set timeout 5 + +if {$argc < 1} { + puts "usage: run.exp \[shell] \[user]" + exit 1 +} +set shell [lindex $argv 0] + +if {$argc == 2} { + spawn /usr/bin/chsh [lindex $argv 1] +} else { + spawn /usr/bin/chsh +} + +expect "Changing the login shell for myuser" +expect "Enter the new value, or press ENTER for the default" +expect -re "Login Shell .*\]: " +send "$shell\r" +expect "$shell\r\n" +expect { + eof { + if ([string compare $expect_out(buffer) ""]) { + set fp [open "tmp/out" w] + puts $fp "$expect_out(buffer)" + puts "\nFAIL" + exit 1 + } + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chsh/02_chsh_usage/chsh.test b/tests/chsh/02_chsh_usage/chsh.test new file mode 100755 index 00000000..3a6e656a --- /dev/null +++ b/tests/chsh/02_chsh_usage/chsh.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get chsh usage (chsh -h)..." +chsh -h >tmp/usage.out +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/02_chsh_usage/config.txt b/tests/chsh/02_chsh_usage/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/02_chsh_usage/config/etc/group b/tests/chsh/02_chsh_usage/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/02_chsh_usage/config/etc/gshadow b/tests/chsh/02_chsh_usage/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/02_chsh_usage/config/etc/passwd b/tests/chsh/02_chsh_usage/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/02_chsh_usage/config/etc/shadow b/tests/chsh/02_chsh_usage/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/02_chsh_usage/data/usage.out b/tests/chsh/02_chsh_usage/data/usage.out new file mode 100644 index 00000000..ef576ec4 --- /dev/null +++ b/tests/chsh/02_chsh_usage/data/usage.out @@ -0,0 +1,7 @@ +Usage: chsh [options] [LOGIN] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + diff --git a/tests/chsh/03_chsh_usage_invalid_option/chsh.test b/tests/chsh/03_chsh_usage_invalid_option/chsh.test new file mode 100755 index 00000000..4552cc32 --- /dev/null +++ b/tests/chsh/03_chsh_usage_invalid_option/chsh.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh displays its usage message is case of invalid option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use wrong chsh option (chsh -Z)..." +chsh -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/03_chsh_usage_invalid_option/config.txt b/tests/chsh/03_chsh_usage_invalid_option/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/group b/tests/chsh/03_chsh_usage_invalid_option/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow b/tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd b/tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow b/tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/03_chsh_usage_invalid_option/data/usage.out b/tests/chsh/03_chsh_usage_invalid_option/data/usage.out new file mode 100644 index 00000000..e930bab5 --- /dev/null +++ b/tests/chsh/03_chsh_usage_invalid_option/data/usage.out @@ -0,0 +1,8 @@ +chsh: invalid option -- 'Z' +Usage: chsh [options] [LOGIN] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + diff --git a/tests/chsh/04_chsh_usage_2_users/chsh.test b/tests/chsh/04_chsh_usage_2_users/chsh.test new file mode 100755 index 00000000..ef1c1818 --- /dev/null +++ b/tests/chsh/04_chsh_usage_2_users/chsh.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh displays its usage message is case multiple users are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use chsh with 2 users (chsh -s /bin/sh root bin)..." +chsh -s /bin/sh root bin 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/04_chsh_usage_2_users/config.txt b/tests/chsh/04_chsh_usage_2_users/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/group b/tests/chsh/04_chsh_usage_2_users/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/gshadow b/tests/chsh/04_chsh_usage_2_users/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/passwd b/tests/chsh/04_chsh_usage_2_users/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/shadow b/tests/chsh/04_chsh_usage_2_users/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/04_chsh_usage_2_users/data/usage.out b/tests/chsh/04_chsh_usage_2_users/data/usage.out new file mode 100644 index 00000000..ef576ec4 --- /dev/null +++ b/tests/chsh/04_chsh_usage_2_users/data/usage.out @@ -0,0 +1,7 @@ +Usage: chsh [options] [LOGIN] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test b/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test new file mode 100755 index 00000000..48442668 --- /dev/null +++ b/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +chmod a+w tmp + +echo -n "execute chsh..." +su myuser -c "./run.exp /bin/sh" +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config.txt b/tests/chsh/05_chsh_myuser_restricted_shell/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd new file mode 100644 index 00000000..37b04674 --- /dev/null +++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells new file mode 100644 index 00000000..16e922a1 --- /dev/null +++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells @@ -0,0 +1,15 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +#/bin/zsh +/usr/bin/esh +/bin/rbash diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/run.exp b/tests/chsh/05_chsh_myuser_restricted_shell/run.exp new file mode 100755 index 00000000..1abf0858 --- /dev/null +++ b/tests/chsh/05_chsh_myuser_restricted_shell/run.exp @@ -0,0 +1,34 @@ +#!/usr/bin/expect + +set timeout 5 + +if {$argc < 1} { + puts "usage: run.exp \[shell] \[user]" + exit 1 +} +set shell [lindex $argv 0] + +if {$argc == 2} { + spawn /usr/bin/chsh [lindex $argv 1] +} else { + spawn /usr/bin/chsh +} + +expect "You may not change the shell for 'myuser'.\r\n" +expect { + eof { + if ([string compare $expect_out(buffer) ""]) { + set fp [open "tmp/out" w] + puts $fp "$expect_out(buffer)" + puts "\nFAIL" + exit 1 + } + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test b/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test new file mode 100755 index 00000000..d8d88ac1 --- /dev/null +++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +chmod a+w tmp + +echo -n "execute chsh..." +su myuser -c "./run.exp /bin/sh" +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt b/tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd new file mode 100644 index 00000000..37b04674 --- /dev/null +++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells new file mode 100644 index 00000000..d52a3bf0 --- /dev/null +++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells @@ -0,0 +1,16 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +#/bin/zsh +/usr/bin/esh +/bin/bash +/bin/rbash diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd b/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp b/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp new file mode 100755 index 00000000..0c0e023b --- /dev/null +++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp @@ -0,0 +1,40 @@ +#!/usr/bin/expect + +set timeout 5 + +if {$argc < 1} { + puts "usage: run.exp \[shell] \[user]" + exit 1 +} +set shell [lindex $argv 0] + +if {$argc == 2} { + spawn /usr/bin/chsh [lindex $argv 1] +} else { + spawn /usr/bin/chsh +} + +expect "Password: " +send "myuserF00barbaz\r" +expect "Changing the login shell for myuser" +expect "Enter the new value, or press ENTER for the default" +expect -re "Login Shell .*\]: " +send "$shell\r" +expect "$shell\r\n" +expect { + eof { + if ([string compare $expect_out(buffer) ""]) { + set fp [open "tmp/out" w] + puts $fp "$expect_out(buffer)" + puts "\nFAIL" + exit 1 + } + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chsh/07_chsh_usage_invalid_user/chsh.test b/tests/chsh/07_chsh_usage_invalid_user/chsh.test new file mode 100755 index 00000000..5d76de21 --- /dev/null +++ b/tests/chsh/07_chsh_usage_invalid_user/chsh.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh checks that the user exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use chsh for an invalid user (chsh wronguser)..." +chsh wronguser 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/07_chsh_usage_invalid_user/config.txt b/tests/chsh/07_chsh_usage_invalid_user/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/group b/tests/chsh/07_chsh_usage_invalid_user/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow b/tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd b/tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow b/tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/07_chsh_usage_invalid_user/data/usage.out b/tests/chsh/07_chsh_usage_invalid_user/data/usage.out new file mode 100644 index 00000000..f57326c7 --- /dev/null +++ b/tests/chsh/07_chsh_usage_invalid_user/data/usage.out @@ -0,0 +1 @@ +chsh: user 'wronguser' does not exist diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test b/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test new file mode 100755 index 00000000..611d1a6b --- /dev/null +++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +chmod a+w tmp + +echo -n "execute chsh..." +su myuser -c "./run.exp /bin/bash" +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt b/tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells new file mode 100644 index 00000000..16e922a1 --- /dev/null +++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells @@ -0,0 +1,15 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +#/bin/zsh +/usr/bin/esh +/bin/rbash diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd b/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp b/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp new file mode 100755 index 00000000..b1bd8d66 --- /dev/null +++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp @@ -0,0 +1,41 @@ +#!/usr/bin/expect + +set timeout 5 + +if {$argc < 1} { + puts "usage: run.exp \[shell] \[user]" + exit 1 +} +set shell [lindex $argv 0] + +if {$argc == 2} { + spawn /usr/bin/chsh [lindex $argv 1] +} else { + spawn /usr/bin/chsh +} + +expect "Password: " +send "myuserF00barbaz\r" +expect "Changing the login shell for myuser" +expect "Enter the new value, or press ENTER for the default" +expect -re "Login Shell .*\]: " +send "$shell\r" +expect "$shell\r\n" +expect "chsh: $shell is an invalid shell\r\n" +expect { + eof { + if ([string compare $expect_out(buffer) ""]) { + set fp [open "tmp/out" w] + puts $fp "$expect_out(buffer)" + puts "\nFAIL" + exit 1 + } + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test b/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test new file mode 100755 index 00000000..6248780b --- /dev/null +++ b/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +chmod a+w tmp + +echo /tmp/bash >> /etc/shells +echo -n "execute chsh..." +su myuser -c "./run.exp /tmp/bash" +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config.txt b/tests/chsh/09_chsh_myuser_to_missing_shell/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells new file mode 100644 index 00000000..16e922a1 --- /dev/null +++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells @@ -0,0 +1,15 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +#/bin/zsh +/usr/bin/esh +/bin/rbash diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd b/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp b/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp new file mode 100755 index 00000000..b1bd8d66 --- /dev/null +++ b/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp @@ -0,0 +1,41 @@ +#!/usr/bin/expect + +set timeout 5 + +if {$argc < 1} { + puts "usage: run.exp \[shell] \[user]" + exit 1 +} +set shell [lindex $argv 0] + +if {$argc == 2} { + spawn /usr/bin/chsh [lindex $argv 1] +} else { + spawn /usr/bin/chsh +} + +expect "Password: " +send "myuserF00barbaz\r" +expect "Changing the login shell for myuser" +expect "Enter the new value, or press ENTER for the default" +expect -re "Login Shell .*\]: " +send "$shell\r" +expect "$shell\r\n" +expect "chsh: $shell is an invalid shell\r\n" +expect { + eof { + if ([string compare $expect_out(buffer) ""]) { + set fp [open "tmp/out" w] + puts $fp "$expect_out(buffer)" + puts "\nFAIL" + exit 1 + } + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test b/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test new file mode 100755 index 00000000..7dd4642d --- /dev/null +++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test @@ -0,0 +1,46 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /tmp/bash' 0 + +change_config + +chmod a+w tmp + +echo /tmp/bash >> /etc/shells +cp /bin/bash /tmp/bash +chmod a-x /tmp/bash + +echo -n "execute chsh..." +su myuser -c "./run.exp /tmp/bash" +echo "OK" +rm -f /tmp/bash + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells new file mode 100644 index 00000000..16e922a1 --- /dev/null +++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells @@ -0,0 +1,15 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +#/bin/zsh +/usr/bin/esh +/bin/rbash diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd b/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp b/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp new file mode 100755 index 00000000..b1bd8d66 --- /dev/null +++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp @@ -0,0 +1,41 @@ +#!/usr/bin/expect + +set timeout 5 + +if {$argc < 1} { + puts "usage: run.exp \[shell] \[user]" + exit 1 +} +set shell [lindex $argv 0] + +if {$argc == 2} { + spawn /usr/bin/chsh [lindex $argv 1] +} else { + spawn /usr/bin/chsh +} + +expect "Password: " +send "myuserF00barbaz\r" +expect "Changing the login shell for myuser" +expect "Enter the new value, or press ENTER for the default" +expect -re "Login Shell .*\]: " +send "$shell\r" +expect "$shell\r\n" +expect "chsh: $shell is an invalid shell\r\n" +expect { + eof { + if ([string compare $expect_out(buffer) ""]) { + set fp [open "tmp/out" w] + puts $fp "$expect_out(buffer)" + puts "\nFAIL" + exit 1 + } + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chsh/11_chsh_auth_failure/chsh.test b/tests/chsh/11_chsh_auth_failure/chsh.test new file mode 100755 index 00000000..dda9bc6e --- /dev/null +++ b/tests/chsh/11_chsh_auth_failure/chsh.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh checks password for non root" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +chmod a+w tmp + +echo -n "execute chsh..." +su myuser -c "./run.exp /bin/bash" +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/11_chsh_auth_failure/config.txt b/tests/chsh/11_chsh_auth_failure/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/group b/tests/chsh/11_chsh_auth_failure/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/11_chsh_auth_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/gshadow b/tests/chsh/11_chsh_auth_failure/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/11_chsh_auth_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/passwd b/tests/chsh/11_chsh_auth_failure/config/etc/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/11_chsh_auth_failure/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/shadow b/tests/chsh/11_chsh_auth_failure/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/11_chsh_auth_failure/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/shells b/tests/chsh/11_chsh_auth_failure/config/etc/shells new file mode 100644 index 00000000..16e922a1 --- /dev/null +++ b/tests/chsh/11_chsh_auth_failure/config/etc/shells @@ -0,0 +1,15 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +#/bin/zsh +/usr/bin/esh +/bin/rbash diff --git a/tests/chsh/11_chsh_auth_failure/data/passwd b/tests/chsh/11_chsh_auth_failure/data/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/11_chsh_auth_failure/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/11_chsh_auth_failure/run.exp b/tests/chsh/11_chsh_auth_failure/run.exp new file mode 100755 index 00000000..67e34552 --- /dev/null +++ b/tests/chsh/11_chsh_auth_failure/run.exp @@ -0,0 +1,36 @@ +#!/usr/bin/expect + +set timeout 5 + +if {$argc < 1} { + puts "usage: run.exp \[shell] \[user]" + exit 1 +} +set shell [lindex $argv 0] + +if {$argc == 2} { + spawn /usr/bin/chsh [lindex $argv 1] +} else { + spawn /usr/bin/chsh +} + +expect "Password: " +send "wrong pass\r" +expect "chsh: PAM: Authentication failure\r\n" +expect { + eof { + if ([string compare $expect_out(buffer) ""]) { + set fp [open "tmp/out" w] + puts $fp "$expect_out(buffer)" + puts "\nFAIL" + exit 1 + } + } default { + puts "\nFAIL" + exit 1 + } +} + +puts "\nPASS" +exit 0 + diff --git a/tests/chsh/12_chsh_warning_missing_shell/chsh.test b/tests/chsh/12_chsh_warning_missing_shell/chsh.test new file mode 100755 index 00000000..de12b13e --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/chsh.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change shell to a missing shell (chsh -s /tmp/bash bin)..." +chsh -s /tmp/bash bin 2>tmp/chsh.err +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/chsh.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/chsh.err tmp/chsh.err +echo "usage message OK." +rm -f tmp/chsh.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/12_chsh_warning_missing_shell/config.txt b/tests/chsh/12_chsh_warning_missing_shell/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/group b/tests/chsh/12_chsh_warning_missing_shell/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow b/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh b/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh new file mode 100644 index 00000000..7eb604d7 --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh @@ -0,0 +1,20 @@ +# +# The PAM configuration file for the Shadow `chsh' service +# + +# This will not allow a user to change their shell unless +# their current one is listed in /etc/shells. This keeps +# accounts with special shells from changing them. +auth required pam_shells.so + +# This allows root to change user shell without being +# prompted for a password +auth sufficient pam_rootok.so + +# The standard Unix authentication modules, used with +# NIS (man nsswitch) as well as normal /etc/passwd and +# /etc/shadow entries. +@include common-auth +@include common-account +@include common-session + diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd b/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells new file mode 100644 index 00000000..4fd4378e --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells @@ -0,0 +1,16 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +/bin/zsh +/usr/bin/esh +/bin/bash +/bin/rbash diff --git a/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err b/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err new file mode 100644 index 00000000..7801a163 --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err @@ -0,0 +1 @@ +chsh: Warning: /tmp/bash does not exist diff --git a/tests/chsh/12_chsh_warning_missing_shell/data/passwd b/tests/chsh/12_chsh_warning_missing_shell/data/passwd new file mode 100644 index 00000000..7e745d96 --- /dev/null +++ b/tests/chsh/12_chsh_warning_missing_shell/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/tmp/bash +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/13_chsh_warning_non_executable/chsh.test b/tests/chsh/13_chsh_warning_non_executable/chsh.test new file mode 100755 index 00000000..c98bad72 --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/chsh.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /tmp/bash' 0 + +change_config + +cp /bin/bash /tmp/bash +chmod a-x /tmp/bash + +echo -n "Change shell to a missing shell (chsh -s /tmp/bash bin)..." +chsh -s /tmp/bash bin 2>tmp/chsh.err +echo "OK" +rm -f /tmp/bash + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/chsh.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/chsh.err tmp/chsh.err +echo "usage message OK." +rm -f tmp/chsh.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/13_chsh_warning_non_executable/config.txt b/tests/chsh/13_chsh_warning_non_executable/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/group b/tests/chsh/13_chsh_warning_non_executable/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow b/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh b/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh new file mode 100644 index 00000000..7eb604d7 --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh @@ -0,0 +1,20 @@ +# +# The PAM configuration file for the Shadow `chsh' service +# + +# This will not allow a user to change their shell unless +# their current one is listed in /etc/shells. This keeps +# accounts with special shells from changing them. +auth required pam_shells.so + +# This allows root to change user shell without being +# prompted for a password +auth sufficient pam_rootok.so + +# The standard Unix authentication modules, used with +# NIS (man nsswitch) as well as normal /etc/passwd and +# /etc/shadow entries. +@include common-auth +@include common-account +@include common-session + diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd b/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow b/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/shells b/tests/chsh/13_chsh_warning_non_executable/config/etc/shells new file mode 100644 index 00000000..4fd4378e --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/shells @@ -0,0 +1,16 @@ +# /etc/shells: valid login shells +/bin/ash +/bin/csh +/bin/sh +/usr/bin/es +/usr/bin/ksh +/bin/ksh +/usr/bin/rc +/usr/bin/tcsh +/bin/tcsh +/usr/bin/zsh +/bin/sash +/bin/zsh +/usr/bin/esh +/bin/bash +/bin/rbash diff --git a/tests/chsh/13_chsh_warning_non_executable/data/chsh.err b/tests/chsh/13_chsh_warning_non_executable/data/chsh.err new file mode 100644 index 00000000..4a87ec2e --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/data/chsh.err @@ -0,0 +1 @@ +chsh: Warning: /tmp/bash is not executable diff --git a/tests/chsh/13_chsh_warning_non_executable/data/passwd b/tests/chsh/13_chsh_warning_non_executable/data/passwd new file mode 100644 index 00000000..7e745d96 --- /dev/null +++ b/tests/chsh/13_chsh_warning_non_executable/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/tmp/bash +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/chsh/14_chsh_locked_passwd/chsh.test b/tests/chsh/14_chsh_locked_passwd/chsh.test new file mode 100755 index 00000000..c41e1ebb --- /dev/null +++ b/tests/chsh/14_chsh_locked_passwd/chsh.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh warns when passwd is already locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Change shell (chsh -s /bin/bash bin)..." +chsh -s /bin/bash bin 2>tmp/chsh.err && exit 1 || { + status=$? +} +echo "OK" +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/chsh.err +echo "=======================================================================" +echo -n "Check the error message..." +diff -au data/chsh.err tmp/chsh.err +echo "error message OK." +rm -f tmp/chsh.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/14_chsh_locked_passwd/config.txt b/tests/chsh/14_chsh_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/group b/tests/chsh/14_chsh_locked_passwd/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/14_chsh_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow b/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/passwd b/tests/chsh/14_chsh_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chsh/14_chsh_locked_passwd/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/shadow b/tests/chsh/14_chsh_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chsh/14_chsh_locked_passwd/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chsh/14_chsh_locked_passwd/data/chsh.err b/tests/chsh/14_chsh_locked_passwd/data/chsh.err new file mode 100644 index 00000000..c5ebce9e --- /dev/null +++ b/tests/chsh/14_chsh_locked_passwd/data/chsh.err @@ -0,0 +1,2 @@ +chsh: existing lock file /etc/passwd.lock without a PID +chsh: cannot lock /etc/passwd; try again later. diff --git a/tests/chsh/15_chsh_PAM_error/chsh.test b/tests/chsh/15_chsh_PAM_error/chsh.test new file mode 100755 index 00000000..c900e0c3 --- /dev/null +++ b/tests/chsh/15_chsh_PAM_error/chsh.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "chsh warns when the chsh PAM configuration is invalid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the PAM configuration (/etc/pam.d/chsh /etc/pam.d/other)..." +rm -f /etc/pam.d/chsh /etc/pam.d/other +echo OK + +echo -n "Change shell (chsh -s /bin/bash bin)..." +chsh -s /bin/bash bin 2>tmp/chsh.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/chsh.err +echo "=======================================================================" +echo -n "Check the error message..." +diff -au data/chsh.err tmp/chsh.err +echo "error message OK." +rm -f tmp/chsh.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/chsh/15_chsh_PAM_error/config.txt b/tests/chsh/15_chsh_PAM_error/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/group b/tests/chsh/15_chsh_PAM_error/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/chsh/15_chsh_PAM_error/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/gshadow b/tests/chsh/15_chsh_PAM_error/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/chsh/15_chsh_PAM_error/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh new file mode 100644 index 00000000..91529699 --- /dev/null +++ b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh @@ -0,0 +1 @@ +This file will be removed diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other new file mode 100644 index 00000000..91529699 --- /dev/null +++ b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other @@ -0,0 +1 @@ +This file will be removed diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/passwd b/tests/chsh/15_chsh_PAM_error/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/chsh/15_chsh_PAM_error/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/shadow b/tests/chsh/15_chsh_PAM_error/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/chsh/15_chsh_PAM_error/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/chsh/15_chsh_PAM_error/data/chsh.err b/tests/chsh/15_chsh_PAM_error/data/chsh.err new file mode 100644 index 00000000..5c039d55 --- /dev/null +++ b/tests/chsh/15_chsh_PAM_error/data/chsh.err @@ -0,0 +1 @@ +chsh: PAM: Critical error - immediate abort diff --git a/tests/cktools/01/data/group b/tests/cktools/01/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/01/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/01/data/gshadow b/tests/cktools/01/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/01/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/01/data/passwd b/tests/cktools/01/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/cktools/01/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/cktools/01/data/run2.err b/tests/cktools/01/data/run2.err new file mode 100644 index 00000000..e69de29b diff --git a/tests/cktools/01/data/run2.out b/tests/cktools/01/data/run2.out new file mode 100644 index 00000000..00df3125 --- /dev/null +++ b/tests/cktools/01/data/run2.out @@ -0,0 +1,13 @@ +user 'lp': directory '/var/spool/lpd' does not exist +user 'news': directory '/var/spool/news' does not exist +user 'uucp': directory '/var/spool/uucp' does not exist +user 'www-data': directory '/var/www' does not exist +user 'list': directory '/var/list' does not exist +user 'irc': directory '/var/run/ircd' does not exist +user 'gnats': directory '/var/lib/gnats' does not exist +user 'nobody': directory '/nonexistent' does not exist +user 'Debian-exim': directory '/var/spool/exim4' does not exist +user 'test': no group 10002 +no matching password file entry in /etc/shadow +add user 'test' in /etc/shadow? No +pwck: no changes diff --git a/tests/cktools/01/data/shadow b/tests/cktools/01/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/cktools/01/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cktools/01/run1 b/tests/cktools/01/run1 new file mode 100755 index 00000000..04aa793b --- /dev/null +++ b/tests/cktools/01/run1 @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test that useradd can add an user and userdel removes it. + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + done + + true +} + +restore() +{ + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + done + rmdir tmp +} + +save + +# restore the files on exit +trap 'restore' 0 + +for i in passwd group shadow gshadow +do + cp data/$i /etc +done + +lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ") +lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ") +lines_group=$(wc -l /etc/group | cut -f1 -d" ") +lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ") + +echo "pwck accepts valid password file " +msg=$(pwck -r | grep -v "^user .*: directory .* does not exist$") +echo msg: $msg +test "$msg" = "pwck: no changes" +echo " OK" +echo "grpck accepts valid password file " +msg=$(grpck -r) +test "$msg" = "" +echo " OK" + diff --git a/tests/cktools/01/run2 b/tests/cktools/01/run2 new file mode 100755 index 00000000..df1e2777 --- /dev/null +++ b/tests/cktools/01/run2 @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test that useradd can add an user and userdel removes it. + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + done + + true +} + +restore() +{ + rm -f tmp/err tmp/out + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + done + rmdir tmp +} + +save + +# restore the files on exit +trap 'restore' 0 + +for i in passwd group shadow gshadow +do + cp data/$i /etc +done + +lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ") +lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ") +lines_group=$(wc -l /etc/group | cut -f1 -d" ") +lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ") + +echo -n "Add an user without an entry in shadow " +echo "test:x:10002:10002::/tmp:/bin/false" >> /etc/passwd +echo "OK" + +echo "Check that pwck detects it " +pwck -r > tmp/out 2> tmp/err || true +diff -au data/run2.out tmp/out +diff -au data/run2.err tmp/err +echo " OK" +echo "grpck accepts valid password file " +msg=$(grpck -r) +test "$msg" = "" +echo " OK" + +#echo -n "Make sure pwck can fix it " +#pwcd +#echo "OK" diff --git a/tests/cktools/02_pwck_sort/config.txt b/tests/cktools/02_pwck_sort/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/02_pwck_sort/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/02_pwck_sort/config/etc/group b/tests/cktools/02_pwck_sort/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/cktools/02_pwck_sort/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/02_pwck_sort/config/etc/gshadow b/tests/cktools/02_pwck_sort/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/02_pwck_sort/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/02_pwck_sort/config/etc/passwd b/tests/cktools/02_pwck_sort/config/etc/passwd new file mode 100644 index 00000000..e69a810c --- /dev/null +++ b/tests/cktools/02_pwck_sort/config/etc/passwd @@ -0,0 +1,20 @@ +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +root:x:0:0:root:/root:/bin/bash +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +games:x:5:60:games:/usr/games:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/02_pwck_sort/config/etc/shadow b/tests/cktools/02_pwck_sort/config/etc/shadow new file mode 100644 index 00000000..42cf133f --- /dev/null +++ b/tests/cktools/02_pwck_sort/config/etc/shadow @@ -0,0 +1,20 @@ +daemon:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/02_pwck_sort/data/passwd b/tests/cktools/02_pwck_sort/data/passwd new file mode 100644 index 00000000..5b45b52c --- /dev/null +++ b/tests/cktools/02_pwck_sort/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh diff --git a/tests/cktools/02_pwck_sort/data/shadow b/tests/cktools/02_pwck_sort/data/shadow new file mode 100644 index 00000000..8033f272 --- /dev/null +++ b/tests/cktools/02_pwck_sort/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: diff --git a/tests/cktools/02_pwck_sort/pwck.test b/tests/cktools/02_pwck_sort/pwck.test new file mode 100755 index 00000000..9d6afb1b --- /dev/null +++ b/tests/cktools/02_pwck_sort/pwck.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwck can sort the passwd entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort the passwd entries (pwck -s)..." +pwck -s +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/03_grpck_sort/config.txt b/tests/cktools/03_grpck_sort/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/03_grpck_sort/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/03_grpck_sort/config/etc/group b/tests/cktools/03_grpck_sort/config/etc/group new file mode 100644 index 00000000..afbb01e0 --- /dev/null +++ b/tests/cktools/03_grpck_sort/config/etc/group @@ -0,0 +1,42 @@ +daemon:x:1: +bin:x:2: +kmem:x:15: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +root:x:0: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +shadow:x:42: +gnats:x:41: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/03_grpck_sort/config/etc/gshadow b/tests/cktools/03_grpck_sort/config/etc/gshadow new file mode 100644 index 00000000..8182ad79 --- /dev/null +++ b/tests/cktools/03_grpck_sort/config/etc/gshadow @@ -0,0 +1,42 @@ +daemon:*:: +bin:*:: +kmem:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +root:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +shadow:*:: +gnats:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/03_grpck_sort/config/etc/passwd b/tests/cktools/03_grpck_sort/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/03_grpck_sort/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/03_grpck_sort/config/etc/shadow b/tests/cktools/03_grpck_sort/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/03_grpck_sort/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/03_grpck_sort/data/group b/tests/cktools/03_grpck_sort/data/group new file mode 100644 index 00000000..12659535 --- /dev/null +++ b/tests/cktools/03_grpck_sort/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +nogroup:x:65534: diff --git a/tests/cktools/03_grpck_sort/data/gshadow b/tests/cktools/03_grpck_sort/data/gshadow new file mode 100644 index 00000000..f2209e3b --- /dev/null +++ b/tests/cktools/03_grpck_sort/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +nogroup:*:: diff --git a/tests/cktools/03_grpck_sort/grpck.test b/tests/cktools/03_grpck_sort/grpck.test new file mode 100755 index 00000000..75e62cf6 --- /dev/null +++ b/tests/cktools/03_grpck_sort/grpck.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpck can sort the group entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort the group entries (grpck -s)..." +grpck -s +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt b/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd new file mode 100644 index 00000000..e69a810c --- /dev/null +++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd @@ -0,0 +1,20 @@ +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +root:x:0:0:root:/root:/bin/bash +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +games:x:5:60:games:/usr/games:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow new file mode 100644 index 00000000..64573fab --- /dev/null +++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow @@ -0,0 +1,19 @@ +daemon:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd b/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd new file mode 100644 index 00000000..5b45b52c --- /dev/null +++ b/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow b/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow new file mode 100644 index 00000000..f1e4d806 --- /dev/null +++ b/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test b/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test new file mode 100755 index 00000000..9d6afb1b --- /dev/null +++ b/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwck can sort the passwd entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort the passwd entries (pwck -s)..." +pwck -s +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt b/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group new file mode 100644 index 00000000..afbb01e0 --- /dev/null +++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +daemon:x:1: +bin:x:2: +kmem:x:15: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +root:x:0: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +shadow:x:42: +gnats:x:41: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..695bf8f5 --- /dev/null +++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +daemon:*:: +bin:*:: +kmem:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +root:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +shadow:*:: +gnats:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +foo:*:: diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/data/group b/tests/cktools/05_grpck_sort_missing_shadow_group/data/group new file mode 100644 index 00000000..12659535 --- /dev/null +++ b/tests/cktools/05_grpck_sort_missing_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +nogroup:x:65534: diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow b/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow new file mode 100644 index 00000000..7dcb3e59 --- /dev/null +++ b/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +foo:*:: +nogroup:*:: diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test b/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test new file mode 100755 index 00000000..75e62cf6 --- /dev/null +++ b/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpck can sort the group entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort the group entries (grpck -s)..." +grpck -s +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/06_pwck_sort_NIS_server/config.txt b/tests/cktools/06_pwck_sort_NIS_server/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/06_pwck_sort_NIS_server/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/group b/tests/cktools/06_pwck_sort_NIS_server/config/etc/group new file mode 100644 index 00000000..18eb6c27 --- /dev/null +++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: ++::: diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow b/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow new file mode 100644 index 00000000..7a7ef3a4 --- /dev/null +++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: ++::: diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd b/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd new file mode 100644 index 00000000..365af623 --- /dev/null +++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd @@ -0,0 +1,24 @@ +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +root:x:0:0:root:/root:/bin/bash +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +games:x:5:60:games:/usr/games:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false ++miquels:::::: ++:*:::::/etc/NoShell +tester:*:299:10:Just a test account:/tmp: +miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow b/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow new file mode 100644 index 00000000..5a24e788 --- /dev/null +++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow @@ -0,0 +1,21 @@ +daemon:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: ++:::::::: diff --git a/tests/cktools/06_pwck_sort_NIS_server/data/passwd b/tests/cktools/06_pwck_sort_NIS_server/data/passwd new file mode 100644 index 00000000..c12f8a96 --- /dev/null +++ b/tests/cktools/06_pwck_sort_NIS_server/data/passwd @@ -0,0 +1,24 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh ++miquels:::::: ++:*:::::/etc/NoShell +tester:*:299:10:Just a test account:/tmp: +miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh diff --git a/tests/cktools/06_pwck_sort_NIS_server/data/shadow b/tests/cktools/06_pwck_sort_NIS_server/data/shadow new file mode 100644 index 00000000..6a626dfd --- /dev/null +++ b/tests/cktools/06_pwck_sort_NIS_server/data/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: ++:::::::: diff --git a/tests/cktools/06_pwck_sort_NIS_server/pwck.test b/tests/cktools/06_pwck_sort_NIS_server/pwck.test new file mode 100755 index 00000000..9d6afb1b --- /dev/null +++ b/tests/cktools/06_pwck_sort_NIS_server/pwck.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwck can sort the passwd entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort the passwd entries (pwck -s)..." +pwck -s +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/07_pwck_sort_NIS_client/config.txt b/tests/cktools/07_pwck_sort_NIS_client/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/07_pwck_sort_NIS_client/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/group b/tests/cktools/07_pwck_sort_NIS_client/config/etc/group new file mode 100644 index 00000000..f914b38e --- /dev/null +++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: ++::: ++miquels::: ++foo::: diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow b/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow new file mode 100644 index 00000000..7a7ef3a4 --- /dev/null +++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: ++::: diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd b/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd new file mode 100644 index 00000000..913d7fc9 --- /dev/null +++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd @@ -0,0 +1,22 @@ +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +root:x:0:0:root:/root:/bin/bash +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +games:x:5:60:games:/usr/games:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false ++miquels:::::: ++:*:::::/etc/NoShell diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow b/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow new file mode 100644 index 00000000..8f31dfbb --- /dev/null +++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow @@ -0,0 +1,22 @@ +daemon:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: ++:::::::: ++foo2:!::::::: diff --git a/tests/cktools/07_pwck_sort_NIS_client/data/passwd b/tests/cktools/07_pwck_sort_NIS_client/data/passwd new file mode 100644 index 00000000..032bdd26 --- /dev/null +++ b/tests/cktools/07_pwck_sort_NIS_client/data/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh ++miquels:::::: ++:*:::::/etc/NoShell diff --git a/tests/cktools/07_pwck_sort_NIS_client/data/shadow b/tests/cktools/07_pwck_sort_NIS_client/data/shadow new file mode 100644 index 00000000..5350e77b --- /dev/null +++ b/tests/cktools/07_pwck_sort_NIS_client/data/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: ++:::::::: ++foo2:!::::::: diff --git a/tests/cktools/07_pwck_sort_NIS_client/pwck.test b/tests/cktools/07_pwck_sort_NIS_client/pwck.test new file mode 100755 index 00000000..9d6afb1b --- /dev/null +++ b/tests/cktools/07_pwck_sort_NIS_client/pwck.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwck can sort the passwd entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort the passwd entries (pwck -s)..." +pwck -s +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp new file mode 100755 index 00000000..6d0be77e --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "invalid group file entry" +expect "delete line 'foo:x'? " +send "yes\r" +expect "no matching group file entry in /etc/group" +expect "delete line 'foo:*::'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test new file mode 100755 index 00000000..906d6294 --- /dev/null +++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp new file mode 100755 index 00000000..cfd779fb --- /dev/null +++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "invalid group file entry" +expect "delete line 'foo:x'? " +send "no\r" +expect "no matching group file entry in /etc/group" +expect "delete line 'foo:*::'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test new file mode 100755 index 00000000..dcfa2498 --- /dev/null +++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp new file mode 100755 index 00000000..48adf7a1 --- /dev/null +++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "invalid group file entry" +expect "delete line 'foo:x'? " +send "no\r" +expect "no matching group file entry in /etc/group" +expect "delete line 'foo:*::'? " +send "no\r" +expect "grpck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test new file mode 100755 index 00000000..81bf12ca --- /dev/null +++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt new file mode 100644 index 00000000..52fad51b --- /dev/null +++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in gshadow diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow new file mode 100644 index 00000000..b8fb2347 --- /dev/null +++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*: diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp new file mode 100755 index 00000000..5229ab52 --- /dev/null +++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "no matching group file entry in /etc/gshadow" +expect "add group 'foo' in /etc/gshadow? " +send "yes\r" +expect "invalid shadow group file entry" +expect "delete line 'foo:*:'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test new file mode 100755 index 00000000..dcfa2498 --- /dev/null +++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt new file mode 100644 index 00000000..52fad51b --- /dev/null +++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in gshadow diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow new file mode 100644 index 00000000..b8fb2347 --- /dev/null +++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*: diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp new file mode 100755 index 00000000..5181ebaf --- /dev/null +++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "no matching group file entry in /etc/gshadow" +expect "add group 'foo' in /etc/gshadow? " +send "no\r" +expect "invalid shadow group file entry" +expect "delete line 'foo:*:'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test new file mode 100755 index 00000000..dcfa2498 --- /dev/null +++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt new file mode 100644 index 00000000..52fad51b --- /dev/null +++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in gshadow diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow new file mode 100644 index 00000000..b8fb2347 --- /dev/null +++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*: diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp new file mode 100755 index 00000000..3ac4abee --- /dev/null +++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "no matching group file entry in /etc/gshadow" +expect "add group 'foo' in /etc/gshadow? " +send "no\r" +expect "invalid shadow group file entry" +expect "delete line 'foo:*:'? " +send "no\r" +expect "grpck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test new file mode 100755 index 00000000..81bf12ca --- /dev/null +++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt b/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp new file mode 100755 index 00000000..f8228c27 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck tmp/group tmp/gshadow\r" +expect "invalid group file entry" +expect "delete line 'foo:x'? " +send "yes\r" +expect "no matching group file entry in tmp/group" +expect "delete line 'foo:*::'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test new file mode 100755 index 00000000..63c75aa0 --- /dev/null +++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "copy group and gshadow localy..." +cp /etc/group /etc/gshadow tmp/ +echo "OK" + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/gshadow +echo "OK" + +rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow- + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt new file mode 100644 index 00000000..52fad51b --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in gshadow diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow new file mode 100644 index 00000000..b8fb2347 --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*: diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp new file mode 100755 index 00000000..d111afc3 --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck tmp/group tmp/gshadow\r" +expect "no matching group file entry in tmp/gshadow" +expect "add group 'foo' in tmp/gshadow? " +send "yes\r" +expect "invalid shadow group file entry" +expect "delete line 'foo:*:'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test new file mode 100755 index 00000000..63c75aa0 --- /dev/null +++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "copy group and gshadow localy..." +cp /etc/group /etc/gshadow tmp/ +echo "OK" + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +../../../common/compare_file.pl data/gshadow tmp/gshadow +echo "OK" + +rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow- + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt b/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group new file mode 100644 index 00000000..757aef84 --- /dev/null +++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon,foo2,bin diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow new file mode 100644 index 00000000..3e97ea42 --- /dev/null +++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::daemon,bin diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/data/group b/tests/cktools/grpck/12_grpck_unknown_user_group/data/group new file mode 100644 index 00000000..cf18eb5b --- /dev/null +++ b/tests/cktools/grpck/12_grpck_unknown_user_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon,bin diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp new file mode 100755 index 00000000..1dd1d010 --- /dev/null +++ b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "group foo: no user foo2" +expect "delete member 'foo2'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test new file mode 100755 index 00000000..741bfe18 --- /dev/null +++ b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group new file mode 100644 index 00000000..cf18eb5b --- /dev/null +++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon,bin diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow new file mode 100644 index 00000000..d2a17827 --- /dev/null +++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::daemon,foo2,bin diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow new file mode 100644 index 00000000..3e97ea42 --- /dev/null +++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::daemon,bin diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp new file mode 100755 index 00000000..b470a90f --- /dev/null +++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp @@ -0,0 +1,21 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "'foo2' is a member of the 'foo' group in /etc/gshadow but not in /etc/group" +expect "shadow group foo: no user foo2" +expect "delete member 'foo2'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test new file mode 100755 index 00000000..dcfa2498 --- /dev/null +++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group new file mode 100644 index 00000000..cf18eb5b --- /dev/null +++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon,bin diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow new file mode 100644 index 00000000..a7d227e6 --- /dev/null +++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:foo3,foo4:foo3,daemon,bin,foo2 diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow new file mode 100644 index 00000000..3e97ea42 --- /dev/null +++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::daemon,bin diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp new file mode 100755 index 00000000..ec5378b8 --- /dev/null +++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "'foo3' is a member of the 'foo' group in /etc/gshadow but not in /etc/group" +expect "'foo2' is a member of the 'foo' group in /etc/gshadow but not in /etc/group" +expect "shadow group foo: no administrative user foo3" +expect "delete administrative member 'foo3'? " +send "yes\r" +expect "shadow group foo: no administrative user foo4" +expect "delete administrative member 'foo4'? " +send "yes\r" +expect "shadow group foo: no user foo3" +expect "delete member 'foo3'? " +send "yes\r" +expect "shadow group foo: no user foo2" +expect "delete member 'foo2'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test new file mode 100755 index 00000000..dcfa2498 --- /dev/null +++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group new file mode 100644 index 00000000..4eeb1ff3 --- /dev/null +++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon,foo2,foo2,bin diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow new file mode 100644 index 00000000..3e97ea42 --- /dev/null +++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::daemon,bin diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group new file mode 100644 index 00000000..cf18eb5b --- /dev/null +++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon,bin diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp new file mode 100755 index 00000000..c12fbd81 --- /dev/null +++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "group foo: no user foo2" +expect "delete member 'foo2'? " +send "yes\r" +expect "group foo: no user foo2" +expect "delete member 'foo2'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test new file mode 100755 index 00000000..741bfe18 --- /dev/null +++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group new file mode 100644 index 00000000..73518006 --- /dev/null +++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon +foo:x:1000:bin diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group b/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group new file mode 100644 index 00000000..5c08ae19 --- /dev/null +++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:bin diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp new file mode 100755 index 00000000..cce68028 --- /dev/null +++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "duplicate group entry" +expect "delete line 'foo:x:1000:daemon'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test new file mode 100755 index 00000000..741bfe18 --- /dev/null +++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group new file mode 100644 index 00000000..fda0a6df --- /dev/null +++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow new file mode 100644 index 00000000..124c8051 --- /dev/null +++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +foo:*::daemon +crontab:x:: +Debian-exim:x:: +foo:*::bin diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow new file mode 100644 index 00000000..bdd8388f --- /dev/null +++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::bin diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp new file mode 100755 index 00000000..1b123f11 --- /dev/null +++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "duplicate shadow group entry" +expect "delete line 'foo:*::daemon'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test new file mode 100755 index 00000000..dcfa2498 --- /dev/null +++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group new file mode 100644 index 00000000..73518006 --- /dev/null +++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon +foo:x:1000:bin diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp new file mode 100755 index 00000000..7e544151 --- /dev/null +++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp @@ -0,0 +1,24 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "duplicate group entry" +expect "delete line 'foo:x:1000:daemon'? " +send "no\r" +expect "'daemon' is a member of the 'foo' group in /etc/group but not in /etc/gshadow" +expect "duplicate group entry" +expect "delete line 'foo:x:1000:bin'? " +send "no \r" +expect "grpck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test new file mode 100755 index 00000000..81bf12ca --- /dev/null +++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group new file mode 100644 index 00000000..fda0a6df --- /dev/null +++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow new file mode 100644 index 00000000..124c8051 --- /dev/null +++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +foo:*::daemon +crontab:x:: +Debian-exim:x:: +foo:*::bin diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp new file mode 100755 index 00000000..aa7f11f9 --- /dev/null +++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "duplicate shadow group entry" +expect "delete line 'foo:*::daemon'? " +send "no\r" +expect "duplicate shadow group entry" +expect "delete line 'foo:*::bin'? " +send "no\r" +expect "grpck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test new file mode 100755 index 00000000..81bf12ca --- /dev/null +++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group new file mode 100644 index 00000000..fda0a6df --- /dev/null +++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow new file mode 100644 index 00000000..124c8051 --- /dev/null +++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +foo:*::daemon +crontab:x:: +Debian-exim:x:: +foo:*::bin diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow new file mode 100644 index 00000000..a1a4f31e --- /dev/null +++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +foo:*::daemon +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp new file mode 100755 index 00000000..ce6cb2e8 --- /dev/null +++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "duplicate shadow group entry" +expect "delete line 'foo:*::daemon'? " +send "no\r" +expect "duplicate shadow group entry" +expect "delete line 'foo:*::bin'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test new file mode 100755 index 00000000..dcfa2498 --- /dev/null +++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt b/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group new file mode 100644 index 00000000..220f3757 --- /dev/null +++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +f o o:x:1000: diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow new file mode 100644 index 00000000..8337b653 --- /dev/null +++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +f o o:*:: diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp new file mode 100755 index 00000000..cb758db2 --- /dev/null +++ b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "invalid group name 'f o o'" +expect "grpck: no changes" +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test new file mode 100755 index 00000000..81bf12ca --- /dev/null +++ b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group new file mode 100644 index 00000000..e9efa8be --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:-1: diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp new file mode 100755 index 00000000..40f22df7 --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "invalid group file entry" +expect "delete line 'foo:x:-1:'? " +send "yes\r" +expect "no matching group file entry in /etc/group" +expect "delete line 'foo:*::'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test new file mode 100755 index 00000000..906d6294 --- /dev/null +++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group new file mode 100644 index 00000000..c6a2e190 --- /dev/null +++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:4294967295: diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp new file mode 100755 index 00000000..5c10a627 --- /dev/null +++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp @@ -0,0 +1,18 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "invalid group ID '4294967295'" +expect "grpck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test new file mode 100755 index 00000000..81bf12ca --- /dev/null +++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group new file mode 100644 index 00000000..cb278cec --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:4294967296: diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp new file mode 100755 index 00000000..d5e5ddf9 --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "invalid group file entry" +expect "delete line 'foo:x:4294967296:'? " +send "yes\r" +expect "no matching group file entry in /etc/group" +expect "delete line 'foo:*::'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test new file mode 100755 index 00000000..906d6294 --- /dev/null +++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group new file mode 100644 index 00000000..757aef84 --- /dev/null +++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon,foo2,bin diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow new file mode 100644 index 00000000..d2a17827 --- /dev/null +++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::daemon,foo2,bin diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp new file mode 100755 index 00000000..da5dee56 --- /dev/null +++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "group foo: no user foo2" +expect "delete member 'foo2'? " +send "no\r" +expect "shadow group foo: no user foo2" +expect "delete member 'foo2'? " +send "no\r" +expect "grpck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test new file mode 100755 index 00000000..81bf12ca --- /dev/null +++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt b/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..9303fe27 --- /dev/null +++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +daemon:x:1: +bin:x:2: +kmem:x:15: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +root:x:0: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +shadow:x:42: +gnats:x:41: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:bar diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..695bf8f5 --- /dev/null +++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +daemon:*:: +bin:*:: +kmem:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +root:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +shadow:*:: +gnats:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +foo:*:: diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out b/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out new file mode 100644 index 00000000..929e0e80 --- /dev/null +++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out @@ -0,0 +1,3 @@ +group foo: no user bar +delete member 'bar'? No +grpck: no changes diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test b/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test new file mode 100755 index 00000000..0ccd682e --- /dev/null +++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck can check the group entries when there are no gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the gshadow file..." +rm -f /etc/gshadow +echo "done" + +echo -n "Check the group entries (grpck -r)..." +grpck -r >tmp/grpck.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.out +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.out tmp/grpck.out +echo "error message OK." +rm -f tmp/grpck.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..afbb01e0 --- /dev/null +++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +daemon:x:1: +bin:x:2: +kmem:x:15: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +root:x:0: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +shadow:x:42: +gnats:x:41: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..695bf8f5 --- /dev/null +++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +daemon:*:: +bin:*:: +kmem:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +root:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +shadow:*:: +gnats:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +foo:*:: diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group new file mode 100644 index 00000000..12659535 --- /dev/null +++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +nogroup:x:65534: diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test new file mode 100755 index 00000000..31a6e9ee --- /dev/null +++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck can sort the group entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the gshadow file..." +rm -f /etc/gshadow +echo "done" + +echo -n "Sort the group entries (grpck -s)..." +grpck -s +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/28_grpck_usage/config.txt b/tests/cktools/grpck/28_grpck_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/grpck/28_grpck_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd b/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/group b/tests/cktools/grpck/28_grpck_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/28_grpck_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow b/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/passwd b/tests/cktools/grpck/28_grpck_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/cktools/grpck/28_grpck_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/shadow b/tests/cktools/grpck/28_grpck_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/cktools/grpck/28_grpck_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/28_grpck_usage/data/usage.out b/tests/cktools/grpck/28_grpck_usage/data/usage.out new file mode 100644 index 00000000..899e2d78 --- /dev/null +++ b/tests/cktools/grpck/28_grpck_usage/data/usage.out @@ -0,0 +1,9 @@ +Usage: grpck [options] [group [gshadow]] + +Options: + -h, --help display this help message and exit + -r, --read-only display errors and warnings + but do not change files + -R, --root CHROOT_DIR directory to chroot into + -s, --sort sort entries by UID + diff --git a/tests/cktools/grpck/28_grpck_usage/grpck.test b/tests/cktools/grpck/28_grpck_usage/grpck.test new file mode 100755 index 00000000..e397aafb --- /dev/null +++ b/tests/cktools/grpck/28_grpck_usage/grpck.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get grpck usage (grpck -h)..." +grpck -h >tmp/usage.out + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config.txt b/tests/cktools/grpck/29_grpck_sort_readonly/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/grpck/29_grpck_sort_readonly/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out b/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out new file mode 100644 index 00000000..cd278fa5 --- /dev/null +++ b/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out @@ -0,0 +1 @@ +grpck: -s and -r are incompatible diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test b/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test new file mode 100755 index 00000000..417584f9 --- /dev/null +++ b/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck report failure when sorting and read only are enabled" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get grpck usage (grpck -r -s)..." +grpck -r -s 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/30_grpck_3_files/config.txt b/tests/cktools/grpck/30_grpck_3_files/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/grpck/30_grpck_3_files/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd b/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/group b/tests/cktools/grpck/30_grpck_3_files/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow b/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd b/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow b/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/30_grpck_3_files/data/usage.out b/tests/cktools/grpck/30_grpck_3_files/data/usage.out new file mode 100644 index 00000000..899e2d78 --- /dev/null +++ b/tests/cktools/grpck/30_grpck_3_files/data/usage.out @@ -0,0 +1,9 @@ +Usage: grpck [options] [group [gshadow]] + +Options: + -h, --help display this help message and exit + -r, --read-only display errors and warnings + but do not change files + -R, --root CHROOT_DIR directory to chroot into + -s, --sort sort entries by UID + diff --git a/tests/cktools/grpck/30_grpck_3_files/grpck.test b/tests/cktools/grpck/30_grpck_3_files/grpck.test new file mode 100755 index 00000000..e2614d97 --- /dev/null +++ b/tests/cktools/grpck/30_grpck_3_files/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck checks its number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get grpck usage (grpck -r foo bar baz)..." +grpck -r foo bar baz 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp new file mode 100755 index 00000000..84b7354c --- /dev/null +++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck tmp/group\r" +expect "invalid group file entry" +expect "delete line 'foo:x'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test new file mode 100755 index 00000000..744dd072 --- /dev/null +++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "copy group and gshadow localy..." +cp /etc/group tmp/ +echo "OK" + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +../../../common/compare_file.pl data/group tmp/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow- + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config.txt b/tests/cktools/grpck/32_grpck_sort_nis/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/grpck/32_grpck_sort_nis/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group new file mode 100644 index 00000000..e644ed9d --- /dev/null +++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group @@ -0,0 +1,45 @@ +daemon:x:1: +bin:x:2: +kmem:x:15: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +root:x:0: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +shadow:x:42: +gnats:x:41: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: ++::: ++foo1::: +-foo2: diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow new file mode 100644 index 00000000..8182ad79 --- /dev/null +++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow @@ -0,0 +1,42 @@ +daemon:*:: +bin:*:: +kmem:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +root:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +shadow:*:: +gnats:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/32_grpck_sort_nis/data/group b/tests/cktools/grpck/32_grpck_sort_nis/data/group new file mode 100644 index 00000000..23467d30 --- /dev/null +++ b/tests/cktools/grpck/32_grpck_sort_nis/data/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +nogroup:x:65534: ++::: ++foo1::: +-foo2: diff --git a/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow b/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow new file mode 100644 index 00000000..f2209e3b --- /dev/null +++ b/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +nogroup:*:: diff --git a/tests/cktools/grpck/32_grpck_sort_nis/grpck.test b/tests/cktools/grpck/32_grpck_sort_nis/grpck.test new file mode 100755 index 00000000..d509689f --- /dev/null +++ b/tests/cktools/grpck/32_grpck_sort_nis/grpck.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck can sort the group entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort the group entries (grpck -s)..." +grpck -s +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/33_grpck_locked_group/config.txt b/tests/cktools/grpck/33_grpck_locked_group/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd b/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/group b/tests/cktools/grpck/33_grpck_locked_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow b/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd b/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow b/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err b/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err new file mode 100644 index 00000000..1f6325dd --- /dev/null +++ b/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err @@ -0,0 +1,2 @@ +grpck: existing lock file /etc/group.lock without a PID +grpck: cannot lock /etc/group; try again later. diff --git a/tests/cktools/grpck/33_grpck_locked_group/grpck.test b/tests/cktools/grpck/33_grpck_locked_group/grpck.test new file mode 100755 index 00000000..0aa139cc --- /dev/null +++ b/tests/cktools/grpck/33_grpck_locked_group/grpck.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Check groups (grpck)..." +grpck 2>tmp/grpck.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.err tmp/grpck.err +echo "error message OK." +rm -f tmp/grpck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config.txt b/tests/cktools/grpck/34_grpck_locked_gshadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err b/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err new file mode 100644 index 00000000..868dee17 --- /dev/null +++ b/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err @@ -0,0 +1,2 @@ +grpck: existing lock file /etc/gshadow.lock without a PID +grpck: cannot lock /etc/gshadow; try again later. diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test b/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test new file mode 100755 index 00000000..4c6ea0c5 --- /dev/null +++ b/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Check groups (grpck)..." +grpck 2>tmp/grpck.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.err tmp/grpck.err +echo "error message OK." +rm -f tmp/grpck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group new file mode 100644 index 00000000..213b065f --- /dev/null +++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:daemon ++::: +-bar::: +foo:x:1000:bin diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group new file mode 100644 index 00000000..6c080ef2 --- /dev/null +++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: ++::: +-bar::: +foo:x:1000:bin diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp new file mode 100755 index 00000000..cce68028 --- /dev/null +++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "grpck\r" +expect "duplicate group entry" +expect "delete line 'foo:x:1000:daemon'? " +send "yes\r" +expect "grpck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test new file mode 100755 index 00000000..741bfe18 --- /dev/null +++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./grpck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt b/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group new file mode 100644 index 00000000..52cf2af6 --- /dev/null +++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group @@ -0,0 +1,42 @@ +daemon:x:1: +bin:x:2: +kmem:x:15: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +root:x:0: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +shadow:x:42: +gnats:x:41: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:toto:1000: diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow new file mode 100644 index 00000000..817f1743 --- /dev/null +++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +daemon:*:: +bin:*:: +kmem:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +root:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +shadow:*:: +gnats:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +foo:foo:: +Debian-exim:*:: diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out b/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out new file mode 100644 index 00000000..476a7984 --- /dev/null +++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out @@ -0,0 +1,2 @@ +group foo has an entry in /etc/gshadow, but its password field in /etc/group is not set to 'x' +grpck: no changes diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test b/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test new file mode 100755 index 00000000..d32ae670 --- /dev/null +++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck can sort the group entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check the group entries (grpck -r)..." +grpck -r >tmp/grpck.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.out +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.out tmp/grpck.out +echo "error message OK." +rm -f tmp/grpck.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config.txt b/tests/cktools/grpck/37_grpck_invalid_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/grpck/37_grpck_invalid_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out b/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out new file mode 100644 index 00000000..11420514 --- /dev/null +++ b/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out @@ -0,0 +1,10 @@ +grpck: unrecognized option '--invalid' +Usage: grpck [options] [group [gshadow]] + +Options: + -h, --help display this help message and exit + -r, --read-only display errors and warnings + but do not change files + -R, --root CHROOT_DIR directory to chroot into + -s, --sort sort entries by UID + diff --git a/tests/cktools/grpck/37_grpck_invalid_option/grpck.test b/tests/cktools/grpck/37_grpck_invalid_option/grpck.test new file mode 100755 index 00000000..b5561487 --- /dev/null +++ b/tests/cktools/grpck/37_grpck_invalid_option/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck reports usage when called withan invalid option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call grpck with an invalid option (grpck --invalid)..." +grpck --invalid 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt new file mode 100644 index 00000000..b3c3e751 --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt @@ -0,0 +1,2 @@ +group foo +user foo with typo in passwd diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd new file mode 100644 index 00000000..4ee448d9 --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000:: diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd new file mode 100644 index 00000000..2b911d1d --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd @@ -0,0 +1,10 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow new file mode 100644 index 00000000..0a2fddb7 --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow @@ -0,0 +1,10 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp new file mode 100755 index 00000000..e9c675dc --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "invalid password file entry" +expect "delete line 'foo:x:1000:1000::'? " +send "yes\r" +expect "no matching password file entry in /etc/passwd" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test new file mode 100755 index 00000000..9f8c33a2 --- /dev/null +++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd new file mode 100644 index 00000000..4ee448d9 --- /dev/null +++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000:: diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow new file mode 100644 index 00000000..0a2fddb7 --- /dev/null +++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow @@ -0,0 +1,10 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp new file mode 100755 index 00000000..89341ffb --- /dev/null +++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp @@ -0,0 +1,22 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "invalid password file entry" +expect "delete line 'foo:x:1000:1000::'? " +send "no\r" +expect "no matching password file entry in /etc/passwd" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "yes\r" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test new file mode 100755 index 00000000..688759dd --- /dev/null +++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd new file mode 100644 index 00000000..4ee448d9 --- /dev/null +++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000:: diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp new file mode 100755 index 00000000..bd4003d5 --- /dev/null +++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "invalid password file entry" +expect "delete line 'foo:x:1000:1000::'? " +send "no\r" +expect "no matching password file entry in /etc/passwd" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "no\r" +expect "pwck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test new file mode 100755 index 00000000..b9f4a137 --- /dev/null +++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck check the number of fields and does not change the system database if requested" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt new file mode 100644 index 00000000..52fad51b --- /dev/null +++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in gshadow diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd new file mode 100644 index 00000000..6377a5d3 --- /dev/null +++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow new file mode 100644 index 00000000..3a064c0c --- /dev/null +++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7:: diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow new file mode 100644 index 00000000..c9a03146 --- /dev/null +++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:x:@TODAY@:0:99999:7::: diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp new file mode 100755 index 00000000..5a9b856a --- /dev/null +++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "no matching password file entry in /etc/shadow" +expect "add user 'foo' in /etc/shadow? " +send "yes\r" +expect "invalid shadow password file entry" +expect "delete line 'foo:!:12977:0:99999:7::'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test new file mode 100755 index 00000000..688759dd --- /dev/null +++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt new file mode 100644 index 00000000..52fad51b --- /dev/null +++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in gshadow diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd new file mode 100644 index 00000000..6377a5d3 --- /dev/null +++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow new file mode 100644 index 00000000..3a064c0c --- /dev/null +++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7:: diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow new file mode 100644 index 00000000..0a2fddb7 --- /dev/null +++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow @@ -0,0 +1,10 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp new file mode 100755 index 00000000..38a613d4 --- /dev/null +++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "no matching password file entry in /etc/shadow" +expect "add user 'foo' in /etc/shadow? " +send "no\r" +expect "invalid shadow password file entry" +expect "delete line 'foo:!:12977:0:99999:7::'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test new file mode 100755 index 00000000..688759dd --- /dev/null +++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt new file mode 100644 index 00000000..52fad51b --- /dev/null +++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in gshadow diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd new file mode 100644 index 00000000..6377a5d3 --- /dev/null +++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow new file mode 100644 index 00000000..3a064c0c --- /dev/null +++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7:: diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp new file mode 100755 index 00000000..b4451026 --- /dev/null +++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "no matching password file entry in /etc/shadow" +expect "add user 'foo' in /etc/shadow? " +send "no\r" +expect "invalid shadow password file entry" +expect "delete line 'foo:!:12977:0:99999:7::'? " +send "no\r" +expect "pwck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test new file mode 100755 index 00000000..893ba6e6 --- /dev/null +++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck check the number of fields and can change the system database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd new file mode 100644 index 00000000..4ee448d9 --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000:: diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd new file mode 100644 index 00000000..2b911d1d --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd @@ -0,0 +1,10 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow new file mode 100644 index 00000000..0a2fddb7 --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow @@ -0,0 +1,10 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp new file mode 100755 index 00000000..31af0895 --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck tmp/passwd tmp/shadow\r" +expect "invalid password file entry" +expect "delete line 'foo:x:1000:1000::'? " +send "yes\r" +expect "no matching password file entry in tmp/passwd" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test new file mode 100755 index 00000000..4ca903f7 --- /dev/null +++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck check the number of fields and can change local databases" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "copy passwd and shadow localy..." +cp /etc/passwd /etc/shadow tmp/ +echo "OK" + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow- + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt new file mode 100644 index 00000000..52fad51b --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in gshadow diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd new file mode 100644 index 00000000..6377a5d3 --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow new file mode 100644 index 00000000..3a064c0c --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7:: diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd new file mode 100644 index 00000000..6377a5d3 --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow new file mode 100644 index 00000000..c9a03146 --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:x:@TODAY@:0:99999:7::: diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp new file mode 100755 index 00000000..2b2a09d4 --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck tmp/passwd tmp/shadow\r" +expect "no matching password file entry in tmp/shadow" +expect "add user 'foo' in tmp/shadow? " +send "yes\r" +expect "invalid shadow password file entry" +expect "delete line 'foo:*:'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test new file mode 100755 index 00000000..fd3f4e6d --- /dev/null +++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the number of fields and can change local databases" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "copy passwd and shadow localy..." +cp /etc/passwd /etc/shadow tmp/ +echo "OK" + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +../../../common/compare_file.pl data/passwd tmp/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +../../../common/compare_file.pl data/shadow tmp/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow- + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd new file mode 100644 index 00000000..58f2d752 --- /dev/null +++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1001::/home:/bin/sh diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp new file mode 100755 index 00000000..fb8cba1e --- /dev/null +++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp @@ -0,0 +1,18 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "user 'foo': no group 1001" +expect "pwck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test new file mode 100755 index 00000000..8df54820 --- /dev/null +++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check that the user's GID matches an existing group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd new file mode 100644 index 00000000..33debc51 --- /dev/null +++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd @@ -0,0 +1,12 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh +foo:x:1001:1001::/home:/bin/sh diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd new file mode 100644 index 00000000..a45f378a --- /dev/null +++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1001:1001::/home:/bin/sh diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp new file mode 100755 index 00000000..9c460ce4 --- /dev/null +++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "duplicate password entry" +expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test new file mode 100755 index 00000000..4d4b9576 --- /dev/null +++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check that user are uniq" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd new file mode 100644 index 00000000..6377a5d3 --- /dev/null +++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow new file mode 100644 index 00000000..a5344f5e --- /dev/null +++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow @@ -0,0 +1,12 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp new file mode 100755 index 00000000..c7affdc9 --- /dev/null +++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "duplicate shadow password entry" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test new file mode 100755 index 00000000..4430d1a2 --- /dev/null +++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check unicity of users in the shadow database" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd new file mode 100644 index 00000000..69c72ff6 --- /dev/null +++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd @@ -0,0 +1,12 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh +foo:x:1000:1000::/home:/bin/bash diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp new file mode 100755 index 00000000..61c6c6bd --- /dev/null +++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "duplicate password entry" +expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? " +send "no\r" +expect "duplicate password entry" +expect "delete line 'foo:x:1000:1000::/home:/bin/bash'? " +send "no\r" +expect "pwck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test new file mode 100755 index 00000000..9ceb60e2 --- /dev/null +++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check unicity of users in passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd new file mode 100644 index 00000000..6377a5d3 --- /dev/null +++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow new file mode 100644 index 00000000..a5344f5e --- /dev/null +++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow @@ -0,0 +1,12 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp new file mode 100755 index 00000000..dc9ef892 --- /dev/null +++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "duplicate shadow password entry" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "no\r" +expect "duplicate shadow password entry" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "no\r" +expect "pwck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test new file mode 100755 index 00000000..8eed716d --- /dev/null +++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck checks unicity of users in shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd new file mode 100644 index 00000000..69c72ff6 --- /dev/null +++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd @@ -0,0 +1,12 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh +foo:x:1000:1000::/home:/bin/bash diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd new file mode 100644 index 00000000..6377a5d3 --- /dev/null +++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp new file mode 100755 index 00000000..d6ec869e --- /dev/null +++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "duplicate password entry" +expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? " +send "no\r" +expect "duplicate password entry" +expect "delete line 'foo:x:1000:1000::/home:/bin/bash'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test new file mode 100755 index 00000000..d61a9463 --- /dev/null +++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck checks the unicity of users in passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt b/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd new file mode 100644 index 00000000..a82dbf6e --- /dev/null +++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +f o o:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow new file mode 100644 index 00000000..f771b668 --- /dev/null +++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +f o o:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp new file mode 100755 index 00000000..a75ef355 --- /dev/null +++ b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp @@ -0,0 +1,18 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "invalid user name 'f o o'" +expect "pwck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test new file mode 100755 index 00000000..587f11c7 --- /dev/null +++ b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the validity of usernames" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd new file mode 100644 index 00000000..850768a9 --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:-1:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd new file mode 100644 index 00000000..2b911d1d --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd @@ -0,0 +1,10 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow new file mode 100644 index 00000000..0a2fddb7 --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow @@ -0,0 +1,10 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp new file mode 100755 index 00000000..cde86e5c --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "invalid password file entry" +expect "delete line 'foo:x:-1:1000::/home:/bin/sh'? " +send "yes\r" +expect "no matching password file entry in /etc/passwd" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test new file mode 100755 index 00000000..8b56894f --- /dev/null +++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck checks the validity of UIDs" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd new file mode 100644 index 00000000..e4387349 --- /dev/null +++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:4294967295:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp new file mode 100755 index 00000000..315a72bb --- /dev/null +++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp @@ -0,0 +1,18 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "invalid user ID '4294967295'" +expect "pwck: no changes" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test new file mode 100755 index 00000000..19d157fc --- /dev/null +++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck check the validity of the UID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd new file mode 100644 index 00000000..de8dd667 --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd @@ -0,0 +1,11 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:4294967296:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd new file mode 100644 index 00000000..2b911d1d --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd @@ -0,0 +1,10 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow new file mode 100644 index 00000000..0a2fddb7 --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow @@ -0,0 +1,10 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp new file mode 100755 index 00000000..83575ac5 --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "pwck\r" +expect "invalid password file entry" +expect "delete line 'foo:x:4294967296:1000::/home:/bin/sh'? " +send "yes\r" +expect "no matching password file entry in /etc/passwd" +expect "delete line 'foo:!:12977:0:99999:7:::'? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test new file mode 100755 index 00000000..8b56894f --- /dev/null +++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck checks the validity of UIDs" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/22_pwck_usage/config.txt b/tests/cktools/pwck/22_pwck_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/pwck/22_pwck_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/group b/tests/cktools/pwck/22_pwck_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/pwck/22_pwck_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow b/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/passwd b/tests/cktools/pwck/22_pwck_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/cktools/pwck/22_pwck_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/shadow b/tests/cktools/pwck/22_pwck_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/cktools/pwck/22_pwck_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/22_pwck_usage/data/usage.out b/tests/cktools/pwck/22_pwck_usage/data/usage.out new file mode 100644 index 00000000..fa629415 --- /dev/null +++ b/tests/cktools/pwck/22_pwck_usage/data/usage.out @@ -0,0 +1,10 @@ +Usage: pwck [options] [passwd [shadow]] + +Options: + -h, --help display this help message and exit + -q, --quiet report errors only + -r, --read-only display errors and warnings + but do not change files + -R, --root CHROOT_DIR directory to chroot into + -s, --sort sort entries by UID + diff --git a/tests/cktools/pwck/22_pwck_usage/pwck.test b/tests/cktools/pwck/22_pwck_usage/pwck.test new file mode 100755 index 00000000..ccca31a2 --- /dev/null +++ b/tests/cktools/pwck/22_pwck_usage/pwck.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get pwck usage (pwck -h)..." +pwck -h >tmp/usage.out + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config.txt b/tests/cktools/pwck/23_pwck_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err b/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err new file mode 100644 index 00000000..798e427e --- /dev/null +++ b/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err @@ -0,0 +1,2 @@ +pwck: existing lock file /etc/passwd.lock without a PID +pwck: cannot lock /etc/passwd; try again later. diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test b/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test new file mode 100755 index 00000000..8731b286 --- /dev/null +++ b/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck checks if the passwd file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Check user database (pwck)..." +pwck 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config.txt b/tests/cktools/pwck/24_pwck_locked_shadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err b/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err new file mode 100644 index 00000000..f8112fb1 --- /dev/null +++ b/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err @@ -0,0 +1,2 @@ +pwck: existing lock file /etc/shadow.lock without a PID +pwck: cannot lock /etc/shadow; try again later. diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test b/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test new file mode 100755 index 00000000..61e2926c --- /dev/null +++ b/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck checks if the shadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Check user database (pwck)..." +pwck 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/shadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt b/tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err b/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err new file mode 100644 index 00000000..b08f13f6 --- /dev/null +++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err @@ -0,0 +1,11 @@ +pwck: invalid option -- 'Z' +Usage: pwck [options] [passwd [shadow]] + +Options: + -h, --help display this help message and exit + -q, --quiet report errors only + -r, --read-only display errors and warnings + but do not change files + -R, --root CHROOT_DIR directory to chroot into + -s, --sort sort entries by UID + diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test b/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test new file mode 100755 index 00000000..a8d5941a --- /dev/null +++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck displays its usage message when called with an invalid option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call pwck with an invalid option (pwck -Z)..." +pwck -Z 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config.txt b/tests/cktools/pwck/26_pwck_usage-s-r/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err b/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err new file mode 100644 index 00000000..e44d375d --- /dev/null +++ b/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err @@ -0,0 +1 @@ +pwck: -s and -r are incompatible diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test b/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test new file mode 100755 index 00000000..6f0a3b5c --- /dev/null +++ b/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck warns that -r and -s are exclusive" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call pwck with the -r and -s options (pwck -r -s)..." +pwck -r -s 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config.txt b/tests/cktools/pwck/27_pwck_usage_3_files/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err b/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err new file mode 100644 index 00000000..fa629415 --- /dev/null +++ b/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err @@ -0,0 +1,10 @@ +Usage: pwck [options] [passwd [shadow]] + +Options: + -h, --help display this help message and exit + -q, --quiet report errors only + -r, --read-only display errors and warnings + but do not change files + -R, --root CHROOT_DIR directory to chroot into + -s, --sort sort entries by UID + diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test b/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test new file mode 100755 index 00000000..9c8c81d1 --- /dev/null +++ b/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck displays its usage message when called with 3 files" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call pwck with 3 files (pwck data/passwd data/shadow data/foo)..." +pwck data/passwd data/shadow data/foo 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt b/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..57434e69 --- /dev/null +++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd @@ -0,0 +1,23 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/tmp:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/tmp:/bin/sh +uucp:x:10:10:uucp:/tmp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/tmp:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/tmp:/bin/sh +irc:x:39:39:ircd:/tmp:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh +nobody:x:65534:65534:nobody:/tmp:/bin/sh +Debian-exim:x:102:102::/tmp:/bin/false +foo:pass:1000:1000::/home/foo:/bin/sh +foo:pass:1001:1000::/tmp:/bin/sh +foo2:pass:1000:1000::/tmp:/bin/shs +foo3:x:1000:1000::/tmp: diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out b/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out new file mode 100644 index 00000000..e0cac3d8 --- /dev/null +++ b/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out @@ -0,0 +1,7 @@ +duplicate password entry +delete line 'foo:pass:1000:1000::/home/foo:/bin/sh'? No +user 'foo': directory '/home/foo' does not exist +duplicate password entry +delete line 'foo:pass:1001:1000::/tmp:/bin/sh'? No +user 'foo2': program '/bin/shs' does not exist +pwck: no changes diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test b/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test new file mode 100755 index 00000000..e792f78a --- /dev/null +++ b/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck report issues when the shadow file does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Check user database (pwck -r)..." +pwck -r >tmp/pwck.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.out +echo "=======================================================================" +echo -n "Check the report..." +diff -au data/pwck.out tmp/pwck.out +echo "report OK." +rm -f tmp/pwck.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt b/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd new file mode 100644 index 00000000..ded978d9 --- /dev/null +++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/tmp:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/tmp:/bin/sh +uucp:x:10:10:uucp:/tmp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/tmp:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/tmp:/bin/sh +irc:x:39:39:ircd:/tmp:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh +nobody:x:65534:65534:nobody:/tmp:/bin/sh +Debian-exim:x:102:102::/tmp:/bin/false +foo:x:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow new file mode 100644 index 00000000..37819882 --- /dev/null +++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:99997:0:99999:7::: diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out b/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out new file mode 100644 index 00000000..12d2fbfe --- /dev/null +++ b/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out @@ -0,0 +1,2 @@ +user foo: last password change in the future +pwck: no changes diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test b/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test new file mode 100755 index 00000000..6ccd8109 --- /dev/null +++ b/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck checks that the password was set in the past" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check user database (pwck -r)..." +pwck -r >tmp/pwck.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.out +echo "=======================================================================" +echo -n "Check the report..." +diff -au data/pwck.out tmp/pwck.out +echo "report OK." +rm -f tmp/pwck.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config.txt b/tests/cktools/pwck/30_pwck_NIS_entries/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/pwck/30_pwck_NIS_entries/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd new file mode 100644 index 00000000..e5bbc071 --- /dev/null +++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd @@ -0,0 +1,23 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/tmp:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/tmp:/bin/sh +uucp:x:10:10:uucp:/tmp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/tmp:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/tmp:/bin/sh +irc:x:39:39:ircd:/tmp:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh +nobody:x:65534:65534:nobody:/tmp:/bin/sh +Debian-exim:x:102:102::/tmp:/bin/false +foo:x:1000:1000::/home:/bin/sh ++:::::: +-bar:::::: +foo:x:1001:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow new file mode 100644 index 00000000..d3c07656 --- /dev/null +++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow @@ -0,0 +1,23 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:99997:0:99999:7::: ++:::::::: +-bar:::::::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out b/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out new file mode 100644 index 00000000..56dce35c --- /dev/null +++ b/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out @@ -0,0 +1,10 @@ +duplicate password entry +delete line 'foo:x:1000:1000::/home:/bin/sh'? No +duplicate password entry +delete line 'foo:x:1001:1000::/home:/bin/sh'? No +duplicate shadow password entry +delete line 'Debian-exim:!:12977:0:99999:7:::'? No +user foo: last password change in the future +duplicate shadow password entry +delete line 'Debian-exim:!:12977:0:99999:7:::'? No +pwck: no changes diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test b/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test new file mode 100755 index 00000000..733fa94e --- /dev/null +++ b/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck ignores NIS lines silently" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check user database (pwck -r)..." +pwck -r >tmp/pwck.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.out +echo "=======================================================================" +echo -n "Check the report..." +diff -au data/pwck.out tmp/pwck.out +echo "report OK." +rm -f tmp/pwck.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd new file mode 100644 index 00000000..fbeb96c2 --- /dev/null +++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/tmp:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/tmp:/bin/sh +uucp:x:10:10:uucp:/tmp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/tmp:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/tmp:/bin/sh +irc:x:39:39:ircd:/tmp:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh +nobody:x:65534:65534:nobody:/tmp:/bin/sh +Debian-exim:x:102:102::/tmp:/bin/false +foo:pass:1000:1000::/home:/bin/sh diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out new file mode 100644 index 00000000..5cedc7c3 --- /dev/null +++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out @@ -0,0 +1,2 @@ +user foo has an entry in /etc/shadow, but its password field in /etc/passwd is not set to 'x' +pwck: no changes diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test new file mode 100755 index 00000000..4c5b1f5f --- /dev/null +++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck checks that the password is set to x if there is a shadow entry" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check user database (pwck -r)..." +pwck -r >tmp/pwck.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.out +echo "=======================================================================" +echo -n "Check the report..." +diff -au data/pwck.out tmp/pwck.out +echo "report OK." +rm -f tmp/pwck.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cktools/pwck/32_pwck_quiet/config.txt b/tests/cktools/pwck/32_pwck_quiet/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/cktools/pwck/32_pwck_quiet/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/group b/tests/cktools/pwck/32_pwck_quiet/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow b/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd b/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd new file mode 100644 index 00000000..4491abe7 --- /dev/null +++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +Debian-exim:x:103:102::/var/spool/exim4:/bin/false +Debian-exim2:x:104:103::/var/spool/exim4:/bin/false +Debian-exim3:x:102:103::/var/spool/exim4:/bin/false diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow b/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cktools/pwck/32_pwck_quiet/data/pwck.out b/tests/cktools/pwck/32_pwck_quiet/data/pwck.out new file mode 100644 index 00000000..c9a8c2c5 --- /dev/null +++ b/tests/cktools/pwck/32_pwck_quiet/data/pwck.out @@ -0,0 +1,9 @@ +duplicate password entry +delete line 'Debian-exim:x:102:102::/var/spool/exim4:/bin/false'? No +duplicate password entry +delete line 'Debian-exim:x:103:102::/var/spool/exim4:/bin/false'? No +no matching password file entry in /etc/shadow +add user 'Debian-exim2' in /etc/shadow? No +no matching password file entry in /etc/shadow +add user 'Debian-exim3' in /etc/shadow? No +pwck: no changes diff --git a/tests/cktools/pwck/32_pwck_quiet/pwck.test b/tests/cktools/pwck/32_pwck_quiet/pwck.test new file mode 100755 index 00000000..c8a8b8ed --- /dev/null +++ b/tests/cktools/pwck/32_pwck_quiet/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get pwck usage (pwck -q -r)..." +pwck -q -r >tmp/pwck.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.out +echo "=======================================================================" +echo -n "Check the report..." +diff -au data/pwck.out tmp/pwck.out +echo "report OK." +rm -f tmp/pwck.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cleanup.sh b/tests/cleanup.sh new file mode 100755 index 00000000..26b1b27a --- /dev/null +++ b/tests/cleanup.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +for t in * +do + if [ ! -d $t/data ]; then continue; fi + for i in passwd group shadow gshadow + do + if [ -f $t/data/$i ] + then + if cmp -s $t/config/etc/$i $t/data/$i + then + echo "# $t/data/$i identical to config" + svn rm "$t/data/$i" + fi + fi + done +done + +for t in * +do + cd $t + if [ ! -d data ]; then cd ..; continue; fi + for i in data/* + do + if [ ! -f $i ]; then continue; fi + if ! grep -q $i *.test + then + echo "# $t/$i not used" + svn rm "$i" + fi + done + cd .. +done diff --git a/tests/common/Makefile b/tests/common/Makefile new file mode 100644 index 00000000..4ee04dd7 --- /dev/null +++ b/tests/common/Makefile @@ -0,0 +1,14 @@ +all: \ + fopen_failure.so \ + link_failure.so \ + open_RDONLY_failure.so \ + open_RDWR_failure.so \ + rename_failure.so \ + rmdir_failure.so \ + time_0.so \ + time_past.so \ + unlink_failure.so \ + unlinkat_failure.so + +%.so: %.c + gcc -W -Wall -pedantic -g $< -shared -ldl -o $@ diff --git a/tests/common/compare_file.pl b/tests/common/compare_file.pl new file mode 100755 index 00000000..eb498d32 --- /dev/null +++ b/tests/common/compare_file.pl @@ -0,0 +1,116 @@ +#!/usr/bin/perl + +open (TEMPLATE, $ARGV[0]) or die "Cannot open '".$ARGV[0]."': $!"; +my $template = join "", <TEMPLATE>; +open (FILE, $ARGV[1]) or die "Cannot open '".$ARGV[1]."': $!"; +my $file = join "", <FILE>; + +my $today = int(time()/(24*3600)); +$template =~ s/\@TODAY\@/$today/g; + +my $tmp = $template; +while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_DES ([^:]*)\@:(.*)$/s) { + my $user = $2; + my $pass = $3; + $tmp = $4; + if ($file =~ m/^$user:/m) { + $file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_DES $pass\@:$2/m; + my $cryptpass = $1; + # Check the password + my $checkpass = qx|/usr/bin/openssl passwd -crypt -salt '$cryptpass' $pass 2>tmp/openssl.err|; + chomp $checkpass; + + system "cat tmp/openssl.err" + if ($checkpass ne $cryptpass); + system "rm -f tmp/openssl.err"; + die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n" + if ($checkpass ne $cryptpass); + } else { + die "No user '$user' in ".$ARGV[1].".\n"; + } +} + +$tmp = $template; +while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_MD5 ([^:]*)\@:(.*)$/s) { + my $user = $2; + my $pass = $3; + $tmp = $4; + if ($file =~ m/^$user:/m) { + $file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_MD5 $pass\@:$2/m; + my $cryptpass = $1; + # Check the password + my $salt = $cryptpass; + $salt =~ s/^\$1\$//; + $salt =~ s/\$.*$//; + my $checkpass = qx|/usr/bin/openssl passwd -1 -salt '$salt' '$pass'|; + chomp $checkpass; + + die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n" + if ($checkpass ne $cryptpass); + } else { + die "No user '$user' in ".$ARGV[1].".\n"; + } +} + +$tmp = $template; +while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_SHA256 ([^:]*)\@:(.*)$/s) { + my $user = $2; + my $pass = $3; + $tmp = $4; + if ($file =~ m/^$user:/m) { + $file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_SHA256 $pass\@:$2/m; + my $cryptpass = $1; + # Check the password + my $salt = $cryptpass; + $salt =~ s/^\$5\$//; + my $rounds = ""; + if ($salt =~ s/^rounds=([0-9]*)\$//) { + $rounds = "-R $1"; + } + + $salt =~ s/\$.*$//; + my $checkpass = qx!echo '$pass' | /usr/bin/mkpasswd -m sha-256 --salt '$salt' $rounds --stdin!; + chomp $checkpass; + + die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n" + if ($checkpass ne $cryptpass); + } else { + die "No user '$user' in ".$ARGV[1].".\n"; + } +} + +$tmp = $template; +while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_SHA512 ([^:]*)\@:(.*)$/s) { + my $user = $2; + my $pass = $3; + $tmp = $4; + if ($file =~ m/^$user:/m) { + $file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_SHA512 $pass\@:$2/m; + my $cryptpass = $1; + # Check the password + my $salt = $cryptpass; + $salt =~ s/^\$6\$//; + my $rounds = ""; + if ($salt =~ s/^rounds=([0-9]*)\$//) { + $rounds = "-R $1"; + } + + $salt =~ s/\$.*$//; + my $checkpass = qx!echo '$pass' | /usr/bin/mkpasswd -m sha-512 --salt '$salt' $rounds --stdin!; + chomp $checkpass; + + die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n" + if ($checkpass ne $cryptpass); + } else { + die "No user '$user' in ".$ARGV[1].".\n"; + } +} + + +exit 0 if ($file =~ m/^\Q$template\E$/s); + +print "Files differ.\n"; + +system "diff", "-au", $ARGV[0], $ARGV[1]; + +exit 1 diff --git a/tests/common/config.sh b/tests/common/config.sh new file mode 100644 index 00000000..9b504852 --- /dev/null +++ b/tests/common/config.sh @@ -0,0 +1,121 @@ +# Generic functions to save, change, and restore configuration files + +set -e + +build_path=/root/build/shadow-4.1.5/ + +# Save the configuration files in tmp. +save_config () +{ + [ ! -d tmp ] && mkdir tmp + find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' | + while read file + do + mkdir -p "tmp/$(dirname "$file")" + [ -f "/$file" ] && cp -dp "/$file" "tmp/$file" || true + done +} + +# Copy the config files from config to the system +change_config () +{ + find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' | + while read file + do + cp -f "config/$file" "/$file" + done +} + +# Restored the config files in the system. +# The config files must be saved before with save_config (). +restore_config () +{ + find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' | + while read file + do + if [ -f "tmp/$file" ]; then + cp -dp "tmp/$file" "/$file" + rm "tmp/$file" + else + rm -f "/$file" + fi + d="$(dirname "tmp/$file")" + while [ -n "$d" ] && [ "$d" != "." ] + do + rmdir "$d" 2>/dev/null || true + d="$(dirname "$d")" + done + done + + rmdir tmp 2>/dev/null || true +} + +prepare_chroot () +{ + mkdir tmp/root + cp -rfdp config_chroot/* tmp/root/ + find tmp/root/ -name .svn -type d -print0 | xargs -0 rm -rf + + lists=/root/tests/common/config_chroot.list + [ -f config_chroot.list ] && lists="$lists config_chroot.list" + cat $lists | grep -v "#" | while read f + do + # Create parent directory if needed + d=$(dirname tmp/root/$f) + [ -d $d ] || mkdir -p $d + # Create hard link + ln $f tmp/root/$f + done + + # Copy existing gcda + mkdir -p tmp/root$build_path/lib + mkdir -p tmp/root$build_path/libmisc + mkdir -p tmp/root$build_path/src + find "$build_path" -name "*.gcda" | while read f + do + ln $f tmp/root/$f + done +} + +clean_chroot () +{ + # Remove copied files + lists=/root/tests/common/config_chroot.list + [ -f config_chroot.list ] && lists="$lists config_chroot.list" + cat $lists | grep -v "#" | while read f + do + rm -f tmp/root/$f + # Remove parent directory if empty + d=$(dirname tmp/root/$f) + rmdir -p --ignore-fail-on-non-empty $d + done + + find "$build_path" -name "*.gcda" | while read f + do + rm -f tmp/root/$f + done + find tmp/root -name "*.gcda" | while read f + do + g=${f#tmp/root} + mv "$f" "$g" + done + rmdir tmp/root$build_path/lib + rmdir tmp/root$build_path/libmisc + rmdir tmp/root$build_path/src + rmdir tmp/root$build_path + rmdir tmp/root/root/build + rmdir tmp/root/root + + find config_chroot -type f | while read f + do + f=${f#config_chroot/} + rm -f tmp/root/$f + done + + find config_chroot -depth -type d | while read d + do + d=${d#config_chroot} + [ -d "tmp/root$d" ] && rmdir tmp/root$d + done +} + diff --git a/tests/common/config_chroot-i386.list b/tests/common/config_chroot-i386.list new file mode 100644 index 00000000..ba7bf8a2 --- /dev/null +++ b/tests/common/config_chroot-i386.list @@ -0,0 +1,25 @@ +/lib/i386-linux-gnu/ld-2.13.so +/lib/i386-linux-gnu/ld-linux.so.2 +/lib/ld-linux.so.2 +/lib/i386-linux-gnu/libcrypt-2.13.so +/lib/i386-linux-gnu/libcrypt.so.1 +/lib/i386-linux-gnu/libc-2.13.so +/lib/i386-linux-gnu/libc.so.6 +/lib/i386-linux-gnu/libdl-2.13.so +/lib/i386-linux-gnu/libdl.so.2 +/lib/i386-linux-gnu/libnsl-2.13.so +/lib/i386-linux-gnu/libnsl.so.1 +/lib/i386-linux-gnu/libnss_compat-2.13.so +/lib/i386-linux-gnu/libnss_compat.so.2 +/lib/i386-linux-gnu/libpamc.so.0 +/lib/i386-linux-gnu/libpamc.so.0.82.1 +/lib/i386-linux-gnu/libpam_misc.so.0 +/lib/i386-linux-gnu/libpam_misc.so.0.82.0 +/lib/i386-linux-gnu/libpam.so.0 +/lib/i386-linux-gnu/libpam.so.0.83.0 +/lib/i386-linux-gnu/libselinux.so.1 +/lib/i386-linux-gnu/security/pam_deny.so +/lib/i386-linux-gnu/security/pam_permit.so +/lib/i386-linux-gnu/security/pam_rootok.so +/lib/i386-linux-gnu/security/pam_shells.so +/lib/i386-linux-gnu/security/pam_unix.so diff --git a/tests/common/config_chroot-powerpc.list b/tests/common/config_chroot-powerpc.list new file mode 100644 index 00000000..e6c344ef --- /dev/null +++ b/tests/common/config_chroot-powerpc.list @@ -0,0 +1,25 @@ +/lib/powerpc-linux-gnu/ld-2.13.so +/lib/powerpc-linux-gnu/ld.so.1 +/lib/ld.so.1 +/lib/powerpc-linux-gnu/libcrypt-2.13.so +/lib/powerpc-linux-gnu/libcrypt.so.1 +/lib/powerpc-linux-gnu/libc-2.13.so +/lib/powerpc-linux-gnu/libc.so.6 +/lib/powerpc-linux-gnu/libdl-2.13.so +/lib/powerpc-linux-gnu/libdl.so.2 +/lib/powerpc-linux-gnu/libnsl-2.13.so +/lib/powerpc-linux-gnu/libnsl.so.1 +/lib/powerpc-linux-gnu/libnss_compat-2.13.so +/lib/powerpc-linux-gnu/libnss_compat.so.2 +/lib/powerpc-linux-gnu/libpamc.so.0 +/lib/powerpc-linux-gnu/libpamc.so.0.82.1 +/lib/powerpc-linux-gnu/libpam_misc.so.0 +/lib/powerpc-linux-gnu/libpam_misc.so.0.82.0 +/lib/powerpc-linux-gnu/libpam.so.0 +/lib/powerpc-linux-gnu/libpam.so.0.83.0 +/lib/powerpc-linux-gnu/libselinux.so.1 +/lib/powerpc-linux-gnu/security/pam_deny.so +/lib/powerpc-linux-gnu/security/pam_permit.so +/lib/powerpc-linux-gnu/security/pam_rootok.so +/lib/powerpc-linux-gnu/security/pam_shells.so +/lib/powerpc-linux-gnu/security/pam_unix.so diff --git a/tests/common/fopen_failure.c b/tests/common/fopen_failure.c new file mode 100644 index 00000000..750cd667 --- /dev/null +++ b/tests/common/fopen_failure.c @@ -0,0 +1,46 @@ +/* + * gcc fopen_failure.c -o fopen_failure.so -shared -ldl + * LD_PRELOAD=./fopen_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> + + +typedef FILE * (*fopen_type) (const char *path, const char *mode); +static fopen_type next_fopen; + +static const char *failure_path = NULL; + +FILE *fopen64 (const char *path, const char *mode) +{ +printf ("fopen64(%s, %s)\n", path, mode); + if (NULL == next_fopen) + { + next_fopen = dlsym (RTLD_NEXT, "fopen64"); + assert (NULL != next_fopen); + } + if (NULL == failure_path) { + failure_path = getenv ("FAILURE_PATH"); + if (NULL == failure_path) { + fputs ("No FAILURE_PATH defined\n", stderr); + } + } + + if ( (NULL != path) + && (NULL != failure_path) + && (strcmp (path, failure_path) == 0)) + { + fprintf (stderr, "fopen64 FAILURE %s %s ...\n", path, mode); + errno = EIO; + return NULL; + } + + return next_fopen (path, mode); +} + diff --git a/tests/common/link_failure.c b/tests/common/link_failure.c new file mode 100644 index 00000000..8cf460a6 --- /dev/null +++ b/tests/common/link_failure.c @@ -0,0 +1,51 @@ +/* + * gcc link_failure.c -o link_failure.so -shared -ldl + * LD_PRELOAD=./link_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdarg.h> +#include <fcntl.h> +#include <string.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + + +typedef int (*link_type) (const char *oldpath, const char *newpath); +static link_type next_link; + +static const char *failure_path = NULL; + +int link (const char *oldpath, const char *newpath) +{ + if (NULL == next_link) + { + next_link = dlsym (RTLD_NEXT, "link"); + assert (NULL != next_link); + } + if (NULL == failure_path) { + failure_path = getenv ("FAILURE_PATH"); + if (NULL == failure_path) { + fputs ("No FAILURE_PATH defined\n", stderr); + } + } + + if ( (NULL != newpath) + && (NULL != failure_path) + && (strcmp (newpath, failure_path) == 0)) + { + fprintf (stderr, "link FAILURE %s %s\n", oldpath, newpath); + errno = EIO; + return -1; + } + + return next_link (oldpath, newpath); +} + diff --git a/tests/common/log.sh b/tests/common/log.sh new file mode 100644 index 00000000..48879706 --- /dev/null +++ b/tests/common/log.sh @@ -0,0 +1,46 @@ +# Helpers to log messages / status + +log_start () +{ + test="$1" + rationale="$2" + cat << EOF + +############################################################################### +# +# Test: $test +# +############################################################################### +# +# Rationale: $rationale +# +############################################################################### +EOF +} + +log_end () +{ + test="$1" + cat << EOF +############################################################################### +# +# End of test $test +# +############################################################################### + +EOF +} + +log_status () +{ + test="$1" + status="$2" + cat << EOF +############################################################################### +# +# Status of test $test: $status +# +############################################################################### +EOF +} + diff --git a/tests/common/open_RDONLY_failure.c b/tests/common/open_RDONLY_failure.c new file mode 100644 index 00000000..e14859fb --- /dev/null +++ b/tests/common/open_RDONLY_failure.c @@ -0,0 +1,51 @@ +/* + * gcc open_RDONLY_failure.c -o open_RDONLY_failure.so -shared -ldl + * LD_PRELOAD=./open_RDONLY_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdarg.h> +#include <fcntl.h> +#include <string.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> + + +typedef int (*open_type) (const char *pathname, int flag, ...); +static open_type next_open64; + +static const char *failure_path = NULL; + +int open64 (const char *pathname, int flag, ...) +{ + if (NULL == next_open64) + { + next_open64 = dlsym (RTLD_NEXT, "open64"); + assert (NULL != next_open64); + } + if (NULL == failure_path) { + failure_path = getenv ("FAILURE_PATH"); + if (NULL == failure_path) { + fputs ("No FAILURE_PATH defined\n", stderr); + } + } + + if ( (NULL != pathname) + && ((flag & O_ACCMODE) == O_RDONLY) + && (NULL != failure_path) + && (strcmp (pathname, failure_path) == 0)) + { + fprintf (stderr, "open FAILURE %s %x ...\n", pathname, flag&O_ACCMODE); + errno = EIO; + return -1; + } + + return next_open64 (pathname, flag); +} + diff --git a/tests/common/open_RDWR_failure.c b/tests/common/open_RDWR_failure.c new file mode 100644 index 00000000..5bf10690 --- /dev/null +++ b/tests/common/open_RDWR_failure.c @@ -0,0 +1,51 @@ +/* + * gcc open_RDWR_failure.c -o open_RDWR_failure.so -shared -ldl + * LD_PRELOAD=./open_RDWR_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdarg.h> +#include <fcntl.h> +#include <string.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> + + +typedef int (*open_type) (const char *pathname, int flag, ...); +static open_type next_open64; + +static const char *failure_path = NULL; + +int open64 (const char *pathname, int flag, ...) +{ + if (NULL == next_open64) + { + next_open64 = dlsym (RTLD_NEXT, "open64"); + assert (NULL != next_open64); + } + if (NULL == failure_path) { + failure_path = getenv ("FAILURE_PATH"); + if (NULL == failure_path) { + fputs ("No FAILURE_PATH defined\n", stderr); + } + } + + if ( (NULL != pathname) + && ((flag & O_ACCMODE) == O_RDWR) + && (NULL != failure_path) + && (strcmp (pathname, failure_path) == 0)) + { + fprintf (stderr, "open FAILURE %s %x ...\n", pathname, flag&O_ACCMODE); + errno = EIO; + return -1; + } + + return next_open64 (pathname, flag); +} + diff --git a/tests/common/rename_failure.c b/tests/common/rename_failure.c new file mode 100644 index 00000000..dd02fe59 --- /dev/null +++ b/tests/common/rename_failure.c @@ -0,0 +1,50 @@ +/* + * gcc rename_failure.c -o rename_failure.so -shared -ldl + * LD_PRELOAD=./rename_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdarg.h> +#include <fcntl.h> +#include <string.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> + + +typedef int (*rename_type) (const char *old, const char *new); +static rename_type next_rename; + +static const char *failure_path = NULL; + +int rename (const char *old, const char *new) +{ + if (NULL == next_rename) + { + next_rename = dlsym (RTLD_NEXT, "rename"); + assert (NULL != next_rename); + } + if (NULL == failure_path) { + failure_path = getenv ("FAILURE_PATH"); + if (NULL == failure_path) { + fputs ("No FAILURE_PATH defined\n", stderr); + } + } + + if ( (NULL != new) + && (NULL != failure_path) + && (strcmp (new, failure_path) == 0)) + { + fprintf (stderr, "rename FAILURE %s %s\n", old, new); + errno = EIO; + return -1; + } + + return next_rename (old, new); +} + diff --git a/tests/common/rmdir_failure.c b/tests/common/rmdir_failure.c new file mode 100644 index 00000000..9d775b10 --- /dev/null +++ b/tests/common/rmdir_failure.c @@ -0,0 +1,51 @@ +/* + * gcc rmdir_failure.c -o rmdir_failure.so -shared -ldl + * LD_PRELOAD=./rmdir_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdarg.h> +#include <fcntl.h> +#include <string.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + + +typedef int (*rmdir_type) (const char *path); +static rmdir_type next_rmdir; + +static const char *failure_path = NULL; + +int rmdir (const char *path) +{ + if (NULL == next_rmdir) + { + next_rmdir = dlsym (RTLD_NEXT, "rmdir"); + assert (NULL != next_rmdir); + } + if (NULL == failure_path) { + failure_path = getenv ("FAILURE_PATH"); + if (NULL == failure_path) { + fputs ("No FAILURE_PATH defined\n", stderr); + } + } + + if ( (NULL != path) + && (NULL != failure_path) + && (strcmp (path, failure_path) == 0)) + { + fprintf (stderr, "rmdir FAILURE %s\n", path); + errno = EBUSY; + return -1; + } + + return next_rmdir (path); +} + diff --git a/tests/common/time_0.c b/tests/common/time_0.c new file mode 100644 index 00000000..6937361e --- /dev/null +++ b/tests/common/time_0.c @@ -0,0 +1,16 @@ +/* + * gcc time_0.c -o time_0.so -shared + * LD_PRELOAD=./time_0.so ./test + */ + +#include <stdio.h> +#include <time.h> + + +time_t time (time_t *t) +{ + fprintf (stderr, "time 0\n"); + + return (time_t)0; +} + diff --git a/tests/common/time_past.c b/tests/common/time_past.c new file mode 100644 index 00000000..d0eb741e --- /dev/null +++ b/tests/common/time_past.c @@ -0,0 +1,52 @@ +/* + * gcc time_past.c -o time_past.so -shared -ldl + * LD_PRELOAD=./time_past.so PAST_DAYS=2 ./test + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdarg.h> +#include <fcntl.h> +#include <string.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> + + +typedef time_t (*time_type) (time_t *t); +static time_type next_time; + +static int time_past = 0; +static char *past = NULL; + +time_t time (time_t *t) +{ + time_t res; + + if (NULL == next_time) + { + next_time = dlsym (RTLD_NEXT, "time"); + assert (NULL != next_time); + } + if (NULL == past) { + const char *past = getenv ("PAST_DAYS"); + if (NULL == past) { + fputs ("No PAST_DAYS defined\n", stderr); + } + time_past = atoi (past); + } + + res = next_time (t); + res -= 24*60*60*time_past; + + if (NULL != t) { + *t = res; + } + + return res; +} + diff --git a/tests/common/unlink_failure.c b/tests/common/unlink_failure.c new file mode 100644 index 00000000..2281c8af --- /dev/null +++ b/tests/common/unlink_failure.c @@ -0,0 +1,51 @@ +/* + * gcc unlink_failure.c -o unlink_failure.so -shared -ldl + * LD_PRELOAD=./unlink_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdarg.h> +#include <fcntl.h> +#include <string.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + + +typedef int (*unlink_type) (const char *path); +static unlink_type next_unlink; + +static const char *failure_path = NULL; + +int unlink (const char *path) +{ + if (NULL == next_unlink) + { + next_unlink = dlsym (RTLD_NEXT, "unlink"); + assert (NULL != next_unlink); + } + if (NULL == failure_path) { + failure_path = getenv ("FAILURE_PATH"); + if (NULL == failure_path) { + fputs ("No FAILURE_PATH defined\n", stderr); + } + } + + if ( (NULL != path) + && (NULL != failure_path) + && (strcmp (path, failure_path) == 0)) + { + fprintf (stderr, "unlink FAILURE %s\n", path); + errno = EBUSY; + return -1; + } + + return next_unlink (path); +} + diff --git a/tests/common/unlinkat_failure.c b/tests/common/unlinkat_failure.c new file mode 100644 index 00000000..5b8bf958 --- /dev/null +++ b/tests/common/unlinkat_failure.c @@ -0,0 +1,62 @@ +/* + * gcc unlinkat_failure.c -o unlinkat_failure.so -shared -ldl + * LD_PRELOAD=./unlinkat_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow + */ + +#define _GNU_SOURCE +#include <dlfcn.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdarg.h> +#include <fcntl.h> +#include <string.h> +#include <errno.h> +#include <assert.h> + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + + +typedef int (*unlinkat_type) (int dirfd, const char *pathname, int flags); +static unlinkat_type next_unlinkat; + +static const char *failure_path = NULL; +static dev_t failure_dev = -1; +static ino_t failure_ino = -1; + +int unlinkat (int dirfd, const char *pathname, int flags) +{ + if (NULL == next_unlinkat) + { + next_unlinkat = dlsym (RTLD_NEXT, "unlinkat"); + assert (NULL != next_unlinkat); + } + if (NULL == failure_path) { + struct stat sb; + failure_path = getenv ("FAILURE_PATH"); + if (NULL == failure_path) { + fputs ("No FAILURE_PATH defined\n", stderr); + } + if (lstat (failure_path, &sb) != 0) { + fputs ("Can't lstat FAILURE_PATH\n", stderr); + } + failure_dev = sb.st_dev; + failure_ino = sb.st_ino; + } + + if ( (NULL != pathname) + && (NULL != failure_path)) { + struct stat sb; + if ( (fstatat (dirfd, pathname, &sb, flags) == 0) + && (sb.st_dev == failure_dev) + && (sb.st_ino == failure_ino)) { + fprintf (stderr, "unlinkat FAILURE %s\n", failure_path); + errno = EBUSY; + return -1; + } + } + + return next_unlinkat (dirfd, pathname, flags); +} + diff --git a/tests/convtools/01/data/1/group b/tests/convtools/01/data/1/group new file mode 100644 index 00000000..a34689a8 --- /dev/null +++ b/tests/convtools/01/data/1/group @@ -0,0 +1,42 @@ +root:*:0: +daemon:*:1: +bin:*:2: +sys:*:3: +adm:*:4: +tty:*:5: +disk:*:6: +lp:*:7: +mail:*:8: +news:*:9: +uucp:*:10: +man:*:12: +proxy:*:13: +kmem:*:15: +dialout:*:20: +fax:*:21: +voice:*:22: +cdrom:*:24: +floppy:*:25: +tape:*:26: +sudo:*:27: +audio:*:29: +dip:*:30: +www-data:*:33: +backup:*:34: +operator:*:37: +list:*:38: +irc:*:39: +src:*:40: +gnats:*:41: +shadow:*:42: +utmp:*:43: +video:*:44: +sasl:*:45: +plugdev:*:46: +staff:*:50: +games:*:60: +users:*:100: +nogroup:*:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/convtools/01/data/1/passwd b/tests/convtools/01/data/1/passwd new file mode 100644 index 00000000..a9a08c89 --- /dev/null +++ b/tests/convtools/01/data/1/passwd @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:!:102:102::/var/spool/exim4:/bin/false +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/convtools/01/data/2/group b/tests/convtools/01/data/2/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/convtools/01/data/2/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/convtools/01/data/2/gshadow b/tests/convtools/01/data/2/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/convtools/01/data/2/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/convtools/01/data/2/passwd b/tests/convtools/01/data/2/passwd new file mode 100644 index 00000000..e8242fee --- /dev/null +++ b/tests/convtools/01/data/2/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite:x:424243:424243::/home:/bin/bash diff --git a/tests/convtools/01/data/2/shadow b/tests/convtools/01/data/2/shadow new file mode 100644 index 00000000..6689e4f0 --- /dev/null +++ b/tests/convtools/01/data/2/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +testsuite::12992:0:99999:7::: diff --git a/tests/convtools/01/run b/tests/convtools/01/run new file mode 100755 index 00000000..81ceef12 --- /dev/null +++ b/tests/convtools/01/run @@ -0,0 +1,117 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test that su can be used to switch to root and to a normal account + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp -dp /etc/$i tmp/$i + [ -f /etc/$i- ] && cp -dp /etc/$i- tmp/$i- + done + DATE=$(date '+%s') + DATE=$(( DATE/3600/24 )) + WARN=$( egrep "^PASS_WARN_AGE" /etc/login.defs | { read var val ; echo $val; } ) + saveifs=$IFS + IFS=":" + cat data/2/shadow | + while read f1 f2 f3 f4 f5 f6 f7 f8 fres + do + echo "$f1:$f2:$DATE:$f4:$f5:$WARN:::" + done > tmp/shadow.2 + IFS=$saveifs +} + +restore() +{ + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp -dp tmp/$i /etc/$i && rm tmp/$i + [ -f tmp/$i- ] && cp -dp tmp/$i- /etc/$i- && rm tmp/$i- + done + rm tmp/shadow.2 + rmdir tmp +} + +save + +# restore the files on exit +trap 'restore' 0 + +for i in passwd group shadow gshadow +do + rm -f /etc/$i +done +for i in passwd group +do + cp -f data/1/$i /etc/ +done + +echo -n "pwconv " +pwconv +echo -n "checking..." +diff -au /etc/passwd data/2/passwd +diff -au /etc/shadow tmp/shadow.2 +diff -au /etc/group data/1/group +perms=$(stat -c "%a %u %G" /etc/shadow) +if [ "$perms" != "440 0 shadow" ] +then + echo "Wrong mode or owners on /etc/shadow." + exit 1 +fi +if [ -f /etc/gshadow ] +then + echo "/etc/gshadow should not exist." + exit 1 +fi +echo "OK" + +echo -n "grpconv " +grpconv +echo -n "checking..." +diff -au /etc/passwd data/2/passwd +diff -au /etc/shadow tmp/shadow.2 +diff -au /etc/group data/2/group +diff -au /etc/gshadow data/2/gshadow +echo "OK" + +echo -n "pwunconv " +pwunconv +echo -n "checking..." +diff -au /etc/passwd data/1/passwd +if [ -f /etc/shadow ] +then + echo "/etc/shadow should not exist. " + exit 1 +fi +diff -au /etc/group data/2/group +diff -au /etc/gshadow data/2/gshadow +echo "OK" + +echo -n "grpunconv " +grpunconv +echo -n "checking..." +diff -au /etc/passwd data/1/passwd +if [ -f /etc/shadow ] +then + echo "/etc/shadow should not exist. " + exit 1 +fi +diff -au /etc/group data/1/group +if [ -f /etc/gshadow ] +then + echo "/etc/gshadow should not exist. " + exit 1 +fi +echo "OK" + diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt new file mode 100644 index 00000000..8529433a --- /dev/null +++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt @@ -0,0 +1,2 @@ +user foo, in group users +group bar in gshadow, not group diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test b/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test new file mode 100755 index 00000000..8092d3a2 --- /dev/null +++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv removes the gshadow only entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Convert the group files (grpconv)..." +grpconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/03_grpconv_copy_passwd/config.txt b/tests/convtools/03_grpconv_copy_passwd/config.txt new file mode 100644 index 00000000..e904dbe2 --- /dev/null +++ b/tests/convtools/03_grpconv_copy_passwd/config.txt @@ -0,0 +1,2 @@ +group foo with a password in /etc/group +group foo not in gshadow diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/group b/tests/convtools/03_grpconv_copy_passwd/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow b/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd b/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow b/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/03_grpconv_copy_passwd/data/group b/tests/convtools/03_grpconv_copy_passwd/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/convtools/03_grpconv_copy_passwd/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/convtools/03_grpconv_copy_passwd/data/gshadow b/tests/convtools/03_grpconv_copy_passwd/data/gshadow new file mode 100644 index 00000000..fed75fc4 --- /dev/null +++ b/tests/convtools/03_grpconv_copy_passwd/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:$1$foogroupPassword:: diff --git a/tests/convtools/03_grpconv_copy_passwd/grpconv.test b/tests/convtools/03_grpconv_copy_passwd/grpconv.test new file mode 100755 index 00000000..2cf49896 --- /dev/null +++ b/tests/convtools/03_grpconv_copy_passwd/grpconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv copies the password from group to gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Convert the group files (grpconv)..." +grpconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/04_grpconv_no_password/config.txt b/tests/convtools/04_grpconv_no_password/config.txt new file mode 100644 index 00000000..71f8a48c --- /dev/null +++ b/tests/convtools/04_grpconv_no_password/config.txt @@ -0,0 +1,2 @@ +group foo with an empty password in group +group foo not in gshadow diff --git a/tests/convtools/04_grpconv_no_password/config/etc/group b/tests/convtools/04_grpconv_no_password/config/etc/group new file mode 100644 index 00000000..52ece62e --- /dev/null +++ b/tests/convtools/04_grpconv_no_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo::1000: diff --git a/tests/convtools/04_grpconv_no_password/config/etc/gshadow b/tests/convtools/04_grpconv_no_password/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/04_grpconv_no_password/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/04_grpconv_no_password/config/etc/passwd b/tests/convtools/04_grpconv_no_password/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/04_grpconv_no_password/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/04_grpconv_no_password/config/etc/shadow b/tests/convtools/04_grpconv_no_password/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/04_grpconv_no_password/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/04_grpconv_no_password/data/group b/tests/convtools/04_grpconv_no_password/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/convtools/04_grpconv_no_password/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/convtools/04_grpconv_no_password/data/gshadow b/tests/convtools/04_grpconv_no_password/data/gshadow new file mode 100644 index 00000000..5c62cfd2 --- /dev/null +++ b/tests/convtools/04_grpconv_no_password/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo::: diff --git a/tests/convtools/04_grpconv_no_password/grpconv.test b/tests/convtools/04_grpconv_no_password/grpconv.test new file mode 100755 index 00000000..da0fb074 --- /dev/null +++ b/tests/convtools/04_grpconv_no_password/grpconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv moves an empty password from group to gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Convert the group files (grpconv)..." +grpconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt new file mode 100644 index 00000000..891174b2 --- /dev/null +++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt @@ -0,0 +1,3 @@ +group foo in group with a password +group foo in gshadow without password +group foo member of users in group, not in gshadow diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow new file mode 100644 index 00000000..fed75fc4 --- /dev/null +++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:$1$foogroupPassword:: diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test new file mode 100755 index 00000000..2d9f9f3d --- /dev/null +++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv copies the password and membership from group to gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Convert the group files (grpconv)..." +grpconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/06_grpconv_error_group_locked/config.txt b/tests/convtools/06_grpconv_error_group_locked/config.txt new file mode 100644 index 00000000..f055b057 --- /dev/null +++ b/tests/convtools/06_grpconv_error_group_locked/config.txt @@ -0,0 +1 @@ +group foo with a password, not in gshadow diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/group b/tests/convtools/06_grpconv_error_group_locked/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow b/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd b/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow b/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err b/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err new file mode 100644 index 00000000..4a63d73c --- /dev/null +++ b/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err @@ -0,0 +1,2 @@ +grpconv: lock /etc/group.lock already used by PID <PID> +grpconv: cannot lock /etc/group; try again later. diff --git a/tests/convtools/06_grpconv_error_group_locked/grpconv.test b/tests/convtools/06_grpconv_error_group_locked/grpconv.test new file mode 100755 index 00000000..0ed4ead2 --- /dev/null +++ b/tests/convtools/06_grpconv_error_group_locked/grpconv.test @@ -0,0 +1,63 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv tests if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +echo -n $$ > /etc/group.lock +echo "done" + +echo -n "Convert the group files (grpconv)..." +grpconv 2>tmp/grpconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Delete lock file for /etc/group..." +rm -f /etc/group.lock +echo "done" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/grpconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +sed -i -e "s/$$/<PID>/" tmp/grpconv.err +diff -au data/grpconv.err tmp/grpconv.err +echo "error message OK." +rm -f tmp/grpconv.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config.txt b/tests/convtools/07_grpconv_error_gshadow_locked/config.txt new file mode 100644 index 00000000..f055b057 --- /dev/null +++ b/tests/convtools/07_grpconv_error_gshadow_locked/config.txt @@ -0,0 +1 @@ +group foo with a password, not in gshadow diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err b/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err new file mode 100644 index 00000000..527ecae6 --- /dev/null +++ b/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err @@ -0,0 +1,2 @@ +grpconv: existing lock file /etc/gshadow.lock without a PID +grpconv: cannot lock /etc/gshadow; try again later. diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test b/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test new file mode 100755 index 00000000..52e03c96 --- /dev/null +++ b/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv tests if gshadow is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Convert the group files (grpconv)..." +grpconv 2>tmp/grpconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Delete lock file for /etc/gshadow..." +rm -f /etc/gshadow.lock +echo "done" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/grpconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpconv.err tmp/grpconv.err +echo "error message OK." +rm -f tmp/grpconv.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config.txt b/tests/convtools/08_grpunconv_no_gshadow_file/config.txt new file mode 100644 index 00000000..48ac937d --- /dev/null +++ b/tests/convtools/08_grpunconv_no_gshadow_file/config.txt @@ -0,0 +1 @@ +user foo, in group users diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test b/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test new file mode 100755 index 00000000..0be3ce8f --- /dev/null +++ b/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpunconv exits successfully when the gshadow file does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the gshadow file..." +rm -f /etc/gshadow +echo "done" + +echo -n "Convert the group files (grpunconv)..." +grpunconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/09_grpunconv_error_group_locked/config.txt b/tests/convtools/09_grpunconv_error_group_locked/config.txt new file mode 100644 index 00000000..f055b057 --- /dev/null +++ b/tests/convtools/09_grpunconv_error_group_locked/config.txt @@ -0,0 +1 @@ +group foo with a password, not in gshadow diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/group b/tests/convtools/09_grpunconv_error_group_locked/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow b/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd b/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow b/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err b/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err new file mode 100644 index 00000000..ddfae6f4 --- /dev/null +++ b/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err @@ -0,0 +1,2 @@ +grpunconv: existing lock file /etc/group.lock without a PID +grpunconv: cannot lock /etc/group; try again later. diff --git a/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test b/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test new file mode 100755 index 00000000..7503fe83 --- /dev/null +++ b/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpunconv checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Convert the group files (grpunconv)..." +grpunconv 2>tmp/grpunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Delete lock file for /etc/group..." +rm -f /etc/group.lock +echo "done" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/grpunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpunconv.err tmp/grpunconv.err +echo "error message OK." +rm -f tmp/grpunconv.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt b/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt new file mode 100644 index 00000000..f055b057 --- /dev/null +++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt @@ -0,0 +1 @@ +group foo with a password, not in gshadow diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err b/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err new file mode 100644 index 00000000..55470971 --- /dev/null +++ b/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err @@ -0,0 +1,2 @@ +grpunconv: existing lock file /etc/gshadow.lock without a PID +grpunconv: cannot lock /etc/gshadow; try again later. diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test b/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test new file mode 100755 index 00000000..7b7490c4 --- /dev/null +++ b/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpunconv checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Convert the group files (grpunconv)..." +grpunconv 2>tmp/grpunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Delete lock file for /etc/gshadow..." +rm -f /etc/gshadow.lock +echo "done" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/grpunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpunconv.err tmp/grpunconv.err +echo "error message OK." +rm -f tmp/grpunconv.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config.txt b/tests/convtools/11_pwconv_error_passwd_locked/config.txt new file mode 100644 index 00000000..eca9223c --- /dev/null +++ b/tests/convtools/11_pwconv_error_passwd_locked/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +group foo with a password, not in gshadow diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err b/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err new file mode 100644 index 00000000..bf83d748 --- /dev/null +++ b/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err @@ -0,0 +1,2 @@ +pwconv: existing lock file /etc/passwd.lock without a PID +pwconv: cannot lock /etc/passwd; try again later. diff --git a/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test b/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test new file mode 100755 index 00000000..4d292cbf --- /dev/null +++ b/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwconv tests if the passwd file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Convert the passwd files (pwconv)..." +pwconv 2>tmp/pwconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Delete lock file for /etc/passwd..." +rm -f /etc/passwd.lock +echo "done" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/pwconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwconv.err tmp/pwconv.err +echo "error message OK." +rm -f tmp/pwconv.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config.txt b/tests/convtools/12_pwconv_error_shadow_locked/config.txt new file mode 100644 index 00000000..eca9223c --- /dev/null +++ b/tests/convtools/12_pwconv_error_shadow_locked/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +group foo with a password, not in gshadow diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err b/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err new file mode 100644 index 00000000..3ac90484 --- /dev/null +++ b/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err @@ -0,0 +1,2 @@ +pwconv: existing lock file /etc/shadow.lock without a PID +pwconv: cannot lock /etc/shadow; try again later. diff --git a/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test b/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test new file mode 100755 index 00000000..03bcf6b8 --- /dev/null +++ b/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwconv tests if the shadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Convert the shadow files (pwconv)..." +pwconv 2>tmp/pwconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Delete lock file for /etc/shadow..." +rm -f /etc/shadow.lock +echo "done" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/pwconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwconv.err tmp/pwconv.err +echo "error message OK." +rm -f tmp/pwconv.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config.txt b/tests/convtools/13_pwunconv_error_passwd_locked/config.txt new file mode 100644 index 00000000..eca9223c --- /dev/null +++ b/tests/convtools/13_pwunconv_error_passwd_locked/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +group foo with a password, not in gshadow diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err b/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err new file mode 100644 index 00000000..40d2244a --- /dev/null +++ b/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err @@ -0,0 +1,2 @@ +pwunconv: existing lock file /etc/passwd.lock without a PID +pwunconv: cannot lock /etc/passwd; try again later. diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test b/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test new file mode 100755 index 00000000..bfd7ed31 --- /dev/null +++ b/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwunconv tests if the passwd file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Convert the passwd files (pwunconv)..." +pwunconv 2>tmp/pwunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Delete lock file for /etc/passwd..." +rm -f /etc/passwd.lock +echo "done" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/pwunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwunconv.err tmp/pwunconv.err +echo "error message OK." +rm -f tmp/pwunconv.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config.txt b/tests/convtools/14_pwunconv_error_shadow_locked/config.txt new file mode 100644 index 00000000..eca9223c --- /dev/null +++ b/tests/convtools/14_pwunconv_error_shadow_locked/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +group foo with a password, not in gshadow diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err b/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err new file mode 100644 index 00000000..20de665d --- /dev/null +++ b/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err @@ -0,0 +1,2 @@ +pwunconv: existing lock file /etc/shadow.lock without a PID +pwunconv: cannot lock /etc/shadow; try again later. diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test b/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test new file mode 100755 index 00000000..79e6c4ed --- /dev/null +++ b/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwunconv tests if the shadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Convert the shadow files (pwunconv)..." +pwunconv 2>tmp/pwunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Delete lock file for /etc/shadow..." +rm -f /etc/shadow.lock +echo "done" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/pwunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwunconv.err tmp/pwunconv.err +echo "error message OK." +rm -f tmp/pwunconv.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt b/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt new file mode 100644 index 00000000..9f8a8365 --- /dev/null +++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt @@ -0,0 +1,2 @@ +user foo, in group users +group bar is gshadow, not group diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow new file mode 100644 index 00000000..5f73f335 --- /dev/null +++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test b/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test new file mode 100755 index 00000000..11abe4be --- /dev/null +++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwconv removes the shadow only entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Convert the passwd files (pwconv)..." +pwconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/16_pwconv_copy_passwd/config.txt b/tests/convtools/16_pwconv_copy_passwd/config.txt new file mode 100644 index 00000000..a6d9ecda --- /dev/null +++ b/tests/convtools/16_pwconv_copy_passwd/config.txt @@ -0,0 +1 @@ +user foo with a password, not in shadow diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/group b/tests/convtools/16_pwconv_copy_passwd/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow b/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd b/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd new file mode 100644 index 00000000..2a53add5 --- /dev/null +++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:$1$foogroupPassword:1000:1000:::/bin/false diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow b/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow new file mode 100644 index 00000000..498ef868 --- /dev/null +++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:*:12977:0:99999:7::: diff --git a/tests/convtools/16_pwconv_copy_passwd/data/passwd b/tests/convtools/16_pwconv_copy_passwd/data/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/convtools/16_pwconv_copy_passwd/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/convtools/16_pwconv_copy_passwd/data/shadow b/tests/convtools/16_pwconv_copy_passwd/data/shadow new file mode 100644 index 00000000..54d97a40 --- /dev/null +++ b/tests/convtools/16_pwconv_copy_passwd/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$foogroupPassword:@TODAY@:0:99999:7::: diff --git a/tests/convtools/16_pwconv_copy_passwd/pwconv.test b/tests/convtools/16_pwconv_copy_passwd/pwconv.test new file mode 100755 index 00000000..d25ceb21 --- /dev/null +++ b/tests/convtools/16_pwconv_copy_passwd/pwconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwconv removes the shadow only entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Convert the passwd files (pwconv)..." +pwconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config.txt b/tests/convtools/17_pwunconv_no_shadow_file/config.txt new file mode 100644 index 00000000..4d66ec70 --- /dev/null +++ b/tests/convtools/17_pwunconv_no_shadow_file/config.txt @@ -0,0 +1,6 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users +group bar is gshadow, not group diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test b/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test new file mode 100755 index 00000000..afcd2d76 --- /dev/null +++ b/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwunconv exits successfully when the shadow file does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the shadow file..." +rm -f /etc/shadow +echo "done" + +echo -n "Convert the passwd files (pwunconv)..." +pwunconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt b/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt new file mode 100644 index 00000000..a6d9ecda --- /dev/null +++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt @@ -0,0 +1 @@ +user foo with a password, not in shadow diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd b/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd new file mode 100644 index 00000000..28f6d454 --- /dev/null +++ b/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:!:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test b/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test new file mode 100755 index 00000000..44c5e5d7 --- /dev/null +++ b/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwunconv does not fail when a user is not in the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Unconvert the shadow file (pwunconv)..." +pwunconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/19_pwconv_NIS/config.txt b/tests/convtools/19_pwconv_NIS/config.txt new file mode 100644 index 00000000..a6d9ecda --- /dev/null +++ b/tests/convtools/19_pwconv_NIS/config.txt @@ -0,0 +1 @@ +user foo with a password, not in shadow diff --git a/tests/convtools/19_pwconv_NIS/config/etc/group b/tests/convtools/19_pwconv_NIS/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/19_pwconv_NIS/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/19_pwconv_NIS/config/etc/gshadow b/tests/convtools/19_pwconv_NIS/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/19_pwconv_NIS/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/19_pwconv_NIS/config/etc/passwd b/tests/convtools/19_pwconv_NIS/config/etc/passwd new file mode 100644 index 00000000..8be0d7bf --- /dev/null +++ b/tests/convtools/19_pwconv_NIS/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:!:102:102::/var/spool/exim4:/bin/false +foo:$1$foogroupPassword:1000:1000:::/bin/false ++:::::::: +-bar:::::::: diff --git a/tests/convtools/19_pwconv_NIS/config/etc/shadow b/tests/convtools/19_pwconv_NIS/config/etc/shadow new file mode 100644 index 00000000..498ef868 --- /dev/null +++ b/tests/convtools/19_pwconv_NIS/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:*:12977:0:99999:7::: diff --git a/tests/convtools/19_pwconv_NIS/data/passwd b/tests/convtools/19_pwconv_NIS/data/passwd new file mode 100644 index 00000000..f474274f --- /dev/null +++ b/tests/convtools/19_pwconv_NIS/data/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false ++:::::::: +-bar:::::::: diff --git a/tests/convtools/19_pwconv_NIS/data/shadow b/tests/convtools/19_pwconv_NIS/data/shadow new file mode 100644 index 00000000..68bbd027 --- /dev/null +++ b/tests/convtools/19_pwconv_NIS/data/shadow @@ -0,0 +1,20 @@ +root:x:@TODAY@:0:99999:7::: +daemon:x:@TODAY@:0:99999:7::: +bin:x:@TODAY@:0:99999:7::: +sys:x:@TODAY@:0:99999:7::: +sync:x:@TODAY@:0:99999:7::: +games:x:@TODAY@:0:99999:7::: +man:x:@TODAY@:0:99999:7::: +lp:x:@TODAY@:0:99999:7::: +mail:x:@TODAY@:0:99999:7::: +news:x:@TODAY@:0:99999:7::: +uucp:x:@TODAY@:0:99999:7::: +proxy:x:@TODAY@:0:99999:7::: +www-data:x:@TODAY@:0:99999:7::: +backup:x:@TODAY@:0:99999:7::: +list:x:@TODAY@:0:99999:7::: +irc:x:@TODAY@:0:99999:7::: +gnats:x:@TODAY@:0:99999:7::: +nobody:x:@TODAY@:0:99999:7::: +Debian-exim:!:@TODAY@:0:99999:7::: +foo:$1$foogroupPassword:@TODAY@:0:99999:7::: diff --git a/tests/convtools/19_pwconv_NIS/pwconv.test b/tests/convtools/19_pwconv_NIS/pwconv.test new file mode 100755 index 00000000..62bd4db2 --- /dev/null +++ b/tests/convtools/19_pwconv_NIS/pwconv.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwconv removes the shadow only entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Convert the passwd files (pwconv)..." +pwconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/20_pwunconv_usage_option/config.txt b/tests/convtools/20_pwunconv_usage_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/convtools/20_pwunconv_usage_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/group b/tests/convtools/20_pwunconv_usage_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/convtools/20_pwunconv_usage_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow b/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/passwd b/tests/convtools/20_pwunconv_usage_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/20_pwunconv_usage_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/shadow b/tests/convtools/20_pwunconv_usage_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/20_pwunconv_usage_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/20_pwunconv_usage_option/data/usage.out b/tests/convtools/20_pwunconv_usage_option/data/usage.out new file mode 100644 index 00000000..30fff4db --- /dev/null +++ b/tests/convtools/20_pwunconv_usage_option/data/usage.out @@ -0,0 +1,7 @@ +pwunconv: invalid option -- 'Z' +Usage: pwunconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/20_pwunconv_usage_option/pwunconv.test b/tests/convtools/20_pwunconv_usage_option/pwunconv.test new file mode 100755 index 00000000..fa2a9d7c --- /dev/null +++ b/tests/convtools/20_pwunconv_usage_option/pwunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwunconv displays its usage message in case there isn't the right number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get pwunconv usage (pwunconv -Z)..." +pwunconv -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config.txt b/tests/convtools/21_pwunconv_keep_passwd_password/config.txt new file mode 100644 index 00000000..cda229c3 --- /dev/null +++ b/tests/convtools/21_pwunconv_keep_passwd_password/config.txt @@ -0,0 +1 @@ +user foo with a password in passwd (and shadow) diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd new file mode 100644 index 00000000..b58a62bb --- /dev/null +++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:foopass:1000:1000:::/bin/false diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow new file mode 100644 index 00000000..7e164e0d --- /dev/null +++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:fooshadowpasswd:12977:0:99999:7::: diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd b/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd new file mode 100644 index 00000000..56eb83bb --- /dev/null +++ b/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:!:102:102::/var/spool/exim4:/bin/false +foo:foopass:1000:1000:::/bin/false diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test b/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test new file mode 100755 index 00000000..c795f1f2 --- /dev/null +++ b/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwunconv keeps the password from /etc/passwd (if not 'x'" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Unconvert the shadow file (pwunconv)..." +pwunconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/22_grpunconv_usage_option/config.txt b/tests/convtools/22_grpunconv_usage_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/convtools/22_grpunconv_usage_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/group b/tests/convtools/22_grpunconv_usage_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/convtools/22_grpunconv_usage_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow b/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/passwd b/tests/convtools/22_grpunconv_usage_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/22_grpunconv_usage_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/shadow b/tests/convtools/22_grpunconv_usage_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/22_grpunconv_usage_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/22_grpunconv_usage_option/data/usage.out b/tests/convtools/22_grpunconv_usage_option/data/usage.out new file mode 100644 index 00000000..7528279f --- /dev/null +++ b/tests/convtools/22_grpunconv_usage_option/data/usage.out @@ -0,0 +1,7 @@ +grpunconv: invalid option -- 'Z' +Usage: grpunconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/22_grpunconv_usage_option/grpunconv.test b/tests/convtools/22_grpunconv_usage_option/grpunconv.test new file mode 100755 index 00000000..5c3bc823 --- /dev/null +++ b/tests/convtools/22_grpunconv_usage_option/grpunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpunconv displays its usage message in case there isn't the right number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get grpunconv usage (grpunconv -Z)..." +grpunconv -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/23_grpunconv_keep_group_password/config.txt b/tests/convtools/23_grpunconv_keep_group_password/config.txt new file mode 100644 index 00000000..cda229c3 --- /dev/null +++ b/tests/convtools/23_grpunconv_keep_group_password/config.txt @@ -0,0 +1 @@ +user foo with a password in passwd (and shadow) diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/group b/tests/convtools/23_grpunconv_keep_group_password/config/etc/group new file mode 100644 index 00000000..8339bd31 --- /dev/null +++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow b/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow new file mode 100644 index 00000000..51a7bdb2 --- /dev/null +++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:fooshadowpass:: diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd b/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd new file mode 100644 index 00000000..b58a62bb --- /dev/null +++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:foopass:1000:1000:::/bin/false diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow b/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow new file mode 100644 index 00000000..7e164e0d --- /dev/null +++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:fooshadowpasswd:12977:0:99999:7::: diff --git a/tests/convtools/23_grpunconv_keep_group_password/data/group b/tests/convtools/23_grpunconv_keep_group_password/data/group new file mode 100644 index 00000000..2a9e59e4 --- /dev/null +++ b/tests/convtools/23_grpunconv_keep_group_password/data/group @@ -0,0 +1,42 @@ +root:*:0: +daemon:*:1: +bin:*:2: +sys:*:3: +adm:*:4: +tty:*:5: +disk:*:6: +lp:*:7: +mail:*:8: +news:*:9: +uucp:*:10: +man:*:12: +proxy:*:13: +kmem:*:15: +dialout:*:20: +fax:*:21: +voice:*:22: +cdrom:*:24: +floppy:*:25: +tape:*:26: +sudo:*:27: +audio:*:29: +dip:*:30: +www-data:*:33: +backup:*:34: +operator:*:37: +list:*:38: +irc:*:39: +src:*:40: +gnats:*:41: +shadow:*:42: +utmp:*:43: +video:*:44: +sasl:*:45: +plugdev:*:46: +staff:*:50: +games:*:60: +users:*:100:foo +nogroup:*:65534: +crontab:x:101: +Debian-exim:x:102: +foo:$1$foogroupPassword:1000: diff --git a/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test b/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test new file mode 100755 index 00000000..e3e0127c --- /dev/null +++ b/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpunconv keeps the password from /etc/group (if not 'x'" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Unconvert the shadow file (grpunconv)..." +grpunconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt b/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt new file mode 100644 index 00000000..48ac937d --- /dev/null +++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt @@ -0,0 +1 @@ +user foo, in group users diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow new file mode 100644 index 00000000..671ebfe3 --- /dev/null +++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/data/group b/tests/convtools/24_grpunconv_no_gshadow_entry/data/group new file mode 100644 index 00000000..61118662 --- /dev/null +++ b/tests/convtools/24_grpunconv_no_gshadow_entry/data/group @@ -0,0 +1,42 @@ +root:*:0: +daemon:*:1: +bin:*:2: +sys:*:3: +adm:*:4: +tty:*:5: +disk:*:6: +lp:*:7: +mail:x:8: +news:*:9: +uucp:*:10: +man:*:12: +proxy:*:13: +kmem:*:15: +dialout:*:20: +fax:*:21: +voice:*:22: +cdrom:*:24: +floppy:*:25: +tape:*:26: +sudo:*:27: +audio:*:29: +dip:*:30: +www-data:*:33: +backup:*:34: +operator:*:37: +list:*:38: +irc:*:39: +src:*:40: +gnats:*:41: +shadow:*:42: +utmp:x:43: +video:*:44: +sasl:*:45: +plugdev:*:46: +staff:*:50: +games:*:60: +users:*:100:foo +nogroup:*:65534: +crontab:x:101: +Debian-exim:x:102: +foo:*:1000: diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test b/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test new file mode 100755 index 00000000..716d97a1 --- /dev/null +++ b/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpunconv succeeds even if some entries are no in gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Convert the group files (grpunconv)..." +grpunconv +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/25_pwconv_usage_option/config.txt b/tests/convtools/25_pwconv_usage_option/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/group b/tests/convtools/25_pwconv_usage_option/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/gshadow b/tests/convtools/25_pwconv_usage_option/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/passwd b/tests/convtools/25_pwconv_usage_option/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/shadow b/tests/convtools/25_pwconv_usage_option/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/25_pwconv_usage_option/data/usage.out b/tests/convtools/25_pwconv_usage_option/data/usage.out new file mode 100644 index 00000000..8ecc6af5 --- /dev/null +++ b/tests/convtools/25_pwconv_usage_option/data/usage.out @@ -0,0 +1,7 @@ +pwconv: invalid option -- 'Z' +Usage: pwconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/25_pwconv_usage_option/pwconv.test b/tests/convtools/25_pwconv_usage_option/pwconv.test new file mode 100755 index 00000000..7e6ccaf5 --- /dev/null +++ b/tests/convtools/25_pwconv_usage_option/pwconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwconv displays its usage message in case there isn't the right number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get pwconv usage (pwconv -Z)..." +pwconv -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/26_grpconv_usage_option/config.txt b/tests/convtools/26_grpconv_usage_option/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/group b/tests/convtools/26_grpconv_usage_option/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/gshadow b/tests/convtools/26_grpconv_usage_option/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/passwd b/tests/convtools/26_grpconv_usage_option/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/shadow b/tests/convtools/26_grpconv_usage_option/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/26_grpconv_usage_option/data/usage.out b/tests/convtools/26_grpconv_usage_option/data/usage.out new file mode 100644 index 00000000..5da31b4b --- /dev/null +++ b/tests/convtools/26_grpconv_usage_option/data/usage.out @@ -0,0 +1,7 @@ +grpconv: invalid option -- 'Z' +Usage: grpconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/26_grpconv_usage_option/grpconv.test b/tests/convtools/26_grpconv_usage_option/grpconv.test new file mode 100755 index 00000000..18c033ca --- /dev/null +++ b/tests/convtools/26_grpconv_usage_option/grpconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv displays its usage message in case there isn't the right number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get grpconv usage (grpconv -Z)..." +grpconv -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/27_pwunconv_usage/config.txt b/tests/convtools/27_pwunconv_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/convtools/27_pwunconv_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/convtools/27_pwunconv_usage/config/etc/group b/tests/convtools/27_pwunconv_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/convtools/27_pwunconv_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/convtools/27_pwunconv_usage/config/etc/gshadow b/tests/convtools/27_pwunconv_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/27_pwunconv_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/27_pwunconv_usage/config/etc/passwd b/tests/convtools/27_pwunconv_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/27_pwunconv_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/27_pwunconv_usage/config/etc/shadow b/tests/convtools/27_pwunconv_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/27_pwunconv_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/27_pwunconv_usage/data/usage.out b/tests/convtools/27_pwunconv_usage/data/usage.out new file mode 100644 index 00000000..71f04d9d --- /dev/null +++ b/tests/convtools/27_pwunconv_usage/data/usage.out @@ -0,0 +1,6 @@ +Usage: pwunconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/27_pwunconv_usage/pwunconv.test b/tests/convtools/27_pwunconv_usage/pwunconv.test new file mode 100755 index 00000000..4103eca7 --- /dev/null +++ b/tests/convtools/27_pwunconv_usage/pwunconv.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwunconv can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get pwunconv usage (pwunconv -Z)..." +pwunconv -h >tmp/usage.out +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config.txt b/tests/convtools/28_pwunconv_usage_extra_arg/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/convtools/28_pwunconv_usage_extra_arg/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out b/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out new file mode 100644 index 00000000..71f04d9d --- /dev/null +++ b/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out @@ -0,0 +1,6 @@ +Usage: pwunconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test b/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test new file mode 100755 index 00000000..d9a38086 --- /dev/null +++ b/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwunconv displays its usage message in case there isn't the right number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call pwunconv with an argument (pwunconv foo)..." +pwunconv foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/29_grpconv_usage/config.txt b/tests/convtools/29_grpconv_usage/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/29_grpconv_usage/config/etc/group b/tests/convtools/29_grpconv_usage/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/29_grpconv_usage/config/etc/gshadow b/tests/convtools/29_grpconv_usage/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/29_grpconv_usage/config/etc/passwd b/tests/convtools/29_grpconv_usage/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/29_grpconv_usage/config/etc/shadow b/tests/convtools/29_grpconv_usage/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/29_grpconv_usage/data/usage.out b/tests/convtools/29_grpconv_usage/data/usage.out new file mode 100644 index 00000000..80f0fd58 --- /dev/null +++ b/tests/convtools/29_grpconv_usage/data/usage.out @@ -0,0 +1,6 @@ +Usage: grpconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/29_grpconv_usage/grpconv.test b/tests/convtools/29_grpconv_usage/grpconv.test new file mode 100755 index 00000000..a6fbd9e0 --- /dev/null +++ b/tests/convtools/29_grpconv_usage/grpconv.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get grpconv usage (grpconv -Z)..." +grpconv -h >tmp/usage.out +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config.txt b/tests/convtools/30_grpconv_usage_extra_arg/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/group b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out b/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out new file mode 100644 index 00000000..80f0fd58 --- /dev/null +++ b/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out @@ -0,0 +1,6 @@ +Usage: grpconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test b/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test new file mode 100755 index 00000000..a321a05b --- /dev/null +++ b/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpconv displays its usage message in case there isn't the right number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call grpconv with an extra argument (grpconv foo)..." +grpconv foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/31_pwconv_usage/config.txt b/tests/convtools/31_pwconv_usage/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/31_pwconv_usage/config/etc/group b/tests/convtools/31_pwconv_usage/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/31_pwconv_usage/config/etc/gshadow b/tests/convtools/31_pwconv_usage/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/31_pwconv_usage/config/etc/passwd b/tests/convtools/31_pwconv_usage/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/31_pwconv_usage/config/etc/shadow b/tests/convtools/31_pwconv_usage/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/31_pwconv_usage/data/usage.out b/tests/convtools/31_pwconv_usage/data/usage.out new file mode 100644 index 00000000..61b53c55 --- /dev/null +++ b/tests/convtools/31_pwconv_usage/data/usage.out @@ -0,0 +1,6 @@ +Usage: pwconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/31_pwconv_usage/pwconv.test b/tests/convtools/31_pwconv_usage/pwconv.test new file mode 100755 index 00000000..dd86723b --- /dev/null +++ b/tests/convtools/31_pwconv_usage/pwconv.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwconv can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get pwconv usage (pwconv -Z)..." +pwconv -h >tmp/usage.out +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config.txt b/tests/convtools/32_pwconv_usage_extra_arg/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/group b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out b/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out new file mode 100644 index 00000000..61b53c55 --- /dev/null +++ b/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out @@ -0,0 +1,6 @@ +Usage: pwconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test b/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test new file mode 100755 index 00000000..1ae4ffeb --- /dev/null +++ b/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "pwconv displays its usage message in case there isn't the right number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call pwconv with an extra argument (pwconv foo)..." +pwconv foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/33_grpunconv_usage/config.txt b/tests/convtools/33_grpunconv_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/convtools/33_grpunconv_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/convtools/33_grpunconv_usage/config/etc/group b/tests/convtools/33_grpunconv_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/convtools/33_grpunconv_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/convtools/33_grpunconv_usage/config/etc/gshadow b/tests/convtools/33_grpunconv_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/33_grpunconv_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/33_grpunconv_usage/config/etc/passwd b/tests/convtools/33_grpunconv_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/33_grpunconv_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/33_grpunconv_usage/config/etc/shadow b/tests/convtools/33_grpunconv_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/33_grpunconv_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/33_grpunconv_usage/data/usage.out b/tests/convtools/33_grpunconv_usage/data/usage.out new file mode 100644 index 00000000..274b58df --- /dev/null +++ b/tests/convtools/33_grpunconv_usage/data/usage.out @@ -0,0 +1,6 @@ +Usage: grpunconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/33_grpunconv_usage/grpunconv.test b/tests/convtools/33_grpunconv_usage/grpunconv.test new file mode 100755 index 00000000..d6f65395 --- /dev/null +++ b/tests/convtools/33_grpunconv_usage/grpunconv.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpunconv can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get grpunconv usage (grpunconv -Z)..." +grpunconv -h >tmp/usage.out +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config.txt b/tests/convtools/34_grpunconv_usage_extra_arg/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/convtools/34_grpunconv_usage_extra_arg/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out b/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out new file mode 100644 index 00000000..274b58df --- /dev/null +++ b/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out @@ -0,0 +1,6 @@ +Usage: grpunconv [options] + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test b/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test new file mode 100755 index 00000000..12a0d21d --- /dev/null +++ b/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "grpunconv displays its usage message in case there isn't the right number of arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call grpunconv with an extra argument (grpunconv foo)..." +grpunconv foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/coverage.sh b/tests/coverage.sh new file mode 100755 index 00000000..6deae846 --- /dev/null +++ b/tests/coverage.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +# This script builds the code coverage of the testsuite. +# The shadow utils must have been compiled with -fprofile-arcs -ftest-coverage + +cd ../build/shadow-4.1.3.1/ +rm -rf ../coverage +mkdir ../coverage +lcov --directory . --capture --output-file=lcov.data + +genhtml --frames --output-directory ../coverage/ --show-details lcov.data diff --git a/tests/cptools/01/data/group b/tests/cptools/01/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/cptools/01/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/cptools/01/data/group.new b/tests/cptools/01/data/group.new new file mode 100644 index 00000000..db5f1341 --- /dev/null +++ b/tests/cptools/01/data/group.new @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test:x:10000: diff --git a/tests/cptools/01/data/gshadow b/tests/cptools/01/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/cptools/01/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/cptools/01/data/gshadow.new b/tests/cptools/01/data/gshadow.new new file mode 100644 index 00000000..3c9bae92 --- /dev/null +++ b/tests/cptools/01/data/gshadow.new @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test:x:: diff --git a/tests/cptools/01/data/passwd b/tests/cptools/01/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/cptools/01/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/cptools/01/data/passwd.new b/tests/cptools/01/data/passwd.new new file mode 100644 index 00000000..148b7944 --- /dev/null +++ b/tests/cptools/01/data/passwd.new @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test:x:10002:10002::/tmp:/bin/false diff --git a/tests/cptools/01/data/shadow b/tests/cptools/01/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/cptools/01/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/cptools/01/data/shadow.new b/tests/cptools/01/data/shadow.new new file mode 100644 index 00000000..c6e351ee --- /dev/null +++ b/tests/cptools/01/data/shadow.new @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test:!:10:0:99999:7::: diff --git a/tests/cptools/01/run1 b/tests/cptools/01/run1 new file mode 100755 index 00000000..26fc0440 --- /dev/null +++ b/tests/cptools/01/run1 @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test that useradd can add an user and userdel removes it. + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + done + + true +} + +restore() +{ + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + done + rmdir tmp +} + +save + +# restore the files on exit +trap 'restore' 0 + +for i in passwd group shadow gshadow +do + cp data/$i /etc +done + +lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ") +lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ") +lines_group=$(wc -l /etc/group | cut -f1 -d" ") +lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ") + +echo -n "Copy passwd.new " +cppw data/passwd.new +echo "OK" + +echo -n "test if the password file was copied" +diff -au /etc/passwd data/passwd.new +echo " OK" + +echo -n "check that the other files were not modified" +diff -au /etc/group data/group +diff -au /etc/gshadow data/gshadow +diff -au /etc/shadow data/shadow +echo " OK" diff --git a/tests/cptools/01/run2 b/tests/cptools/01/run2 new file mode 100755 index 00000000..c42238e6 --- /dev/null +++ b/tests/cptools/01/run2 @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test that useradd can add an user and userdel removes it. + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + done + + true +} + +restore() +{ + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + done + rmdir tmp +} + +save + +# restore the files on exit +trap 'restore' 0 + +for i in passwd group shadow gshadow +do + cp data/$i /etc +done + +lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ") +lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ") +lines_group=$(wc -l /etc/group | cut -f1 -d" ") +lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ") + +echo -n "Copy group.new " +cpgr data/group.new +echo "OK" + +echo -n "test if the password file was copied" +diff -au /etc/group data/group.new +echo " OK" + +echo -n "check that the other files were not modified" +diff -au /etc/gshadow data/gshadow +diff -au /etc/passwd data/passwd +diff -au /etc/shadow data/shadow +echo " OK" diff --git a/tests/cptools/01/run3 b/tests/cptools/01/run3 new file mode 100755 index 00000000..d213e477 --- /dev/null +++ b/tests/cptools/01/run3 @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test that useradd can add an user and userdel removes it. + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + done + + true +} + +restore() +{ + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + done + rmdir tmp +} + +save + +# restore the files on exit +trap 'restore' 0 + +for i in passwd group shadow gshadow +do + cp data/$i /etc +done + +lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ") +lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ") +lines_group=$(wc -l /etc/group | cut -f1 -d" ") +lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ") + +echo -n "Copy shadow.new " +cppw -s data/shadow.new +echo "OK" + +echo -n "test if the password file was copied" +diff -au /etc/shadow data/shadow.new +echo " OK" + +echo -n "check that the other files were not modified" +diff -au /etc/group data/group +diff -au /etc/gshadow data/gshadow +diff -au /etc/passwd data/passwd +echo " OK" diff --git a/tests/cptools/01/run4 b/tests/cptools/01/run4 new file mode 100755 index 00000000..7cc3fb8d --- /dev/null +++ b/tests/cptools/01/run4 @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# Rational: +# Test that useradd can add an user and userdel removes it. + +save() +{ + [ ! -d tmp ] && mkdir tmp + for i in passwd group shadow gshadow + do + [ -f /etc/$i ] && cp /etc/$i tmp/$i + done + + true +} + +restore() +{ + for i in passwd group shadow gshadow + do + [ -f tmp/$i ] && cp tmp/$i /etc/$i && rm tmp/$i + done + rmdir tmp +} + +save + +# restore the files on exit +trap 'restore' 0 + +for i in passwd group shadow gshadow +do + cp data/$i /etc +done + +lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ") +lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ") +lines_group=$(wc -l /etc/group | cut -f1 -d" ") +lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ") + +echo -n "Copy gshadow.new " +cpgr -s data/gshadow.new +echo "OK" + +echo -n "test if the password file was copied" +diff -au /etc/gshadow data/gshadow.new +echo " OK" + +echo -n "check that the other files were not modified" +diff -au /etc/group data/group +diff -au /etc/passwd data/passwd +diff -au /etc/shadow data/shadow +echo " OK" diff --git a/tests/cptools/02_cppw_usage/config.txt b/tests/cptools/02_cppw_usage/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/02_cppw_usage/config/etc/group b/tests/cptools/02_cppw_usage/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/02_cppw_usage/config/etc/gshadow b/tests/cptools/02_cppw_usage/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/02_cppw_usage/config/etc/passwd b/tests/cptools/02_cppw_usage/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/02_cppw_usage/config/etc/shadow b/tests/cptools/02_cppw_usage/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/02_cppw_usage/cppw.test b/tests/cptools/02_cppw_usage/cppw.test new file mode 100755 index 00000000..ef3b77f2 --- /dev/null +++ b/tests/cptools/02_cppw_usage/cppw.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw can displays its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get cppw usage (cppw -h)..." +cppw -h >tmp/usage.out +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/02_cppw_usage/data/usage.out b/tests/cptools/02_cppw_usage/data/usage.out new file mode 100644 index 00000000..9efb2a70 --- /dev/null +++ b/tests/cptools/02_cppw_usage/data/usage.out @@ -0,0 +1,3 @@ +Usage: +`cppw <file>' copys over /etc/passwd `cppw -s <file>' copys over /etc/shadow +`cpgr <file>' copys over /etc/group `cpgr -s <file>' copys over /etc/gshadow diff --git a/tests/cptools/03_cppw_usage_invalid_option/config.txt b/tests/cptools/03_cppw_usage_invalid_option/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/group b/tests/cptools/03_cppw_usage_invalid_option/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow b/tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd b/tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow b/tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/03_cppw_usage_invalid_option/cppw.test b/tests/cptools/03_cppw_usage_invalid_option/cppw.test new file mode 100755 index 00000000..c6d41e98 --- /dev/null +++ b/tests/cptools/03_cppw_usage_invalid_option/cppw.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw reports usage of invalid option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use wrong cppw option (cppw -Z)..." +/usr/sbin/cppw -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/03_cppw_usage_invalid_option/data/usage.out b/tests/cptools/03_cppw_usage_invalid_option/data/usage.out new file mode 100644 index 00000000..633ff23d --- /dev/null +++ b/tests/cptools/03_cppw_usage_invalid_option/data/usage.out @@ -0,0 +1,4 @@ +/usr/sbin/cppw: invalid option -- 'Z' +Usage: +`cppw <file>' copys over /etc/passwd `cppw -s <file>' copys over /etc/shadow +`cpgr <file>' copys over /etc/group `cpgr -s <file>' copys over /etc/gshadow diff --git a/tests/cptools/04_cppw_no_file_argument/config.txt b/tests/cptools/04_cppw_no_file_argument/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/group b/tests/cptools/04_cppw_no_file_argument/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/gshadow b/tests/cptools/04_cppw_no_file_argument/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/passwd b/tests/cptools/04_cppw_no_file_argument/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/shadow b/tests/cptools/04_cppw_no_file_argument/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/04_cppw_no_file_argument/cppw.test b/tests/cptools/04_cppw_no_file_argument/cppw.test new file mode 100755 index 00000000..7ccef735 --- /dev/null +++ b/tests/cptools/04_cppw_no_file_argument/cppw.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw reports an error if no files are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use cppw without a file argument (cppw)..." +cppw 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/04_cppw_no_file_argument/data/usage.out b/tests/cptools/04_cppw_no_file_argument/data/usage.out new file mode 100644 index 00000000..808df395 --- /dev/null +++ b/tests/cptools/04_cppw_no_file_argument/data/usage.out @@ -0,0 +1,2 @@ +cppw: wrong number of arguments, -h for usage +cppw: no changes diff --git a/tests/cptools/05_cppw_2_files/config.txt b/tests/cptools/05_cppw_2_files/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/05_cppw_2_files/config/etc/group b/tests/cptools/05_cppw_2_files/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/cptools/05_cppw_2_files/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/cptools/05_cppw_2_files/config/etc/gshadow b/tests/cptools/05_cppw_2_files/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/cptools/05_cppw_2_files/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/cptools/05_cppw_2_files/config/etc/passwd b/tests/cptools/05_cppw_2_files/config/etc/passwd new file mode 100644 index 00000000..ae3eda3f --- /dev/null +++ b/tests/cptools/05_cppw_2_files/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/sh +myuser2:x:424243:424242::/home:/bin/sh diff --git a/tests/cptools/05_cppw_2_files/config/etc/shadow b/tests/cptools/05_cppw_2_files/config/etc/shadow new file mode 100644 index 00000000..f004fa26 --- /dev/null +++ b/tests/cptools/05_cppw_2_files/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/cptools/05_cppw_2_files/cppw.test b/tests/cptools/05_cppw_2_files/cppw.test new file mode 100755 index 00000000..49ca1d57 --- /dev/null +++ b/tests/cptools/05_cppw_2_files/cppw.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw reports an error if 2 files are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use cppw with 2 files (cppw data/passwd data/passwd)..." +cppw data/passwd data/passwd 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/05_cppw_2_files/data/passwd b/tests/cptools/05_cppw_2_files/data/passwd new file mode 100644 index 00000000..e8e3c399 --- /dev/null +++ b/tests/cptools/05_cppw_2_files/data/passwd @@ -0,0 +1,17 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh diff --git a/tests/cptools/05_cppw_2_files/data/usage.out b/tests/cptools/05_cppw_2_files/data/usage.out new file mode 100644 index 00000000..808df395 --- /dev/null +++ b/tests/cptools/05_cppw_2_files/data/usage.out @@ -0,0 +1,2 @@ +cppw: wrong number of arguments, -h for usage +cppw: no changes diff --git a/tests/cptools/06_cppw_no_file/config.txt b/tests/cptools/06_cppw_no_file/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/06_cppw_no_file/config/etc/group b/tests/cptools/06_cppw_no_file/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/06_cppw_no_file/config/etc/gshadow b/tests/cptools/06_cppw_no_file/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/06_cppw_no_file/config/etc/passwd b/tests/cptools/06_cppw_no_file/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/06_cppw_no_file/config/etc/shadow b/tests/cptools/06_cppw_no_file/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/06_cppw_no_file/cppw.test b/tests/cptools/06_cppw_no_file/cppw.test new file mode 100755 index 00000000..67a35a91 --- /dev/null +++ b/tests/cptools/06_cppw_no_file/cppw.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw reports an error if no files are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use cppw with a nonexistant file (cppw data/passwd)..." +cppw data/passwd 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/06_cppw_no_file/data/usage.out b/tests/cptools/06_cppw_no_file/data/usage.out new file mode 100644 index 00000000..133dea3e --- /dev/null +++ b/tests/cptools/06_cppw_no_file/data/usage.out @@ -0,0 +1,2 @@ +cppw: data/passwd: No such file or directory +cppw: /etc/passwd is unchanged diff --git a/tests/cptools/07_cppw_locked_passwd/config.txt b/tests/cptools/07_cppw_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/group b/tests/cptools/07_cppw_locked_passwd/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/gshadow b/tests/cptools/07_cppw_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/passwd b/tests/cptools/07_cppw_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/shadow b/tests/cptools/07_cppw_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/07_cppw_locked_passwd/cppw.test b/tests/cptools/07_cppw_locked_passwd/cppw.test new file mode 100755 index 00000000..366618e0 --- /dev/null +++ b/tests/cptools/07_cppw_locked_passwd/cppw.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw checks if the password file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Use cppw (cppw data/passwd)..." +cppw data/passwd 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/07_cppw_locked_passwd/data/passwd b/tests/cptools/07_cppw_locked_passwd/data/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/07_cppw_locked_passwd/data/usage.out b/tests/cptools/07_cppw_locked_passwd/data/usage.out new file mode 100644 index 00000000..c99e46a1 --- /dev/null +++ b/tests/cptools/07_cppw_locked_passwd/data/usage.out @@ -0,0 +1,3 @@ +cppw: existing lock file /etc/passwd.lock without a PID +cppw: Couldn't lock file +cppw: /etc/passwd is unchanged diff --git a/tests/cptools/08_cppw-p/config.txt b/tests/cptools/08_cppw-p/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/08_cppw-p/config/etc/group b/tests/cptools/08_cppw-p/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/08_cppw-p/config/etc/gshadow b/tests/cptools/08_cppw-p/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/08_cppw-p/config/etc/passwd b/tests/cptools/08_cppw-p/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/08_cppw-p/config/etc/shadow b/tests/cptools/08_cppw-p/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/08_cppw-p/cppw.test b/tests/cptools/08_cppw-p/cppw.test new file mode 100755 index 00000000..d4ee8646 --- /dev/null +++ b/tests/cptools/08_cppw-p/cppw.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw -p option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use cppw -p (cppw -p data/passwd)..." +cppw -p data/passwd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/08_cppw-p/data/passwd b/tests/cptools/08_cppw-p/data/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/09_cppw-g/config.txt b/tests/cptools/09_cppw-g/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/09_cppw-g/config/etc/group b/tests/cptools/09_cppw-g/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cptools/09_cppw-g/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cptools/09_cppw-g/config/etc/gshadow b/tests/cptools/09_cppw-g/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cptools/09_cppw-g/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cptools/09_cppw-g/config/etc/passwd b/tests/cptools/09_cppw-g/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/cptools/09_cppw-g/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/cptools/09_cppw-g/config/etc/shadow b/tests/cptools/09_cppw-g/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cptools/09_cppw-g/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cptools/09_cppw-g/cppw.test b/tests/cptools/09_cppw-g/cppw.test new file mode 100755 index 00000000..7ac6d16c --- /dev/null +++ b/tests/cptools/09_cppw-g/cppw.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw can copy the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use cppw -g (cppw -g data/group)..." +cppw -g data/group +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/09_cppw-g/data/group b/tests/cptools/09_cppw-g/data/group new file mode 100644 index 00000000..11b5c118 --- /dev/null +++ b/tests/cptools/09_cppw-g/data/group @@ -0,0 +1,39 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: diff --git a/tests/cptools/10_cppw-g-s/config.txt b/tests/cptools/10_cppw-g-s/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/10_cppw-g-s/config/etc/group b/tests/cptools/10_cppw-g-s/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cptools/10_cppw-g-s/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cptools/10_cppw-g-s/config/etc/gshadow b/tests/cptools/10_cppw-g-s/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cptools/10_cppw-g-s/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cptools/10_cppw-g-s/config/etc/passwd b/tests/cptools/10_cppw-g-s/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/cptools/10_cppw-g-s/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/cptools/10_cppw-g-s/config/etc/shadow b/tests/cptools/10_cppw-g-s/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cptools/10_cppw-g-s/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cptools/10_cppw-g-s/cppw.test b/tests/cptools/10_cppw-g-s/cppw.test new file mode 100755 index 00000000..602c34ac --- /dev/null +++ b/tests/cptools/10_cppw-g-s/cppw.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw can copy the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use cppw -g -s (cppw -g -s data/gshadow)..." +cppw -g -s data/gshadow +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/10_cppw-g-s/data/gshadow b/tests/cptools/10_cppw-g-s/data/gshadow new file mode 100644 index 00000000..93fc0558 --- /dev/null +++ b/tests/cptools/10_cppw-g-s/data/gshadow @@ -0,0 +1,39 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: diff --git a/tests/cptools/11_cppw-p-s/config.txt b/tests/cptools/11_cppw-p-s/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/11_cppw-p-s/config/etc/group b/tests/cptools/11_cppw-p-s/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/cptools/11_cppw-p-s/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/cptools/11_cppw-p-s/config/etc/gshadow b/tests/cptools/11_cppw-p-s/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/cptools/11_cppw-p-s/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/cptools/11_cppw-p-s/config/etc/passwd b/tests/cptools/11_cppw-p-s/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/cptools/11_cppw-p-s/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/cptools/11_cppw-p-s/config/etc/shadow b/tests/cptools/11_cppw-p-s/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/cptools/11_cppw-p-s/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cptools/11_cppw-p-s/cppw.test b/tests/cptools/11_cppw-p-s/cppw.test new file mode 100755 index 00000000..3c68f056 --- /dev/null +++ b/tests/cptools/11_cppw-p-s/cppw.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw can copy the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use cppw -p -s (cppw -p -s data/shadow)..." +cppw -p -s data/shadow +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/11_cppw-p-s/data/shadow b/tests/cptools/11_cppw-p-s/data/shadow new file mode 100644 index 00000000..62144232 --- /dev/null +++ b/tests/cptools/11_cppw-p-s/data/shadow @@ -0,0 +1,16 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config.txt b/tests/cptools/12_cppw-s_no_shadow_file/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/group b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/group new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/cptools/12_cppw-s_no_shadow_file/cppw.test b/tests/cptools/12_cppw-s_no_shadow_file/cppw.test new file mode 100755 index 00000000..a0c2095b --- /dev/null +++ b/tests/cptools/12_cppw-s_no_shadow_file/cppw.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "cppw can copy a shadow file even if there were no shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "done" + +echo -n "Use cppw (cppw -s data/shadow)..." +cppw -s data/shadow 2>tmp/cppw.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/cppw.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/cppw.err tmp/cppw.err +echo "usage message OK." +rm -f tmp/cppw.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err b/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err new file mode 100644 index 00000000..0c7d649e --- /dev/null +++ b/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err @@ -0,0 +1,2 @@ +cppw: /etc/shadow: No such file or directory +cppw: /etc/shadow is unchanged diff --git a/tests/cptools/12_cppw-s_no_shadow_file/data/shadow b/tests/cptools/12_cppw-s_no_shadow_file/data/shadow new file mode 100644 index 00000000..e69de29b diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test new file mode 100755 index 00000000..d5835170 --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 01_chpasswd/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow new file mode 100644 index 00000000..7607cc6e --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs new file mode 100644 index 00000000..98106ea6 --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +MD5_CRYPT_ENAB yes +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/01_chpasswd.test b/tests/crypt/login.defs_DES/01_chpasswd.test new file mode 100755 index 00000000..d5835170 --- /dev/null +++ b/tests/crypt/login.defs_DES/01_chpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 01_chpasswd/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/01_chpasswd/group b/tests/crypt/login.defs_DES/01_chpasswd/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/01_chpasswd/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/01_chpasswd/gshadow b/tests/crypt/login.defs_DES/01_chpasswd/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES/01_chpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/01_chpasswd/passwd b/tests/crypt/login.defs_DES/01_chpasswd/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/01_chpasswd/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/01_chpasswd/shadow b/tests/crypt/login.defs_DES/01_chpasswd/shadow new file mode 100644 index 00000000..7607cc6e --- /dev/null +++ b/tests/crypt/login.defs_DES/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test new file mode 100755 index 00000000..2ae3f3b0 --- /dev/null +++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd --crypt-method MD5 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow new file mode 100644 index 00000000..658661b3 --- /dev/null +++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_MD5 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test new file mode 100755 index 00000000..98488282 --- /dev/null +++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd --crypt-method DES +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 03_chpasswd--crypt-method-DES/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 03_chpasswd--crypt-method-DES/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 03_chpasswd--crypt-method-DES/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 03_chpasswd--crypt-method-DES/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow new file mode 100644 index 00000000..7607cc6e --- /dev/null +++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test new file mode 100755 index 00000000..4c4f18a1 --- /dev/null +++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd --crypt-method NONE +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow new file mode 100644 index 00000000..d2bde3be --- /dev/null +++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:test:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e.test b/tests/crypt/login.defs_DES/05_chpasswd-e.test new file mode 100755 index 00000000..fdac6ae0 --- /dev/null +++ b/tests/crypt/login.defs_DES/05_chpasswd-e.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 05_chpasswd-e/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 05_chpasswd-e/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 05_chpasswd-e/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 05_chpasswd-e/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/group b/tests/crypt/login.defs_DES/05_chpasswd-e/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/05_chpasswd-e/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow b/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/passwd b/tests/crypt/login.defs_DES/05_chpasswd-e/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/05_chpasswd-e/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/shadow b/tests/crypt/login.defs_DES/05_chpasswd-e/shadow new file mode 100644 index 00000000..d2bde3be --- /dev/null +++ b/tests/crypt/login.defs_DES/05_chpasswd-e/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:test:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m.test b/tests/crypt/login.defs_DES/06_chpasswd-m.test new file mode 100755 index 00000000..3428d895 --- /dev/null +++ b/tests/crypt/login.defs_DES/06_chpasswd-m.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd -m +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 06_chpasswd-m/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 06_chpasswd-m/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 06_chpasswd-m/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 06_chpasswd-m/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/group b/tests/crypt/login.defs_DES/06_chpasswd-m/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/06_chpasswd-m/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow b/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/passwd b/tests/crypt/login.defs_DES/06_chpasswd-m/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/06_chpasswd-m/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/shadow b/tests/crypt/login.defs_DES/06_chpasswd-m/shadow new file mode 100644 index 00000000..658661b3 --- /dev/null +++ b/tests/crypt/login.defs_DES/06_chpasswd-m/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_MD5 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/07_chgpasswd.test b/tests/crypt/login.defs_DES/07_chgpasswd.test new file mode 100755 index 00000000..5b7a0732 --- /dev/null +++ b/tests/crypt/login.defs_DES/07_chgpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group's password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's password..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 07_chgpasswd/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 07_chgpasswd/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 07_chgpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 07_chgpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/group b/tests/crypt/login.defs_DES/07_chgpasswd/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/07_chgpasswd/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/gshadow b/tests/crypt/login.defs_DES/07_chgpasswd/gshadow new file mode 100644 index 00000000..53dba5eb --- /dev/null +++ b/tests/crypt/login.defs_DES/07_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_DES test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/passwd b/tests/crypt/login.defs_DES/07_chgpasswd/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/07_chgpasswd/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/shadow b/tests/crypt/login.defs_DES/07_chgpasswd/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_DES/07_chgpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test new file mode 100755 index 00000000..405e8b23 --- /dev/null +++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group's password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's password..." +echo nogroup:test | chgpasswd --crypt-method MD5 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow new file mode 100644 index 00000000..a709bcbe --- /dev/null +++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_MD5 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test new file mode 100755 index 00000000..1553e003 --- /dev/null +++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group's password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's password..." +echo nogroup:test | chgpasswd --crypt-method DES +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow new file mode 100644 index 00000000..53dba5eb --- /dev/null +++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_DES test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test new file mode 100755 index 00000000..a010de22 --- /dev/null +++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group's password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's password..." +echo nogroup:test | chgpasswd --crypt-method NONE +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow new file mode 100644 index 00000000..a8f0af97 --- /dev/null +++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:test:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e.test b/tests/crypt/login.defs_DES/11_chgpasswd-e.test new file mode 100755 index 00000000..6b801c1f --- /dev/null +++ b/tests/crypt/login.defs_DES/11_chgpasswd-e.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nogroup:test | chgpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 11_chgpasswd-e/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 11_chgpasswd-e/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 11_chgpasswd-e/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 11_chgpasswd-e/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/group b/tests/crypt/login.defs_DES/11_chgpasswd-e/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow b/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow new file mode 100644 index 00000000..a8f0af97 --- /dev/null +++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:test:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd b/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow b/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m.test b/tests/crypt/login.defs_DES/12_chgpasswd-m.test new file mode 100755 index 00000000..f271cb09 --- /dev/null +++ b/tests/crypt/login.defs_DES/12_chgpasswd-m.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nogroup:test | chgpasswd -m +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 12_chgpasswd-m/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 12_chgpasswd-m/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 12_chgpasswd-m/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 12_chgpasswd-m/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/group b/tests/crypt/login.defs_DES/12_chgpasswd-m/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow b/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow new file mode 100644 index 00000000..a709bcbe --- /dev/null +++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_MD5 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd b/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow b/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_DES/config/etc/group b/tests/crypt/login.defs_DES/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_DES/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_DES/config/etc/gshadow b/tests/crypt/login.defs_DES/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_DES/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_DES/config/etc/login.defs b/tests/crypt/login.defs_DES/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/crypt/login.defs_DES/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_DES/config/etc/passwd b/tests/crypt/login.defs_DES/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_DES/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_DES/config/etc/shadow b/tests/crypt/login.defs_DES/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_DES/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_MD5/01_chpasswd.test b/tests/crypt/login.defs_MD5/01_chpasswd.test new file mode 100755 index 00000000..d5835170 --- /dev/null +++ b/tests/crypt/login.defs_MD5/01_chpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 01_chpasswd/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/group b/tests/crypt/login.defs_MD5/01_chpasswd/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_MD5/01_chpasswd/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/gshadow b/tests/crypt/login.defs_MD5/01_chpasswd/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_MD5/01_chpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/passwd b/tests/crypt/login.defs_MD5/01_chpasswd/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_MD5/01_chpasswd/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/shadow b/tests/crypt/login.defs_MD5/01_chpasswd/shadow new file mode 100644 index 00000000..658661b3 --- /dev/null +++ b/tests/crypt/login.defs_MD5/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_MD5 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd.test b/tests/crypt/login.defs_MD5/02_chgpasswd.test new file mode 100755 index 00000000..c102e890 --- /dev/null +++ b/tests/crypt/login.defs_MD5/02_chgpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "echo nogroup:test | chgpasswd..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 02_chgpasswd/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 02_chgpasswd/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 02_chgpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/group b/tests/crypt/login.defs_MD5/02_chgpasswd/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_MD5/02_chgpasswd/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow b/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow new file mode 100644 index 00000000..a709bcbe --- /dev/null +++ b/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_MD5 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/passwd b/tests/crypt/login.defs_MD5/02_chgpasswd/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_MD5/02_chgpasswd/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/shadow b/tests/crypt/login.defs_MD5/02_chgpasswd/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_MD5/02_chgpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_MD5/config/etc/group b/tests/crypt/login.defs_MD5/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_MD5/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_MD5/config/etc/gshadow b/tests/crypt/login.defs_MD5/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_MD5/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_MD5/config/etc/login.defs b/tests/crypt/login.defs_MD5/config/etc/login.defs new file mode 100644 index 00000000..c035580a --- /dev/null +++ b/tests/crypt/login.defs_MD5/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD MD5 +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_MD5/config/etc/passwd b/tests/crypt/login.defs_MD5/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_MD5/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_MD5/config/etc/shadow b/tests/crypt/login.defs_MD5/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_MD5/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test new file mode 100755 index 00000000..28ee58ff --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow new file mode 100644 index 00000000..658661b3 --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_MD5 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test new file mode 100755 index 00000000..a38a669c --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "echo nogroup:test | chgpasswd..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow new file mode 100644 index 00000000..a709bcbe --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_MD5 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs new file mode 100644 index 00000000..c214714d --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +MD5_CRYPT_ENAB yes +#ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test new file mode 100755 index 00000000..3c04e670 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the number of rounds..." +grep -q '^nobody:\$5\$rounds=7000\$' /etc/shadow || { + grep "^nobody:" /etc/shadow + exit 1 +} +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow new file mode 100644 index 00000000..e16a7b0c --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test new file mode 100755 index 00000000..51adcbe8 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "echo nogroup:test | chgpasswd..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow +echo "OK" +echo -n "Check the number of rounds..." +grep -q '^nogroup:\$5\$rounds=7000\$' /etc/gshadow || { + grep "^nogroup:" /etc/gshadow + exit 1 +} +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow new file mode 100644 index 00000000..f2355849 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA256 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/group b/tests/crypt/login.defs_SHA256-round-max/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs new file mode 100644 index 00000000..656950a4 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD SHA256 +#SHA_CRYPT_MIN_ROUNDS 2000 +SHA_CRYPT_MAX_ROUNDS 7000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test new file mode 100755 index 00000000..ba6d6f21 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test @@ -0,0 +1,64 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change an user's password with chpasswd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change user nobody's password (echo nobody:test | chpasswd)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the number of rounds..." +rounds1=$(sed -n 's/^nobody:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow) +echo -n "($rounds1)..." +if [ "$rounds1" -lt 3000 ] || [ "$rounds1" -gt 10000 ]; then + echo "Wrong rounds: $rounds1" + grep "^nobody:" /etc/shadow + exit 1 +fi +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +echo "" +echo "Make sure the number of rounds is not constant" + +echo -n " Change user nobody's password (echo nobody:test | chpasswd)..." +echo nobody:test | chpasswd +echo "OK" + +rounds2=$(sed -n 's/^nobody:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow) +if [ "$rounds1" = "$rounds2" ]; then + echo "The number of rounds did not change." + echo "It may not be a error, please re-run this test." + exit 1 +fi +echo -n "($rounds2)..." +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow new file mode 100644 index 00000000..e16a7b0c --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test new file mode 100755 index 00000000..f730d510 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test @@ -0,0 +1,64 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group's password with chgpasswd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group nogroup's password (echo nogroup:test | chgpasswd)..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow +echo "OK" +echo -n "Check the number of rounds..." +rounds1=$(sed -n 's/^nogroup:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/gshadow) +echo -n "($rounds1)..." +if [ "$rounds1" -lt 3000 ] || [ "$rounds1" -gt 10000 ]; then + echo "Wrong rounds: $rounds1" + grep "^nogroup:" /etc/gshadow + exit 1 +fi +echo "OK" + +echo "" +echo "Make sure the number of rounds is not constant" + +echo -n " Change group nogroup's password (echo nogroup:test | chgpasswd)..." +echo nogroup:test | chgpasswd +echo "OK" + +rounds2=$(sed -n 's/^nogroup:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/gshadow) +if [ "$rounds1" = "$rounds2" ]; then + echo "The number of rounds did not change." + echo "It may not be a error, please re-run this test." + exit 1 +fi +echo -n "($rounds2)..." +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow new file mode 100644 index 00000000..f2355849 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA256 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs new file mode 100644 index 00000000..639fb927 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD SHA256 +SHA_CRYPT_MIN_ROUNDS 3000 +SHA_CRYPT_MAX_ROUNDS 10000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test new file mode 100755 index 00000000..8a445e78 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the number of rounds..." +grep -q '^nobody:\$5\$rounds=2000\$' /etc/shadow || { + grep "^nobody:" /etc/shadow + exit 1 +} +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow new file mode 100644 index 00000000..e16a7b0c --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test new file mode 100755 index 00000000..bbbac5b6 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Changea group password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "echo nogroup:test | chgpasswd..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow +echo "OK" +echo -n "Check the number of rounds..." +grep -q '^nogroup:\$5\$rounds=2000\$' /etc/gshadow || { + grep "^nogroup:" /etc/gshadow + exit 1 +} +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow new file mode 100644 index 00000000..f2355849 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA256 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/group b/tests/crypt/login.defs_SHA256-round-min/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs new file mode 100644 index 00000000..b8087b2f --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD SHA256 +SHA_CRYPT_MIN_ROUNDS 2000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA256/01_chpasswd.test b/tests/crypt/login.defs_SHA256/01_chpasswd.test new file mode 100755 index 00000000..28ee58ff --- /dev/null +++ b/tests/crypt/login.defs_SHA256/01_chpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA256/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256/01_chpasswd/shadow new file mode 100644 index 00000000..e16a7b0c --- /dev/null +++ b/tests/crypt/login.defs_SHA256/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA256/02_chgpasswd.test b/tests/crypt/login.defs_SHA256/02_chgpasswd.test new file mode 100755 index 00000000..a38a669c --- /dev/null +++ b/tests/crypt/login.defs_SHA256/02_chgpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "echo nogroup:test | chgpasswd..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow new file mode 100644 index 00000000..f2355849 --- /dev/null +++ b/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA256 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA256/config/etc/group b/tests/crypt/login.defs_SHA256/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_SHA256/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_SHA256/config/etc/gshadow b/tests/crypt/login.defs_SHA256/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_SHA256/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA256/config/etc/login.defs b/tests/crypt/login.defs_SHA256/config/etc/login.defs new file mode 100644 index 00000000..80010010 --- /dev/null +++ b/tests/crypt/login.defs_SHA256/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD SHA256 +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_SHA256/config/etc/passwd b/tests/crypt/login.defs_SHA256/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_SHA256/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_SHA256/config/etc/shadow b/tests/crypt/login.defs_SHA256/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_SHA256/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA512/01_chpasswd.test b/tests/crypt/login.defs_SHA512/01_chpasswd.test new file mode 100755 index 00000000..28ee58ff --- /dev/null +++ b/tests/crypt/login.defs_SHA512/01_chpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA512/01_chpasswd/shadow b/tests/crypt/login.defs_SHA512/01_chpasswd/shadow new file mode 100644 index 00000000..58222032 --- /dev/null +++ b/tests/crypt/login.defs_SHA512/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_SHA512/02_chgpasswd.test b/tests/crypt/login.defs_SHA512/02_chgpasswd.test new file mode 100755 index 00000000..b7ac2884 --- /dev/null +++ b/tests/crypt/login.defs_SHA512/02_chgpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group's password with chgpasswd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "echo nogroup:test | chgpasswd..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow new file mode 100644 index 00000000..5c8c33ad --- /dev/null +++ b/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA512 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA512/config/etc/group b/tests/crypt/login.defs_SHA512/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_SHA512/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_SHA512/config/etc/gshadow b/tests/crypt/login.defs_SHA512/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_SHA512/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_SHA512/config/etc/login.defs b/tests/crypt/login.defs_SHA512/config/etc/login.defs new file mode 100644 index 00000000..76369b61 --- /dev/null +++ b/tests/crypt/login.defs_SHA512/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD SHA512 +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_SHA512/config/etc/passwd b/tests/crypt/login.defs_SHA512/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_SHA512/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_SHA512/config/etc/shadow b/tests/crypt/login.defs_SHA512/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_SHA512/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_none/01_chpasswd.test b/tests/crypt/login.defs_none/01_chpasswd.test new file mode 100755 index 00000000..28ee58ff --- /dev/null +++ b/tests/crypt/login.defs_none/01_chpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +echo nobody:test | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_none/01_chpasswd/shadow b/tests/crypt/login.defs_none/01_chpasswd/shadow new file mode 100644 index 00000000..7607cc6e --- /dev/null +++ b/tests/crypt/login.defs_none/01_chpasswd/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/crypt/login.defs_none/02_chgpasswd.test b/tests/crypt/login.defs_none/02_chgpasswd.test new file mode 100755 index 00000000..b7ac2884 --- /dev/null +++ b/tests/crypt/login.defs_none/02_chgpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change a group's password with chgpasswd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "echo nogroup:test | chgpasswd..." +echo nogroup:test | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/crypt/login.defs_none/02_chgpasswd/gshadow b/tests/crypt/login.defs_none/02_chgpasswd/gshadow new file mode 100644 index 00000000..53dba5eb --- /dev/null +++ b/tests/crypt/login.defs_none/02_chgpasswd/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_DES test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_none/config/etc/group b/tests/crypt/login.defs_none/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/crypt/login.defs_none/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/crypt/login.defs_none/config/etc/gshadow b/tests/crypt/login.defs_none/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/crypt/login.defs_none/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/crypt/login.defs_none/config/etc/login.defs b/tests/crypt/login.defs_none/config/etc/login.defs new file mode 100644 index 00000000..f1f0a572 --- /dev/null +++ b/tests/crypt/login.defs_none/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +#ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/crypt/login.defs_none/config/etc/passwd b/tests/crypt/login.defs_none/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/crypt/login.defs_none/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/crypt/login.defs_none/config/etc/shadow b/tests/crypt/login.defs_none/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/crypt/login.defs_none/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/debian/01/data/login_files b/tests/debian/01/data/login_files new file mode 100644 index 00000000..04f49744 --- /dev/null +++ b/tests/debian/01/data/login_files @@ -0,0 +1,296 @@ +/. +/bin +/bin/login +/bin/su +/etc +/etc/login.defs +/etc/pam.d +/etc/pam.d/login +/etc/pam.d/su +/etc/securetty +/usr +/usr/bin +/usr/bin/faillog +/usr/bin/lastlog +/usr/bin/newgrp +/usr/bin/sg +/usr/sbin +/usr/sbin/nologin +/usr/share +/usr/share/doc +/usr/share/doc/login +/usr/share/doc/login/NEWS.Debian.gz +/usr/share/doc/login/NEWS.gz +/usr/share/doc/login/README +/usr/share/doc/login/TODO.gz +/usr/share/doc/login/changelog.Debian.gz +/usr/share/doc/login/changelog.gz +/usr/share/doc/login/copyright +/usr/share/lintian +/usr/share/lintian/overrides +/usr/share/lintian/overrides/login +/usr/share/locale +/usr/share/locale/bs +/usr/share/locale/bs/LC_MESSAGES +/usr/share/locale/bs/LC_MESSAGES/shadow.mo +/usr/share/locale/ca +/usr/share/locale/ca/LC_MESSAGES +/usr/share/locale/ca/LC_MESSAGES/shadow.mo +/usr/share/locale/cs +/usr/share/locale/cs/LC_MESSAGES +/usr/share/locale/cs/LC_MESSAGES/shadow.mo +/usr/share/locale/da +/usr/share/locale/da/LC_MESSAGES +/usr/share/locale/da/LC_MESSAGES/shadow.mo +/usr/share/locale/de +/usr/share/locale/de/LC_MESSAGES +/usr/share/locale/de/LC_MESSAGES/shadow.mo +/usr/share/locale/dz +/usr/share/locale/dz/LC_MESSAGES +/usr/share/locale/dz/LC_MESSAGES/shadow.mo +/usr/share/locale/el +/usr/share/locale/el/LC_MESSAGES +/usr/share/locale/el/LC_MESSAGES/shadow.mo +/usr/share/locale/es +/usr/share/locale/es/LC_MESSAGES +/usr/share/locale/es/LC_MESSAGES/shadow.mo +/usr/share/locale/eu +/usr/share/locale/eu/LC_MESSAGES +/usr/share/locale/eu/LC_MESSAGES/shadow.mo +/usr/share/locale/fi +/usr/share/locale/fi/LC_MESSAGES +/usr/share/locale/fi/LC_MESSAGES/shadow.mo +/usr/share/locale/fr +/usr/share/locale/fr/LC_MESSAGES +/usr/share/locale/fr/LC_MESSAGES/shadow.mo +/usr/share/locale/gl +/usr/share/locale/gl/LC_MESSAGES +/usr/share/locale/gl/LC_MESSAGES/shadow.mo +/usr/share/locale/he +/usr/share/locale/he/LC_MESSAGES +/usr/share/locale/he/LC_MESSAGES/shadow.mo +/usr/share/locale/hu +/usr/share/locale/hu/LC_MESSAGES +/usr/share/locale/hu/LC_MESSAGES/shadow.mo +/usr/share/locale/id +/usr/share/locale/id/LC_MESSAGES +/usr/share/locale/id/LC_MESSAGES/shadow.mo +/usr/share/locale/it +/usr/share/locale/it/LC_MESSAGES +/usr/share/locale/it/LC_MESSAGES/shadow.mo +/usr/share/locale/ja +/usr/share/locale/ja/LC_MESSAGES +/usr/share/locale/ja/LC_MESSAGES/shadow.mo +/usr/share/locale/kk +/usr/share/locale/kk/LC_MESSAGES +/usr/share/locale/kk/LC_MESSAGES/shadow.mo +/usr/share/locale/km +/usr/share/locale/km/LC_MESSAGES +/usr/share/locale/km/LC_MESSAGES/shadow.mo +/usr/share/locale/ko +/usr/share/locale/ko/LC_MESSAGES +/usr/share/locale/ko/LC_MESSAGES/shadow.mo +/usr/share/locale/nb +/usr/share/locale/nb/LC_MESSAGES +/usr/share/locale/nb/LC_MESSAGES/shadow.mo +/usr/share/locale/ne +/usr/share/locale/ne/LC_MESSAGES +/usr/share/locale/ne/LC_MESSAGES/shadow.mo +/usr/share/locale/nl +/usr/share/locale/nl/LC_MESSAGES +/usr/share/locale/nl/LC_MESSAGES/shadow.mo +/usr/share/locale/nn +/usr/share/locale/nn/LC_MESSAGES +/usr/share/locale/nn/LC_MESSAGES/shadow.mo +/usr/share/locale/pl +/usr/share/locale/pl/LC_MESSAGES +/usr/share/locale/pl/LC_MESSAGES/shadow.mo +/usr/share/locale/pt +/usr/share/locale/pt/LC_MESSAGES +/usr/share/locale/pt/LC_MESSAGES/shadow.mo +/usr/share/locale/pt_BR +/usr/share/locale/pt_BR/LC_MESSAGES +/usr/share/locale/pt_BR/LC_MESSAGES/shadow.mo +/usr/share/locale/ro +/usr/share/locale/ro/LC_MESSAGES +/usr/share/locale/ro/LC_MESSAGES/shadow.mo +/usr/share/locale/ru +/usr/share/locale/ru/LC_MESSAGES +/usr/share/locale/ru/LC_MESSAGES/shadow.mo +/usr/share/locale/sk +/usr/share/locale/sk/LC_MESSAGES +/usr/share/locale/sk/LC_MESSAGES/shadow.mo +/usr/share/locale/sq +/usr/share/locale/sq/LC_MESSAGES +/usr/share/locale/sq/LC_MESSAGES/shadow.mo +/usr/share/locale/sv +/usr/share/locale/sv/LC_MESSAGES +/usr/share/locale/sv/LC_MESSAGES/shadow.mo +/usr/share/locale/tl +/usr/share/locale/tl/LC_MESSAGES +/usr/share/locale/tl/LC_MESSAGES/shadow.mo +/usr/share/locale/tr +/usr/share/locale/tr/LC_MESSAGES +/usr/share/locale/tr/LC_MESSAGES/shadow.mo +/usr/share/locale/uk +/usr/share/locale/uk/LC_MESSAGES +/usr/share/locale/uk/LC_MESSAGES/shadow.mo +/usr/share/locale/vi +/usr/share/locale/vi/LC_MESSAGES +/usr/share/locale/vi/LC_MESSAGES/shadow.mo +/usr/share/locale/zh_CN +/usr/share/locale/zh_CN/LC_MESSAGES +/usr/share/locale/zh_CN/LC_MESSAGES/shadow.mo +/usr/share/locale/zh_TW +/usr/share/locale/zh_TW/LC_MESSAGES +/usr/share/locale/zh_TW/LC_MESSAGES/shadow.mo +/usr/share/man +/usr/share/man/cs +/usr/share/man/cs/man1 +/usr/share/man/cs/man1/su.1.gz +/usr/share/man/cs/man5 +/usr/share/man/cs/man5/faillog.5.gz +/usr/share/man/cs/man8 +/usr/share/man/cs/man8/faillog.8.gz +/usr/share/man/cs/man8/lastlog.8.gz +/usr/share/man/cs/man8/nologin.8.gz +/usr/share/man/da +/usr/share/man/da/man1 +/usr/share/man/da/man1/newgrp.1.gz +/usr/share/man/da/man1/sg.1.gz +/usr/share/man/da/man8 +/usr/share/man/da/man8/nologin.8.gz +/usr/share/man/de +/usr/share/man/de/man1 +/usr/share/man/de/man1/login.1.gz +/usr/share/man/de/man1/newgrp.1.gz +/usr/share/man/de/man1/sg.1.gz +/usr/share/man/de/man1/su.1.gz +/usr/share/man/de/man5 +/usr/share/man/de/man5/faillog.5.gz +/usr/share/man/de/man5/login.defs.5.gz +/usr/share/man/de/man8 +/usr/share/man/de/man8/faillog.8.gz +/usr/share/man/de/man8/lastlog.8.gz +/usr/share/man/de/man8/nologin.8.gz +/usr/share/man/fi +/usr/share/man/fi/man1 +/usr/share/man/fi/man1/su.1.gz +/usr/share/man/fr +/usr/share/man/fr/man1 +/usr/share/man/fr/man1/login.1.gz +/usr/share/man/fr/man1/newgrp.1.gz +/usr/share/man/fr/man1/sg.1.gz +/usr/share/man/fr/man1/su.1.gz +/usr/share/man/fr/man5 +/usr/share/man/fr/man5/faillog.5.gz +/usr/share/man/fr/man5/login.defs.5.gz +/usr/share/man/fr/man8 +/usr/share/man/fr/man8/faillog.8.gz +/usr/share/man/fr/man8/lastlog.8.gz +/usr/share/man/fr/man8/nologin.8.gz +/usr/share/man/hu +/usr/share/man/hu/man1 +/usr/share/man/hu/man1/login.1.gz +/usr/share/man/hu/man1/newgrp.1.gz +/usr/share/man/hu/man1/sg.1.gz +/usr/share/man/hu/man1/su.1.gz +/usr/share/man/hu/man8 +/usr/share/man/hu/man8/lastlog.8.gz +/usr/share/man/id +/usr/share/man/id/man1 +/usr/share/man/id/man1/login.1.gz +/usr/share/man/it +/usr/share/man/it/man1 +/usr/share/man/it/man1/login.1.gz +/usr/share/man/it/man1/newgrp.1.gz +/usr/share/man/it/man1/sg.1.gz +/usr/share/man/it/man1/su.1.gz +/usr/share/man/it/man5 +/usr/share/man/it/man5/faillog.5.gz +/usr/share/man/it/man5/login.defs.5.gz +/usr/share/man/it/man8 +/usr/share/man/it/man8/faillog.8.gz +/usr/share/man/it/man8/lastlog.8.gz +/usr/share/man/it/man8/nologin.8.gz +/usr/share/man/ja +/usr/share/man/ja/man1 +/usr/share/man/ja/man1/login.1.gz +/usr/share/man/ja/man1/newgrp.1.gz +/usr/share/man/ja/man1/sg.1.gz +/usr/share/man/ja/man1/su.1.gz +/usr/share/man/ja/man5 +/usr/share/man/ja/man5/faillog.5.gz +/usr/share/man/ja/man5/login.defs.5.gz +/usr/share/man/ja/man8 +/usr/share/man/ja/man8/faillog.8.gz +/usr/share/man/ja/man8/lastlog.8.gz +/usr/share/man/ko +/usr/share/man/ko/man1 +/usr/share/man/ko/man1/login.1.gz +/usr/share/man/ko/man1/su.1.gz +/usr/share/man/man1 +/usr/share/man/man1/login.1.gz +/usr/share/man/man1/newgrp.1.gz +/usr/share/man/man1/sg.1.gz +/usr/share/man/man1/su.1.gz +/usr/share/man/man5 +/usr/share/man/man5/faillog.5.gz +/usr/share/man/man5/login.defs.5.gz +/usr/share/man/man8 +/usr/share/man/man8/faillog.8.gz +/usr/share/man/man8/lastlog.8.gz +/usr/share/man/man8/nologin.8.gz +/usr/share/man/pl +/usr/share/man/pl/man1 +/usr/share/man/pl/man1/newgrp.1.gz +/usr/share/man/pl/man1/sg.1.gz +/usr/share/man/pl/man5 +/usr/share/man/pl/man5/faillog.5.gz +/usr/share/man/pl/man8 +/usr/share/man/pl/man8/faillog.8.gz +/usr/share/man/pl/man8/lastlog.8.gz +/usr/share/man/ru +/usr/share/man/ru/man1 +/usr/share/man/ru/man1/login.1.gz +/usr/share/man/ru/man1/newgrp.1.gz +/usr/share/man/ru/man1/sg.1.gz +/usr/share/man/ru/man1/su.1.gz +/usr/share/man/ru/man5 +/usr/share/man/ru/man5/faillog.5.gz +/usr/share/man/ru/man5/login.defs.5.gz +/usr/share/man/ru/man8 +/usr/share/man/ru/man8/faillog.8.gz +/usr/share/man/ru/man8/lastlog.8.gz +/usr/share/man/ru/man8/nologin.8.gz +/usr/share/man/sv +/usr/share/man/sv/man1 +/usr/share/man/sv/man1/newgrp.1.gz +/usr/share/man/sv/man1/sg.1.gz +/usr/share/man/sv/man5 +/usr/share/man/sv/man5/faillog.5.gz +/usr/share/man/sv/man8 +/usr/share/man/sv/man8/faillog.8.gz +/usr/share/man/sv/man8/lastlog.8.gz +/usr/share/man/sv/man8/nologin.8.gz +/usr/share/man/tr +/usr/share/man/tr/man1 +/usr/share/man/tr/man1/login.1.gz +/usr/share/man/tr/man1/su.1.gz +/usr/share/man/zh_CN +/usr/share/man/zh_CN/man1 +/usr/share/man/zh_CN/man1/login.1.gz +/usr/share/man/zh_CN/man1/newgrp.1.gz +/usr/share/man/zh_CN/man1/sg.1.gz +/usr/share/man/zh_CN/man1/su.1.gz +/usr/share/man/zh_CN/man5 +/usr/share/man/zh_CN/man5/faillog.5.gz +/usr/share/man/zh_CN/man5/login.defs.5.gz +/usr/share/man/zh_CN/man8 +/usr/share/man/zh_CN/man8/faillog.8.gz +/usr/share/man/zh_CN/man8/lastlog.8.gz +/usr/share/man/zh_CN/man8/nologin.8.gz +/usr/share/man/zh_TW +/usr/share/man/zh_TW/man1 +/usr/share/man/zh_TW/man1/newgrp.1.gz +/usr/share/man/zh_TW/man1/su.1.gz diff --git a/tests/debian/01/data/passwd_files b/tests/debian/01/data/passwd_files new file mode 100644 index 00000000..78380f45 --- /dev/null +++ b/tests/debian/01/data/passwd_files @@ -0,0 +1,400 @@ +/. +/etc +/etc/cron.daily +/etc/cron.daily/passwd +/etc/default +/etc/default/useradd +/etc/pam.d +/etc/pam.d/chfn +/etc/pam.d/chpasswd +/etc/pam.d/chsh +/etc/pam.d/groupmems +/etc/pam.d/newusers +/etc/pam.d/passwd +/sbin +/sbin/shadowconfig +/usr +/usr/bin +/usr/bin/chage +/usr/bin/chfn +/usr/bin/chsh +/usr/bin/expiry +/usr/bin/gpasswd +/usr/bin/passwd +/usr/sbin +/usr/sbin/chgpasswd +/usr/sbin/chpasswd +/usr/sbin/cpgr +/usr/sbin/cppw +/usr/sbin/groupadd +/usr/sbin/groupdel +/usr/sbin/groupmems +/usr/sbin/groupmod +/usr/sbin/grpck +/usr/sbin/grpconv +/usr/sbin/grpunconv +/usr/sbin/newusers +/usr/sbin/pwck +/usr/sbin/pwconv +/usr/sbin/pwunconv +/usr/sbin/useradd +/usr/sbin/userdel +/usr/sbin/usermod +/usr/sbin/vigr +/usr/sbin/vipw +/usr/share +/usr/share/doc +/usr/share/doc/passwd +/usr/share/doc/passwd/NEWS.Debian.gz +/usr/share/doc/passwd/NEWS.gz +/usr/share/doc/passwd/README +/usr/share/doc/passwd/README.Debian +/usr/share/doc/passwd/TODO.gz +/usr/share/doc/passwd/changelog.Debian.gz +/usr/share/doc/passwd/changelog.gz +/usr/share/doc/passwd/copyright +/usr/share/doc/passwd/examples +/usr/share/doc/passwd/examples/passwd.expire.cron +/usr/share/lintian +/usr/share/lintian/overrides +/usr/share/lintian/overrides/passwd +/usr/share/man +/usr/share/man/cs +/usr/share/man/cs/man1 +/usr/share/man/cs/man1/expiry.1.gz +/usr/share/man/cs/man1/gpasswd.1.gz +/usr/share/man/cs/man5 +/usr/share/man/cs/man5/gshadow.5.gz +/usr/share/man/cs/man5/passwd.5.gz +/usr/share/man/cs/man5/shadow.5.gz +/usr/share/man/cs/man8 +/usr/share/man/cs/man8/groupadd.8.gz +/usr/share/man/cs/man8/groupdel.8.gz +/usr/share/man/cs/man8/groupmod.8.gz +/usr/share/man/cs/man8/grpck.8.gz +/usr/share/man/cs/man8/vipw.8.gz +/usr/share/man/da +/usr/share/man/da/man1 +/usr/share/man/da/man1/chfn.1.gz +/usr/share/man/da/man5 +/usr/share/man/da/man5/gshadow.5.gz +/usr/share/man/da/man8 +/usr/share/man/da/man8/groupdel.8.gz +/usr/share/man/da/man8/vigr.8.gz +/usr/share/man/da/man8/vipw.8.gz +/usr/share/man/de +/usr/share/man/de/man1 +/usr/share/man/de/man1/chage.1.gz +/usr/share/man/de/man1/chfn.1.gz +/usr/share/man/de/man1/chsh.1.gz +/usr/share/man/de/man1/expiry.1.gz +/usr/share/man/de/man1/gpasswd.1.gz +/usr/share/man/de/man1/passwd.1.gz +/usr/share/man/de/man5 +/usr/share/man/de/man5/gshadow.5.gz +/usr/share/man/de/man5/passwd.5.gz +/usr/share/man/de/man5/shadow.5.gz +/usr/share/man/de/man8 +/usr/share/man/de/man8/chpasswd.8.gz +/usr/share/man/de/man8/groupadd.8.gz +/usr/share/man/de/man8/groupdel.8.gz +/usr/share/man/de/man8/groupmems.8.gz +/usr/share/man/de/man8/groupmod.8.gz +/usr/share/man/de/man8/grpck.8.gz +/usr/share/man/de/man8/grpconv.8.gz +/usr/share/man/de/man8/grpunconv.8.gz +/usr/share/man/de/man8/newusers.8.gz +/usr/share/man/de/man8/pwck.8.gz +/usr/share/man/de/man8/pwconv.8.gz +/usr/share/man/de/man8/pwunconv.8.gz +/usr/share/man/de/man8/useradd.8.gz +/usr/share/man/de/man8/userdel.8.gz +/usr/share/man/de/man8/usermod.8.gz +/usr/share/man/de/man8/vigr.8.gz +/usr/share/man/de/man8/vipw.8.gz +/usr/share/man/fi +/usr/share/man/fi/man1 +/usr/share/man/fi/man1/chfn.1.gz +/usr/share/man/fi/man1/chsh.1.gz +/usr/share/man/fr +/usr/share/man/fr/man1 +/usr/share/man/fr/man1/chage.1.gz +/usr/share/man/fr/man1/chfn.1.gz +/usr/share/man/fr/man1/chsh.1.gz +/usr/share/man/fr/man1/expiry.1.gz +/usr/share/man/fr/man1/gpasswd.1.gz +/usr/share/man/fr/man1/passwd.1.gz +/usr/share/man/fr/man5 +/usr/share/man/fr/man5/gshadow.5.gz +/usr/share/man/fr/man5/passwd.5.gz +/usr/share/man/fr/man5/shadow.5.gz +/usr/share/man/fr/man5/subgid.5.gz +/usr/share/man/fr/man5/subuid.5.gz +/usr/share/man/fr/man8 +/usr/share/man/fr/man8/chpasswd.8.gz +/usr/share/man/fr/man8/groupadd.8.gz +/usr/share/man/fr/man8/groupdel.8.gz +/usr/share/man/fr/man8/groupmems.8.gz +/usr/share/man/fr/man8/groupmod.8.gz +/usr/share/man/fr/man8/grpck.8.gz +/usr/share/man/fr/man8/grpconv.8.gz +/usr/share/man/fr/man8/grpunconv.8.gz +/usr/share/man/fr/man8/newusers.8.gz +/usr/share/man/fr/man8/pwck.8.gz +/usr/share/man/fr/man8/pwconv.8.gz +/usr/share/man/fr/man8/pwunconv.8.gz +/usr/share/man/fr/man8/shadowconfig.8.gz +/usr/share/man/fr/man8/useradd.8.gz +/usr/share/man/fr/man8/userdel.8.gz +/usr/share/man/fr/man8/usermod.8.gz +/usr/share/man/fr/man8/vigr.8.gz +/usr/share/man/fr/man8/vipw.8.gz +/usr/share/man/hu +/usr/share/man/hu/man1 +/usr/share/man/hu/man1/chsh.1.gz +/usr/share/man/hu/man1/gpasswd.1.gz +/usr/share/man/hu/man1/passwd.1.gz +/usr/share/man/hu/man5 +/usr/share/man/hu/man5/passwd.5.gz +/usr/share/man/id +/usr/share/man/id/man1 +/usr/share/man/id/man1/chsh.1.gz +/usr/share/man/id/man8 +/usr/share/man/id/man8/useradd.8.gz +/usr/share/man/it +/usr/share/man/it/man1 +/usr/share/man/it/man1/chage.1.gz +/usr/share/man/it/man1/chfn.1.gz +/usr/share/man/it/man1/chsh.1.gz +/usr/share/man/it/man1/expiry.1.gz +/usr/share/man/it/man1/gpasswd.1.gz +/usr/share/man/it/man1/passwd.1.gz +/usr/share/man/it/man5 +/usr/share/man/it/man5/gshadow.5.gz +/usr/share/man/it/man5/passwd.5.gz +/usr/share/man/it/man5/shadow.5.gz +/usr/share/man/it/man8 +/usr/share/man/it/man8/chpasswd.8.gz +/usr/share/man/it/man8/groupadd.8.gz +/usr/share/man/it/man8/groupdel.8.gz +/usr/share/man/it/man8/groupmems.8.gz +/usr/share/man/it/man8/groupmod.8.gz +/usr/share/man/it/man8/grpck.8.gz +/usr/share/man/it/man8/grpconv.8.gz +/usr/share/man/it/man8/grpunconv.8.gz +/usr/share/man/it/man8/newusers.8.gz +/usr/share/man/it/man8/pwck.8.gz +/usr/share/man/it/man8/pwconv.8.gz +/usr/share/man/it/man8/pwunconv.8.gz +/usr/share/man/it/man8/useradd.8.gz +/usr/share/man/it/man8/userdel.8.gz +/usr/share/man/it/man8/usermod.8.gz +/usr/share/man/it/man8/vigr.8.gz +/usr/share/man/it/man8/vipw.8.gz +/usr/share/man/ja +/usr/share/man/ja/man1 +/usr/share/man/ja/man1/chage.1.gz +/usr/share/man/ja/man1/chfn.1.gz +/usr/share/man/ja/man1/chsh.1.gz +/usr/share/man/ja/man1/expiry.1.gz +/usr/share/man/ja/man1/gpasswd.1.gz +/usr/share/man/ja/man1/passwd.1.gz +/usr/share/man/ja/man5 +/usr/share/man/ja/man5/passwd.5.gz +/usr/share/man/ja/man5/shadow.5.gz +/usr/share/man/ja/man8 +/usr/share/man/ja/man8/chpasswd.8.gz +/usr/share/man/ja/man8/groupadd.8.gz +/usr/share/man/ja/man8/groupdel.8.gz +/usr/share/man/ja/man8/groupmod.8.gz +/usr/share/man/ja/man8/grpck.8.gz +/usr/share/man/ja/man8/grpconv.8.gz +/usr/share/man/ja/man8/grpunconv.8.gz +/usr/share/man/ja/man8/newusers.8.gz +/usr/share/man/ja/man8/pwck.8.gz +/usr/share/man/ja/man8/pwconv.8.gz +/usr/share/man/ja/man8/pwunconv.8.gz +/usr/share/man/ja/man8/shadowconfig.8.gz +/usr/share/man/ja/man8/useradd.8.gz +/usr/share/man/ja/man8/userdel.8.gz +/usr/share/man/ja/man8/usermod.8.gz +/usr/share/man/ja/man8/vigr.8.gz +/usr/share/man/ja/man8/vipw.8.gz +/usr/share/man/ko +/usr/share/man/ko/man1 +/usr/share/man/ko/man1/chfn.1.gz +/usr/share/man/ko/man1/chsh.1.gz +/usr/share/man/ko/man5 +/usr/share/man/ko/man5/passwd.5.gz +/usr/share/man/ko/man8 +/usr/share/man/ko/man8/vigr.8.gz +/usr/share/man/ko/man8/vipw.8.gz +/usr/share/man/man1 +/usr/share/man/man1/chage.1.gz +/usr/share/man/man1/chfn.1.gz +/usr/share/man/man1/chsh.1.gz +/usr/share/man/man1/expiry.1.gz +/usr/share/man/man1/gpasswd.1.gz +/usr/share/man/man1/passwd.1.gz +/usr/share/man/man5 +/usr/share/man/man5/gshadow.5.gz +/usr/share/man/man5/passwd.5.gz +/usr/share/man/man5/shadow.5.gz +/usr/share/man/man5/subgid.5.gz +/usr/share/man/man5/subuid.5.gz +/usr/share/man/man8 +/usr/share/man/man8/chgpasswd.8.gz +/usr/share/man/man8/chpasswd.8.gz +/usr/share/man/man8/cpgr.8.gz +/usr/share/man/man8/cppw.8.gz +/usr/share/man/man8/groupadd.8.gz +/usr/share/man/man8/groupdel.8.gz +/usr/share/man/man8/groupmems.8.gz +/usr/share/man/man8/groupmod.8.gz +/usr/share/man/man8/grpck.8.gz +/usr/share/man/man8/grpconv.8.gz +/usr/share/man/man8/grpunconv.8.gz +/usr/share/man/man8/newusers.8.gz +/usr/share/man/man8/pwck.8.gz +/usr/share/man/man8/pwconv.8.gz +/usr/share/man/man8/pwunconv.8.gz +/usr/share/man/man8/shadowconfig.8.gz +/usr/share/man/man8/useradd.8.gz +/usr/share/man/man8/userdel.8.gz +/usr/share/man/man8/usermod.8.gz +/usr/share/man/man8/vigr.8.gz +/usr/share/man/man8/vipw.8.gz +/usr/share/man/pl +/usr/share/man/pl/man1 +/usr/share/man/pl/man1/chage.1.gz +/usr/share/man/pl/man1/chsh.1.gz +/usr/share/man/pl/man1/expiry.1.gz +/usr/share/man/pl/man8 +/usr/share/man/pl/man8/groupadd.8.gz +/usr/share/man/pl/man8/groupdel.8.gz +/usr/share/man/pl/man8/groupmems.8.gz +/usr/share/man/pl/man8/groupmod.8.gz +/usr/share/man/pl/man8/grpck.8.gz +/usr/share/man/pl/man8/shadowconfig.8.gz +/usr/share/man/pl/man8/userdel.8.gz +/usr/share/man/pl/man8/usermod.8.gz +/usr/share/man/pl/man8/vigr.8.gz +/usr/share/man/pl/man8/vipw.8.gz +/usr/share/man/pt_BR +/usr/share/man/pt_BR/man1 +/usr/share/man/pt_BR/man1/gpasswd.1.gz +/usr/share/man/pt_BR/man5 +/usr/share/man/pt_BR/man5/passwd.5.gz +/usr/share/man/pt_BR/man5/shadow.5.gz +/usr/share/man/pt_BR/man8 +/usr/share/man/pt_BR/man8/groupadd.8.gz +/usr/share/man/pt_BR/man8/groupdel.8.gz +/usr/share/man/pt_BR/man8/groupmod.8.gz +/usr/share/man/ru +/usr/share/man/ru/man1 +/usr/share/man/ru/man1/chage.1.gz +/usr/share/man/ru/man1/chfn.1.gz +/usr/share/man/ru/man1/chsh.1.gz +/usr/share/man/ru/man1/expiry.1.gz +/usr/share/man/ru/man1/gpasswd.1.gz +/usr/share/man/ru/man1/passwd.1.gz +/usr/share/man/ru/man5 +/usr/share/man/ru/man5/gshadow.5.gz +/usr/share/man/ru/man5/passwd.5.gz +/usr/share/man/ru/man5/shadow.5.gz +/usr/share/man/ru/man8 +/usr/share/man/ru/man8/chpasswd.8.gz +/usr/share/man/ru/man8/groupadd.8.gz +/usr/share/man/ru/man8/groupdel.8.gz +/usr/share/man/ru/man8/groupmems.8.gz +/usr/share/man/ru/man8/groupmod.8.gz +/usr/share/man/ru/man8/grpck.8.gz +/usr/share/man/ru/man8/grpconv.8.gz +/usr/share/man/ru/man8/grpunconv.8.gz +/usr/share/man/ru/man8/newusers.8.gz +/usr/share/man/ru/man8/pwck.8.gz +/usr/share/man/ru/man8/pwconv.8.gz +/usr/share/man/ru/man8/pwunconv.8.gz +/usr/share/man/ru/man8/useradd.8.gz +/usr/share/man/ru/man8/userdel.8.gz +/usr/share/man/ru/man8/usermod.8.gz +/usr/share/man/ru/man8/vigr.8.gz +/usr/share/man/ru/man8/vipw.8.gz +/usr/share/man/sv +/usr/share/man/sv/man1 +/usr/share/man/sv/man1/chage.1.gz +/usr/share/man/sv/man1/chsh.1.gz +/usr/share/man/sv/man1/expiry.1.gz +/usr/share/man/sv/man1/passwd.1.gz +/usr/share/man/sv/man5 +/usr/share/man/sv/man5/gshadow.5.gz +/usr/share/man/sv/man5/passwd.5.gz +/usr/share/man/sv/man8 +/usr/share/man/sv/man8/groupadd.8.gz +/usr/share/man/sv/man8/groupdel.8.gz +/usr/share/man/sv/man8/groupmems.8.gz +/usr/share/man/sv/man8/groupmod.8.gz +/usr/share/man/sv/man8/grpck.8.gz +/usr/share/man/sv/man8/pwck.8.gz +/usr/share/man/sv/man8/userdel.8.gz +/usr/share/man/sv/man8/vigr.8.gz +/usr/share/man/sv/man8/vipw.8.gz +/usr/share/man/tr +/usr/share/man/tr/man1 +/usr/share/man/tr/man1/chage.1.gz +/usr/share/man/tr/man1/chfn.1.gz +/usr/share/man/tr/man1/passwd.1.gz +/usr/share/man/tr/man5 +/usr/share/man/tr/man5/passwd.5.gz +/usr/share/man/tr/man5/shadow.5.gz +/usr/share/man/tr/man8 +/usr/share/man/tr/man8/groupadd.8.gz +/usr/share/man/tr/man8/groupdel.8.gz +/usr/share/man/tr/man8/groupmod.8.gz +/usr/share/man/tr/man8/useradd.8.gz +/usr/share/man/tr/man8/userdel.8.gz +/usr/share/man/tr/man8/usermod.8.gz +/usr/share/man/zh_CN +/usr/share/man/zh_CN/man1 +/usr/share/man/zh_CN/man1/chage.1.gz +/usr/share/man/zh_CN/man1/chfn.1.gz +/usr/share/man/zh_CN/man1/chsh.1.gz +/usr/share/man/zh_CN/man1/expiry.1.gz +/usr/share/man/zh_CN/man1/gpasswd.1.gz +/usr/share/man/zh_CN/man1/passwd.1.gz +/usr/share/man/zh_CN/man5 +/usr/share/man/zh_CN/man5/gshadow.5.gz +/usr/share/man/zh_CN/man5/passwd.5.gz +/usr/share/man/zh_CN/man5/shadow.5.gz +/usr/share/man/zh_CN/man8 +/usr/share/man/zh_CN/man8/chpasswd.8.gz +/usr/share/man/zh_CN/man8/groupadd.8.gz +/usr/share/man/zh_CN/man8/groupdel.8.gz +/usr/share/man/zh_CN/man8/groupmems.8.gz +/usr/share/man/zh_CN/man8/groupmod.8.gz +/usr/share/man/zh_CN/man8/grpck.8.gz +/usr/share/man/zh_CN/man8/grpconv.8.gz +/usr/share/man/zh_CN/man8/grpunconv.8.gz +/usr/share/man/zh_CN/man8/newusers.8.gz +/usr/share/man/zh_CN/man8/pwck.8.gz +/usr/share/man/zh_CN/man8/pwconv.8.gz +/usr/share/man/zh_CN/man8/pwunconv.8.gz +/usr/share/man/zh_CN/man8/useradd.8.gz +/usr/share/man/zh_CN/man8/userdel.8.gz +/usr/share/man/zh_CN/man8/usermod.8.gz +/usr/share/man/zh_CN/man8/vigr.8.gz +/usr/share/man/zh_CN/man8/vipw.8.gz +/usr/share/man/zh_TW +/usr/share/man/zh_TW/man1 +/usr/share/man/zh_TW/man1/chfn.1.gz +/usr/share/man/zh_TW/man1/chsh.1.gz +/usr/share/man/zh_TW/man5 +/usr/share/man/zh_TW/man5/passwd.5.gz +/usr/share/man/zh_TW/man8 +/usr/share/man/zh_TW/man8/chpasswd.8.gz +/usr/share/man/zh_TW/man8/groupadd.8.gz +/usr/share/man/zh_TW/man8/groupdel.8.gz +/usr/share/man/zh_TW/man8/groupmod.8.gz +/usr/share/man/zh_TW/man8/useradd.8.gz +/usr/share/man/zh_TW/man8/userdel.8.gz +/usr/share/man/zh_TW/man8/usermod.8.gz diff --git a/tests/debian/01/run b/tests/debian/01/run new file mode 100755 index 00000000..6db7cf0e --- /dev/null +++ b/tests/debian/01/run @@ -0,0 +1,33 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +# The goal of this test is to check the distributed files (as debdiff) + +save() +{ + [ ! -d tmp ] && mkdir tmp +} + +restore() +{ + rm tmp/login_files tmp/passwd_files + rmdir tmp +} + +save + +trap 'restore' 0 + +dpkg -L login | sort > tmp/login_files +dpkg -L passwd | sort > tmp/passwd_files + +echo -n "Checking the login files..." +diff -u data/login_files tmp/login_files +echo "OK" +echo -n "Checking the passwd files..." +diff -u data/passwd_files tmp/passwd_files +echo OK + diff --git a/tests/debian/02/run b/tests/debian/02/run new file mode 100755 index 00000000..a305c370 --- /dev/null +++ b/tests/debian/02/run @@ -0,0 +1,28 @@ +#!/bin/sh + +# This test check if passwd or login provide files also distributed by +# another package. +# The goal is to detect new package for the Replaces or Conflicts fields, +# or to tighten these relationships. +# +# It supposes that we will at least Replaces/Conflicts on the i386 +# architecture. + +wget -c http://ftp2.fr.debian.org/debian/dists/unstable/Contents-i386.gz + +for pkg in login passwd + do + dpkg -L $pkg | sed -e 's/^\///' | + { + while read file + do + [ -f "/$file" ] && echo "^$file " + done + } > files + + echo "List of files that the $pkg package currently replaces:" + zgrep -E -f files Contents-i386.gz | grep -Ev " admin/(login|passwd)$" +done + +rm -f files Contents-i386.gz + diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/group b/tests/expiry/01_expiry_-c_no_expiry/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow b/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd b/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow b/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/01_expiry_-c_no_expiry/expiry.exp b/tests/expiry/01_expiry_-c_no_expiry/expiry.exp new file mode 100755 index 00000000..a24b624d --- /dev/null +++ b/tests/expiry/01_expiry_-c_no_expiry/expiry.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "expiry -c\r" +expect "# " +send "echo \$?\r" +expect "0" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/expiry/01_expiry_-c_no_expiry/expiry.test b/tests/expiry/01_expiry_-c_no_expiry/expiry.test new file mode 100755 index 00000000..68d65326 --- /dev/null +++ b/tests/expiry/01_expiry_-c_no_expiry/expiry.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry can verify that a password is not expired" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./expiry.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/group b/tests/expiry/02_expiry_-c_expired/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/02_expiry_-c_expired/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/gshadow b/tests/expiry/02_expiry_-c_expired/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/02_expiry_-c_expired/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/passwd b/tests/expiry/02_expiry_-c_expired/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/02_expiry_-c_expired/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/shadow b/tests/expiry/02_expiry_-c_expired/config/etc/shadow new file mode 100644 index 00000000..33d60bf1 --- /dev/null +++ b/tests/expiry/02_expiry_-c_expired/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/02_expiry_-c_expired/expiry.exp b/tests/expiry/02_expiry_-c_expired/expiry.exp new file mode 100755 index 00000000..a2dd1ba6 --- /dev/null +++ b/tests/expiry/02_expiry_-c_expired/expiry.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "expiry -c\r" +expect "# " +send "echo \$?\r" +expect "1" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/expiry/02_expiry_-c_expired/expiry.test b/tests/expiry/02_expiry_-c_expired/expiry.test new file mode 100755 index 00000000..68d65326 --- /dev/null +++ b/tests/expiry/02_expiry_-c_expired/expiry.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry can verify that a password is not expired" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./expiry.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/group b/tests/expiry/03_expiry_-f_expired/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/03_expiry_-f_expired/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/gshadow b/tests/expiry/03_expiry_-f_expired/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/03_expiry_-f_expired/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password b/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password new file mode 100644 index 00000000..cb8c7b71 --- /dev/null +++ b/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/passwd b/tests/expiry/03_expiry_-f_expired/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/03_expiry_-f_expired/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/shadow b/tests/expiry/03_expiry_-f_expired/config/etc/shadow new file mode 100644 index 00000000..33d60bf1 --- /dev/null +++ b/tests/expiry/03_expiry_-f_expired/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/03_expiry_-f_expired/data/shadow b/tests/expiry/03_expiry_-f_expired/data/shadow new file mode 100644 index 00000000..83da315f --- /dev/null +++ b/tests/expiry/03_expiry_-f_expired/data/shadow @@ -0,0 +1,20 @@ +root:@PASS_SHA512 password@:@TODAY@:0:1:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/03_expiry_-f_expired/expiry.exp b/tests/expiry/03_expiry_-f_expired/expiry.exp new file mode 100755 index 00000000..5f1b9606 --- /dev/null +++ b/tests/expiry/03_expiry_-f_expired/expiry.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "expiry -f\r" +expect "Your password has expired. Choose a new password." +expect "Enter new UNIX password: " +send "password\r" +expect "Retype new UNIX password: " +send "password\r" +expect "passwd: password updated successfully" +expect "# " +send "echo \$?\r" +expect "0" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/expiry/03_expiry_-f_expired/expiry.test b/tests/expiry/03_expiry_-f_expired/expiry.test new file mode 100755 index 00000000..252afb1b --- /dev/null +++ b/tests/expiry/03_expiry_-f_expired/expiry.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry can verify that a password is not expired" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./expiry.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/04_expiry_no_options/config/etc/group b/tests/expiry/04_expiry_no_options/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/04_expiry_no_options/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/04_expiry_no_options/config/etc/gshadow b/tests/expiry/04_expiry_no_options/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/04_expiry_no_options/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/04_expiry_no_options/config/etc/passwd b/tests/expiry/04_expiry_no_options/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/04_expiry_no_options/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/04_expiry_no_options/config/etc/shadow b/tests/expiry/04_expiry_no_options/config/etc/shadow new file mode 100644 index 00000000..33d60bf1 --- /dev/null +++ b/tests/expiry/04_expiry_no_options/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/04_expiry_no_options/data/usage.out b/tests/expiry/04_expiry_no_options/data/usage.out new file mode 100644 index 00000000..ab67c87b --- /dev/null +++ b/tests/expiry/04_expiry_no_options/data/usage.out @@ -0,0 +1,8 @@ +Usage: expiry [options] + +Options: + -c, --check check the user's password expiration + -f, --force force password change if the user's password + is expired + -h, --help display this help message and exit + diff --git a/tests/expiry/04_expiry_no_options/expiry.test b/tests/expiry/04_expiry_no_options/expiry.test new file mode 100755 index 00000000..02c6cbb0 --- /dev/null +++ b/tests/expiry/04_expiry_no_options/expiry.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry provides an Usage message if no options are given" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call expiry without any option (expiry)..." +expiry 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "expiry reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp new file mode 100755 index 00000000..a24b624d --- /dev/null +++ b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "expiry -c\r" +expect "# " +send "echo \$?\r" +expect "0" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test new file mode 100755 index 00000000..0251edd2 --- /dev/null +++ b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry can verify that a password is not expired" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +./expiry.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check that there are no shadow files..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..3789b9f3 --- /dev/null +++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp new file mode 100755 index 00000000..a24b624d --- /dev/null +++ b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "expiry -c\r" +expect "# " +send "echo \$?\r" +expect "0" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test new file mode 100755 index 00000000..68d65326 --- /dev/null +++ b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry can verify that a password is not expired" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./expiry.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/group b/tests/expiry/07_expiry_-c_expired_account/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow b/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd b/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow b/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow new file mode 100644 index 00000000..319082d8 --- /dev/null +++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::13000: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/07_expiry_-c_expired_account/expiry.exp b/tests/expiry/07_expiry_-c_expired_account/expiry.exp new file mode 100755 index 00000000..1f69e798 --- /dev/null +++ b/tests/expiry/07_expiry_-c_expired_account/expiry.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "expiry -c\r" +expect "# " +send "echo \$?\r" +expect "3" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/expiry/07_expiry_-c_expired_account/expiry.test b/tests/expiry/07_expiry_-c_expired_account/expiry.test new file mode 100755 index 00000000..68d65326 --- /dev/null +++ b/tests/expiry/07_expiry_-c_expired_account/expiry.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry can verify that a password is not expired" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./expiry.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow new file mode 100644 index 00000000..65489e74 --- /dev/null +++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:10:7:10:: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp new file mode 100755 index 00000000..9ad091fd --- /dev/null +++ b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "expiry -c\r" +expect "# " +send "echo \$?\r" +expect "2" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test new file mode 100755 index 00000000..68d65326 --- /dev/null +++ b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry can verify that a password is not expired" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./expiry.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow new file mode 100644 index 00000000..bf371c09 --- /dev/null +++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:9000:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp new file mode 100755 index 00000000..a24b624d --- /dev/null +++ b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "expiry -c\r" +expect "# " +send "echo \$?\r" +expect "0" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test new file mode 100755 index 00000000..68d65326 --- /dev/null +++ b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "expiry can verify that a password is not expired" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./expiry.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/10_expiry_bad_option/config/etc/group b/tests/expiry/10_expiry_bad_option/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/10_expiry_bad_option/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/10_expiry_bad_option/config/etc/gshadow b/tests/expiry/10_expiry_bad_option/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/10_expiry_bad_option/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/10_expiry_bad_option/config/etc/passwd b/tests/expiry/10_expiry_bad_option/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/10_expiry_bad_option/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/10_expiry_bad_option/config/etc/shadow b/tests/expiry/10_expiry_bad_option/config/etc/shadow new file mode 100644 index 00000000..33d60bf1 --- /dev/null +++ b/tests/expiry/10_expiry_bad_option/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/10_expiry_bad_option/data/usage.out b/tests/expiry/10_expiry_bad_option/data/usage.out new file mode 100644 index 00000000..c2d97166 --- /dev/null +++ b/tests/expiry/10_expiry_bad_option/data/usage.out @@ -0,0 +1,9 @@ +expiry: invalid option -- 'Z' +Usage: expiry [options] + +Options: + -c, --check check the user's password expiration + -f, --force force password change if the user's password + is expired + -h, --help display this help message and exit + diff --git a/tests/expiry/10_expiry_bad_option/expiry.test b/tests/expiry/10_expiry_bad_option/expiry.test new file mode 100755 index 00000000..bcbbb608 --- /dev/null +++ b/tests/expiry/10_expiry_bad_option/expiry.test @@ -0,0 +1,53 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh +log_start "$0" "expiry provides an Usage message if an invalid option is given" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call expiry with an invalid option (expiry -Z)..." +expiry -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "expiry reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/11_expiry_usage/config/etc/group b/tests/expiry/11_expiry_usage/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/11_expiry_usage/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/11_expiry_usage/config/etc/gshadow b/tests/expiry/11_expiry_usage/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/11_expiry_usage/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/11_expiry_usage/config/etc/passwd b/tests/expiry/11_expiry_usage/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/11_expiry_usage/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/11_expiry_usage/config/etc/shadow b/tests/expiry/11_expiry_usage/config/etc/shadow new file mode 100644 index 00000000..33d60bf1 --- /dev/null +++ b/tests/expiry/11_expiry_usage/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/11_expiry_usage/data/usage.out b/tests/expiry/11_expiry_usage/data/usage.out new file mode 100644 index 00000000..ab67c87b --- /dev/null +++ b/tests/expiry/11_expiry_usage/data/usage.out @@ -0,0 +1,8 @@ +Usage: expiry [options] + +Options: + -c, --check check the user's password expiration + -f, --force force password change if the user's password + is expired + -h, --help display this help message and exit + diff --git a/tests/expiry/11_expiry_usage/expiry.test b/tests/expiry/11_expiry_usage/expiry.test new file mode 100755 index 00000000..8aa7aafa --- /dev/null +++ b/tests/expiry/11_expiry_usage/expiry.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh +log_start "$0" "expiry can displayits usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get expiry usage message (expiry --help)..." +expiry --help >tmp/usage.out +echo "OK" + +echo "expiry reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/group b/tests/expiry/12_expiry_extra_arg/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/12_expiry_extra_arg/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/gshadow b/tests/expiry/12_expiry_extra_arg/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/12_expiry_extra_arg/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/passwd b/tests/expiry/12_expiry_extra_arg/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/12_expiry_extra_arg/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/shadow b/tests/expiry/12_expiry_extra_arg/config/etc/shadow new file mode 100644 index 00000000..33d60bf1 --- /dev/null +++ b/tests/expiry/12_expiry_extra_arg/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/12_expiry_extra_arg/data/usage.out b/tests/expiry/12_expiry_extra_arg/data/usage.out new file mode 100644 index 00000000..f250f48f --- /dev/null +++ b/tests/expiry/12_expiry_extra_arg/data/usage.out @@ -0,0 +1,9 @@ +expiry: unexpected argument: foo +Usage: expiry [options] + +Options: + -c, --check check the user's password expiration + -f, --force force password change if the user's password + is expired + -h, --help display this help message and exit + diff --git a/tests/expiry/12_expiry_extra_arg/expiry.test b/tests/expiry/12_expiry_extra_arg/expiry.test new file mode 100755 index 00000000..ea6fa08c --- /dev/null +++ b/tests/expiry/12_expiry_extra_arg/expiry.test @@ -0,0 +1,53 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh +log_start "$0" "expiry check that no argument remain onthecommand line" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call expiry with an extra argument (expiry -f foo)..." +expiry -f foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "expiry reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/group b/tests/expiry/13_expiry_usage-c-f/config/etc/group new file mode 100644 index 00000000..d1e687c3 --- /dev/null +++ b/tests/expiry/13_expiry_usage-c-f/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow b/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/passwd b/tests/expiry/13_expiry_usage-c-f/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/expiry/13_expiry_usage-c-f/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/shadow b/tests/expiry/13_expiry_usage-c-f/config/etc/shadow new file mode 100644 index 00000000..33d60bf1 --- /dev/null +++ b/tests/expiry/13_expiry_usage-c-f/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/expiry/13_expiry_usage-c-f/data/usage.out b/tests/expiry/13_expiry_usage-c-f/data/usage.out new file mode 100644 index 00000000..d0305e37 --- /dev/null +++ b/tests/expiry/13_expiry_usage-c-f/data/usage.out @@ -0,0 +1,9 @@ +expiry: options -c and -f conflict +Usage: expiry [options] + +Options: + -c, --check check the user's password expiration + -f, --force force password change if the user's password + is expired + -h, --help display this help message and exit + diff --git a/tests/expiry/13_expiry_usage-c-f/expiry.test b/tests/expiry/13_expiry_usage-c-f/expiry.test new file mode 100755 index 00000000..8a6a14a6 --- /dev/null +++ b/tests/expiry/13_expiry_usage-c-f/expiry.test @@ -0,0 +1,53 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh +log_start "$0" "expiry check that the -c and -f flags are not used at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call expiry with the -c and -f flags (expiry -f -c)..." +expiry -f -c 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "expiry reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test b/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test new file mode 100755 index 00000000..9ae1ff7f --- /dev/null +++ b/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chage report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0 + +change_config + +echo -n "Remove setgid flag on chage..." +chmod g-s /usr/bin/chage +echo "OK" + +echo -n "Change bin's shell (chage -I 12 bin)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chage -I 12 bin 2>tmp/chage.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Restore setgid flag on chage..." +chmod g+s /usr/bin/chage +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/chage.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chage.err tmp/chage.err +echo "error message OK." +rm -f tmp/chage.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt b/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err b/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err new file mode 100644 index 00000000..bdfd8e27 --- /dev/null +++ b/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +chage: cannot open /etc/passwd diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test b/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test new file mode 100755 index 00000000..23df6c61 --- /dev/null +++ b/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chage report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0 + +change_config + +echo -n "Remove setgid flag on chage..." +chmod g-s /usr/bin/chage +echo "OK" + +echo -n "Change bin's shell (chage -l bin)..." +LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/passwd chage -l bin 2>tmp/chage.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Restore setgid flag on chage..." +chmod g+s /usr/bin/chage +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/chage.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chage.err tmp/chage.err +echo "error message OK." +rm -f tmp/chage.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt b/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err b/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err new file mode 100644 index 00000000..38f69558 --- /dev/null +++ b/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 0 ... +chage: cannot open /etc/passwd diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test b/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test new file mode 100755 index 00000000..1469b782 --- /dev/null +++ b/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chage report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0 + +change_config + +echo -n "Remove setgid flag on chage..." +chmod g-s /usr/bin/chage +echo "OK" + +echo -n "Change bin's shell (chage -I 12 bin)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow chage -I 12 bin 2>tmp/chage.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Restore setgid flag on chage..." +chmod g+s /usr/bin/chage +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/chage.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chage.err tmp/chage.err +echo "error message OK." +rm -f tmp/chage.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt b/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err b/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err new file mode 100644 index 00000000..a814928d --- /dev/null +++ b/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 2 ... +chage: cannot open /etc/shadow diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test b/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test new file mode 100755 index 00000000..55a0a940 --- /dev/null +++ b/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chage report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0 + +change_config + +echo -n "Remove setgid flag on chage..." +chmod g-s /usr/bin/chage +echo "OK" + +echo -n "Change bin's shell (chage -l bin)..." +LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/shadow chage -l bin 2>tmp/chage.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Restore setgid flag on chage..." +chmod g+s /usr/bin/chage +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/chage.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chage.err tmp/chage.err +echo "error message OK." +rm -f tmp/chage.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt b/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err b/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err new file mode 100644 index 00000000..38aeca76 --- /dev/null +++ b/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 0 ... +chage: cannot open /etc/shadow diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/chage.test b/tests/failures/chage/05_chage_rename_shadow_failure/chage.test new file mode 100755 index 00000000..e5e406a3 --- /dev/null +++ b/tests/failures/chage/05_chage_rename_shadow_failure/chage.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chage report failures to write the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0 + +change_config + +echo -n "Remove setgid flag on chage..." +chmod g-s /usr/bin/chage +echo "OK" + +echo -n "Change bin's inactivity period (chage -I 12 bin)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow chage -I 12 bin 2>tmp/chage.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Restore setgid flag on chage..." +chmod g+s /usr/bin/chage +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/chage.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chage.err tmp/chage.err +echo "error message OK." +rm -f tmp/chage.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config.txt b/tests/failures/chage/05_chage_rename_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chage/05_chage_rename_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err b/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err new file mode 100644 index 00000000..963f430a --- /dev/null +++ b/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/shadow+ /etc/shadow +chage: failure while writing changes to /etc/shadow diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/chage.test b/tests/failures/chage/06_chage_rename_passwd_failure/chage.test new file mode 100755 index 00000000..bd272607 --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/chage.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chage report failures to write the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0 + +change_config + +echo -n "Remove setgid flag on chage..." +chmod g-s /usr/bin/chage +echo "OK" + +echo -n "Change bin's inactivity period (chage -I 12 bin)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chage -I 12 bin 2>tmp/chage.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Restore setgid flag on chage..." +chmod g+s /usr/bin/chage +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chage reported:" +echo "=======================================================================" +cat tmp/chage.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chage.err tmp/chage.err +echo "error message OK." +rm -f tmp/chage.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config.txt b/tests/failures/chage/06_chage_rename_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..88faec23 --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err b/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err new file mode 100644 index 00000000..188d7ddc --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +chage: failure while writing changes to /etc/passwd diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow b/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow new file mode 100644 index 00000000..d32d937b --- /dev/null +++ b/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bin:*:::::12:: diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test new file mode 100755 index 00000000..e0cedc93 --- /dev/null +++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chgpasswd -e)..." +echo 'nogroup:test +lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err new file mode 100644 index 00000000..572aa4a1 --- /dev/null +++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +chgpasswd: cannot open /etc/group diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test new file mode 100755 index 00000000..784ed0ab --- /dev/null +++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chgpasswd -e)..." +echo 'nogroup:test +lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err new file mode 100644 index 00000000..9db820be --- /dev/null +++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +chgpasswd: cannot open /etc/gshadow diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test new file mode 100755 index 00000000..7e8894ab --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd reports failure to write /etc/group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chgpasswd -e)..." +echo 'nogroup:test +lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group new file mode 100644 index 00000000..aa302376 --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:foo:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow new file mode 100644 index 00000000..1b92e482 --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow new file mode 100644 index 00000000..5ef6dfe8 --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err new file mode 100644 index 00000000..0fb48ade --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +chgpasswd: failure while writing changes to /etc/group diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow new file mode 100644 index 00000000..03d3b452 --- /dev/null +++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:test2:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test new file mode 100755 index 00000000..135f912f --- /dev/null +++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd reports failure to write /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chgpasswd -e)..." +echo 'nogroup:test +lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..ae5682ba --- /dev/null +++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..5ef6dfe8 --- /dev/null +++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err new file mode 100644 index 00000000..187a8ebb --- /dev/null +++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +chgpasswd: failure while writing changes to /etc/gshadow diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test new file mode 100755 index 00000000..e161ecf1 --- /dev/null +++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chpasswd -e)..." +echo 'nobody:test +lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chpasswd -e 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err new file mode 100644 index 00000000..e9e6282c --- /dev/null +++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +chpasswd: cannot open /etc/passwd diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test new file mode 100755 index 00000000..90060b9f --- /dev/null +++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chpasswd -e)..." +echo 'nobody:test +lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow chpasswd -e 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err new file mode 100644 index 00000000..11554c16 --- /dev/null +++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 2 ... +chpasswd: cannot open /etc/shadow diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test new file mode 100755 index 00000000..6bd8f602 --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd reports failure to write /etc/passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chpasswd -e)..." +echo 'nobody:test +lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chpasswd -e 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..ae5682ba --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..5ef6dfe8 --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err new file mode 100644 index 00000000..0d71e503 --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +chpasswd: failure while writing changes to /etc/passwd diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow new file mode 100644 index 00000000..08fa354c --- /dev/null +++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:test2:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test new file mode 100755 index 00000000..53fc3734 --- /dev/null +++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd reports failure to write /etc/shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chpasswd -e)..." +echo 'nobody:test +lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow chpasswd -e 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..ae5682ba --- /dev/null +++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..5ef6dfe8 --- /dev/null +++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err new file mode 100644 index 00000000..dbe7aeaf --- /dev/null +++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/shadow+ /etc/shadow +chpasswd: failure while writing changes to /etc/shadow diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test new file mode 100755 index 00000000..049ebb9a --- /dev/null +++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd disables aging when time is not set" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chpasswd -e)..." +echo 'nobody:test +lp:test2' | LD_PRELOAD=../../../common/time_0.so chpasswd -e 2>/dev/null +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow new file mode 100644 index 00000000..f7aa7c06 --- /dev/null +++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:test2::0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:test::0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test b/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test new file mode 100755 index 00000000..3e0e4a18 --- /dev/null +++ b/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chsh report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change bin's shell (chsh -s /bin/sh bin)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chsh -s /bin/sh bin 2>tmp/chsh.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/chsh.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chsh.err tmp/chsh.err +echo "error message OK." +rm -f tmp/chsh.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt b/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err b/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err new file mode 100644 index 00000000..0bf9b921 --- /dev/null +++ b/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +chsh: cannot open /etc/passwd diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test b/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test new file mode 100755 index 00000000..e2c5ecd1 --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chsh report failures to write the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change bin's shell (chsh -s /bin/sh bin)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chsh -s /bin/sh bin 2>tmp/chsh.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chsh reported:" +echo "=======================================================================" +cat tmp/chsh.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chsh.err tmp/chsh.err +echo "error message OK." +rm -f tmp/chsh.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt b/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err new file mode 100644 index 00000000..958bf316 --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +chsh: failure while writing changes to /etc/passwd diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow new file mode 100644 index 00000000..b678d835 --- /dev/null +++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow @@ -0,0 +1,20 @@ +root:*:@TODAY@:0:99999:7::: +daemon:*:@TODAY@:0:99999:7::: +bin:*:@TODAY@:0:99999:7::: +sys:*:@TODAY@:0:99999:7::: +sync:*:@TODAY@:0:99999:7::: +games:*:@TODAY@:0:99999:7::: +man:*:@TODAY@:0:99999:7::: +lp:*:@TODAY@:0:99999:7::: +mail:*:@TODAY@:0:99999:7::: +news:*:@TODAY@:0:99999:7::: +uucp:*:@TODAY@:0:99999:7::: +proxy:*:@TODAY@:0:99999:7::: +www-data:*:@TODAY@:0:99999:7::: +backup:*:@TODAY@:0:99999:7::: +list:*:@TODAY@:0:99999:7::: +irc:*:@TODAY@:0:99999:7::: +gnats:*:@TODAY@:0:99999:7::: +nobody:*:@TODAY@:0:99999:7::: +Debian-exim:*:@TODAY@:0:99999:7::: +foo:abc:@TODAY@:0:99999:7::: diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test b/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test new file mode 100755 index 00000000..57aa57b3 --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "cppw report failures when it cannot open the input passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Copy data/passwd (cppw data/passwd)..." +LD_PRELOAD=../../../common/fopen_failure.so FAILURE_PATH=data/passwd /usr/sbin/cppw data/passwd 2>tmp/cppw.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/cppw.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/cppw.err tmp/cppw.err +echo "error message OK." +rm -f tmp/cppw.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err new file mode 100644 index 00000000..3816592a --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err @@ -0,0 +1,3 @@ +fopen64 FAILURE data/passwd r ... +cppw: data/passwd: Input/output error +cppw: /etc/passwd is unchanged diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd new file mode 100644 index 00000000..e8e3c399 --- /dev/null +++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd @@ -0,0 +1,17 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test new file mode 100755 index 00000000..5ae4ef01 --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "cppw report failures when it cannot open the input passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Copy data/passwd (cppw data/passwd)..." +LD_PRELOAD=../../../common/fopen_failure.so FAILURE_PATH=/etc/passwd.new cppw data/passwd 2>tmp/cppw.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/cppw.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/cppw.err tmp/cppw.err +echo "error message OK." +rm -f tmp/cppw.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err new file mode 100644 index 00000000..78606fd5 --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err @@ -0,0 +1,3 @@ +fopen64 FAILURE /etc/passwd.new w ... +cppw: Couldn't make copy: Input/output error +cppw: /etc/passwd is unchanged diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd new file mode 100644 index 00000000..e8e3c399 --- /dev/null +++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd @@ -0,0 +1,17 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt b/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test b/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test new file mode 100755 index 00000000..2e809a7d --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "cppw report failures to write the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Copy data/passwd (cppw data/passwd)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd cppw data/passwd 2>tmp/cppw.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "cppw reported:" +echo "=======================================================================" +cat tmp/cppw.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/cppw.err tmp/cppw.err +echo "error message OK." +rm -f tmp/cppw.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err new file mode 100644 index 00000000..7e27e3e4 --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err @@ -0,0 +1,3 @@ +rename FAILURE /etc/passwd.new /etc/passwd +cppw: can't copy /etc/passwd.new: Input/output error) +cppw: /etc/passwd is unchanged diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd new file mode 100644 index 00000000..e8e3c399 --- /dev/null +++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd @@ -0,0 +1,17 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err new file mode 100644 index 00000000..b159e545 --- /dev/null +++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +gpasswd: cannot open /etc/group diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test b/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test new file mode 100755 index 00000000..a338a973 --- /dev/null +++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -M root foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err new file mode 100644 index 00000000..7d0a31a8 --- /dev/null +++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +gpasswd: cannot open /etc/gshadow diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test new file mode 100755 index 00000000..253afcf7 --- /dev/null +++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -M root foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err new file mode 100644 index 00000000..b159e545 --- /dev/null +++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +gpasswd: cannot open /etc/group diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test new file mode 100755 index 00000000..2b2e6639 --- /dev/null +++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -a root foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err new file mode 100644 index 00000000..b159e545 --- /dev/null +++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +gpasswd: cannot open /etc/group diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test new file mode 100755 index 00000000..b52772ee --- /dev/null +++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -d foo users)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -d foo users 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err new file mode 100644 index 00000000..b159e545 --- /dev/null +++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +gpasswd: cannot open /etc/group diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test new file mode 100755 index 00000000..2c34af48 --- /dev/null +++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -r foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -r foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err new file mode 100644 index 00000000..7d0a31a8 --- /dev/null +++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +gpasswd: cannot open /etc/gshadow diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test new file mode 100755 index 00000000..47c08e99 --- /dev/null +++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -R foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -R foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err new file mode 100644 index 00000000..7d0a31a8 --- /dev/null +++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +gpasswd: cannot open /etc/gshadow diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test new file mode 100755 index 00000000..84e92c1a --- /dev/null +++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -A root foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -A root foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err new file mode 100644 index 00000000..448b6b33 --- /dev/null +++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 0 ... +gpasswd: cannot open /etc/group diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test new file mode 100755 index 00000000..c4fc2a8f --- /dev/null +++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -M root foo)..." +LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/group gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err new file mode 100644 index 00000000..b407c779 --- /dev/null +++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 0 ... +gpasswd: cannot open /etc/gshadow diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test new file mode 100755 index 00000000..3093af9e --- /dev/null +++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -M root foo)..." +LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/gshadow gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err new file mode 100644 index 00000000..ad9669b6 --- /dev/null +++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +gpasswd: failure while writing changes to /etc/group diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test new file mode 100755 index 00000000..7b654ad3 --- /dev/null +++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot commit the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -a root foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err new file mode 100644 index 00000000..75f3e729 --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +gpasswd: failure while writing changes to /etc/gshadow diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group new file mode 100644 index 00000000..f7ef7ea1 --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:root diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test new file mode 100755 index 00000000..a7658f5f --- /dev/null +++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd report failures when it cannot commit the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (gpasswd -a root foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group new file mode 100644 index 00000000..6307e259 --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:103: diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err new file mode 100644 index 00000000..add9af0c --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +groupadd: failure while writing changes to /etc/gshadow diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test new file mode 100755 index 00000000..91147822 --- /dev/null +++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd report failures to save a new gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupadd foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt b/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err b/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err new file mode 100644 index 00000000..62e22053 --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +groupadd: failure while writing changes to /etc/group diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test b/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test new file mode 100755 index 00000000..6cfac741 --- /dev/null +++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd report failures to save a new group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupadd foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err new file mode 100644 index 00000000..820b1246 --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +groupadd: cannot open /etc/gshadow diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test new file mode 100755 index 00000000..c00a1e35 --- /dev/null +++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupadd foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt b/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err b/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err new file mode 100644 index 00000000..ec69296d --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +groupadd: cannot open /etc/group diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test b/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test new file mode 100755 index 00000000..a07a86af --- /dev/null +++ b/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupadd foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group new file mode 100644 index 00000000..c8c759e1 --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1002: diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err new file mode 100644 index 00000000..569464fe --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +groupdel: failure while writing changes to /etc/gshadow diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test new file mode 100755 index 00000000..5e4d8ad3 --- /dev/null +++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel report failures to save a new gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove group foo (groupdel foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt b/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group new file mode 100644 index 00000000..c8c759e1 --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1002: diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err b/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err new file mode 100644 index 00000000..b68ca556 --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +groupdel: failure while writing changes to /etc/group diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test b/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test new file mode 100755 index 00000000..0be68ebd --- /dev/null +++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel report failures to save a new group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove group foo (groupdel foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..c8c759e1 --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1002: diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err new file mode 100644 index 00000000..448878e0 --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +groupdel: cannot open /etc/gshadow diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test new file mode 100755 index 00000000..664ce9f2 --- /dev/null +++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove group foo (groupdel foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt b/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group new file mode 100644 index 00000000..c8c759e1 --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1002: diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err b/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err new file mode 100644 index 00000000..212e9a1c --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +groupdel: cannot open /etc/group diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test b/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test new file mode 100755 index 00000000..8a05da7f --- /dev/null +++ b/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove group foo (groupdel foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt b/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err b/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err new file mode 100644 index 00000000..1d13747d --- /dev/null +++ b/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +groupmems: cannot open /etc/group diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test b/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test new file mode 100755 index 00000000..7b772cfa --- /dev/null +++ b/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group 1001 (groupmems -g 1001 -a nobody)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupmems -g 1001 -a nobody 2>tmp/groupmems.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupmems reported:" +echo "=======================================================================" +cat tmp/groupmems.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmems.err tmp/groupmems.err +echo "error message OK." +rm -f tmp/groupmems.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err new file mode 100644 index 00000000..3e01ee17 --- /dev/null +++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +groupmems: cannot open /etc/gshadow diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test new file mode 100755 index 00000000..8be4d6ef --- /dev/null +++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group 1001 (groupmems -g 1001 -a nobody)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmems -g 1001 -a nobody 2>tmp/groupmems.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupmems reported:" +echo "=======================================================================" +cat tmp/groupmems.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmems.err tmp/groupmems.err +echo "error message OK." +rm -f tmp/groupmems.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group new file mode 100644 index 00000000..75815b99 --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err new file mode 100644 index 00000000..652104e3 --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +groupmod: failure while writing changes to /etc/gshadow diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test new file mode 100755 index 00000000..4b19ee80 --- /dev/null +++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the name of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar (groupmod -n bar foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group new file mode 100644 index 00000000..b51c3ad1 --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1001: diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err new file mode 100644 index 00000000..ee513122 --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +groupmod: failure while writing changes to /etc/passwd diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test new file mode 100755 index 00000000..7b38a603 --- /dev/null +++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod changes the primary group of users when it changes the GID of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err new file mode 100644 index 00000000..505d2d44 --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +groupmod: failure while writing changes to /etc/group diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test new file mode 100755 index 00000000..966ec7cf --- /dev/null +++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the name of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar (groupmod -n bar foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt b/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err b/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err new file mode 100644 index 00000000..f892b689 --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +groupmod: cannot open /etc/group diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test b/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test new file mode 100755 index 00000000..ec94d5eb --- /dev/null +++ b/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (groupmod -g 1001 foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err new file mode 100644 index 00000000..0aca92f5 --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +groupmod: cannot open /etc/gshadow diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test new file mode 100755 index 00000000..acf3248d --- /dev/null +++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (groupmod -n bar foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group new file mode 100644 index 00000000..b51c3ad1 --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1001: diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test new file mode 100755 index 00000000..c4d41de0 --- /dev/null +++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod does not need to open gshadow to change a gid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (groupmod -g 1001 foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmod -g 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd new file mode 100644 index 00000000..e396cfde --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +baz:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow new file mode 100644 index 00000000..8f6ebbd7 --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err b/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err new file mode 100644 index 00000000..f8a82d08 --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +groupmod: cannot open /etc/passwd diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test b/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test new file mode 100755 index 00000000..2bcc782c --- /dev/null +++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo (groupmod -g 1001 foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd new file mode 100644 index 00000000..e396cfde --- /dev/null +++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +baz:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow new file mode 100644 index 00000000..8f6ebbd7 --- /dev/null +++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test new file mode 100755 index 00000000..b8019857 --- /dev/null +++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod does not open the passwd file if not needed" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo with same gid (groupmod -g 1000 foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1000 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd new file mode 100644 index 00000000..e396cfde --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +baz:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow new file mode 100644 index 00000000..8f6ebbd7 --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group new file mode 100644 index 00000000..75815b99 --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow new file mode 100644 index 00000000..e814af09 --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test new file mode 100755 index 00000000..7480cf25 --- /dev/null +++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod does not open the passwd file if not needed" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change group foo to bar (groupmod -n bar foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -n bar foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt b/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err b/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err new file mode 100644 index 00000000..378a519f --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +grpck: cannot open /etc/group diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test b/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test new file mode 100755 index 00000000..288099eb --- /dev/null +++ b/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check groups (grpck)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpck 2>tmp/grpck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.err tmp/grpck.err +echo "error message OK." +rm -f tmp/grpck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config.txt b/tests/failures/grpck/02_grpck_group_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err b/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err new file mode 100644 index 00000000..c51c8a34 --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err @@ -0,0 +1,2 @@ +open FAILURE data/group 2 ... +grpck: cannot open data/group diff --git a/tests/failures/grpck/02_grpck_group_open_failure/grpck.test b/tests/failures/grpck/02_grpck_group_open_failure/grpck.test new file mode 100755 index 00000000..41fe2a2d --- /dev/null +++ b/tests/failures/grpck/02_grpck_group_open_failure/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check groups (grpck data/group)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/group grpck data/group 2>tmp/grpck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.err tmp/grpck.err +echo "error message OK." +rm -f tmp/grpck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err new file mode 100644 index 00000000..d15a190b --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +grpck: cannot open /etc/gshadow diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test new file mode 100755 index 00000000..1016fc5f --- /dev/null +++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck report failures when it cannot open the system gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check system groups (grpck)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow grpck 2>tmp/grpck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.err tmp/grpck.err +echo "error message OK." +rm -f tmp/grpck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt b/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err new file mode 100644 index 00000000..61aff8a9 --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err @@ -0,0 +1,2 @@ +open FAILURE data/gshadow 2 ... +grpck: cannot open data/gshadow diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test b/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test new file mode 100755 index 00000000..2510878c --- /dev/null +++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck report failures when it cannot open the local gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check local groups (grpck data/group data/gshadow)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/gshadow grpck data/group data/gshadow 2>tmp/grpck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.err tmp/grpck.err +echo "error message OK." +rm -f tmp/grpck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err b/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err new file mode 100644 index 00000000..5eecbfd7 --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +grpck: failure while writing changes to /etc/group diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test b/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test new file mode 100755 index 00000000..40f3ebca --- /dev/null +++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck reports failure to write /etc/group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort group (grpck -s)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpck -s 2>tmp/grpck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.err tmp/grpck.err +echo "error message OK." +rm -f tmp/grpck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group new file mode 100644 index 00000000..a9a2e4c3 --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo +nogroup:x:65534: diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err new file mode 100644 index 00000000..275d87f9 --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +grpck: failure while writing changes to /etc/gshadow diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test new file mode 100755 index 00000000..18f6979e --- /dev/null +++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpck reports failure to write /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort group (grpck -s)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow grpck -s 2>tmp/grpck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "grpck reported:" +echo "=======================================================================" +cat tmp/grpck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpck.err tmp/grpck.err +echo "error message OK." +rm -f tmp/grpck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt b/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err b/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err new file mode 100644 index 00000000..e02074e8 --- /dev/null +++ b/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +grpconv: cannot open /etc/group diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test b/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test new file mode 100755 index 00000000..3398314c --- /dev/null +++ b/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpconv report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the shadow file..." +rm -f /etc/shadow +echo "OK" + +echo -n "Disable shadow passwords (grpconv)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpconv 2>tmp/grpconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/grpconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpconv.err tmp/grpconv.err +echo "error message OK." +rm -f tmp/grpconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err new file mode 100644 index 00000000..101f3d54 --- /dev/null +++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +grpconv: cannot open /etc/gshadow diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test new file mode 100755 index 00000000..77d4161a --- /dev/null +++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpconv report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the gshadow file..." +rm -f /etc/gshadow +echo "OK" + +echo -n "Enable gshadow passwords (grpconv)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow grpconv 2>tmp/grpconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/grpconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpconv.err tmp/grpconv.err +echo "error message OK." +rm -f tmp/grpconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt b/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group new file mode 100644 index 00000000..5d68f692 --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group @@ -0,0 +1,42 @@ +root:*:0: +daemon:*:1: +bin:*:2: +sys:*:3: +adm:*:4: +tty:*:5: +disk:*:6: +lp:*:7: +mail:*:8: +news:*:9: +uucp:*:10: +man:*:12: +proxy:*:13: +kmem:*:15: +dialout:*:20: +fax:*:21: +voice:*:22: +cdrom:*:24: +floppy:*:25: +tape:*:26: +sudo:*:27: +audio:*:29: +dip:*:30: +www-data:*:33: +backup:*:34: +operator:*:37: +list:*:38: +irc:*:39: +src:*:40: +gnats:*:41: +shadow:*:42: +utmp:*:43: +video:*:44: +sasl:*:45: +plugdev:*:46: +staff:*:50: +games:*:60: +users:*:100: +nogroup:*:65534: +crontab:*:101: +Debian-exim:*:102: +foo:abc:1000: diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err new file mode 100644 index 00000000..c1a11714 --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +grpconv: failure while writing changes to /etc/group diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow new file mode 100644 index 00000000..372fb9ba --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:*:: +Debian-exim:*:: +foo:abc:: diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test b/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test new file mode 100755 index 00000000..2d22d15f --- /dev/null +++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpconv report failures to write the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the gshadow file..." +rm -f /etc/gshadow +echo "OK" + +echo -n "Enable gshadow passwords (grpconv)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpconv 2>tmp/grpconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/grpconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpconv.err tmp/grpconv.err +echo "error message OK." +rm -f tmp/grpconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err new file mode 100644 index 00000000..f4eee432 --- /dev/null +++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +grpconv: failure while writing changes to /etc/gshadow diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test new file mode 100755 index 00000000..0537ca4b --- /dev/null +++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpconv report failures to write the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the gshadow file..." +rm -f /etc/gshadow +echo "OK" + +echo -n "Enable gshadow passwords (grpconv)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow grpconv 2>tmp/grpconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "grpconv reported:" +echo "=======================================================================" +cat tmp/grpconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpconv.err tmp/grpconv.err +echo "error message OK." +rm -f tmp/grpconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err new file mode 100644 index 00000000..33ea6f3e --- /dev/null +++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +grpunconv: failure while writing changes to /etc/group diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test new file mode 100755 index 00000000..8b4e0148 --- /dev/null +++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpunconv reports failure to write /etc/group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable shadow passwords (grpunconv)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpunconv 2>tmp/grpunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/grpunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpunconv.err tmp/grpunconv.err +echo "error message OK." +rm -f tmp/grpunconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err b/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err new file mode 100644 index 00000000..fd1f2de0 --- /dev/null +++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +grpunconv: cannot open /etc/group diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test b/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test new file mode 100755 index 00000000..014788e9 --- /dev/null +++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpunconv report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable shadow passwords (grpunconv)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpunconv 2>tmp/grpunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/grpunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpunconv.err tmp/grpunconv.err +echo "error message OK." +rm -f tmp/grpunconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err new file mode 100644 index 00000000..cb80cfd8 --- /dev/null +++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 0 ... +grpunconv: cannot open /etc/gshadow diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test new file mode 100755 index 00000000..4516e065 --- /dev/null +++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpunconv report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable gshadow passwords (grpunconv)..." +LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/gshadow grpunconv 2>tmp/grpunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/grpunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpunconv.err tmp/grpunconv.err +echo "error message OK." +rm -f tmp/grpunconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group new file mode 100644 index 00000000..54d3da4b --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group @@ -0,0 +1,42 @@ +root:*:0: +daemon:*:1: +bin:*:2: +sys:*:3: +adm:*:4: +tty:*:5: +disk:*:6: +lp:*:7: +mail:*:8: +news:*:9: +uucp:*:10: +man:*:12: +proxy:*:13: +kmem:*:15: +dialout:*:20: +fax:*:21: +voice:*:22: +cdrom:*:24: +floppy:*:25: +tape:*:26: +sudo:*:27: +audio:*:29: +dip:*:30: +www-data:*:33: +backup:*:34: +operator:*:37: +list:*:38: +irc:*:39: +src:*:40: +gnats:*:41: +shadow:*:42: +utmp:*:43: +video:*:44: +sasl:*:45: +plugdev:*:46: +staff:*:50: +games:*:60: +users:*:100: +nogroup:*:65534: +crontab:x:101: +Debian-exim:x:102: +foo:*:1000: diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err new file mode 100644 index 00000000..84fa1244 --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err @@ -0,0 +1,2 @@ +unlink FAILURE /etc/gshadow +grpunconv: cannot delete /etc/gshadow diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test new file mode 100755 index 00000000..41027199 --- /dev/null +++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "grpunconv report failures when it cannot remove the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable shadow passwords (grpunconv)..." +LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/gshadow grpunconv 2>tmp/grpunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "grpunconv reported:" +echo "=======================================================================" +cat tmp/grpunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/grpunconv.err tmp/grpunconv.err +echo "error message OK." +rm -f tmp/grpunconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt b/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err new file mode 100644 index 00000000..b9a24a29 --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +newusers: cannot open /etc/passwd diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test b/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test new file mode 100755 index 00000000..25462a8a --- /dev/null +++ b/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (newusers foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt b/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err new file mode 100644 index 00000000..f46f22df --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 2 ... +newusers: cannot open /etc/shadow diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test b/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test new file mode 100755 index 00000000..b7fc584a --- /dev/null +++ b/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (newusers foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config.txt b/tests/failures/newusers/03_newusers_open_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err new file mode 100644 index 00000000..3ec4f2ff --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +newusers: cannot open /etc/group diff --git a/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/03_newusers_open_group_failure/newusers.test b/tests/failures/newusers/03_newusers_open_group_failure/newusers.test new file mode 100755 index 00000000..95e075d6 --- /dev/null +++ b/tests/failures/newusers/03_newusers_open_group_failure/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (newusers foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt b/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err new file mode 100644 index 00000000..e2a9ca06 --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +newusers: cannot open /etc/gshadow diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test b/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test new file mode 100755 index 00000000..6383079a --- /dev/null +++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (newusers foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt b/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err new file mode 100644 index 00000000..160bad7b --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +newusers: failure while writing changes to /etc/passwd diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test b/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test new file mode 100755 index 00000000..3fc30974 --- /dev/null +++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures to write the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo (newusers data/newusers.list)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt b/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..03a71779 --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err new file mode 100644 index 00000000..593b9aeb --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/shadow+ /etc/shadow +newusers: failure while writing changes to /etc/shadow diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd new file mode 100644 index 00000000..ce8e3c36 --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1001:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test b/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test new file mode 100755 index 00000000..aad005fd --- /dev/null +++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures to write the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo (newusers data/newusers.list)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config.txt b/tests/failures/newusers/07_newusers_rename_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd new file mode 100644 index 00000000..03a71779 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err new file mode 100644 index 00000000..2ac5e868 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +newusers: failure while writing changes to /etc/group diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd b/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd new file mode 100644 index 00000000..ce8e3c36 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1001:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow b/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow new file mode 100644 index 00000000..602bef59 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7::: diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test b/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test new file mode 100755 index 00000000..20a87711 --- /dev/null +++ b/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures to write the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo (newusers data/newusers.list)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..03a71779 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group new file mode 100644 index 00000000..e65d5b03 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err new file mode 100644 index 00000000..ca0738a8 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +newusers: failure while writing changes to /etc/gshadow diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd new file mode 100644 index 00000000..ce8e3c36 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1001:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow new file mode 100644 index 00000000..602bef59 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7::: diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test b/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test new file mode 100755 index 00000000..8a8560f9 --- /dev/null +++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures to write the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo (newusers data/newusers.list)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd new file mode 100644 index 00000000..03a71779 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd @@ -0,0 +1,19 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group new file mode 100644 index 00000000..e65d5b03 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err new file mode 100644 index 00000000..70bfcb59 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err @@ -0,0 +1,4 @@ +rename FAILURE /etc/nshadow /etc/shadow +newusers: (user foo) pam_chauthtok() failed, error: +Authentication token manipulation error +newusers: (line 1, user foo) password not changed diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd new file mode 100644 index 00000000..ce8e3c36 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1001:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test new file mode 100755 index 00000000..3ce542e5 --- /dev/null +++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers report failures to write the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo (newusers data/newusers.list)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/newusers/10_newusers_time_0/config.txt b/tests/failures/newusers/10_newusers_time_0/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd b/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/group b/tests/failures/newusers/10_newusers_time_0/config/etc/group new file mode 100644 index 00000000..beb7c879 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow b/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow new file mode 100644 index 00000000..55b8e959 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password b/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password new file mode 100644 index 00000000..cb8c7b71 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/passwd b/tests/failures/newusers/10_newusers_time_0/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/shadow b/tests/failures/newusers/10_newusers_time_0/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/newusers/10_newusers_time_0/data/group b/tests/failures/newusers/10_newusers_time_0/data/group new file mode 100644 index 00000000..dcabb322 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/failures/newusers/10_newusers_time_0/data/gshadow b/tests/failures/newusers/10_newusers_time_0/data/gshadow new file mode 100644 index 00000000..dc9f7f6b --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/failures/newusers/10_newusers_time_0/data/newusers.list b/tests/failures/newusers/10_newusers_time_0/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/10_newusers_time_0/data/passwd b/tests/failures/newusers/10_newusers_time_0/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/newusers/10_newusers_time_0/data/shadow b/tests/failures/newusers/10_newusers_time_0/data/shadow new file mode 100644 index 00000000..37df8e55 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA512 fooPass@::0:99999:7::: diff --git a/tests/failures/newusers/10_newusers_time_0/newusers.test b/tests/failures/newusers/10_newusers_time_0/newusers.test new file mode 100755 index 00000000..27d5ce91 --- /dev/null +++ b/tests/failures/newusers/10_newusers_time_0/newusers.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "newusers disables aging when time is not set" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo (newusers data/newusers.list)..." +LD_PRELOAD=../../../common/time_0.so newusers data/newusers.list 2>/dev/null +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err b/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err new file mode 100644 index 00000000..9839b9e4 --- /dev/null +++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +pwck: cannot open /etc/passwd diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test b/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test new file mode 100755 index 00000000..f28c4810 --- /dev/null +++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check user db (pwck)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwck 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt b/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err b/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err new file mode 100644 index 00000000..7ffd6494 --- /dev/null +++ b/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err @@ -0,0 +1,2 @@ +open FAILURE data/passwd 2 ... +pwck: cannot open data/passwd diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test b/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test new file mode 100755 index 00000000..e9dcc9b3 --- /dev/null +++ b/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check users (pwck data/passwd)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/passwd pwck data/passwd 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err b/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err new file mode 100644 index 00000000..ee7dde0a --- /dev/null +++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 2 ... +pwck: cannot open /etc/shadow diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test b/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test new file mode 100755 index 00000000..50336128 --- /dev/null +++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck report failures when it cannot open the system shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check system groups (pwck)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow pwck 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt b/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd b/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err b/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err new file mode 100644 index 00000000..bac9260b --- /dev/null +++ b/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err @@ -0,0 +1,2 @@ +open FAILURE data/shadow 2 ... +pwck: cannot open data/shadow diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test b/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test new file mode 100755 index 00000000..ef2b8992 --- /dev/null +++ b/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck report failures when it cannot open the local shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Check local groups (pwck data/group data/shadow)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/shadow pwck data/passwd data/shadow 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err new file mode 100644 index 00000000..3b474db8 --- /dev/null +++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +pwck: failure while writing changes to /etc/passwd diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test new file mode 100755 index 00000000..b02853ee --- /dev/null +++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck reports failure to write /etc/passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort passwd (pwck -s)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwck -s 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd new file mode 100644 index 00000000..2be1ed69 --- /dev/null +++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err new file mode 100644 index 00000000..3d6e8cba --- /dev/null +++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/shadow+ /etc/shadow +pwck: failure while writing changes to /etc/shadow diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test new file mode 100755 index 00000000..0b780e47 --- /dev/null +++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck reports failure to write /etc/shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Sort group (pwck -s)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow pwck -s 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err new file mode 100644 index 00000000..c66b0e33 --- /dev/null +++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err @@ -0,0 +1,2 @@ +rename FAILURE tmp/passwd+ tmp/passwd +pwck: failure while writing changes to tmp/passwd diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test new file mode 100755 index 00000000..721734ea --- /dev/null +++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck reports failure to write a passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +cp data/passwd tmp/ + +echo -n "Sort passwd (pwck -s tmp/passwd)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=tmp/passwd pwck -s tmp/passwd 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +diff -au data/passwd tmp/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +rm -f tmp/passwd tmp/passwd+ tmp/passwd- + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out new file mode 100644 index 00000000..2be1ed69 --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err new file mode 100644 index 00000000..4b1415b9 --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err @@ -0,0 +1,2 @@ +rename FAILURE tmp/shadow+ tmp/shadow +pwck: failure while writing changes to tmp/shadow diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test new file mode 100755 index 00000000..435aa53e --- /dev/null +++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwck reports failure to write a shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +cp data/passwd data/shadow tmp/ + +echo -n "Sort group (pwck -s tmp/passwd tmp/shadow)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=tmp/shadow pwck -s tmp/passwd tmp/shadow 2>tmp/pwck.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "5" +echo "OK" + +echo "pwck reported:" +echo "=======================================================================" +cat tmp/pwck.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwck.err tmp/pwck.err +echo "error message OK." +rm -f tmp/pwck.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +diff -au data/passwd.out tmp/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +diff -au data/shadow tmp/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow+ tmp/shadow- + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt new file mode 100644 index 00000000..01189bd6 --- /dev/null +++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt @@ -0,0 +1,2 @@ +user foo +group foo with typo in group diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd new file mode 100644 index 00000000..3030f9eb --- /dev/null +++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd @@ -0,0 +1,12 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +foo:x:1000:1000::/home:/bin/sh +bar:x:1001:1000::/home:/bin/sh diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow new file mode 100644 index 00000000..d3c0775b --- /dev/null +++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow @@ -0,0 +1,11 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow new file mode 100644 index 00000000..053ac3f9 --- /dev/null +++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow @@ -0,0 +1,12 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bar:x::0:99999:7::: diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp new file mode 100755 index 00000000..02e67985 --- /dev/null +++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "LD_PRELOAD=../../../common/time_0.so pwck\r" +expect "no matching password file entry in /etc/shadow" +expect "add user 'bar' in /etc/shadow? " +send "yes\r" +expect "pwck: the files have been updated" +expect "# " +send "echo \$?\r" +expect "2" +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test new file mode 100755 index 00000000..e4731968 --- /dev/null +++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "If time is 0, pwck creates shadow entry with no last password change date" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./pwck.exp + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err b/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err new file mode 100644 index 00000000..d26864f9 --- /dev/null +++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +pwconv: cannot open /etc/passwd diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test b/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test new file mode 100755 index 00000000..cb14e0bf --- /dev/null +++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwconv report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the shadow file..." +rm -f /etc/shadow +echo "OK" + +echo -n "Enable shadow passwords (pwconv)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwconv 2>tmp/pwconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/pwconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwconv.err tmp/pwconv.err +echo "error message OK." +rm -f tmp/pwconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err b/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err new file mode 100644 index 00000000..77274505 --- /dev/null +++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 2 ... +pwconv: cannot open /etc/shadow diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test b/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test new file mode 100755 index 00000000..031a72cb --- /dev/null +++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwconv report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the shadow file..." +rm -f /etc/shadow +echo "OK" + +echo -n "Enable shadow passwords (pwconv)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow pwconv 2>tmp/pwconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/pwconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwconv.err tmp/pwconv.err +echo "error message OK." +rm -f tmp/pwconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err new file mode 100644 index 00000000..b8177df5 --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +pwconv: failure while writing changes to /etc/passwd diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow new file mode 100644 index 00000000..b678d835 --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow @@ -0,0 +1,20 @@ +root:*:@TODAY@:0:99999:7::: +daemon:*:@TODAY@:0:99999:7::: +bin:*:@TODAY@:0:99999:7::: +sys:*:@TODAY@:0:99999:7::: +sync:*:@TODAY@:0:99999:7::: +games:*:@TODAY@:0:99999:7::: +man:*:@TODAY@:0:99999:7::: +lp:*:@TODAY@:0:99999:7::: +mail:*:@TODAY@:0:99999:7::: +news:*:@TODAY@:0:99999:7::: +uucp:*:@TODAY@:0:99999:7::: +proxy:*:@TODAY@:0:99999:7::: +www-data:*:@TODAY@:0:99999:7::: +backup:*:@TODAY@:0:99999:7::: +list:*:@TODAY@:0:99999:7::: +irc:*:@TODAY@:0:99999:7::: +gnats:*:@TODAY@:0:99999:7::: +nobody:*:@TODAY@:0:99999:7::: +Debian-exim:*:@TODAY@:0:99999:7::: +foo:abc:@TODAY@:0:99999:7::: diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test new file mode 100755 index 00000000..44f23072 --- /dev/null +++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwconv report failures to write the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the shadow file..." +rm -f /etc/shadow +echo "OK" + +echo -n "Enable shadow passwords (pwconv)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwconv 2>tmp/pwconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/pwconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwconv.err tmp/pwconv.err +echo "error message OK." +rm -f tmp/pwconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err new file mode 100644 index 00000000..cf5ddf30 --- /dev/null +++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/shadow+ /etc/shadow +pwconv: failure while writing changes to /etc/shadow diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test new file mode 100755 index 00000000..589ed3e9 --- /dev/null +++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwconv report failures to write the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the shadow file..." +rm -f /etc/shadow +echo "OK" + +echo -n "Enable shadow passwords (pwconv)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow pwconv 2>tmp/pwconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwconv reported:" +echo "=======================================================================" +cat tmp/pwconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwconv.err tmp/pwconv.err +echo "error message OK." +rm -f tmp/pwconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwconv/05_pwconv_time_0/config.txt b/tests/failures/pwconv/05_pwconv_time_0/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/failures/pwconv/05_pwconv_time_0/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/group b/tests/failures/pwconv/05_pwconv_time_0/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow b/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd b/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd new file mode 100644 index 00000000..8656be41 --- /dev/null +++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd @@ -0,0 +1,20 @@ +root:*:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:*:102:102::/var/spool/exim4:/bin/false +foo:abc:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow b/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwconv/05_pwconv_time_0/data/passwd b/tests/failures/pwconv/05_pwconv_time_0/data/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/pwconv/05_pwconv_time_0/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwconv/05_pwconv_time_0/data/shadow b/tests/failures/pwconv/05_pwconv_time_0/data/shadow new file mode 100644 index 00000000..a3b7cff7 --- /dev/null +++ b/tests/failures/pwconv/05_pwconv_time_0/data/shadow @@ -0,0 +1,20 @@ +root:*::0:99999:7::: +daemon:*::0:99999:7::: +bin:*::0:99999:7::: +sys:*::0:99999:7::: +sync:*::0:99999:7::: +games:*::0:99999:7::: +man:*::0:99999:7::: +lp:*::0:99999:7::: +mail:*::0:99999:7::: +news:*::0:99999:7::: +uucp:*::0:99999:7::: +proxy:*::0:99999:7::: +www-data:*::0:99999:7::: +backup:*::0:99999:7::: +list:*::0:99999:7::: +irc:*::0:99999:7::: +gnats:*::0:99999:7::: +nobody:*::0:99999:7::: +Debian-exim:*::0:99999:7::: +foo:abc::0:99999:7::: diff --git a/tests/failures/pwconv/05_pwconv_time_0/pwconv.test b/tests/failures/pwconv/05_pwconv_time_0/pwconv.test new file mode 100755 index 00000000..5c9a6503 --- /dev/null +++ b/tests/failures/pwconv/05_pwconv_time_0/pwconv.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwconv disables aging when time is not set" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Convert to shadow (pwconv)..." +LD_PRELOAD=../../../common/time_0.so pwconv 2>/dev/null +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err new file mode 100644 index 00000000..a1368c94 --- /dev/null +++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +pwunconv: failure while writing changes to /etc/passwd diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test new file mode 100755 index 00000000..3f1d3121 --- /dev/null +++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwunconv reports failure to write /etc/passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable shadow passwords (pwunconv)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwunconv 2>tmp/pwunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/pwunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwunconv.err tmp/pwunconv.err +echo "error message OK." +rm -f tmp/pwunconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err new file mode 100644 index 00000000..44cd4fa6 --- /dev/null +++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +pwunconv: cannot open /etc/passwd diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test new file mode 100755 index 00000000..8212cf23 --- /dev/null +++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwunconv report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable shadow passwords (pwunconv)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwunconv 2>tmp/pwunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/pwunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwunconv.err tmp/pwunconv.err +echo "error message OK." +rm -f tmp/pwunconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err new file mode 100644 index 00000000..a61ba357 --- /dev/null +++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 0 ... +pwunconv: cannot open /etc/shadow diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test new file mode 100755 index 00000000..0c8f79fa --- /dev/null +++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwunconv report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable shadow passwords (pwunconv)..." +LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/shadow pwunconv 2>tmp/pwunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/pwunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwunconv.err tmp/pwunconv.err +echo "error message OK." +rm -f tmp/pwunconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd new file mode 100644 index 00000000..3416c55b --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash +daemon:*:1:1:daemon:/usr/sbin:/bin/sh +bin:*:2:2:bin:/bin:/bin/sh +sys:*:3:3:sys:/dev:/bin/sh +sync:*:4:65534:sync:/bin:/bin/sync +games:*:5:60:games:/usr/games:/bin/sh +man:*:6:12:man:/var/cache/man:/bin/sh +lp:*:7:7:lp:/var/spool/lpd:/bin/sh +mail:*:8:8:mail:/var/mail:/bin/sh +news:*:9:9:news:/var/spool/news:/bin/sh +uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:*:13:13:proxy:/bin:/bin/sh +www-data:*:33:33:www-data:/var/www:/bin/sh +backup:*:34:34:backup:/var/backups:/bin/sh +list:*:38:38:Mailing List Manager:/var/list:/bin/sh +irc:*:39:39:ircd:/var/run/ircd:/bin/sh +gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:*:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:!:102:102::/var/spool/exim4:/bin/false +foo:!:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err new file mode 100644 index 00000000..a8ecf491 --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err @@ -0,0 +1,2 @@ +unlink FAILURE /etc/shadow +pwunconv: cannot delete /etc/shadow diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test new file mode 100755 index 00000000..045719f6 --- /dev/null +++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "pwunconv report failures when it cannot remove the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable shadow passwords (pwunconv)..." +LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/shadow pwunconv 2>tmp/pwunconv.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "pwunconv reported:" +echo "=======================================================================" +cat tmp/pwunconv.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/pwunconv.err tmp/pwunconv.err +echo "error message OK." +rm -f tmp/pwunconv.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt b/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err b/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err new file mode 100644 index 00000000..0a3ce8c7 --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +useradd: cannot open /etc/passwd diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test b/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test new file mode 100755 index 00000000..930d5656 --- /dev/null +++ b/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (useradd foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt b/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err b/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err new file mode 100644 index 00000000..8d691d19 --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 2 ... +useradd: cannot open /etc/shadow diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test b/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test new file mode 100755 index 00000000..0c3d7fc3 --- /dev/null +++ b/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (useradd foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config.txt b/tests/failures/useradd/03_useradd_open_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err b/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err new file mode 100644 index 00000000..59a33bef --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +useradd: cannot open /etc/group diff --git a/tests/failures/useradd/03_useradd_open_group_failure/useradd.test b/tests/failures/useradd/03_useradd_open_group_failure/useradd.test new file mode 100755 index 00000000..b99d914e --- /dev/null +++ b/tests/failures/useradd/03_useradd_open_group_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (useradd foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt b/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err b/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err new file mode 100644 index 00000000..3e642794 --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +useradd: cannot open /etc/gshadow diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test b/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test new file mode 100755 index 00000000..5ab5eac4 --- /dev/null +++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (useradd foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt b/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err b/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err new file mode 100644 index 00000000..6d25d1de --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +useradd: failure while writing changes to /etc/passwd diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test b/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test new file mode 100755 index 00000000..2428ed06 --- /dev/null +++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports failure to write /etc/passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (useradd foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt b/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err new file mode 100644 index 00000000..49e06ab7 --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/shadow+ /etc/shadow +useradd: failure while writing changes to /etc/shadow diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test b/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test new file mode 100755 index 00000000..50ec15f3 --- /dev/null +++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports failure to write /etc/shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (useradd foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config.txt b/tests/failures/useradd/07_useradd_rename_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd b/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow b/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err b/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err new file mode 100644 index 00000000..75a035e2 --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +useradd: failure while writing changes to /etc/group diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test b/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test new file mode 100755 index 00000000..ed64725d --- /dev/null +++ b/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports failure to write /etc/group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (useradd foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err new file mode 100644 index 00000000..a3552598 --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +useradd: failure while writing changes to /etc/gshadow diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test b/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test new file mode 100755 index 00000000..11f7f687 --- /dev/null +++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports failure to write /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (useradd foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt b/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err b/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err new file mode 100644 index 00000000..956521a5 --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/default/nuaddXXXXXX /etc/default/useradd +useradd: rename: /etc/default/nuaddXXXXXX: Input/output error diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test b/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test new file mode 100755 index 00000000..f8456522 --- /dev/null +++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports failure to write /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set default value (useradd -D -g 10)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/default/useradd useradd -D -g 10 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +sed -e 's/nuadd....../nuaddXXXXXX/' -i tmp/useradd.err +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err new file mode 100644 index 00000000..7ec53ac7 --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err @@ -0,0 +1,2 @@ +link FAILURE /etc/default/useradd /etc/default/useradd- +useradd: Cannot create backup file (/etc/default/useradd-): Input/output error diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test new file mode 100755 index 00000000..241f727f --- /dev/null +++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports failure to create backup /etc/default/useradd-" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set default value (useradd -D -g 10)..." +LD_PRELOAD=../../../common/link_failure.so FAILURE_PATH=/etc/default/useradd- useradd -D -g 10 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/11_useradd_time_0/config.txt b/tests/failures/useradd/11_useradd_time_0/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd b/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/group b/tests/failures/useradd/11_useradd_time_0/config/etc/group new file mode 100644 index 00000000..beb7c879 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow b/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow new file mode 100644 index 00000000..55b8e959 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password b/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password new file mode 100644 index 00000000..cb8c7b71 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/passwd b/tests/failures/useradd/11_useradd_time_0/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/shadow b/tests/failures/useradd/11_useradd_time_0/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/11_useradd_time_0/data/group b/tests/failures/useradd/11_useradd_time_0/data/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/useradd/11_useradd_time_0/data/gshadow b/tests/failures/useradd/11_useradd_time_0/data/gshadow new file mode 100644 index 00000000..ed9618e0 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/useradd/11_useradd_time_0/data/newusers.list b/tests/failures/useradd/11_useradd_time_0/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/failures/useradd/11_useradd_time_0/data/passwd b/tests/failures/useradd/11_useradd_time_0/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/failures/useradd/11_useradd_time_0/data/shadow b/tests/failures/useradd/11_useradd_time_0/data/shadow new file mode 100644 index 00000000..d295f852 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!::0:99999:7:12:13849: diff --git a/tests/failures/useradd/11_useradd_time_0/useradd.test b/tests/failures/useradd/11_useradd_time_0/useradd.test new file mode 100755 index 00000000..1c611387 --- /dev/null +++ b/tests/failures/useradd/11_useradd_time_0/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd disables aging when time is not set" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo (useradd foo)..." +LD_PRELOAD=../../../common/time_0.so useradd foo 2>/dev/null +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt b/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err b/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err new file mode 100644 index 00000000..6d84972a --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/subuid 2 ... +useradd: cannot open /etc/subuid diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test b/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test new file mode 100755 index 00000000..0263300b --- /dev/null +++ b/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd report failures when it cannot open the /etc/subuid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (useradd foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt b/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err b/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err new file mode 100644 index 00000000..594f4d67 --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err @@ -0,0 +1,2 @@ +open FAILURE /etc/subgid 2 ... +useradd: cannot open /etc/subgid diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test b/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test new file mode 100755 index 00000000..eff1bc91 --- /dev/null +++ b/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd report failures when it cannot open the /etc/subgid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo (useradd foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config.txt b/tests/failures/useradd/14_username_rename_subuid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/group b/tests/failures/useradd/14_username_rename_subuid_failure/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow b/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd b/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow b/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err b/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err new file mode 100644 index 00000000..1798df6b --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/subuid+ /etc/subuid +useradd: failure while writing changes to /etc/subuid diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test b/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test new file mode 100755 index 00000000..5b007b98 --- /dev/null +++ b/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports failure to write /etc/subuid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (useradd foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config.txt b/tests/failures/useradd/15_username_rename_subgid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/group b/tests/failures/useradd/15_username_rename_subgid_failure/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow b/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd b/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow b/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid b/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err b/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err new file mode 100644 index 00000000..0d1b6549 --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/subgid+ /etc/subgid +useradd: failure while writing changes to /etc/subgid diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test b/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test new file mode 100755 index 00000000..db472583 --- /dev/null +++ b/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports failure to write /etc/subgid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (useradd foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err new file mode 100644 index 00000000..e84c8f8c --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +userdel: failure while writing changes to /etc/gshadow diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test b/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test new file mode 100755 index 00000000..3b7c17ca --- /dev/null +++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel reports failure to write /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config.txt b/tests/failures/userdel/02_userdel_group_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd b/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow b/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err b/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err new file mode 100644 index 00000000..21962cd5 --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +userdel: failure while writing changes to /etc/group diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test b/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test new file mode 100755 index 00000000..da9b6936 --- /dev/null +++ b/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel reports failure to write /etc/group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt b/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err new file mode 100644 index 00000000..a241b550 --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/shadow+ /etc/shadow +userdel: failure while writing changes to /etc/shadow diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test b/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test new file mode 100755 index 00000000..6ad2516a --- /dev/null +++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel reports failure to write /etc/shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt b/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err b/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err new file mode 100644 index 00000000..7058c90a --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +userdel: failure while writing changes to /etc/passwd diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test b/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test new file mode 100755 index 00000000..945bf5b3 --- /dev/null +++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel reports failure to write /etc/passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err new file mode 100644 index 00000000..0ed73cf7 --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err @@ -0,0 +1,3 @@ +unlink FAILURE /var/mail/foo +userdel: warning: can't remove /var/mail/foo: Device or resource busy +userdel: foo home directory (/home/foo) not found diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test b/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test new file mode 100755 index 00000000..cd0b3567 --- /dev/null +++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel -r reports failure to remove the mailbox" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Changing ownership of /var/mail/foo..." +chown foo:mail /var/mail/foo +echo "OK" + +echo -n "delete user foo with its mail spool (userdel -r foo)..." +LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/var/mail/foo userdel -r foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err new file mode 100644 index 00000000..d46d8791 --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err @@ -0,0 +1,3 @@ +userdel: foo mail spool (/var/mail/foo) not found +unlink FAILURE /home/foo/bar/baz +userdel: error removing directory /home/foo diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test new file mode 100755 index 00000000..d41d1895 --- /dev/null +++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test @@ -0,0 +1,64 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel -r reports failure to remove a file in the home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an home directory for foo..." +mkdir /home/foo +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0 +mkdir /home/foo/bar +touch /home/foo/bar/baz +chown -R foo:foo /home/foo +echo "OK" + +echo -n "delete user foo with its mail spool (userdel -r foo)..." +LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/home/foo/bar/baz userdel -r foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +rm -rf /home/foo + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt b/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err new file mode 100644 index 00000000..f874083d --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err @@ -0,0 +1,3 @@ +userdel: foo mail spool (/var/mail/foo) not found +rmdir FAILURE /home/foo +userdel: error removing directory /home/foo diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test b/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test new file mode 100755 index 00000000..deca4020 --- /dev/null +++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test @@ -0,0 +1,64 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel -r reports failure to remove the home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an home directory for foo..." +mkdir /home/foo +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0 +mkdir /home/foo/bar +touch /home/foo/bar/baz +chown -R foo:foo /home/foo +echo "OK" + +echo -n "delete user foo with its mail spool (userdel -r foo)..." +LD_PRELOAD=../../../common/rmdir_failure.so FAILURE_PATH=/home/foo userdel -r foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +rm -rf /home/foo + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt b/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..c41f98b4 --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:foo:/home/foo:/bin/sh diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err b/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err new file mode 100644 index 00000000..5329f8a3 --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +userdel: cannot open /etc/passwd diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test b/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test new file mode 100755 index 00000000..dfa5bc6c --- /dev/null +++ b/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt b/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..c41f98b4 --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:foo:/home/foo:/bin/sh diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err b/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err new file mode 100644 index 00000000..b15cf955 --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 2 ... +userdel: cannot open /etc/shadow diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test b/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test new file mode 100755 index 00000000..434cf320 --- /dev/null +++ b/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config.txt b/tests/failures/userdel/10_userdel_open_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd new file mode 100644 index 00000000..c41f98b4 --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:foo:/home/foo:/bin/sh diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err b/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err new file mode 100644 index 00000000..e671f64d --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +userdel: cannot open /etc/group diff --git a/tests/failures/userdel/10_userdel_open_group_failure/userdel.test b/tests/failures/userdel/10_userdel_open_group_failure/userdel.test new file mode 100755 index 00000000..2e3ad623 --- /dev/null +++ b/tests/failures/userdel/10_userdel_open_group_failure/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt b/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..c41f98b4 --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:foo:/home/foo:/bin/sh diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err b/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err new file mode 100644 index 00000000..e24e7f46 --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +userdel: cannot open /etc/gshadow diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test b/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test new file mode 100755 index 00000000..4a75f663 --- /dev/null +++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt b/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err b/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err new file mode 100644 index 00000000..cd0d1c47 --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err @@ -0,0 +1,2 @@ +open FAILURE /etc/subuid 2 ... +userdel: cannot open /etc/subuid diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test b/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test new file mode 100755 index 00000000..844f04f2 --- /dev/null +++ b/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel report failures when it cannot open the /etc/subuid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt b/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err b/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err new file mode 100644 index 00000000..bcc53e2a --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err @@ -0,0 +1,2 @@ +open FAILURE /etc/subgid 2 ... +userdel: cannot open /etc/subgid diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test b/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test new file mode 100755 index 00000000..2a67bcb9 --- /dev/null +++ b/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel report failures when it cannot open the /etc/subgid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt b/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd new file mode 100644 index 00000000..ae6ebfe9 --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err new file mode 100644 index 00000000..ae0d56e4 --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/subuid+ /etc/subuid +userdel: failure while writing changes to /etc/subuid diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test b/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test new file mode 100755 index 00000000..a6e7d43d --- /dev/null +++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel reports failure to write /etc/subuid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt b/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd new file mode 100644 index 00000000..ae6ebfe9 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid new file mode 100644 index 00000000..a0bb6033 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +root:200000:10000 diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid new file mode 100644 index 00000000..83a5781d --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid @@ -0,0 +1 @@ +root:200000:10000 diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err new file mode 100644 index 00000000..35e206c4 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/subgid+ /etc/subgid +userdel: failure while writing changes to /etc/subgid diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test b/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test new file mode 100755 index 00000000..5312e8b9 --- /dev/null +++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel reports failure to write /etc/subgid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group new file mode 100644 index 00000000..41fb3266 --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:bar diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd new file mode 100644 index 00000000..656230a2 --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow new file mode 100644 index 00000000..2fc3f9cc --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err new file mode 100644 index 00000000..449003ad --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/gshadow+ /etc/gshadow +usermod: failure while writing changes to /etc/gshadow diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test new file mode 100755 index 00000000..e7d1c2d8 --- /dev/null +++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod reports failure to write /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar (groupmod -n bar foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err new file mode 100644 index 00000000..a5fd4c30 --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +usermod: failure while writing changes to /etc/passwd diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test new file mode 100755 index 00000000..119d76a8 --- /dev/null +++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod reports failure to write /etc/passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change UID of foo to 1001 (usermod -u 1001 foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd usermod -u 1001 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd new file mode 100644 index 00000000..656230a2 --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow new file mode 100644 index 00000000..2fc3f9cc --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err new file mode 100644 index 00000000..69a5e8b6 --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/group+ /etc/group +usermod: failure while writing changes to /etc/group diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test new file mode 100755 index 00000000..c5d69bbd --- /dev/null +++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod reports failure to write /etc/group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename user foo to bar (usermod -l bar foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group usermod -l bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd new file mode 100644 index 00000000..656230a2 --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow new file mode 100644 index 00000000..2fc3f9cc --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test new file mode 100755 index 00000000..2e64fd3d --- /dev/null +++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not try to rewrite gshadow if not changed" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar (groupmod -n bar foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group new file mode 100644 index 00000000..2a5b8a4a --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow new file mode 100644 index 00000000..ed34100c --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd new file mode 100644 index 00000000..09a6642a --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000:::/bin/false diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err new file mode 100644 index 00000000..43c186a9 --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/shadow+ /etc/shadow +usermod: failure while writing changes to /etc/shadow diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test new file mode 100755 index 00000000..df94b432 --- /dev/null +++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod reports failure to write /etc/shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change name of foo to bar (usermod -l bar foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err new file mode 100644 index 00000000..e060976c --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/passwd 2 ... +usermod: cannot open /etc/passwd diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test new file mode 100755 index 00000000..5e069f67 --- /dev/null +++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod report failures when it cannot open the passwd file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change user foo (usermod -l bar foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd usermod -l bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err new file mode 100644 index 00000000..40e3a5bb --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/shadow 2 ... +usermod: cannot open /etc/shadow diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test new file mode 100755 index 00000000..c5ac4142 --- /dev/null +++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod report failures when it cannot open the shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change user foo (usermod -l bar foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err new file mode 100644 index 00000000..5329b288 --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/group 2 ... +usermod: cannot open /etc/group diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test new file mode 100755 index 00000000..fbca2789 --- /dev/null +++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod report failures when it cannot open the group file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change user foo (usermod -l bar foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group usermod -l bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err new file mode 100644 index 00000000..e398343c --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/gshadow 2 ... +usermod: cannot open /etc/gshadow diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test new file mode 100755 index 00000000..6e7ba24b --- /dev/null +++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod report failures when it cannot open the gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change user foo (usermod -l bar foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config.txt b/tests/failures/usermod/10_usermod_-p_time_0/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/10_usermod_-p_time_0/data/passwd b/tests/failures/usermod/10_usermod_-p_time_0/data/passwd new file mode 100644 index 00000000..d9798a6e --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:foopass:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/10_usermod_-p_time_0/data/shadow b/tests/failures/usermod/10_usermod_-p_time_0/data/shadow new file mode 100644 index 00000000..13fca931 --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:foopass::0:99999:7::: diff --git a/tests/failures/usermod/10_usermod_-p_time_0/usermod.test b/tests/failures/usermod/10_usermod_-p_time_0/usermod.test new file mode 100755 index 00000000..f54c918c --- /dev/null +++ b/tests/failures/usermod/10_usermod_-p_time_0/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod disables aging when time is not set" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's password (usermod -p foopass foo)..." +LD_PRELOAD=../../../common/time_0.so usermod -p foopass foo 2>/dev/null +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow new file mode 100644 index 00000000..6faa0c5e --- /dev/null +++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblahblah::0:99999:7:12:: diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test new file mode 100755 index 00000000..56e9c832 --- /dev/null +++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod disables aging when time is not set" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's password (usermod -f 12 foo)..." +LD_PRELOAD=../../../common/time_0.so usermod -f 12 foo 2>/dev/null +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err new file mode 100644 index 00000000..a5fd4c30 --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/passwd+ /etc/passwd +usermod: failure while writing changes to /etc/passwd diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test new file mode 100755 index 00000000..d7c95b7a --- /dev/null +++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod reports failure to unlock /etc/passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change UID of foo to 1001 (usermod -u 1001 foo)..." +LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/passwd.lock usermod -u 1001 foo 2>tmp/usermod.err +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +rm -f /etc/passwd.lock + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err new file mode 100644 index 00000000..a83d4bfc --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/subuid 2 ... +usermod: cannot open /etc/subuid diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test new file mode 100755 index 00000000..fdff7e11 --- /dev/null +++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod report failures when it cannot open the /etc/subuid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add range for user foo (usermod -v 100000-100000 foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err new file mode 100644 index 00000000..a83d4bfc --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/subuid 2 ... +usermod: cannot open /etc/subuid diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test new file mode 100755 index 00000000..47ff348e --- /dev/null +++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod report failures when it cannot open the /etc/subuid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add range for user foo (usermod -V 100000-100000 foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid usermod -V 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err new file mode 100644 index 00000000..7cb1df51 --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/subgid 2 ... +usermod: cannot open /etc/subgid diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test new file mode 100755 index 00000000..3469d93b --- /dev/null +++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod report failures when it cannot open the /etc/subgid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add range for user foo (usermod -w 100000-100000 foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err new file mode 100644 index 00000000..7cb1df51 --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err @@ -0,0 +1,2 @@ +open FAILURE /etc/subgid 2 ... +usermod: cannot open /etc/subgid diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test new file mode 100755 index 00000000..a03c2c5c --- /dev/null +++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod report failures when it cannot open the /etc/subgid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add range for user foo (usermod -W 100000-100000 foo)..." +LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid usermod -W 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd new file mode 100644 index 00000000..ae6ebfe9 --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err new file mode 100644 index 00000000..d498ae9d --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/subuid+ /etc/subuid +usermod: failure while writing changes to /etc/subuid diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test new file mode 100755 index 00000000..0e39b61d --- /dev/null +++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod reports failure to write /etc/subuid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add subordinate uid for user foo (usermod -v 100000-100000 foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd new file mode 100644 index 00000000..ae6ebfe9 --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err new file mode 100644 index 00000000..ee968b85 --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err @@ -0,0 +1,2 @@ +rename FAILURE /etc/subgid+ /etc/subgid +usermod: failure while writing changes to /etc/subgid diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test new file mode 100755 index 00000000..c14e5c12 --- /dev/null +++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod reports failure to write /etc/subgid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add subordinate uid for user foo (usermod -w 100000-100000 foo)..." +LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test new file mode 100755 index 00000000..c62fc546 --- /dev/null +++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd fails if a group does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's, disk's, and foooo's password..." +echo 'nogroup:test +disk:test2 +foooo:test3' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err new file mode 100644 index 00000000..38413dfa --- /dev/null +++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err @@ -0,0 +1,2 @@ +chgpasswd: line 3: group 'foooo' does not exist +chgpasswd: error detected, changes ignored diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test new file mode 100755 index 00000000..4029ad78 --- /dev/null +++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can change mulitple groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's and disk's password..." +echo 'nogroup:test +disk:test2' | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow new file mode 100644 index 00000000..10d3a52c --- /dev/null +++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:@PASS_DES test2@:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_DES test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test new file mode 100755 index 00000000..96900fb5 --- /dev/null +++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd changes the pasword in group if gshadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/gshadow..." +rm -f /etc/gshadow +echo "OK" + +echo -n "Change nogroup's and disk's password..." +echo 'nogroup:test +disk:test2' | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check that gshadow does not exist..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group new file mode 100644 index 00000000..7f5e536b --- /dev/null +++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:@PASS_DES test2@:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:@PASS_DES test@:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test new file mode 100755 index 00000000..8def840d --- /dev/null +++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd changes the group entry if there are no entries in gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's and disk's password..." +echo 'nogroup:test +disk:test2' | chgpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow new file mode 100644 index 00000000..54dc57e0 --- /dev/null +++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow @@ -0,0 +1,40 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow new file mode 100644 index 00000000..544e0d10 --- /dev/null +++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:@PASS_DES test2@:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: +nogroup:@PASS_DES test@:: diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test new file mode 100755 index 00000000..53ffbf20 --- /dev/null +++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd fails if no password are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's password..." +echo 'nogroup:test +disk' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err new file mode 100644 index 00000000..86c08033 --- /dev/null +++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err @@ -0,0 +1,2 @@ +chgpasswd: line 2: missing new password +chgpasswd: error detected, changes ignored diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test b/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test new file mode 100755 index 00000000..1075f0fb --- /dev/null +++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get chgpasswd usage (chgpasswd -h)..." +chgpasswd -h >tmp/usage.out +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out b/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out new file mode 100644 index 00000000..46b49c3d --- /dev/null +++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out @@ -0,0 +1,12 @@ +Usage: chgpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test new file mode 100755 index 00000000..56de5cba --- /dev/null +++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd displays its usage message in case on non recognized option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get chgpasswd usage (chgpasswd --foo)..." +chgpasswd --foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out new file mode 100644 index 00000000..e96d97c2 --- /dev/null +++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out @@ -0,0 +1,13 @@ +chgpasswd: unrecognized option '--foo' +Usage: chgpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test new file mode 100755 index 00000000..f6b96d50 --- /dev/null +++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks that -e and -m are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password are encrypted and must use md5 (chgpasswd -m -e)..." +echo 'nobody:test' | chgpasswd -m -e 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out new file mode 100644 index 00000000..d3a57b61 --- /dev/null +++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out @@ -0,0 +1,13 @@ +chgpasswd: the -c, -e, and -m flags are exclusive +Usage: chgpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test new file mode 100755 index 00000000..9da58d63 --- /dev/null +++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks that -e and -c are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password are encrypted and must use another method (chgpasswd -c SHA512 -e)..." +echo 'nobody:test' | chgpasswd -c SHA512 -e 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out new file mode 100644 index 00000000..d3a57b61 --- /dev/null +++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out @@ -0,0 +1,13 @@ +chgpasswd: the -c, -e, and -m flags are exclusive +Usage: chgpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test new file mode 100755 index 00000000..e83338f3 --- /dev/null +++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks that -c and -m are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password must use md5 and another method (chgpasswd -m -c SHA256)..." +echo 'nobody:test' | chgpasswd -m -c SHA256 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out new file mode 100644 index 00000000..d3a57b61 --- /dev/null +++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out @@ -0,0 +1,13 @@ +chgpasswd: the -c, -e, and -m flags are exclusive +Usage: chgpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test new file mode 100755 index 00000000..293e9325 --- /dev/null +++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks that -c is provided if -s is used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password must use md5 and another method (chgpasswd --sha-rounds 12)..." +echo 'nobody:test' | chgpasswd --sha-rounds 12 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out new file mode 100644 index 00000000..4bd98d4f --- /dev/null +++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out @@ -0,0 +1,13 @@ +chgpasswd: -s flag is only allowed with the -c flag +Usage: chgpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test new file mode 100755 index 00000000..ebfcde6b --- /dev/null +++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks the -s argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password must use md5 and another method (chgpasswd --sha-rounds 12foo -c SHA512)..." +echo 'nobody:test' | chgpasswd --sha-rounds 12foo -c SHA512 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out new file mode 100644 index 00000000..690a5025 --- /dev/null +++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out @@ -0,0 +1,13 @@ +chgpasswd: invalid numeric argument '12foo' +Usage: chgpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test new file mode 100755 index 00000000..8cff29b2 --- /dev/null +++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks the -c argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password must use md5 and another method (chgpasswd --crypt-method SHA513)..." +echo 'nobody:test' | chgpasswd --crypt-method SHA513 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out new file mode 100644 index 00000000..a103cd59 --- /dev/null +++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out @@ -0,0 +1,13 @@ +chgpasswd: unsupported crypt method: SHA513 +Usage: chgpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test new file mode 100755 index 00000000..c622581b --- /dev/null +++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use encrypted password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd -e)..." +echo 'nogroup:test +lp:test2' | chgpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow new file mode 100644 index 00000000..71489d57 --- /dev/null +++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:test2:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:test:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test new file mode 100755 index 00000000..964d193d --- /dev/null +++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create md5 passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --md5)..." +echo 'nogroup:test +lp:test2' | chgpasswd --md5 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow new file mode 100644 index 00000000..eea258ed --- /dev/null +++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_MD5 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_MD5 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test new file mode 100755 index 00000000..98cf6d04 --- /dev/null +++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use encrypted passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd -c NONE)..." +echo 'nogroup:test +lp:test2' | chgpasswd -c NONE +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow new file mode 100644 index 00000000..71489d57 --- /dev/null +++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:test2:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:test:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test new file mode 100755 index 00000000..920589b7 --- /dev/null +++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create MD5 passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --crypt-method MD5)..." +echo 'nogroup:test +lp:test2' | chgpasswd --crypt-method MD5 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow new file mode 100644 index 00000000..eea258ed --- /dev/null +++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_MD5 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_MD5 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test new file mode 100755 index 00000000..bf504af5 --- /dev/null +++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create DES passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --crypt-method DES)..." +echo 'nogroup:test +lp:test2' | chgpasswd --crypt-method DES +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow new file mode 100644 index 00000000..dcf1749d --- /dev/null +++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_DES test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_DES test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test new file mode 100755 index 00000000..07770c44 --- /dev/null +++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create SHA256 passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256)..." +echo 'nogroup:test +lp:test2' | chgpasswd --crypt-method SHA256 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow new file mode 100644 index 00000000..e22ddf59 --- /dev/null +++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_SHA256 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA256 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test new file mode 100755 index 00000000..e269270c --- /dev/null +++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create SHA256 passwords and use at least 1000 rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256 -s 900)..." +echo 'nogroup:test +lp:test2' | chgpasswd --crypt-method SHA256 -s 900 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +grep nogroup /etc/gshadow | grep -q ':\$5\$rounds=1000\$' +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow new file mode 100644 index 00000000..e22ddf59 --- /dev/null +++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_SHA256 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA256 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test new file mode 100755 index 00000000..7d332047 --- /dev/null +++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create SHA256 passwords and use the requested number of rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256 -s 9000)..." +echo 'nogroup:test +lp:test2' | chgpasswd --crypt-method SHA256 -s 9000 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +grep nogroup /etc/gshadow | grep -q ':\$5\$rounds=9000\$' +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow new file mode 100644 index 00000000..e22ddf59 --- /dev/null +++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_SHA256 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA256 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test new file mode 100755 index 00000000..1a560dc8 --- /dev/null +++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create SHA512 passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512)..." +echo 'nogroup:test +lp:test2' | chgpasswd --crypt-method SHA512 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow new file mode 100644 index 00000000..f4f80343 --- /dev/null +++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_SHA512 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA512 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test new file mode 100755 index 00000000..5af55f81 --- /dev/null +++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create SHA512 passwords and use at least 1000 rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512 -s 900)..." +echo 'nogroup:test +lp:test2' | chgpasswd --crypt-method SHA512 -s 900 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +grep nogroup /etc/gshadow | grep -q ':\$6\$rounds=1000\$' +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow new file mode 100644 index 00000000..f4f80343 --- /dev/null +++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_SHA512 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA512 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test new file mode 100755 index 00000000..2e85531b --- /dev/null +++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd can use create SHA512 passwords and use the requested number of rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512 -s 9000)..." +echo 'nogroup:test +lp:test2' | chgpasswd --crypt-method SHA512 -s 9000 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +grep nogroup /etc/gshadow | grep -q ':\$6\$rounds=9000\$' +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow new file mode 100644 index 00000000..f4f80343 --- /dev/null +++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:@PASS_SHA512 test2@:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:@PASS_SHA512 test@:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test new file mode 100755 index 00000000..17f6f954 --- /dev/null +++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd changes the group file if gshadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/gshadow..." +rm -f /etc/gshadow +echo "OK" + +echo -n "Change nogroup's and lp's password..." +echo 'nogroup:test +lp:test2' | chgpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check that gshadow does not exist..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..d5d9eb76 --- /dev/null +++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:foo:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:bar:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group new file mode 100644 index 00000000..575c2218 --- /dev/null +++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:test2:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:test:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test new file mode 100755 index 00000000..17f6f954 --- /dev/null +++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd changes the group file if gshadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/gshadow..." +rm -f /etc/gshadow +echo "OK" + +echo -n "Change nogroup's and lp's password..." +echo 'nogroup:test +lp:test2' | chgpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check that gshadow does not exist..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group new file mode 100644 index 00000000..575c2218 --- /dev/null +++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:test2:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:test:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test new file mode 100755 index 00000000..1d9af4bc --- /dev/null +++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd changes the group entry if there are no gshadow entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nogroup's and lp's password..." +echo 'nogroup:test +lp:test2' | chgpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow new file mode 100644 index 00000000..aecd9b92 --- /dev/null +++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow @@ -0,0 +1,40 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow new file mode 100644 index 00000000..f4f74a53 --- /dev/null +++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow @@ -0,0 +1,18 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow new file mode 100644 index 00000000..3652f6ff --- /dev/null +++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:test:: +crontab:x:: +Debian-exim:x:: +lp:test2:: diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test new file mode 100755 index 00000000..c0be3c9a --- /dev/null +++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test @@ -0,0 +1,61 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Change passwords (chgpasswd -e)..." +echo 'nogroup:test +lp:test2' | chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err new file mode 100644 index 00000000..5c91d934 --- /dev/null +++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err @@ -0,0 +1,2 @@ +chgpasswd: existing lock file /etc/group.lock without a PID +chgpasswd: cannot lock /etc/group; try again later. diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test new file mode 100755 index 00000000..368e4b8f --- /dev/null +++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test @@ -0,0 +1,61 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Change passwords (chgpasswd -e)..." +echo 'nogroup:test +lp:test2' | chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err new file mode 100644 index 00000000..dcef785d --- /dev/null +++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err @@ -0,0 +1,2 @@ +chgpasswd: existing lock file /etc/gshadow.lock without a PID +chgpasswd: cannot lock /etc/gshadow; try again later. diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test new file mode 100755 index 00000000..1dede9e5 --- /dev/null +++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chgpasswd checks that users exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chgpasswd)..." +echo 'nogroup:test +bar:bar2 +lp:test2' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chgpasswd reported:" +echo "=======================================================================" +cat tmp/chgpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chgpasswd.err tmp/chgpasswd.err +echo "error message OK." +rm -f tmp/chgpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err new file mode 100644 index 00000000..bf4249e5 --- /dev/null +++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err @@ -0,0 +1,2 @@ +chgpasswd: line 2: group 'bar' does not exist +chgpasswd: error detected, changes ignored diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test new file mode 100755 index 00000000..3084f76d --- /dev/null +++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..." +gpasswd -M "" users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group new file mode 100644 index 00000000..1838a36c --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow new file mode 100644 index 00000000..689ea4c8 --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo,bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test new file mode 100755 index 00000000..75a8abe3 --- /dev/null +++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..." +gpasswd -M "" users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test new file mode 100755 index 00000000..08ee9962 --- /dev/null +++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (0 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group new file mode 100644 index 00000000..8b3971e9 --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow new file mode 100644 index 00000000..5054bf71 --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test new file mode 100755 index 00000000..f9879d93 --- /dev/null +++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (1 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group new file mode 100644 index 00000000..1838a36c --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow new file mode 100644 index 00000000..689ea4c8 --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo,bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test new file mode 100755 index 00000000..965a4d67 --- /dev/null +++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group new file mode 100644 index 00000000..1838a36c --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow new file mode 100644 index 00000000..689ea4c8 --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo,bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group new file mode 100644 index 00000000..aa85a13d --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root,daemon +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow new file mode 100644 index 00000000..1e2ca454 --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::root,daemon +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test new file mode 100755 index 00000000..dfbd793c --- /dev/null +++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..." +gpasswd -M root,daemon users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow new file mode 100644 index 00000000..afcbd745 --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:x:: diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..3084f76d --- /dev/null +++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..." +gpasswd -M "" users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group new file mode 100644 index 00000000..bbe0311e --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:*:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow new file mode 100644 index 00000000..9abbd260 --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:*:: diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..75a8abe3 --- /dev/null +++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..." +gpasswd -M "" users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group new file mode 100644 index 00000000..0404abab --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:*:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow new file mode 100644 index 00000000..cda0d0af --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:*::foo diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..08ee9962 --- /dev/null +++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (0 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group new file mode 100644 index 00000000..e2d8b141 --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:password:100:bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow new file mode 100644 index 00000000..86fa988b --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:password::foo diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..f9879d93 --- /dev/null +++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (1 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group new file mode 100644 index 00000000..bbe0311e --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:*:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow new file mode 100644 index 00000000..cda0d0af --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:*::foo diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..965a4d67 --- /dev/null +++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group new file mode 100644 index 00000000..bbe0311e --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:*:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group new file mode 100644 index 00000000..aa85a13d --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root,daemon +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow new file mode 100644 index 00000000..692d0f7a --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:*::root,daemon diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..dfbd793c --- /dev/null +++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..." +gpasswd -M root,daemon users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..b1450c90 --- /dev/null +++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..." +gpasswd -M "" users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..1838a36c --- /dev/null +++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..689ea4c8 --- /dev/null +++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo,bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..bd95302e --- /dev/null +++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..." +gpasswd -M "" users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..e6e6ab06 --- /dev/null +++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (0 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..8b3971e9 --- /dev/null +++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..5054bf71 --- /dev/null +++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..e5b40b49 --- /dev/null +++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (1 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..1838a36c --- /dev/null +++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..689ea4c8 --- /dev/null +++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo,bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..8b928887 --- /dev/null +++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 1 group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove the gshadow file..." +rm -f /etc/gshadow +echo "OK" + +echo -n "set the list of members to foo (gpasswd -M foo users)..." +gpasswd -M foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..1838a36c --- /dev/null +++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..689ea4c8 --- /dev/null +++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo,bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group new file mode 100644 index 00000000..aa85a13d --- /dev/null +++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root,daemon +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..2b2b2ace --- /dev/null +++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..." +gpasswd -M root,daemon users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs new file mode 100644 index 00000000..a37eb0e9 --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +# ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow new file mode 100644 index 00000000..6b880f55 --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:@PASS_DES usersPAS@:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp new file mode 100755 index 00000000..c6e20fd5 --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp @@ -0,0 +1,70 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "\n# password '$g_password' sent\n\n" + +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "# expect prompt '$user_prompt'" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test new file mode 100755 index 00000000..5d316e2d --- /dev/null +++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp root users usersPAS '# ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs new file mode 100644 index 00000000..a37eb0e9 --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +# ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow new file mode 100644 index 00000000..4bce8b46 --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:@PASS_DES usersPAS@::foo diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp new file mode 100755 index 00000000..c6e20fd5 --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp @@ -0,0 +1,70 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "\n# password '$g_password' sent\n\n" + +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "# expect prompt '$user_prompt'" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..5d316e2d --- /dev/null +++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp root users usersPAS '# ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs new file mode 100644 index 00000000..a37eb0e9 --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +# ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group new file mode 100644 index 00000000..76ead965 --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:@PASS_DES usersPAS@:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp new file mode 100755 index 00000000..c6e20fd5 --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp @@ -0,0 +1,70 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "\n# password '$g_password' sent\n\n" + +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "# expect prompt '$user_prompt'" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..9f90aafd --- /dev/null +++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +./gpasswd.exp root users usersPAS '# ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt new file mode 100644 index 00000000..2fb7c377 --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt @@ -0,0 +1 @@ +myuser exist and is an admin of group users diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow new file mode 100644 index 00000000..aef7f5b6 --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:myuser: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs new file mode 100644 index 00000000..a37eb0e9 --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +# ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd new file mode 100644 index 00000000..86d78551 --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +myuser:x:1001:1000:::/bin/bash diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow new file mode 100644 index 00000000..f2f5bb2d --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +myuser::12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow new file mode 100644 index 00000000..048d86ae --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:@PASS_DES usersPAS@:myuser: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp new file mode 100755 index 00000000..c6e20fd5 --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp @@ -0,0 +1,70 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "\n# password '$g_password' sent\n\n" + +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "# expect prompt '$user_prompt'" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test new file mode 100755 index 00000000..9ae0cd83 --- /dev/null +++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp myuser users usersPAS '$ ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt new file mode 100644 index 00000000..2fb7c377 --- /dev/null +++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt @@ -0,0 +1 @@ +myuser exist and is an admin of group users diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd new file mode 100644 index 00000000..86d78551 --- /dev/null +++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +myuser:x:1001:1000:::/bin/bash diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow new file mode 100644 index 00000000..f2f5bb2d --- /dev/null +++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +myuser::12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp new file mode 100755 index 00000000..1c7ca5bd --- /dev/null +++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp @@ -0,0 +1,60 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "gpasswd: Permission denied." ;# Not an admin + +send_user "\n" +send_user "# expect prompt '$user_prompt'\n" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test new file mode 100755 index 00000000..d75576e9 --- /dev/null +++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp myuser users usersPAS '$ ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt new file mode 100644 index 00000000..2fb7c377 --- /dev/null +++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt @@ -0,0 +1 @@ +myuser exist and is an admin of group users diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..86d78551 --- /dev/null +++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +myuser:x:1001:1000:::/bin/bash diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..f2f5bb2d --- /dev/null +++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +myuser::12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp new file mode 100755 index 00000000..7b16acb0 --- /dev/null +++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp @@ -0,0 +1,59 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "gpasswd: Permission denied." ;# Not an admin + +send_user "# expect prompt '$user_prompt'\n" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..c61fa9bc --- /dev/null +++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +./gpasswd.exp myuser users usersPAS '$ ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow new file mode 100644 index 00000000..ef584f09 --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test b/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test new file mode 100755 index 00000000..f9426901 --- /dev/null +++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove the password of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the pasword of group users (gpasswd -r users)..." +gpasswd -r users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow new file mode 100644 index 00000000..10880c66 --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:::foo diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..f9426901 --- /dev/null +++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove the password of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the pasword of group users (gpasswd -r users)..." +gpasswd -r users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group new file mode 100644 index 00000000..cc8c43eb --- /dev/null +++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users::100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..7658654f --- /dev/null +++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove the password of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Remove the pasword of group users (gpasswd -r users)..." +gpasswd -r users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow new file mode 100644 index 00000000..ef7c9e5a --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:!::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test b/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test new file mode 100755 index 00000000..20e41f7b --- /dev/null +++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can lock the password of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Lock the pasword of group users (gpasswd -R users)..." +gpasswd -R users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow new file mode 100644 index 00000000..761abe10 --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:!::foo diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..20e41f7b --- /dev/null +++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can lock the password of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Lock the pasword of group users (gpasswd -R users)..." +gpasswd -R users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group new file mode 100644 index 00000000..cc423f51 --- /dev/null +++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:!:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..7d9b49ae --- /dev/null +++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can lock the password of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Lock the pasword of group users (gpasswd -R users)..." +gpasswd -R users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group new file mode 100644 index 00000000..1b4936af --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow new file mode 100644 index 00000000..f590939e --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test new file mode 100755 index 00000000..81b50c9f --- /dev/null +++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can add an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo to group bin (gpasswd -a foo bin)..." +gpasswd -a foo bin +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..a3846bcd --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group new file mode 100644 index 00000000..1b4936af --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow new file mode 100644 index 00000000..33b3bb42 --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bin:x::foo diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..81b50c9f --- /dev/null +++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can add an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo to group bin (gpasswd -a foo bin)..." +gpasswd -a foo bin +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group new file mode 100644 index 00000000..1b4936af --- /dev/null +++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..b257fe82 --- /dev/null +++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can add an user to a group (no gshadow file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Add user foo to group bin (gpasswd -a foo bin)..." +gpasswd -a foo bin +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test new file mode 100755 index 00000000..fef6ba04 --- /dev/null +++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group new file mode 100644 index 00000000..b7bf0a42 --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow new file mode 100644 index 00000000..71ef67ca --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo,root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group new file mode 100644 index 00000000..85a95f2d --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow new file mode 100644 index 00000000..f704a9df --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test new file mode 100755 index 00000000..0a34349d --- /dev/null +++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group new file mode 100644 index 00000000..2cfa18e4 --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:bin,foo,root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow new file mode 100644 index 00000000..7207bd20 --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo:bin,foo,root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group new file mode 100644 index 00000000..38d5cf25 --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:bin,root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow new file mode 100644 index 00000000..83e53650 --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo:bin,root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test new file mode 100755 index 00000000..e2792354 --- /dev/null +++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +# TODO: maybe this is wrong +log_start "$0" "gpasswd can remove an user to a group (don't touch administrative users)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow new file mode 100644 index 00000000..afcbd745 --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:x:: diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..fef6ba04 --- /dev/null +++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group new file mode 100644 index 00000000..db1fe5b4 --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:password:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow new file mode 100644 index 00000000..1c18211b --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:password:: diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..fef6ba04 --- /dev/null +++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group new file mode 100644 index 00000000..b7bf0a42 --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..bc293648 --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*::foo +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group new file mode 100644 index 00000000..85a95f2d --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow new file mode 100644 index 00000000..3e0af1e3 --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:x::root diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..0a34349d --- /dev/null +++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..20985d56 --- /dev/null +++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..db1fe5b4 --- /dev/null +++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:password:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..9ae9eeb9 --- /dev/null +++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group new file mode 100644 index 00000000..ff80f130 --- /dev/null +++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:password:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..20985d56 --- /dev/null +++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..b7bf0a42 --- /dev/null +++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..bc293648 --- /dev/null +++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*::foo +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group new file mode 100644 index 00000000..85a95f2d --- /dev/null +++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..6ec2ebc9 --- /dev/null +++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err new file mode 100644 index 00000000..dec0fe74 --- /dev/null +++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err @@ -0,0 +1,2 @@ +gpasswd: existing lock file /etc/group.lock without a PID +gpasswd: cannot lock /etc/group; try again later. diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test new file mode 100755 index 00000000..55cd038d --- /dev/null +++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd -r checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Remove the password of group users (gpasswd -r users)..." +gpasswd -r users 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err new file mode 100644 index 00000000..4c5a8725 --- /dev/null +++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err @@ -0,0 +1,2 @@ +gpasswd: existing lock file /etc/gshadow.lock without a PID +gpasswd: cannot lock /etc/gshadow; try again later. diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test new file mode 100755 index 00000000..0c7a649e --- /dev/null +++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd -r checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Remove the password of group users (gpasswd -r users)..." +gpasswd -r users 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err new file mode 100644 index 00000000..1cba130a --- /dev/null +++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err @@ -0,0 +1 @@ +gpasswd: group 'usersss' does not exist in /etc/group diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test new file mode 100755 index 00000000..b9ec0589 --- /dev/null +++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd -r fails if the group does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove the password of unknown group usersss (gpasswd -r usersss)..." +gpasswd -r usersss 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" # E_BAD_ARG +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err new file mode 100644 index 00000000..1ae3559c --- /dev/null +++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err @@ -0,0 +1 @@ +gpasswd: user 'foooo' does not exist diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test new file mode 100755 index 00000000..0c7175bf --- /dev/null +++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd -a fails if the user does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foooo to group users (gpasswd -a foooo users)..." +gpasswd -a foooo users 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" # E_BAD_ARG +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err new file mode 100644 index 00000000..1ae3559c --- /dev/null +++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err @@ -0,0 +1 @@ +gpasswd: user 'foooo' does not exist diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test new file mode 100755 index 00000000..bb3ab618 --- /dev/null +++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd -M fails if an user does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set members of users to root,foooo,bin (gpasswd -M root,foooo,bin users)..." +gpasswd -M root,foooo,bin users 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" # E_BAD_ARG +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow new file mode 100644 index 00000000..6f73977f --- /dev/null +++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo:foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test new file mode 100755 index 00000000..4cc31007 --- /dev/null +++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of admins (1 -> 0 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to \"\" (gpasswd -A \"\" users)..." +gpasswd -A "" users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow new file mode 100644 index 00000000..37489ea2 --- /dev/null +++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo,bin: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test new file mode 100755 index 00000000..6ed3642f --- /dev/null +++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of admins (2 -> 0 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to \"\" (gpasswd -A \"\" users)..." +gpasswd -A "" users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow new file mode 100644 index 00000000..6f73977f --- /dev/null +++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo:foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test new file mode 100755 index 00000000..ca37b356 --- /dev/null +++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of admins (0 -> 1 groups)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -A foo users)..." +gpasswd -A foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group new file mode 100644 index 00000000..38c2da70 --- /dev/null +++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow new file mode 100644 index 00000000..f74646e9 --- /dev/null +++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:bin:root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow new file mode 100644 index 00000000..59e5042a --- /dev/null +++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo:root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test new file mode 100755 index 00000000..2d64aaa8 --- /dev/null +++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of admins (1 -> 1 users)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -A foo users)..." +gpasswd -A foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group new file mode 100644 index 00000000..38c2da70 --- /dev/null +++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow new file mode 100644 index 00000000..77f563e5 --- /dev/null +++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo,bin:root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow new file mode 100644 index 00000000..59e5042a --- /dev/null +++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo:root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test new file mode 100755 index 00000000..2701d17d --- /dev/null +++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of admins (2 -> 1 users)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -A foo users)..." +gpasswd -A foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group new file mode 100644 index 00000000..38c2da70 --- /dev/null +++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow new file mode 100644 index 00000000..77f563e5 --- /dev/null +++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo,bin:root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow new file mode 100644 index 00000000..651998f9 --- /dev/null +++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:daemon,foo:root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test new file mode 100755 index 00000000..5964aa93 --- /dev/null +++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of admins (2 -> 2 users)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to foo (gpasswd -A daemon,foo users)..." +gpasswd -A daemon,foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group new file mode 100644 index 00000000..e3aaaf81 --- /dev/null +++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow new file mode 100644 index 00000000..8c7367f0 --- /dev/null +++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow new file mode 100644 index 00000000..77a33007 --- /dev/null +++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +users:x:foo: diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test new file mode 100755 index 00000000..bbd88af2 --- /dev/null +++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can set the list of admins if there is no shadow group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set the admin list of users to foo (gpasswd -A foo users)..." +gpasswd -A foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err new file mode 100644 index 00000000..55bd0cc3 --- /dev/null +++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err @@ -0,0 +1 @@ +gpasswd: shadow group passwords required for -A diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test new file mode 100755 index 00000000..6074c464 --- /dev/null +++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd -A checks if the gshadow file exists" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Set the lists of admins to foo (gpasswd -A foo users)..." +gpasswd -A foo users 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "17" # E_GSHADOW_NOTFOUND +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group new file mode 100644 index 00000000..1b4936af --- /dev/null +++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow new file mode 100644 index 00000000..f590939e --- /dev/null +++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test new file mode 100755 index 00000000..488c921b --- /dev/null +++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can add an user to a group (already member)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo to group bin (gpasswd -a foo bin)..." +gpasswd -a foo bin +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow new file mode 100644 index 00000000..ea4d4ab2 --- /dev/null +++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err new file mode 100644 index 00000000..e6582d49 --- /dev/null +++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err @@ -0,0 +1 @@ +gpasswd: user 'foo' is not a member of 'users' diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test new file mode 100755 index 00000000..80b24c70 --- /dev/null +++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group (not in the group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" # E_BAD_ARG +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow new file mode 100644 index 00000000..ea4d4ab2 --- /dev/null +++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test new file mode 100755 index 00000000..3bc2038a --- /dev/null +++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group (not in the group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test new file mode 100755 index 00000000..5d495206 --- /dev/null +++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can remove an user to a group (not in the group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user foo to group bin (gpasswd -d foo users)..." +gpasswd -d foo users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt new file mode 100644 index 00000000..ffddf4ee --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user useruseruseruseruseruseruseruser, 32 chars diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group new file mode 100644 index 00000000..bee14746 --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +useruseruseruseruseruseruseruser:x:1000: diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow new file mode 100644 index 00000000..a8d50ccf --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +useruseruseruseruseruseruseruser:*:: diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd new file mode 100644 index 00000000..aff85eb2 --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +useruseruseruseruseruseruseruser:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow new file mode 100644 index 00000000..ae1c0448 --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +useruseruseruseruseruseruseruser:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group new file mode 100644 index 00000000..7835fe7e --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:useruseruseruseruseruseruseruser +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +useruseruseruseruseruseruseruser:x:1000: diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow new file mode 100644 index 00000000..f8e3924d --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::useruseruseruseruseruseruseruser +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +useruseruseruseruseruseruseruser:*:: diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test new file mode 100755 index 00000000..594b8c3a --- /dev/null +++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can add an user with 32 characters to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user useruseruseruseruseruseruseruser to group bin (gpasswd -a useruseruseruseruseruseruseruser bin)..." +gpasswd -a useruseruseruseruseruseruseruser bin +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt b/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out b/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out new file mode 100644 index 00000000..d1c98d76 --- /dev/null +++ b/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out @@ -0,0 +1,13 @@ +Usage: gpasswd [option] GROUP + +Options: + -a, --add USER add USER to GROUP + -d, --delete USER remove USER from GROUP + -h, --help display this help message and exit + -Q, --root CHROOT_DIR directory to chroot into + -r, --remove-password remove the GROUP's password + -R, --restrict restrict access to GROUP to its members + -M, --members USER,... set the list of members of GROUP + -A, --administrators ADMIN,... + set the list of administrators for GROUP +Except for the -A and -M options, the options cannot be combined. diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test b/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test new file mode 100755 index 00000000..50732c60 --- /dev/null +++ b/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get gpasswd usage (gpasswd -h)..." +gpasswd -h >tmp/usage.out + +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err new file mode 100644 index 00000000..1ae3559c --- /dev/null +++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err @@ -0,0 +1 @@ +gpasswd: user 'foooo' does not exist diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test new file mode 100755 index 00000000..2be948cf --- /dev/null +++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd -A fails if an user does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set admins of users to root,foooo,bin (gpasswd -A root,foooo,bin users)..." +gpasswd -A root,foooo,bin users 2>tmp/gpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" # E_BAD_ARG +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/gpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/gpasswd.err tmp/gpasswd.err +echo "error message OK." +rm -f tmp/gpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out new file mode 100644 index 00000000..587d234a --- /dev/null +++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out @@ -0,0 +1,14 @@ +gpasswd: invalid option -- 'Z' +Usage: gpasswd [option] GROUP + +Options: + -a, --add USER add USER to GROUP + -d, --delete USER remove USER from GROUP + -h, --help display this help message and exit + -Q, --root CHROOT_DIR directory to chroot into + -r, --remove-password remove the GROUP's password + -R, --restrict restrict access to GROUP to its members + -M, --members USER,... set the list of members of GROUP + -A, --administrators ADMIN,... + set the list of administrators for GROUP +Except for the -A and -M options, the options cannot be combined. diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test new file mode 100755 index 00000000..aca4873b --- /dev/null +++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd displays its usage message in case of bad option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use gpasswd invalid option (gpasswd -Z)..." +gpasswd -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out new file mode 100644 index 00000000..d1c98d76 --- /dev/null +++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out @@ -0,0 +1,13 @@ +Usage: gpasswd [option] GROUP + +Options: + -a, --add USER add USER to GROUP + -d, --delete USER remove USER from GROUP + -h, --help display this help message and exit + -Q, --root CHROOT_DIR directory to chroot into + -r, --remove-password remove the GROUP's password + -R, --restrict restrict access to GROUP to its members + -M, --members USER,... set the list of members of GROUP + -A, --administrators ADMIN,... + set the list of administrators for GROUP +Except for the -A and -M options, the options cannot be combined. diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test new file mode 100755 index 00000000..009f5a36 --- /dev/null +++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd displays its usage message in case of multiple exclusive options" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use gpasswd option (gpasswd -a root -d root users)..." +gpasswd -a root -d root users 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out new file mode 100644 index 00000000..d1c98d76 --- /dev/null +++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out @@ -0,0 +1,13 @@ +Usage: gpasswd [option] GROUP + +Options: + -a, --add USER add USER to GROUP + -d, --delete USER remove USER from GROUP + -h, --help display this help message and exit + -Q, --root CHROOT_DIR directory to chroot into + -r, --remove-password remove the GROUP's password + -R, --restrict restrict access to GROUP to its members + -M, --members USER,... set the list of members of GROUP + -A, --administrators ADMIN,... + set the list of administrators for GROUP +Except for the -A and -M options, the options cannot be combined. diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test new file mode 100755 index 00000000..871c2647 --- /dev/null +++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd displays its usage message in case the group is not specified" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use gpasswd option (gpasswd -a root)..." +gpasswd -a root 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out new file mode 100644 index 00000000..d1c98d76 --- /dev/null +++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out @@ -0,0 +1,13 @@ +Usage: gpasswd [option] GROUP + +Options: + -a, --add USER add USER to GROUP + -d, --delete USER remove USER from GROUP + -h, --help display this help message and exit + -Q, --root CHROOT_DIR directory to chroot into + -r, --remove-password remove the GROUP's password + -R, --restrict restrict access to GROUP to its members + -M, --members USER,... set the list of members of GROUP + -A, --administrators ADMIN,... + set the list of administrators for GROUP +Except for the -A and -M options, the options cannot be combined. diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test new file mode 100755 index 00000000..67827b69 --- /dev/null +++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd displays its usage message in case multiple groups are specified" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use gpasswd option (gpasswd -a root root users)..." +gpasswd -a root root users 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "gpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt new file mode 100644 index 00000000..2fb7c377 --- /dev/null +++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt @@ -0,0 +1 @@ +myuser exist and is an admin of group users diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd new file mode 100644 index 00000000..86d78551 --- /dev/null +++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +myuser:x:1001:1000:::/bin/bash diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow new file mode 100644 index 00000000..f2f5bb2d --- /dev/null +++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +myuser::12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp new file mode 100755 index 00000000..11ca9ab6 --- /dev/null +++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp @@ -0,0 +1,59 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: gpasswd.exp <run_user> <group> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's admins to 'root'\n" +send_user "# and expect a permission denied" +send "\r" ;# restore the prompt for the logs +send "gpasswd -A root $group\r" ;# Change the password +expect "gpasswd: Permission denied." ;# Not an admin + +send_user "\n" +send_user "# expect prompt '$user_prompt'\n" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test new file mode 100755 index 00000000..95d557d9 --- /dev/null +++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp myuser users '$ ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt new file mode 100644 index 00000000..2fb7c377 --- /dev/null +++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt @@ -0,0 +1 @@ +myuser exist and is an admin of group users diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd new file mode 100644 index 00000000..86d78551 --- /dev/null +++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +myuser:x:1001:1000:::/bin/bash diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow new file mode 100644 index 00000000..f2f5bb2d --- /dev/null +++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +myuser::12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp new file mode 100755 index 00000000..2b314986 --- /dev/null +++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp @@ -0,0 +1,60 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: gpasswd.exp <run_user> <group> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's members to root\n" +send_user "# and expect a permission denied" +send "\r" ;# restore the prompt for the logs +send "gpasswd -M root $group\r" ;# Change the password +expect "gpasswd: Permission denied." ;# Not an admin + +send_user "\n" +send_user "# expect prompt '$user_prompt'\n" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test new file mode 100755 index 00000000..95d557d9 --- /dev/null +++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp myuser users '$ ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt new file mode 100644 index 00000000..2fb7c377 --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt @@ -0,0 +1 @@ +myuser exist and is an admin of group users diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow new file mode 100644 index 00000000..aef7f5b6 --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:myuser: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs new file mode 100644 index 00000000..a37eb0e9 --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +# ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd new file mode 100644 index 00000000..86d78551 --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +myuser:x:1001:1000:::/bin/bash diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow new file mode 100644 index 00000000..f2f5bb2d --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +myuser::12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow new file mode 100644 index 00000000..048d86ae --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:@PASS_DES usersPAS@:myuser: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp new file mode 100755 index 00000000..b207719c --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp @@ -0,0 +1,87 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "wrong $g_password\r" ;# Send the password + +send_user "\n# wrong password 'wrong $g_password' sent\n\n" + +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + + +send_user "# expect failure an retry" +expect "They don't match; try again" + +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "\n# password '$g_password' sent\n\n" + +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "# expect prompt '$user_prompt'" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test new file mode 100755 index 00000000..9ae0cd83 --- /dev/null +++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp myuser users usersPAS '$ ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt new file mode 100644 index 00000000..2fb7c377 --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt @@ -0,0 +1 @@ +myuser exist and is an admin of group users diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow new file mode 100644 index 00000000..aef7f5b6 --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:myuser: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs new file mode 100644 index 00000000..8bdbc9fe --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 4 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd new file mode 100644 index 00000000..86d78551 --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +myuser:x:1001:1000:::/bin/bash diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow new file mode 100644 index 00000000..f2f5bb2d --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +myuser::12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow new file mode 100644 index 00000000..048d86ae --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:@PASS_DES usersPAS@:myuser: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp new file mode 100755 index 00000000..b8ac4e9b --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp @@ -0,0 +1,96 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "wrong $g_password\r" ;# Send the password +send_user "\n# wrong password 'wrong $g_password' sent\n\n" +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password +send_user "# expect failure 1 and retry" +expect "They don't match; try again" + +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "wrong $g_password\r" ;# Send the password +send_user "\n# wrong password 'wrong $g_password' sent\n\n" +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password +send_user "# expect failure 2 and retry" +expect "They don't match; try again" + +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "\n# password '$g_password' sent for the last try\n\n" + +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password + +send_user "# expect prompt '$user_prompt'" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test new file mode 100755 index 00000000..9ae0cd83 --- /dev/null +++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp myuser users usersPAS '$ ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt new file mode 100644 index 00000000..2fb7c377 --- /dev/null +++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt @@ -0,0 +1 @@ +myuser exist and is an admin of group users diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow new file mode 100644 index 00000000..aef7f5b6 --- /dev/null +++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:myuser: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs new file mode 100644 index 00000000..8bdbc9fe --- /dev/null +++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 4 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd new file mode 100644 index 00000000..86d78551 --- /dev/null +++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +myuser:x:1001:1000:::/bin/bash diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow new file mode 100644 index 00000000..f2f5bb2d --- /dev/null +++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +myuser::12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp new file mode 100755 index 00000000..8b85ba97 --- /dev/null +++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp @@ -0,0 +1,96 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 4} { + puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>" + exit 1 +} + +set run_user [lindex $argv 0] +set group [lindex $argv 1] +set g_password [lindex $argv 2] +set user_prompt [lindex $argv 3] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to user '$run_user'\n" +send_user "# and expect a '$user_prompt' prompt\n" +spawn /bin/su $run_user + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n# make sure we are now '$run_user'" +send_user "\n# whoami should return '$run_user'" +send "\r" ;# restore the prompt for the logs +send "whoami\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "$run_user" +} + +expect "$user_prompt" ;# Wait for the prompt + +send_user "\n\n" +send_user "# now change '$group' 's password to '$g_password'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "gpasswd $group\r" ;# Change the password +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "wrong $g_password\r" ;# Send the password +send_user "\n# wrong password 'wrong $g_password' sent\n\n" +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password +send_user "# expect failure 1 and retry" +expect "They don't match; try again" + +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "wrong $g_password\r" ;# Send the password +send_user "\n# wrong password 'wrong $g_password' sent\n\n" +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password +send_user "# expect failure 2 and retry" +expect "They don't match; try again" + +expect "New Password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "wrong $g_password\r" ;# Send the password +send_user "\n# wrong password 'wrong $g_password' sent\n\n" +send_user "Expect a new password prompt\n" +expect "Re-enter new password: " ;# Wait for the Password: prompt +# Wait a little bit more (gpasswd is not ready to receive the password) +sleep 0.1 +send "$g_password\r" ;# Send the password +send_user "# expect failure 3 and retry" +expect "gpasswd: Try again later" + +send_user "# expect prompt '$user_prompt'" + +expect { + # Wait for the new prompt + "$user_prompt" { + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test new file mode 100755 index 00000000..d75576e9 --- /dev/null +++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can be used by root to change one group's passwd" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./gpasswd.exp myuser users usersPAS '$ ' + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt b/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group new file mode 100644 index 00000000..1838a36c --- /dev/null +++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,bin +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow new file mode 100644 index 00000000..689ea4c8 --- /dev/null +++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo,bin +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group new file mode 100644 index 00000000..aa85a13d --- /dev/null +++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root,daemon +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow new file mode 100644 index 00000000..de776575 --- /dev/null +++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:root,bin:root,daemon +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test b/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test new file mode 100755 index 00000000..1a77cee0 --- /dev/null +++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "gpasswd can change the list of members and admins" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "set the list of members to root,daemon (gpasswd -M root,daemon -A root,bin users)..." +gpasswd -M root,daemon -A root,bin users +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config.txt b/tests/grouptools/groupadd/01_groupadd_add_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/data/group b/tests/grouptools/groupadd/01_groupadd_add_group/data/group new file mode 100644 index 00000000..6307e259 --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:103: diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow b/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test b/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test new file mode 100755 index 00000000..c48da8e8 --- /dev/null +++ b/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can add a group (GID_MIN set to 100 in /etc/login.defs)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd foo)..." +groupadd foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs new file mode 100644 index 00000000..68b7f5d9 --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test new file mode 100755 index 00000000..05c10387 --- /dev/null +++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can add a group (GID_MIN set to 1000 in /etc/login.defs)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd foo)..." +groupadd foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group new file mode 100644 index 00000000..f3d82044 --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:2000: diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test new file mode 100755 index 00000000..bad185a9 --- /dev/null +++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can add a group, respect -K GID_MIN" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd -K GID_MIN=2000 foo)..." +groupadd -K GID_MIN=2000 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config.txt b/tests/grouptools/groupadd/04_groupadd_set_password/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/data/group b/tests/grouptools/groupadd/04_groupadd_set_password/data/group new file mode 100644 index 00000000..6307e259 --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:103: diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow b/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow new file mode 100644 index 00000000..57a72a74 --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:password:: diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test b/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test new file mode 100755 index 00000000..01ce95ee --- /dev/null +++ b/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can add a group and set the password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo with a password (groupadd -p password foo)..." +groupadd -p password foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt b/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/data/group b/tests/grouptools/groupadd/05_groupadd_set_GID/data/group new file mode 100644 index 00000000..3bd92e7e --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1500: diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow b/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test b/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test new file mode 100755 index 00000000..306767b2 --- /dev/null +++ b/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can add a group and set the GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo with GID 1500 (groupadd -p 1500 foo)..." +groupadd -g 1500 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group new file mode 100644 index 00000000..6307e259 --- /dev/null +++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:103: diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test new file mode 100755 index 00000000..25546ebf --- /dev/null +++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd -f exits with succes if the user already exists" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd -f foo)..." +groupadd -f foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group new file mode 100644 index 00000000..5c3fef9a --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1003: diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group new file mode 100644 index 00000000..66c892a9 --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1003: +bar:x:1004: diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow new file mode 100644 index 00000000..e718821f --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:!:: diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test new file mode 100755 index 00000000..3f3f32fe --- /dev/null +++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd -f uses another GID if an user already exists with this GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group bar, GID 1003 (groupadd -g 1003 -f bar)..." +groupadd -g 1003 -f bar +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt b/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err b/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err new file mode 100644 index 00000000..33604e5e --- /dev/null +++ b/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err @@ -0,0 +1,2 @@ +groupadd: existing lock file /etc/group.lock without a PID +groupadd: cannot lock /etc/group; try again later. diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test b/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test new file mode 100755 index 00000000..aa3250ee --- /dev/null +++ b/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Add group foo (groupadd foo)..." +groupadd foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err new file mode 100644 index 00000000..c64e0a9c --- /dev/null +++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err @@ -0,0 +1,2 @@ +groupadd: existing lock file /etc/gshadow.lock without a PID +groupadd: cannot lock /etc/gshadow; try again later. diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test new file mode 100755 index 00000000..ac6645c6 --- /dev/null +++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Add group foo (groupadd foo)..." +groupadd foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group new file mode 100644 index 00000000..5c3fef9a --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1003: diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group new file mode 100644 index 00000000..64cb8f1a --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1003: +bar:x:1003: diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow new file mode 100644 index 00000000..e718821f --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:!:: diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test new file mode 100755 index 00000000..3597a315 --- /dev/null +++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd -o accepts to add a group with an already used GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group bar, GID 1003 (groupadd -g 1003 -o bar)..." +groupadd -g 1003 -o bar +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err b/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err new file mode 100644 index 00000000..1b0872bf --- /dev/null +++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err @@ -0,0 +1 @@ +groupadd: invalid group ID '1002a' diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test b/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test new file mode 100755 index 00000000..9a1d542d --- /dev/null +++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the given GID is a valid numeric ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo, GID 1002a (groupadd -g 1002a foo)..." +groupadd -g 1002a foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err b/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err new file mode 100644 index 00000000..26012b6f --- /dev/null +++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err @@ -0,0 +1 @@ +groupadd: invalid group ID '-1002' diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test b/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test new file mode 100755 index 00000000..b46434c1 --- /dev/null +++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the given GID is a valid numeric ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo, GID -1002 (groupadd -g -1002 foo)..." +groupadd -g -1002 foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt b/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err b/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err new file mode 100644 index 00000000..e7ca762c --- /dev/null +++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err @@ -0,0 +1 @@ +groupadd: 'foo:bar' is not a valid group name diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test b/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test new file mode 100755 index 00000000..fab30117 --- /dev/null +++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the given name is valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo:bar (groupadd foo:bar)..." +groupadd foo:bar 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err new file mode 100644 index 00000000..f2685c5f --- /dev/null +++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err @@ -0,0 +1 @@ +configuration error - unknown item 'FOO' (notify administrator) diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test new file mode 100755 index 00000000..7e28a7f0 --- /dev/null +++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the option provided with -K is valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group -K FOO=100 foo (groupadd -K FOO=100 foo)..." +groupadd -K FOO=100 foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err new file mode 100644 index 00000000..86617195 --- /dev/null +++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err @@ -0,0 +1 @@ +groupadd: -K requires KEY=VALUE diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test new file mode 100755 index 00000000..affd6818 --- /dev/null +++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the option provided with -K has a value" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group -K GID_MAX foo (groupadd -K GID_MAX foo)..." +groupadd -K GID_MAX foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt b/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group new file mode 100644 index 00000000..6307e259 --- /dev/null +++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:103: diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err b/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err new file mode 100644 index 00000000..be5ec5f4 --- /dev/null +++ b/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err @@ -0,0 +1 @@ +groupadd: group 'foo' already exists diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test b/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test new file mode 100755 index 00000000..7136dfa9 --- /dev/null +++ b/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the group already exists" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd foo)..." +groupadd foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "9" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs new file mode 100644 index 00000000..8d56b7fb --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs @@ -0,0 +1,316 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +SYS_GID_MIN 500 +GID_MIN 1000 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group new file mode 100644 index 00000000..b5b6ce2f --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999: diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test new file mode 100755 index 00000000..1d5c9a85 --- /dev/null +++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can add a system group (GID_MIN set to 1000, and SYS_GID_MIN set to 500 in /etc/login.defs)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add system group foo (groupadd --system foo)..." +groupadd --system foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group new file mode 100644 index 00000000..15f4c27f --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:1000: +foo2:x:1001: diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs new file mode 100644 index 00000000..227549c8 --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 1001 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err b/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err new file mode 100644 index 00000000..b3fd5c10 --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err @@ -0,0 +1 @@ +groupadd: Can't get unique GID (no more available GIDs) diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test b/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test new file mode 100755 index 00000000..d4aeec4d --- /dev/null +++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the a GID is still available (GID_MIN=1000, GID_MAX=1001)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo (groupadd foo)..." +groupadd foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group new file mode 100644 index 00000000..db0f4833 --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:300: +foo2:x:301: diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs new file mode 100644 index 00000000..756e7430 --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +SYS_GID_MIN 300 +SYS_GID_MAX 301 +GID_MIN 1000 +GID_MAX 1001 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err new file mode 100644 index 00000000..2809cddd --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err @@ -0,0 +1 @@ +groupadd: Can't get unique system GID (no more available GIDs) diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test new file mode 100755 index 00000000..728cdbce --- /dev/null +++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the a GID is still available (GID_MIN=300, GID_MAX=301)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add system group foo (groupadd -r foo)..." +groupadd -r foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err new file mode 100644 index 00000000..2ab5ee7e --- /dev/null +++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err @@ -0,0 +1 @@ +groupadd: GID '1000' already exists diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test new file mode 100755 index 00000000..c65be1b1 --- /dev/null +++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the given GID is already used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group bar, GID 1000 (groupadd -g 1000 bar)..." +groupadd -g 1000 bar 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err new file mode 100644 index 00000000..686e1952 --- /dev/null +++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err @@ -0,0 +1 @@ +groupadd: invalid group ID '4294967295' diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test new file mode 100755 index 00000000..ce73d7f3 --- /dev/null +++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd checks if the given GID is a valid numeric ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..." +groupadd -g 4294967295 foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config.txt b/tests/grouptools/groupadd/22_groupadd_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/22_groupadd_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out b/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out new file mode 100644 index 00000000..bb5b556a --- /dev/null +++ b/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out @@ -0,0 +1,14 @@ +Usage: groupadd [options] GROUP + +Options: + -f, --force exit successfully if the group already exists, + and cancel -g if the GID is already used + -g, --gid GID use GID for the new group + -h, --help display this help message and exit + -K, --key KEY=VALUE override /etc/login.defs defaults + -o, --non-unique allow to create groups with duplicate + (non-unique) GID + -p, --password PASSWORD use this encrypted password for the new group + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test b/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test new file mode 100755 index 00000000..e273408c --- /dev/null +++ b/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get groupadd usage (groupadd -h)..." +groupadd -h >tmp/usage.out + +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt b/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err b/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err new file mode 100644 index 00000000..bb5b556a --- /dev/null +++ b/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err @@ -0,0 +1,14 @@ +Usage: groupadd [options] GROUP + +Options: + -f, --force exit successfully if the group already exists, + and cancel -g if the GID is already used + -g, --gid GID use GID for the new group + -h, --help display this help message and exit + -K, --key KEY=VALUE override /etc/login.defs defaults + -o, --non-unique allow to create groups with duplicate + (non-unique) GID + -p, --password PASSWORD use this encrypted password for the new group + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test b/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test new file mode 100755 index 00000000..bb38d635 --- /dev/null +++ b/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd requires the group to create" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..." +groupadd 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt b/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err b/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err new file mode 100644 index 00000000..bb5b556a --- /dev/null +++ b/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err @@ -0,0 +1,14 @@ +Usage: groupadd [options] GROUP + +Options: + -f, --force exit successfully if the group already exists, + and cancel -g if the GID is already used + -g, --gid GID use GID for the new group + -h, --help display this help message and exit + -K, --key KEY=VALUE override /etc/login.defs defaults + -o, --non-unique allow to create groups with duplicate + (non-unique) GID + -p, --password PASSWORD use this encrypted password for the new group + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test b/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test new file mode 100755 index 00000000..0f12ae2f --- /dev/null +++ b/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can only create a single group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..." +groupadd group1 group2 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group b/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group new file mode 100644 index 00000000..6307e259 --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:103: diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test b/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test new file mode 100755 index 00000000..87f80fb0 --- /dev/null +++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd can add a group without /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove gshadow..." +rm -f /etc/gshadow +echo "OK" + +echo -n "Add group foo (groupadd foo)..." +groupadd foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err new file mode 100644 index 00000000..bb5b556a --- /dev/null +++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err @@ -0,0 +1,14 @@ +Usage: groupadd [options] GROUP + +Options: + -f, --force exit successfully if the group already exists, + and cancel -g if the GID is already used + -g, --gid GID use GID for the new group + -h, --help display this help message and exit + -K, --key KEY=VALUE override /etc/login.defs defaults + -o, --non-unique allow to create groups with duplicate + (non-unique) GID + -p, --password PASSWORD use this encrypted password for the new group + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test new file mode 100755 index 00000000..826a47a6 --- /dev/null +++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd -o require -g" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..." +groupadd -o group1 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt b/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err b/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err new file mode 100644 index 00000000..d3cae910 --- /dev/null +++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err @@ -0,0 +1,15 @@ +groupadd: unrecognized option '--zzinvalid' +Usage: groupadd [options] GROUP + +Options: + -f, --force exit successfully if the group already exists, + and cancel -g if the GID is already used + -g, --gid GID use GID for the new group + -h, --help display this help message and exit + -K, --key KEY=VALUE override /etc/login.defs defaults + -o, --non-unique allow to create groups with duplicate + (non-unique) GID + -p, --password PASSWORD use this encrypted password for the new group + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test b/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test new file mode 100755 index 00000000..c8c0e9bf --- /dev/null +++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupadd provide usage when called with an invalid option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call groupadd with invalid options (groupadd --zzinvalid foo)..." +groupadd --zzinvalid foo 2>tmp/groupadd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupadd reported:" +echo "=======================================================================" +cat tmp/groupadd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupadd.err tmp/groupadd.err +echo "error message OK." +rm -f tmp/groupadd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt b/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/data/group b/tests/grouptools/groupdel/01_groupdel_delete_group/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow b/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test b/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test new file mode 100755 index 00000000..b590f9df --- /dev/null +++ b/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel can delete a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test new file mode 100755 index 00000000..0ab4f197 --- /dev/null +++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel can delete a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test new file mode 100755 index 00000000..b0c0793b --- /dev/null +++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel can delete a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "Remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd new file mode 100644 index 00000000..69768f83 --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow new file mode 100644 index 00000000..518993cf --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:*:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err new file mode 100644 index 00000000..f33297a6 --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err @@ -0,0 +1 @@ +groupdel: cannot remove the primary group of user 'bar' diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test new file mode 100755 index 00000000..cab95ca5 --- /dev/null +++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel doesn't delete a group used as a primary group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "8" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group new file mode 100644 index 00000000..31966921 --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:1000: diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow new file mode 100644 index 00000000..3a02ae83 --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd new file mode 100644 index 00000000..69768f83 --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow new file mode 100644 index 00000000..518993cf --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:*:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err new file mode 100644 index 00000000..21d6add0 --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err @@ -0,0 +1 @@ +groupdel: group 'foo' does not exist diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test new file mode 100755 index 00000000..76b6bfad --- /dev/null +++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel fails if the group is not valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err new file mode 100644 index 00000000..ed52317b --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err @@ -0,0 +1,2 @@ +groupdel: existing lock file /etc/group.lock without a PID +groupdel: cannot lock /etc/group; try again later. diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test new file mode 100755 index 00000000..d2f54c96 --- /dev/null +++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err new file mode 100644 index 00000000..66f2eaf0 --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err @@ -0,0 +1,2 @@ +groupdel: existing lock file /etc/gshadow.lock without a PID +groupdel: cannot lock /etc/gshadow; try again later. diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test new file mode 100755 index 00000000..ea7a4cc7 --- /dev/null +++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group new file mode 100644 index 00000000..31966921 --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:1000: diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow new file mode 100644 index 00000000..3a02ae83 --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd new file mode 100644 index 00000000..69768f83 --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow new file mode 100644 index 00000000..518993cf --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:*:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err new file mode 100644 index 00000000..e1d7f41d --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err @@ -0,0 +1,6 @@ +Usage: groupdel [options] GROUP + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test new file mode 100755 index 00000000..2cdc0d57 --- /dev/null +++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel checks if a group is provided in parameter" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete a group (groupdel)..." +groupdel 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group new file mode 100644 index 00000000..31966921 --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:1000: diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow new file mode 100644 index 00000000..3a02ae83 --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd new file mode 100644 index 00000000..69768f83 --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow new file mode 100644 index 00000000..518993cf --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:*:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err new file mode 100644 index 00000000..e1d7f41d --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err @@ -0,0 +1,6 @@ +Usage: groupdel [options] GROUP + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test new file mode 100755 index 00000000..d833deb9 --- /dev/null +++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel does not delete two groups at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete two groups (groupdel foo bar)..." +groupdel foo bar 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config.txt b/tests/grouptools/groupdel/10_groupdel_usage/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd new file mode 100644 index 00000000..69768f83 --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow new file mode 100644 index 00000000..518993cf --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:*:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out b/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out new file mode 100644 index 00000000..e1d7f41d --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out @@ -0,0 +1,6 @@ +Usage: groupdel [options] GROUP + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test b/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test new file mode 100755 index 00000000..4a696a19 --- /dev/null +++ b/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get groupdel usage message (groupdel --help)..." +groupdel --help >tmp/usage.out +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usage.out tmp/usage.out +echo "error message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt b/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd new file mode 100644 index 00000000..69768f83 --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow new file mode 100644 index 00000000..518993cf --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:*:12977:0:99999:7::: diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err b/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err new file mode 100644 index 00000000..7502ba54 --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err @@ -0,0 +1,7 @@ +groupdel: invalid option -- 'Z' +Usage: groupdel [options] GROUP + +Options: + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test b/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test new file mode 100755 index 00000000..8072a4f2 --- /dev/null +++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupdel displays its usage message when called with an invalid option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call groupdel with an invalid option (groupdel -Z foo)..." +groupdel -Z foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt b/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group new file mode 100644 index 00000000..4f7c1843 --- /dev/null +++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001: diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow new file mode 100644 index 00000000..283ca8ce --- /dev/null +++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:: diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group new file mode 100644 index 00000000..62aeba48 --- /dev/null +++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:utest1 diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow new file mode 100644 index 00000000..563a8baa --- /dev/null +++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*::utest1 diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test b/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test new file mode 100755 index 00000000..74c74205 --- /dev/null +++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can add an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user utest1 to group gtest1..." +groupmems -a utest1 -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt b/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group new file mode 100644 index 00000000..62aeba48 --- /dev/null +++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:utest1 diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow new file mode 100644 index 00000000..563a8baa --- /dev/null +++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*::utest1 diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group new file mode 100644 index 00000000..4f7c1843 --- /dev/null +++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001: diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow new file mode 100644 index 00000000..283ca8ce --- /dev/null +++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:: diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test b/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test new file mode 100755 index 00000000..fca4fdb4 --- /dev/null +++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can remove an user from a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user utest1 from group gtest1..." +groupmems -d utest1 -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group new file mode 100644 index 00000000..62aeba48 --- /dev/null +++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:utest1 diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow new file mode 100644 index 00000000..a559a9ac --- /dev/null +++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:utest1: diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group new file mode 100644 index 00000000..4f7c1843 --- /dev/null +++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001: diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow new file mode 100644 index 00000000..283ca8ce --- /dev/null +++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:: diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test new file mode 100755 index 00000000..6e5de89a --- /dev/null +++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can remove an user from a group (only admin in gshadow)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user utest1 from group gtest1..." +groupmems -d utest1 -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group new file mode 100644 index 00000000..62aeba48 --- /dev/null +++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:utest1 diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow new file mode 100644 index 00000000..793955f1 --- /dev/null +++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:utest1:utest1 diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group new file mode 100644 index 00000000..4f7c1843 --- /dev/null +++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001: diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow new file mode 100644 index 00000000..283ca8ce --- /dev/null +++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:: diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test new file mode 100755 index 00000000..e4d9d07e --- /dev/null +++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can remove an user from a group (both from the admins and members in gshadow)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user utest1 from group gtest1..." +groupmems -d utest1 -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group new file mode 100644 index 00000000..fbc5ea6a --- /dev/null +++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:sasl diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow new file mode 100644 index 00000000..63f3a768 --- /dev/null +++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*::sasl diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group new file mode 100644 index 00000000..f4d05d08 --- /dev/null +++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:sasl,utest1 diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow new file mode 100644 index 00000000..567fc660 --- /dev/null +++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*::sasl,utest1 diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test new file mode 100755 index 00000000..3fbfac22 --- /dev/null +++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can add an user to a group with multipleusers (even admins according to gshadow)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user utest1 to group gtest1..." +groupmems -a utest1 -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group new file mode 100644 index 00000000..ce188f9d --- /dev/null +++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:sasl,tape diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow new file mode 100644 index 00000000..27eb9190 --- /dev/null +++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:tape:sasl,tape diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group new file mode 100644 index 00000000..6080f7ce --- /dev/null +++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:sasl,tape,utest1 diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow new file mode 100644 index 00000000..e6f99022 --- /dev/null +++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:tape:sasl,tape,utest1 diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test new file mode 100755 index 00000000..74c74205 --- /dev/null +++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can add an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user utest1 to group gtest1..." +groupmems -a utest1 -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group new file mode 100644 index 00000000..f1b28325 --- /dev/null +++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:utest1,sasl diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow new file mode 100644 index 00000000..567fc660 --- /dev/null +++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*::sasl,utest1 diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group new file mode 100644 index 00000000..fbc5ea6a --- /dev/null +++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:sasl diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow new file mode 100644 index 00000000..63f3a768 --- /dev/null +++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*::sasl diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test new file mode 100755 index 00000000..8c1576b6 --- /dev/null +++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can remove an user from a group with multiple users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user utest1 from group gtest1..." +groupmems -d utest1 -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group new file mode 100644 index 00000000..9c4e2c0c --- /dev/null +++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:tape,utest1,sasl,staff diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow new file mode 100644 index 00000000..b5e0c755 --- /dev/null +++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:tape:sasl,utest1,staff diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group new file mode 100644 index 00000000..2e57cf65 --- /dev/null +++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:tape,sasl,staff diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow new file mode 100644 index 00000000..411f209f --- /dev/null +++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:tape:sasl,staff diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test new file mode 100755 index 00000000..d340e3d9 --- /dev/null +++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can remove an user from a group with multiple users (even admins according to gshadow)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove user utest1 from group gtest1..." +groupmems -d utest1 -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group new file mode 100644 index 00000000..62aeba48 --- /dev/null +++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:utest1 diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow new file mode 100644 index 00000000..563a8baa --- /dev/null +++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*::utest1 diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group new file mode 100644 index 00000000..4f7c1843 --- /dev/null +++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001: diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow new file mode 100644 index 00000000..283ca8ce --- /dev/null +++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:: diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test b/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test new file mode 100755 index 00000000..c8cf32d1 --- /dev/null +++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can purge all users from a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Purge group gtest1..." +groupmems -p -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group new file mode 100644 index 00000000..8d6f75ba --- /dev/null +++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:utest1,dip,plugdev diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow new file mode 100644 index 00000000..ea0fc859 --- /dev/null +++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*::utest1,plugdev,tape diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group new file mode 100644 index 00000000..4f7c1843 --- /dev/null +++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001: diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow new file mode 100644 index 00000000..283ca8ce --- /dev/null +++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:: diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test new file mode 100755 index 00000000..be32ef86 --- /dev/null +++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can purge all users from a group (mutliple users)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Purge group gtest1..." +groupmems -p -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt new file mode 100644 index 00000000..d222d910 --- /dev/null +++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt @@ -0,0 +1,2 @@ +user utest1 +group gtest1 diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group new file mode 100644 index 00000000..8d6f75ba --- /dev/null +++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001:utest1,dip,plugdev diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow new file mode 100644 index 00000000..3677f64c --- /dev/null +++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:plugdev,daemon,backup:utest1,plugdev,tape diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd new file mode 100644 index 00000000..a07e4989 --- /dev/null +++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow new file mode 100644 index 00000000..976b4f94 --- /dev/null +++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group new file mode 100644 index 00000000..4f7c1843 --- /dev/null +++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +gtest1:x:1001: diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow new file mode 100644 index 00000000..283ca8ce --- /dev/null +++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +gtest1:*:: diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test new file mode 100755 index 00000000..623fd203 --- /dev/null +++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by root) can purge all users from a group (mulitple users and admins)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Purge group gtest1..." +groupmems -p -g gtest1 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt b/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test b/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test new file mode 100755 index 00000000..fc9360bb --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can add an user to a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp b/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp new file mode 100755 index 00000000..40552a83 --- /dev/null +++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt b/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test b/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test new file mode 100755 index 00000000..6edd2792 --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can remove an user from a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp b/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp new file mode 100755 index 00000000..4a4053aa --- /dev/null +++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow new file mode 100644 index 00000000..7bc44c53 --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:utest1: diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test new file mode 100755 index 00000000..38d0dcd4 --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can remove an user from a group (only member according to gshadow)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp new file mode 100755 index 00000000..4a4053aa --- /dev/null +++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow new file mode 100644 index 00000000..c824f7b4 --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:utest1:utest1 diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test new file mode 100755 index 00000000..9377a021 --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can remove an user from a group (both gshadow members and admins)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp new file mode 100755 index 00000000..4a4053aa --- /dev/null +++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group new file mode 100644 index 00000000..f1718b3d --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow new file mode 100644 index 00000000..e4953ce7 --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::sasl diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group new file mode 100644 index 00000000..b79c5b0f --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl,utest1 diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow new file mode 100644 index 00000000..b5681f77 --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::sasl,utest1 diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test new file mode 100755 index 00000000..39acbdbd --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can add an user to a group with multiple users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp new file mode 100755 index 00000000..40552a83 --- /dev/null +++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group new file mode 100644 index 00000000..d28c3ef6 --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl,tape diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow new file mode 100644 index 00000000..a8221cb1 --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:tape:sasl,tape diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group new file mode 100644 index 00000000..9ab6baf4 --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl,tape,utest1 diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow new file mode 100644 index 00000000..599f28bf --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:tape:sasl,tape,utest1 diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test new file mode 100755 index 00000000..c4073de1 --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can add an user to a group with muyltiple users (even gshadow admins)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp new file mode 100755 index 00000000..40552a83 --- /dev/null +++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group new file mode 100644 index 00000000..dfa09d4e --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,sasl diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow new file mode 100644 index 00000000..b5681f77 --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::sasl,utest1 diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group new file mode 100644 index 00000000..f1718b3d --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow new file mode 100644 index 00000000..e4953ce7 --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::sasl diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test new file mode 100755 index 00000000..9bd46b61 --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) can remove an user from a group with multiple users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp new file mode 100755 index 00000000..4a4053aa --- /dev/null +++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group new file mode 100644 index 00000000..5ebdecad --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:tape,utest1,sasl,staff diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow new file mode 100644 index 00000000..934d2aff --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:tape:sasl,utest1,staff diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group new file mode 100644 index 00000000..406d0783 --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:tape,sasl,staff diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow new file mode 100644 index 00000000..8fe2213a --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:tape:sasl,staff diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test new file mode 100755 index 00000000..68ebb2f7 --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) can remove an user from a group with multiple users (even gshadow admins)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp new file mode 100755 index 00000000..4a4053aa --- /dev/null +++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test b/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test new file mode 100755 index 00000000..23988412 --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) can purge users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp b/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp new file mode 100755 index 00000000..0bd4b824 --- /dev/null +++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group new file mode 100644 index 00000000..d0009e54 --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,dip,plugdev diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow new file mode 100644 index 00000000..dfce137b --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,plugdev,tape diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test new file mode 100755 index 00000000..e63fc92a --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) can purge users when multiple users were already in the group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp new file mode 100755 index 00000000..0bd4b824 --- /dev/null +++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group new file mode 100644 index 00000000..d0009e54 --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,dip,plugdev diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow new file mode 100644 index 00000000..2f63428f --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:plugdev,daemon,backup:utest1,plugdev,tape diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test new file mode 100755 index 00000000..bbcd7d67 --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) can purge users when multiple users were already in the group (even gshadow admins)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp new file mode 100755 index 00000000..0bd4b824 --- /dev/null +++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group new file mode 100644 index 00000000..0b80d30e --- /dev/null +++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99: +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow new file mode 100644 index 00000000..750eceab --- /dev/null +++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*:: +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test new file mode 100755 index 00000000..f287ade8 --- /dev/null +++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) fails for users not in the groups group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp new file mode 100755 index 00000000..5b5c7808 --- /dev/null +++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp @@ -0,0 +1,41 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "groupmems: Permission denied" +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "126\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group new file mode 100644 index 00000000..230ff8ee --- /dev/null +++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: +gmyuser:x:424243: diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow new file mode 100644 index 00000000..cd86429e --- /dev/null +++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: +gmyuser:x:: diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test new file mode 100755 index 00000000..3a78effa --- /dev/null +++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems fails if a regular user tries to change (-a) another group with -g" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp new file mode 100755 index 00000000..fa6fa361 --- /dev/null +++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1 -g gmyuser\r" ;# +expect "groupmems: only root can use the -g/--group option" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "3\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group new file mode 100644 index 00000000..230ff8ee --- /dev/null +++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: +gmyuser:x:424243: diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow new file mode 100644 index 00000000..cd86429e --- /dev/null +++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: +gmyuser:x:: diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd new file mode 100644 index 00000000..9e07aa1f --- /dev/null +++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424243::/home:/bin/bash diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test new file mode 100755 index 00000000..2a65f7be --- /dev/null +++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems fails if the name of the user's primary group differ from the user's name" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp new file mode 100755 index 00000000..6ecad00a --- /dev/null +++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424243(gmyuser) groups=424243(gmyuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424243(gmyuser) groups=424243(gmyuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "groupmems: your groupname does not match your username" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "5\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test new file mode 100755 index 00000000..d2b3383c --- /dev/null +++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems fails if the user is already a member of the group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp new file mode 100755 index 00000000..4187218e --- /dev/null +++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: user 'utest1' is already a member of 'myuser'" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "7\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test new file mode 100755 index 00000000..1a5666a3 --- /dev/null +++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems fails if the user is already a member of the group (even if it is not according to gshadow)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp new file mode 100755 index 00000000..4187218e --- /dev/null +++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: user 'utest1' is already a member of 'myuser'" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "7\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test new file mode 100755 index 00000000..23b224a6 --- /dev/null +++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems adds the user if it does not exist in group (but exists in gshadow)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp new file mode 100755 index 00000000..259d82a6 --- /dev/null +++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test new file mode 100755 index 00000000..201bb9af --- /dev/null +++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems fails when the user to be added does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp new file mode 100755 index 00000000..aea1ddc8 --- /dev/null +++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest2\r" ;# +expect "groupmems: user 'utest2' does not exist" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "8\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group new file mode 100644 index 00000000..9ceded09 --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl,root,bin diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..46c27787 --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group new file mode 100644 index 00000000..6249a8aa --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl,root,bin,utest1 diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow new file mode 100644 index 00000000..3748fc53 --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::sasl,root,bin,utest1 diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test new file mode 100755 index 00000000..783876ac --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can add an user to a group, and creates the gshadow entry if it did not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp new file mode 100755 index 00000000..40552a83 --- /dev/null +++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..9ceded09 --- /dev/null +++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl,root,bin diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..46c27787 --- /dev/null +++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group new file mode 100644 index 00000000..6249a8aa --- /dev/null +++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:sasl,root,bin,utest1 diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test new file mode 100755 index 00000000..31983b65 --- /dev/null +++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can add an user to a group, even if the gshadow file does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "Remove the gshadow file" +rm -f /etc/gshadow + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp new file mode 100755 index 00000000..40552a83 --- /dev/null +++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group new file mode 100644 index 00000000..248e7b7a --- /dev/null +++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:bin,daemon diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow new file mode 100644 index 00000000..d2f4c7b3 --- /dev/null +++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:bin,daemon: diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test new file mode 100755 index 00000000..243d830a --- /dev/null +++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems -d fails if the user is not a member of the group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp new file mode 100755 index 00000000..a1bd34b3 --- /dev/null +++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: user 'utest1' is not a member of 'myuser'" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "6\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group new file mode 100644 index 00000000..2ef69bb5 --- /dev/null +++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:daemon,utest1,bin diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow new file mode 100644 index 00000000..eefaca89 --- /dev/null +++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:daemon:bin diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group new file mode 100644 index 00000000..d1fae982 --- /dev/null +++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:daemon,bin diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test new file mode 100755 index 00000000..b42c8f7e --- /dev/null +++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems removes the user if it exists in group (but does not exist in gshadow)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp new file mode 100755 index 00000000..1b3dd1cc --- /dev/null +++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group new file mode 100644 index 00000000..0a4716b7 --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,utest2 diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow new file mode 100644 index 00000000..0a1cb18b --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:utest2:utest1 diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test new file mode 100755 index 00000000..da1ebc59 --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems accepts to remove the user if this user does not (no more) exist)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp new file mode 100755 index 00000000..d37095b4 --- /dev/null +++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest2\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group new file mode 100644 index 00000000..0f4bff9b --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:daemon,utest1,utest2,bin diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..46c27787 --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group new file mode 100644 index 00000000..497eed7d --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:daemon,utest2,bin diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow new file mode 100644 index 00000000..487ecb36 --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::daemon,utest2,bin diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test new file mode 100755 index 00000000..43f2e5db --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems -d will copy the group entry to gshadow if there were no entries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp new file mode 100755 index 00000000..4a4053aa --- /dev/null +++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test new file mode 100755 index 00000000..22a83e57 --- /dev/null +++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can remove an user from a group if there are no gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "Remove the gshadow file" +rm -f /etc/gshadow + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp new file mode 100755 index 00000000..4a4053aa --- /dev/null +++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow new file mode 100644 index 00000000..288d6c37 --- /dev/null +++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::< diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test new file mode 100755 index 00000000..d97b9047 --- /dev/null +++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) can purge users even if the group is empty" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp new file mode 100755 index 00000000..0bd4b824 --- /dev/null +++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..46c27787 --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test new file mode 100755 index 00000000..f9d58f6b --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) can purge users even if there are no gshadow group (and a gshadow group is created)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp new file mode 100755 index 00000000..0bd4b824 --- /dev/null +++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test new file mode 100755 index 00000000..e6e8e9c7 --- /dev/null +++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called from a regular user) can purge users, even if there are no gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "Remove the gshadow file" +rm -f /etc/gshadow + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp new file mode 100755 index 00000000..0bd4b824 --- /dev/null +++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" +send_user "# expect prompt '$ '" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group new file mode 100644 index 00000000..230ff8ee --- /dev/null +++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: +gmyuser:x:424243: diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow new file mode 100644 index 00000000..cd86429e --- /dev/null +++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: +gmyuser:x:: diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test new file mode 100755 index 00000000..a2976d19 --- /dev/null +++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems fails if a regular user tries to change (-d) another group with -g" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp new file mode 100755 index 00000000..c471c2c7 --- /dev/null +++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1 -g gmyuser\r" ;# +expect "groupmems: only root can use the -g/--group option" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "3\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group new file mode 100644 index 00000000..230ff8ee --- /dev/null +++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: +gmyuser:x:424243: diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow new file mode 100644 index 00000000..cd86429e --- /dev/null +++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: +gmyuser:x:: diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test new file mode 100755 index 00000000..f70f12a6 --- /dev/null +++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems fails if a regular user tries to change (-p) another group with -g" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp new file mode 100755 index 00000000..5e263a30 --- /dev/null +++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p -g gmyuser\r" ;# +expect "groupmems: only root can use the -g/--group option" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "3\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt b/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group new file mode 100644 index 00000000..bd6da4e7 --- /dev/null +++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow new file mode 100644 index 00000000..02b9401d --- /dev/null +++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test b/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test new file mode 100755 index 00000000..cb6bff40 --- /dev/null +++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can list the users of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp b/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp new file mode 100755 index 00000000..2b9b2174 --- /dev/null +++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -l\r" ;# +expect -re "\nutest1 bin daemon \r" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group new file mode 100644 index 00000000..bd6da4e7 --- /dev/null +++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow new file mode 100644 index 00000000..74f0e82f --- /dev/null +++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:nouser,root: diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test new file mode 100755 index 00000000..9d2388b3 --- /dev/null +++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can list the users of a group, and gshadow is not taken into account" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp new file mode 100755 index 00000000..2b9b2174 --- /dev/null +++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -l\r" ;# +expect -re "\nutest1 bin daemon \r" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group new file mode 100644 index 00000000..287981ed --- /dev/null +++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon +gtest1:x:424242:utest1,bin,utmp diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow new file mode 100644 index 00000000..f9ba86af --- /dev/null +++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon +gtest1:*:: diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test new file mode 100755 index 00000000..33e4fc43 --- /dev/null +++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can list the users of another group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp new file mode 100755 index 00000000..8bba8bac --- /dev/null +++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -l -g gtest1\r" ;# +expect -re "\nutest1 bin utmp \r" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group new file mode 100644 index 00000000..bd6da4e7 --- /dev/null +++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow new file mode 100644 index 00000000..02b9401d --- /dev/null +++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test new file mode 100755 index 00000000..58f09cd7 --- /dev/null +++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can list the users of a group, even if group is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp new file mode 100755 index 00000000..2b9b2174 --- /dev/null +++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -l\r" ;# +expect -re "\nutest1 bin daemon \r" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group new file mode 100644 index 00000000..bd6da4e7 --- /dev/null +++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow new file mode 100644 index 00000000..02b9401d --- /dev/null +++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test new file mode 100755 index 00000000..a01a10e8 --- /dev/null +++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) can list the users of a group, even if gshadow is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp new file mode 100755 index 00000000..2b9b2174 --- /dev/null +++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -l\r" ;# +expect -re "\nutest1 bin daemon \r" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test new file mode 100755 index 00000000..302b6897 --- /dev/null +++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (-a) fails if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp new file mode 100755 index 00000000..0b10b00f --- /dev/null +++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: cannot lock /etc/group; try again later." + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "2\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group new file mode 100644 index 00000000..7505b93b --- /dev/null +++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242: diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow new file mode 100644 index 00000000..9945adca --- /dev/null +++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x:: diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test new file mode 100755 index 00000000..38ac7a2f --- /dev/null +++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (-a) fails if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp new file mode 100755 index 00000000..123c573e --- /dev/null +++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: cannot lock /etc/gshadow; try again later." + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "2\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test new file mode 100755 index 00000000..cfb86996 --- /dev/null +++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (-d) fails if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp new file mode 100755 index 00000000..267548c3 --- /dev/null +++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: cannot lock /etc/group; try again later." + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "2\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test new file mode 100755 index 00000000..c2b5626e --- /dev/null +++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (-d) fails if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp new file mode 100755 index 00000000..b32825a5 --- /dev/null +++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -d utest1\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: cannot lock /etc/gshadow; try again later." + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "2\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test new file mode 100755 index 00000000..75272b3a --- /dev/null +++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (-p) fails if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp new file mode 100755 index 00000000..b7b7bb5b --- /dev/null +++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: cannot lock /etc/group; try again later." + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "2\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group new file mode 100644 index 00000000..7a0e2955 --- /dev/null +++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1 diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow new file mode 100644 index 00000000..c908c394 --- /dev/null +++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1 diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test new file mode 100755 index 00000000..ecff63f3 --- /dev/null +++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (-p) fails if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp new file mode 100755 index 00000000..56bb1879 --- /dev/null +++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -p\r" ;# +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (it is not ready to receive the password) +sleep 0.1 + +send "myuserF00barbaz\r" ;# Send the password + +send_user "\n# password 'myuserF00barbaz' sent\n\n" + +expect "groupmems: cannot lock /etc/gshadow; try again later." + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "2\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config.txt b/tests/grouptools/groupmems/53_groupmems_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupmems/53_groupmems_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out b/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out new file mode 100644 index 00000000..584313c5 --- /dev/null +++ b/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out @@ -0,0 +1,13 @@ +Usage: groupmems [options] [action] + +Options: + -g, --group groupname change groupname instead of the user's group + (root only) + -R, --root CHROOT_DIR directory to chroot into + +Actions: + -a, --add username add username to the members of the group + -d, --delete username remove username from the members of the group + -h, --help display this help message and exit + -p, --purge purge all members from the group + -l, --list list the members of the group diff --git a/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test b/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test new file mode 100755 index 00000000..7b3784a5 --- /dev/null +++ b/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get groupmems usage (groupmems -h)..." +groupmems -h >tmp/usage.out + +echo "OK" + +echo "groupmems reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err new file mode 100644 index 00000000..a6ac1f6b --- /dev/null +++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err @@ -0,0 +1,14 @@ +groupmems: invalid option -- 'Z' +Usage: groupmems [options] [action] + +Options: + -g, --group groupname change groupname instead of the user's group + (root only) + -R, --root CHROOT_DIR directory to chroot into + +Actions: + -a, --add username add username to the members of the group + -d, --delete username remove username from the members of the group + -h, --help display this help message and exit + -p, --purge purge all members from the group + -l, --list list the members of the group diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test new file mode 100755 index 00000000..d0e1fa79 --- /dev/null +++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems reports usage when called with an invalid option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call groupmems with an invalid option (groupmems -Z bar -g 1000 foo)..." +groupmems -Z bar -g 1000 -a foo 2>tmp/groupmems.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "groupmems reported:" +echo "=======================================================================" +cat tmp/groupmems.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmems.err tmp/groupmems.err +echo "error message OK." +rm -f tmp/groupmems.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err b/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err new file mode 100644 index 00000000..584313c5 --- /dev/null +++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err @@ -0,0 +1,13 @@ +Usage: groupmems [options] [action] + +Options: + -g, --group groupname change groupname instead of the user's group + (root only) + -R, --root CHROOT_DIR directory to chroot into + +Actions: + -a, --add username add username to the members of the group + -d, --delete username remove username from the members of the group + -h, --help display this help message and exit + -p, --purge purge all members from the group + -l, --list list the members of the group diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test b/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test new file mode 100755 index 00000000..679361f1 --- /dev/null +++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems reports usage if the -a and -d options are used atthe same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call groupmems with the -a and -d options (groupmems -a root -d nobody -g foo)..." +groupmems -a root -d nobody -g foo 2>tmp/groupmems.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "groupmems reported:" +echo "=======================================================================" +cat tmp/groupmems.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmems.err tmp/groupmems.err +echo "error message OK." +rm -f tmp/groupmems.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err new file mode 100644 index 00000000..584313c5 --- /dev/null +++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err @@ -0,0 +1,13 @@ +Usage: groupmems [options] [action] + +Options: + -g, --group groupname change groupname instead of the user's group + (root only) + -R, --root CHROOT_DIR directory to chroot into + +Actions: + -a, --add username add username to the members of the group + -d, --delete username remove username from the members of the group + -h, --help display this help message and exit + -p, --purge purge all members from the group + -l, --list list the members of the group diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test new file mode 100755 index 00000000..bdd0632b --- /dev/null +++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems reports usage if extra arguments are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call groupmems with an extra argument (groupmems -a root -g foo foo)..." +groupmems -a root -g foo foo 2>tmp/groupmems.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "groupmems reported:" +echo "=======================================================================" +cat tmp/groupmems.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmems.err tmp/groupmems.err +echo "error message OK." +rm -f tmp/groupmems.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config.txt b/tests/grouptools/groupmems/57_groupmems_authentication/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group new file mode 100644 index 00000000..287981ed --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon +gtest1:x:424242:utest1,bin,utmp diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow new file mode 100644 index 00000000..f9ba86af --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon +gtest1:*:: diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account new file mode 100644 index 00000000..316b1733 --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-account - authorization settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authorization modules that define +# the central access policy for use on the system. The default is to +# only deny service to users whose accounts are expired in /etc/shadow. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. +# + +# here are the per-package modules (the "Primary" block) +account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so +# here's the fallback if no module succeeds +account requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +account required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth new file mode 100644 index 00000000..5facfa29 --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +auth [success=1 default=ignore] pam_unix.so nullok_secure +# here's the fallback if no module succeeds +auth requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +auth required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems new file mode 100644 index 00000000..2b65f340 --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems @@ -0,0 +1,8 @@ +# The PAM configuration file for the Shadow 'groupmod' service +# + +# This allows root to modify groups without being prompted for a password +auth sufficient pam_rootok.so + +@include common-auth +@include common-account diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/data/group b/tests/grouptools/groupmems/57_groupmems_authentication/data/group new file mode 100644 index 00000000..7214940d --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/data/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon,nobody +gtest1:x:424242:utest1,bin,utmp diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow b/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow new file mode 100644 index 00000000..b79987c5 --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon,nobody +gtest1:*:: diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test b/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test new file mode 100755 index 00000000..4abad1ba --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) authenticate the caller" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp b/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp new file mode 100755 index 00000000..1cb9847c --- /dev/null +++ b/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp @@ -0,0 +1,43 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a nobody\r" +expect "Password: " +send "myuserF00barbaz\r" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "0\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group new file mode 100644 index 00000000..287981ed --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon +gtest1:x:424242:utest1,bin,utmp diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow new file mode 100644 index 00000000..f9ba86af --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon +gtest1:*:: diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account new file mode 100644 index 00000000..316b1733 --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-account - authorization settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authorization modules that define +# the central access policy for use on the system. The default is to +# only deny service to users whose accounts are expired in /etc/shadow. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. +# + +# here are the per-package modules (the "Primary" block) +account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so +# here's the fallback if no module succeeds +account requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +account required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth new file mode 100644 index 00000000..5facfa29 --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +auth [success=1 default=ignore] pam_unix.so nullok_secure +# here's the fallback if no module succeeds +auth requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +auth required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems new file mode 100644 index 00000000..2b65f340 --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems @@ -0,0 +1,8 @@ +# The PAM configuration file for the Shadow 'groupmod' service +# + +# This allows root to modify groups without being prompted for a password +auth sufficient pam_rootok.so + +@include common-auth +@include common-account diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test new file mode 100755 index 00000000..bf741c95 --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) authenticates the caller" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp new file mode 100755 index 00000000..1a140599 --- /dev/null +++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp @@ -0,0 +1,44 @@ +#!/usr/bin/expect + +set timeout 3 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a nobody\r" +expect "Password: " +send "!myuserF00barbaz\r" +expect -re "groupmems: PAM: Authentication failure\r" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "1\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group new file mode 100644 index 00000000..287981ed --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon +gtest1:x:424242:utest1,bin,utmp diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow new file mode 100644 index 00000000..f9ba86af --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon +gtest1:*:: diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account new file mode 100644 index 00000000..c175a141 --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account @@ -0,0 +1 @@ +account requisite pam_deny.so diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth new file mode 100644 index 00000000..5facfa29 --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +auth [success=1 default=ignore] pam_unix.so nullok_secure +# here's the fallback if no module succeeds +auth requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +auth required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems new file mode 100644 index 00000000..2b65f340 --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems @@ -0,0 +1,8 @@ +# The PAM configuration file for the Shadow 'groupmod' service +# + +# This allows root to modify groups without being prompted for a password +auth sufficient pam_rootok.so + +@include common-auth +@include common-account diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test new file mode 100755 index 00000000..bf741c95 --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) authenticates the caller" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp new file mode 100755 index 00000000..80ad09da --- /dev/null +++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp @@ -0,0 +1,44 @@ +#!/usr/bin/expect + +set timeout 3 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a nobody\r" +expect "Password: " +send "myuserF00barbaz\r" +expect -re "groupmems: PAM: Authentication failure\r" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "1\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt new file mode 100644 index 00000000..fa7bf438 --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt @@ -0,0 +1 @@ +user myuser, in group groups diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group new file mode 100644 index 00000000..287981ed --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +groupmems:x:99:myuser +utest1:x:1000: +myuser:x:424242:utest1,bin,daemon +gtest1:x:424242:utest1,bin,utmp diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow new file mode 100644 index 00000000..f9ba86af --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +groupmems:*::myuser +utest1:*:: +myuser:x::utest1,bin,daemon +gtest1:*:: diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems new file mode 100644 index 00000000..91529699 --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems @@ -0,0 +1 @@ +This file will be removed diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other new file mode 100644 index 00000000..91529699 --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other @@ -0,0 +1 @@ +This file will be removed diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd new file mode 100644 index 00000000..df9b7a07 --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +utest1:x:1000:1000::/tmp:/bin/sh +myuser:x:424242:424242::/home:/bin/bash diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow new file mode 100644 index 00000000..65079bb1 --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +utest1:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test new file mode 100755 index 00000000..fb5129de --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmems (called by a regular user) authenticates the caller" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove PAM configuration (/etc/pam.d/other /etc/pam.d/groupmems)..." +rm -f /etc/pam.d/other /etc/pam.d/groupmems +echo "OK" + +echo -n "myuser will call groupmems..." +./run_groupmems.exp +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp new file mode 100755 index 00000000..0c4c4790 --- /dev/null +++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp @@ -0,0 +1,42 @@ +#!/usr/bin/expect + +set timeout 3 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 0} { + puts "usage: run_groupmems.exp" + exit 1 +} + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the 'myuser' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su myuser + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'myuser'" +send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now add user utest1 to the myuser group\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "/usr/sbin/groupmems -a nobody\r" +expect -re "groupmems: PAM: Critical error . immediate abort" + +expect "$ " ;# Wait for the prompt +send "echo $?\r" +expect "1\r" +expect "$ " ;# Wait for the prompt +close + +puts "\nPASS" +exit 0 diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt b/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/data/group b/tests/grouptools/groupmod/01_groupmod_change_gid/data/group new file mode 100644 index 00000000..b51c3ad1 --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1001: diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test b/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test new file mode 100755 index 00000000..5c32e0bb --- /dev/null +++ b/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the GID of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +groupmod -g 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group new file mode 100644 index 00000000..b51c3ad1 --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1001: diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd new file mode 100644 index 00000000..9fd396a3 --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1001:::/bin/false diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test new file mode 100755 index 00000000..f92fc522 --- /dev/null +++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod changes the primary group of users when it changes the GID of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +groupmod -g 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group new file mode 100644 index 00000000..b51c3ad1 --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1001: diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test new file mode 100755 index 00000000..4b327c52 --- /dev/null +++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the GID of a group (no gshadow group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +groupmod -g 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group new file mode 100644 index 00000000..b51c3ad1 --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1001: diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test new file mode 100755 index 00000000..6ba1e5ef --- /dev/null +++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the GID of a group (no gshadow file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +groupmod -g 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt new file mode 100644 index 00000000..872618a9 --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt @@ -0,0 +1,2 @@ +group foo, GID 1000 +group bar, GID 1001 diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group new file mode 100644 index 00000000..e65d5b03 --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group new file mode 100644 index 00000000..2c24807f --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1001: +bar:x:1001: diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test new file mode 100755 index 00000000..51f92a7b --- /dev/null +++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the GID of a group to an already used GID, with -o" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 -o foo)..." +groupmod -g 1001 -o foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt b/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group new file mode 100644 index 00000000..75815b99 --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow new file mode 100644 index 00000000..e814af09 --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test b/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test new file mode 100755 index 00000000..cb567a87 --- /dev/null +++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the name of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar (groupmod -n bar foo)..." +groupmod -n bar foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group new file mode 100644 index 00000000..75815b99 --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test new file mode 100755 index 00000000..65391ba7 --- /dev/null +++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the name of a group (no gshadow group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar (groupmod -n bar foo)..." +groupmod -n bar foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group new file mode 100644 index 00000000..75815b99 --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test new file mode 100755 index 00000000..dee0d5b5 --- /dev/null +++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the name of a group (no gshadow file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Rename group foo to bar (groupmod -n bar foo)..." +groupmod -n bar foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config.txt b/tests/grouptools/groupmod/09_groupmod_set_password/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow b/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow new file mode 100644 index 00000000..601bd469 --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:foopassw:: diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test b/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test new file mode 100755 index 00000000..dd2b4006 --- /dev/null +++ b/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can set the password of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..." +groupmod -p foopassw foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow new file mode 100644 index 00000000..601bd469 --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:foopassw:: diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test new file mode 100755 index 00000000..01a7d460 --- /dev/null +++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can set the password of a group (no gshadow group)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..." +groupmod -p foopassw foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..7c2b4e85 --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:oldpass:1000: diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group new file mode 100644 index 00000000..fafb2ea6 --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:foopassw:1000: diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test new file mode 100755 index 00000000..44597ad6 --- /dev/null +++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can set the password of a group (no gshadow file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "Remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..." +groupmod -p foopassw foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err new file mode 100644 index 00000000..35720f8f --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err @@ -0,0 +1 @@ +groupmod: group 'bar' does not exist diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test new file mode 100755 index 00000000..4c7f4771 --- /dev/null +++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the group exists" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of bar to 1001 (groupmod -g 1001 bar)..." +groupmod -g 1001 bar 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt new file mode 100644 index 00000000..872618a9 --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt @@ -0,0 +1,2 @@ +group foo, GID 1000 +group bar, GID 1001 diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group new file mode 100644 index 00000000..e65d5b03 --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err new file mode 100644 index 00000000..796f6559 --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err @@ -0,0 +1 @@ +groupmod: GID '1001' already exists diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test new file mode 100755 index 00000000..9ce5bfeb --- /dev/null +++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the new GID is used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt new file mode 100644 index 00000000..872618a9 --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt @@ -0,0 +1,2 @@ +group foo, GID 1000 +group bar, GID 1001 diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group new file mode 100644 index 00000000..e65d5b03 --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err new file mode 100644 index 00000000..97ea6f6b --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err @@ -0,0 +1 @@ +groupmod: group 'bar' already exists diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test new file mode 100755 index 00000000..1245a9d8 --- /dev/null +++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the new group name is used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar (groupmod --new-name bar foo)..." +groupmod --new-name bar foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "9" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt new file mode 100644 index 00000000..872618a9 --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt @@ -0,0 +1,2 @@ +group foo, GID 1000 +group bar, GID 1001 diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group new file mode 100644 index 00000000..e65d5b03 --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err new file mode 100644 index 00000000..1a0e5377 --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err @@ -0,0 +1 @@ +groupmod: invalid group name 'to:to' diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test new file mode 100755 index 00000000..f326d1d5 --- /dev/null +++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the new group name is used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to to:to (groupmod --new-name to:to foo)..." +groupmod --new-name to:to foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test new file mode 100755 index 00000000..f9a35197 --- /dev/null +++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can rename a group to its name" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to foo (groupmod -n foo foo)..." +groupmod -n foo foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err new file mode 100644 index 00000000..e399ec7b --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err @@ -0,0 +1,2 @@ +groupmod: existing lock file /etc/group.lock without a PID +groupmod: cannot lock /etc/group; try again later. diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test new file mode 100755 index 00000000..21a0a1bc --- /dev/null +++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group new file mode 100644 index 00000000..b51c3ad1 --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1001: diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test new file mode 100755 index 00000000..60b4c4f2 --- /dev/null +++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the gshadow file is locked only if gshadow is changed" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +groupmod -g 1001 foo +echo "OK" + +echo -n "Delete lock file for /etc/gshadow..." +rm -f /etc/gshadow.lock +echo "done" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err new file mode 100644 index 00000000..c8745ef6 --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err @@ -0,0 +1 @@ +groupmod: invalid group ID '1001a' diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test new file mode 100755 index 00000000..d3ae0a17 --- /dev/null +++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the specified GID is valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of bar to 1001a (groupmod -g 1001a bar)..." +groupmod -g 1001a bar 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err new file mode 100644 index 00000000..824372f3 --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err @@ -0,0 +1 @@ +groupmod: invalid group ID '-1001' diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test new file mode 100755 index 00000000..cc583b9f --- /dev/null +++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the specified GID is valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of bar to -1001 (groupmod -g -1001 bar)..." +groupmod -g -1001 bar 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err new file mode 100644 index 00000000..c9b28d71 --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err @@ -0,0 +1,11 @@ +Usage: groupmod [options] GROUP + +Options: + -g, --gid GID change the group ID to GID + -h, --help display this help message and exit + -n, --new-name NEW_GROUP change the name to NEW_GROUP + -o, --non-unique allow to use a duplicate (non-unique) GID + -p, --password PASSWORD change the password to this (encrypted) + PASSWORD + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test new file mode 100755 index 00000000..bcfbb64c --- /dev/null +++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks a group parameter was given" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Change GID to 1001 (groupmod -g 1001)..." +groupmod -g 1001 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group new file mode 100644 index 00000000..4b6a079e --- /dev/null +++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo2:x:1001: diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow new file mode 100644 index 00000000..08d25a20 --- /dev/null +++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo2:*:: diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test new file mode 100755 index 00000000..612ac24e --- /dev/null +++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the GID of a group and the group's name" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID and name of foo to 1001/foo2 (groupmod -g 1001 -n foo2 foo)..." +groupmod -g 1001 -n foo2 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group new file mode 100644 index 00000000..e898b8de --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo3:x:1001: diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow new file mode 100644 index 00000000..3c65decc --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo3:toto:: diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd new file mode 100644 index 00000000..9fd396a3 --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1001:::/bin/false diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test new file mode 100755 index 00000000..5f1c0f82 --- /dev/null +++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the GID, the name, and the password of a group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID, name and password of foo (groupmod -n foo3 -g 1001 -p toto foo)..." +groupmod -n foo3 -g 1001 -p toto foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err new file mode 100644 index 00000000..3b3400f1 --- /dev/null +++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err @@ -0,0 +1,2 @@ +groupmod: existing lock file /etc/gshadow.lock without a PID +groupmod: cannot lock /etc/gshadow; try again later. diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test new file mode 100755 index 00000000..a07c6a16 --- /dev/null +++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Change GID and name of foo to 1001 (groupmod -g 1001 -n bar foo)..." +groupmod -g 1001 -n bar foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err new file mode 100644 index 00000000..5d391a09 --- /dev/null +++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err @@ -0,0 +1,2 @@ +groupmod: existing lock file /etc/passwd.lock without a PID +groupmod: cannot lock /etc/passwd; try again later. diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test new file mode 100755 index 00000000..b56d14c1 --- /dev/null +++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the passwd file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..." +groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group new file mode 100644 index 00000000..75815b99 --- /dev/null +++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow new file mode 100644 index 00000000..e814af09 --- /dev/null +++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test new file mode 100755 index 00000000..d0831fd3 --- /dev/null +++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the passwd file is locked only if passwd is changed" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Change name of foo to bar (groupmod -n bar foo)..." +groupmod -n bar foo +echo "OK" + +echo -n "Delete lock file for /etc/gshadow..." +rm -f /etc/passwd.lock +echo "done" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err new file mode 100644 index 00000000..70d741aa --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err @@ -0,0 +1 @@ +groupmod: invalid group ID '4294967295' diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test new file mode 100755 index 00000000..6dc895f2 --- /dev/null +++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod checks if the specified GID is valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change GID of bar to 4294967295 (groupmod -g 4294967295 bar)..." +groupmod -g 4294967295 bar 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config.txt b/tests/grouptools/groupmod/28_groupmod_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupmod/28_groupmod_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out b/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out new file mode 100644 index 00000000..c9b28d71 --- /dev/null +++ b/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out @@ -0,0 +1,11 @@ +Usage: groupmod [options] GROUP + +Options: + -g, --gid GID change the group ID to GID + -h, --help display this help message and exit + -n, --new-name NEW_GROUP change the name to NEW_GROUP + -o, --non-unique allow to use a duplicate (non-unique) GID + -p, --password PASSWORD change the password to this (encrypted) + PASSWORD + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test b/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test new file mode 100755 index 00000000..29fe545c --- /dev/null +++ b/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get groupmod usage (groupmod -h)..." +groupmod -h >tmp/usage.out + +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group new file mode 100644 index 00000000..75815b99 --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow new file mode 100644 index 00000000..e814af09 --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test new file mode 100755 index 00000000..f8994209 --- /dev/null +++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can change the name of a group and keep the same gid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar and keep the same gid (groupmod -n bar -g 1000 foo)..." +groupmod -n bar -g 1000 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test new file mode 100755 index 00000000..976476cd --- /dev/null +++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can keep the name and gid for a group and does not complain" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename group foo to bar and keep the same gid (groupmod -n foo -g 1000 foo)..." +groupmod -n foo -g 1000 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test new file mode 100755 index 00000000..95262ef6 --- /dev/null +++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod keeps the same gid and does not complain if there are no other changes" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Keep the same gid and no other changes (groupmod -g 1000 foo)..." +groupmod -g 1000 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err new file mode 100644 index 00000000..c9b28d71 --- /dev/null +++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err @@ -0,0 +1,11 @@ +Usage: groupmod [options] GROUP + +Options: + -g, --gid GID change the group ID to GID + -h, --help display this help message and exit + -n, --new-name NEW_GROUP change the name to NEW_GROUP + -o, --non-unique allow to use a duplicate (non-unique) GID + -p, --password PASSWORD change the password to this (encrypted) + PASSWORD + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test new file mode 100755 index 00000000..13d13eed --- /dev/null +++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod -o requires -g" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "groupmod -o -n bar foo..." +groupmod -o -n bar foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group new file mode 100644 index 00000000..fafb2ea6 --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:foopassw:1000: diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test new file mode 100755 index 00000000..44597ad6 --- /dev/null +++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can set the password of a group (no gshadow file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "Remove the gshadow file" +rm -f /etc/gshadow + +echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..." +groupmod -p foopassw foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group new file mode 100644 index 00000000..7c2b4e85 --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:oldpass:1000: diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group new file mode 100644 index 00000000..fafb2ea6 --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:foopassw:1000: diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow new file mode 100644 index 00000000..601bd469 --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:foopassw:: diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test new file mode 100755 index 00000000..a765f4d5 --- /dev/null +++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can set the password of a group (no gshadow file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change password of foo (groupmod -p foopassw foo)..." +groupmod -p foopassw foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group new file mode 100644 index 00000000..7c2b4e85 --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:oldpass:1000: diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group new file mode 100644 index 00000000..fafb2ea6 --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:foopassw:1000: diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test new file mode 100755 index 00000000..1e2303c4 --- /dev/null +++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can set the password of a group (no gshadow file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change password of foo (groupmod -p foopassw foo)..." +groupmod -p foopassw foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow new file mode 100644 index 00000000..601bd469 --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:foopassw:: diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test new file mode 100755 index 00000000..c2a0b6b2 --- /dev/null +++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod can set the password of a group (no gshadow file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change password of foo (groupmod -p foopassw foo)..." +groupmod -p foopassw foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt b/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt new file mode 100644 index 00000000..e9e4bbed --- /dev/null +++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt @@ -0,0 +1 @@ +group foo, GID 1000 diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err b/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err new file mode 100644 index 00000000..6bec2e05 --- /dev/null +++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err @@ -0,0 +1,12 @@ +groupmod: invalid option -- 'Z' +Usage: groupmod [options] GROUP + +Options: + -g, --gid GID change the group ID to GID + -h, --help display this help message and exit + -n, --new-name NEW_GROUP change the name to NEW_GROUP + -o, --non-unique allow to use a duplicate (non-unique) GID + -p, --password PASSWORD change the password to this (encrypted) + PASSWORD + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test b/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test new file mode 100755 index 00000000..23c394ff --- /dev/null +++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "groupmod reports usage when called with an invalid option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call groupmod with an invalid option (groupmod -Z bar -g 1000 foo)..." +groupmod -Z bar -g 1000 foo 2>tmp/groupmod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "groupmod reported:" +echo "=======================================================================" +cat tmp/groupmod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupmod.err tmp/groupmod.err +echo "error message OK." +rm -f tmp/groupmod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/01_faillog_no_faillog/config.txt b/tests/log/faillog/01_faillog_no_faillog/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/01_faillog_no_faillog/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/group b/tests/log/faillog/01_faillog_no_faillog/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow b/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd b/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow b/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/log/faillog/01_faillog_no_faillog/data/faillog.err b/tests/log/faillog/01_faillog_no_faillog/data/faillog.err new file mode 100644 index 00000000..501b7cd0 --- /dev/null +++ b/tests/log/faillog/01_faillog_no_faillog/data/faillog.err @@ -0,0 +1 @@ +faillog: Cannot open /var/log/faillog: No such file or directory diff --git a/tests/log/faillog/01_faillog_no_faillog/faillog.test b/tests/log/faillog/01_faillog_no_faillog/faillog.test new file mode 100755 index 00000000..716bbf15 --- /dev/null +++ b/tests/log/faillog/01_faillog_no_faillog/faillog.test @@ -0,0 +1,51 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog detects missing /var/log/faillog and does not create it" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/faillog' 0 + +change_config + +echo -n "Remove /var/log/faillog (it will not be restored)..." +rm -f /var/log/faillog +echo "OK" + +echo -n "Execute faillog (faillog)..." +faillog 2>tmp/faillog.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/faillog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/faillog.err tmp/faillog.err +echo "usage message OK." +rm -f tmp/faillog.err + +echo -n "Check that the /var/log/faillog file was not created"... +test ! -f /var/log/faillog +echo "OK" + +touch /var/log/faillog + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/02_faillog_usage/config.txt b/tests/log/faillog/02_faillog_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/faillog/02_faillog_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/faillog/02_faillog_usage/config/etc/group b/tests/log/faillog/02_faillog_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/faillog/02_faillog_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/faillog/02_faillog_usage/config/etc/gshadow b/tests/log/faillog/02_faillog_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/faillog/02_faillog_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/faillog/02_faillog_usage/config/etc/passwd b/tests/log/faillog/02_faillog_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/faillog/02_faillog_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/faillog/02_faillog_usage/config/etc/shadow b/tests/log/faillog/02_faillog_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/faillog/02_faillog_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/faillog/02_faillog_usage/data/usage.out b/tests/log/faillog/02_faillog_usage/data/usage.out new file mode 100644 index 00000000..d5d28399 --- /dev/null +++ b/tests/log/faillog/02_faillog_usage/data/usage.out @@ -0,0 +1,14 @@ +Usage: faillog [options] + +Options: + -a, --all display faillog records for all users + -h, --help display this help message and exit + -l, --lock-secs SEC after failed login lock account for SEC seconds + -m, --maximum MAX set maximum failed login counters to MAX + -r, --reset reset the counters of login failures + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS display faillog records more recent than DAYS + -u, --user LOGIN/RANGE display faillog record or maintains failure + counters and limits (if used with -r, -m, + or -l) only for the specified LOGIN(s) + diff --git a/tests/log/faillog/02_faillog_usage/faillog.test b/tests/log/faillog/02_faillog_usage/faillog.test new file mode 100755 index 00000000..b9a0b9c9 --- /dev/null +++ b/tests/log/faillog/02_faillog_usage/faillog.test @@ -0,0 +1,35 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get faillog usage (faillog -h)..." +faillog -h >tmp/usage.out +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/03_faillog_format/config.txt b/tests/log/faillog/03_faillog_format/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/03_faillog_format/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/03_faillog_format/config/etc/group b/tests/log/faillog/03_faillog_format/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/03_faillog_format/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/03_faillog_format/config/etc/gshadow b/tests/log/faillog/03_faillog_format/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/03_faillog_format/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/03_faillog_format/config/etc/pam.d/login b/tests/log/faillog/03_faillog_format/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/03_faillog_format/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/03_faillog_format/config/etc/passwd b/tests/log/faillog/03_faillog_format/config/etc/passwd new file mode 100644 index 00000000..ae6ebfe9 --- /dev/null +++ b/tests/log/faillog/03_faillog_format/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh diff --git a/tests/log/faillog/03_faillog_format/config/etc/shadow b/tests/log/faillog/03_faillog_format/config/etc/shadow new file mode 100644 index 00000000..3b8a1edf --- /dev/null +++ b/tests/log/faillog/03_faillog_format/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:pass:12977:0:99999:7::: diff --git a/tests/log/faillog/03_faillog_format/data/faillog.out b/tests/log/faillog/03_faillog_format/data/faillog.out new file mode 100644 index 00000000..58558816 --- /dev/null +++ b/tests/log/faillog/03_faillog_format/data/faillog.out @@ -0,0 +1,2 @@ +Login Failures Maximum Latest On + diff --git a/tests/log/faillog/03_faillog_format/data/lastlog.out b/tests/log/faillog/03_faillog_format/data/lastlog.out new file mode 100644 index 00000000..280e1abf --- /dev/null +++ b/tests/log/faillog/03_faillog_format/data/lastlog.out @@ -0,0 +1,20 @@ +Username Port From Latest +root **Never logged in** +daemon **Never logged in** +bin **Never logged in** +sys **Never logged in** +sync **Never logged in** +games **Never logged in** +man **Never logged in** +lp **Never logged in** +mail **Never logged in** +news **Never logged in** +uucp **Never logged in** +proxy **Never logged in** +www-data **Never logged in** +backup **Never logged in** +list **Never logged in** +irc **Never logged in** +gnats **Never logged in** +nobody **Never logged in** +Debian-exim **Never logged in** diff --git a/tests/log/faillog/03_faillog_format/faillog.test b/tests/log/faillog/03_faillog_format/faillog.test new file mode 100755 index 00000000..489776ef --- /dev/null +++ b/tests/log/faillog/03_faillog_format/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +cp data/faillog.out tmp/faillog.out1 +cp data/faillog.out tmp/faillog.out2 +TTY=$(ls /dev/pts | sort -n|tail -1) +TTY=$((TTY+1)) + +DATE=$(LC_ALL=C date +"%D %H:%M:%S %z") +# pam_tally do not report the line of failure ? +printf "%-9s %5d %5d %s %s\n" foo 1 0 "$DATE" "">> tmp/faillog.out1 + +echo -n "Trigger a connection as foo..." +./login.exp +echo "OK" + +DATE=$(LC_ALL=C date +"%D %H:%M:%S %z") +# pam_tally do not report the line of failure ? +printf "%-9s %5d %5d %s %s\n" foo 1 0 "$DATE" "">> tmp/faillog.out2 + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the faillog message..." +diff -au tmp/faillog.out tmp/faillog.out1 || diff -au tmp/faillog.out tmp/faillog.out2 +echo "faillog message OK." +rm -f tmp/faillog.out tmp/faillog.out1 tmp/faillog.out2 + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/03_faillog_format/login.exp b/tests/log/faillog/03_faillog_format/login.exp new file mode 100755 index 00000000..bb91e57c --- /dev/null +++ b/tests/log/faillog/03_faillog_format/login.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login foo\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/04_faillog_mulitple/config.txt b/tests/log/faillog/04_faillog_mulitple/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/group b/tests/log/faillog/04_faillog_mulitple/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow b/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login b/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/passwd b/tests/log/faillog/04_faillog_mulitple/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/shadow b/tests/log/faillog/04_faillog_mulitple/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/04_faillog_mulitple/data/faillog.list b/tests/log/faillog/04_faillog_mulitple/data/faillog.list new file mode 100644 index 00000000..cb1d37b5 --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/04_faillog_mulitple/faillog.test b/tests/log/faillog/04_faillog_mulitple/faillog.test new file mode 100755 index 00000000..2184ee8a --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/faillog.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/04_faillog_mulitple/login.exp b/tests/log/faillog/04_faillog_mulitple/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/04_faillog_mulitple/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/05_faillog-u_ID/config.txt b/tests/log/faillog/05_faillog-u_ID/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/05_faillog-u_ID/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/group b/tests/log/faillog/05_faillog-u_ID/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/05_faillog-u_ID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow b/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/passwd b/tests/log/faillog/05_faillog-u_ID/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/05_faillog-u_ID/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/shadow b/tests/log/faillog/05_faillog-u_ID/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/05_faillog-u_ID/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/05_faillog-u_ID/data/faillog.list b/tests/log/faillog/05_faillog-u_ID/data/faillog.list new file mode 100644 index 00000000..3a1241db --- /dev/null +++ b/tests/log/faillog/05_faillog-u_ID/data/faillog.list @@ -0,0 +1,3 @@ +Login Failures Maximum + +bar 0 0 diff --git a/tests/log/faillog/05_faillog-u_ID/faillog.test b/tests/log/faillog/05_faillog-u_ID/faillog.test new file mode 100755 index 00000000..42382d01 --- /dev/null +++ b/tests/log/faillog/05_faillog-u_ID/faillog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u 1001..." +faillog -u 1001> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/06_faillog-u_name/config.txt b/tests/log/faillog/06_faillog-u_name/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/06_faillog-u_name/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/group b/tests/log/faillog/06_faillog-u_name/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/06_faillog-u_name/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/gshadow b/tests/log/faillog/06_faillog-u_name/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/06_faillog-u_name/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/passwd b/tests/log/faillog/06_faillog-u_name/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/06_faillog-u_name/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/shadow b/tests/log/faillog/06_faillog-u_name/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/06_faillog-u_name/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/06_faillog-u_name/data/faillog.list b/tests/log/faillog/06_faillog-u_name/data/faillog.list new file mode 100644 index 00000000..a635b623 --- /dev/null +++ b/tests/log/faillog/06_faillog-u_name/data/faillog.list @@ -0,0 +1,3 @@ +Login + +baz diff --git a/tests/log/faillog/06_faillog-u_name/faillog.test b/tests/log/faillog/06_faillog-u_name/faillog.test new file mode 100755 index 00000000..1061e20c --- /dev/null +++ b/tests/log/faillog/06_faillog-u_name/faillog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u baz..." +faillog -u baz> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/faillog.out | cut -d" " -f1 > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config.txt b/tests/log/faillog/07_faillog-u_ID_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/07_faillog-u_ID_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list b/tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list new file mode 100644 index 00000000..e69de29b diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test b/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test new file mode 100755 index 00000000..7f8bd7bd --- /dev/null +++ b/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u 1003..." +faillog -u 1003> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +diff -au data/faillog.list tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config.txt b/tests/log/faillog/08_faillog-u_name_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/08_faillog-u_name_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err b/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err new file mode 100644 index 00000000..402e2c6c --- /dev/null +++ b/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err @@ -0,0 +1 @@ +faillog: Unknown user or range: me diff --git a/tests/log/faillog/08_faillog-u_name_invalid/faillog.test b/tests/log/faillog/08_faillog-u_name_invalid/faillog.test new file mode 100755 index 00000000..8b2348c2 --- /dev/null +++ b/tests/log/faillog/08_faillog-u_name_invalid/faillog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u me..." +faillog -u me 2>tmp/faillog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/faillog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/faillog.err tmp/faillog.err +echo "message OK." +rm -f tmp/faillog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/09_faillog-u_range/config.txt b/tests/log/faillog/09_faillog-u_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/group b/tests/log/faillog/09_faillog-u_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/gshadow b/tests/log/faillog/09_faillog-u_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login b/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/passwd b/tests/log/faillog/09_faillog-u_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/shadow b/tests/log/faillog/09_faillog-u_range/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/09_faillog-u_range/data/faillog.list b/tests/log/faillog/09_faillog-u_range/data/faillog.list new file mode 100644 index 00000000..c4984b92 --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/data/faillog.list @@ -0,0 +1,4 @@ +Login Failures Maximum + +irc 1 0 +foo 1 0 diff --git a/tests/log/faillog/09_faillog-u_range/faillog.test b/tests/log/faillog/09_faillog-u_range/faillog.test new file mode 100755 index 00000000..53ef9f65 --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/faillog.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" + +echo -n "Trigger a connection as irc..." +./login.exp irc +echo "OK" + +echo -n "faillog -u 38-1001..." +faillog -u 38-1001> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/09_faillog-u_range/login.exp b/tests/log/faillog/09_faillog-u_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/09_faillog-u_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/10_faillog-u_open_range/config.txt b/tests/log/faillog/10_faillog-u_open_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/10_faillog-u_open_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/group b/tests/log/faillog/10_faillog-u_open_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow b/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd b/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow b/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/10_faillog-u_open_range/data/faillog.list b/tests/log/faillog/10_faillog-u_open_range/data/faillog.list new file mode 100644 index 00000000..a6afb8cd --- /dev/null +++ b/tests/log/faillog/10_faillog-u_open_range/data/faillog.list @@ -0,0 +1,22 @@ +Login Failures Maximum + +root 0 0 +daemon 0 0 +bin 0 0 +bar 0 0 +sys 0 0 +sync 0 0 +games 0 0 +man 0 0 +lp 0 0 +mail 0 0 +news 0 0 +uucp 0 0 +proxy 0 0 +www-data 0 0 +backup 0 0 +list 0 0 +irc 0 0 +gnats 0 0 +Debian-exim 0 0 +foo 0 0 diff --git a/tests/log/faillog/10_faillog-u_open_range/faillog.test b/tests/log/faillog/10_faillog-u_open_range/faillog.test new file mode 100755 index 00000000..9587bb9e --- /dev/null +++ b/tests/log/faillog/10_faillog-u_open_range/faillog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog supports open ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u -1001..." +faillog -a -u -1001> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/11_faillog-u_range_open/config.txt b/tests/log/faillog/11_faillog-u_range_open/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/11_faillog-u_range_open/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/group b/tests/log/faillog/11_faillog-u_range_open/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow b/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd b/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow b/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/11_faillog-u_range_open/data/faillog.list b/tests/log/faillog/11_faillog-u_range_open/data/faillog.list new file mode 100644 index 00000000..555ada55 --- /dev/null +++ b/tests/log/faillog/11_faillog-u_range_open/data/faillog.list @@ -0,0 +1,10 @@ +Login Failures Maximum + +bar 0 0 +list 0 0 +irc 0 0 +gnats 0 0 +nobody 0 0 +Debian-exim 0 0 +foo 0 0 +baz 0 0 diff --git a/tests/log/faillog/11_faillog-u_range_open/faillog.test b/tests/log/faillog/11_faillog-u_range_open/faillog.test new file mode 100755 index 00000000..30c7728e --- /dev/null +++ b/tests/log/faillog/11_faillog-u_range_open/faillog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog supports open ranges (2)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u 38-..." +faillog -a -u 38-> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config.txt b/tests/log/faillog/12_faillog-u_range_invalid1/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/12_faillog-u_range_invalid1/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err b/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err new file mode 100644 index 00000000..56b41738 --- /dev/null +++ b/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err @@ -0,0 +1 @@ +faillog: Unknown user or range: foo-bar diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test b/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test new file mode 100755 index 00000000..9a733944 --- /dev/null +++ b/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u foo-bar..." +faillog -u foo-bar 2>tmp/faillog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/faillog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/faillog.err tmp/faillog.err +echo "message OK." +rm -f tmp/faillog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config.txt b/tests/log/faillog/13_faillog-u_range_invalid2/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/13_faillog-u_range_invalid2/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err b/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err new file mode 100644 index 00000000..e9f67203 --- /dev/null +++ b/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err @@ -0,0 +1 @@ +faillog: Unknown user or range: foo- diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test b/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test new file mode 100755 index 00000000..14f7170c --- /dev/null +++ b/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u foo-..." +faillog -u foo- 2>tmp/faillog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/faillog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/faillog.err tmp/faillog.err +echo "message OK." +rm -f tmp/faillog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config.txt b/tests/log/faillog/14_faillog-u_range_invalid3/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/14_faillog-u_range_invalid3/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err b/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err new file mode 100644 index 00000000..33c3b8c5 --- /dev/null +++ b/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err @@ -0,0 +1 @@ +faillog: Unknown user or range: -foo diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test b/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test new file mode 100755 index 00000000..fdd0027d --- /dev/null +++ b/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -u -foo..." +faillog -u -foo 2>tmp/faillog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/faillog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/faillog.err tmp/faillog.err +echo "message OK." +rm -f tmp/faillog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/15_faillog_bad_option/config.txt b/tests/log/faillog/15_faillog_bad_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/faillog/15_faillog_bad_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/group b/tests/log/faillog/15_faillog_bad_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/faillog/15_faillog_bad_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow b/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/passwd b/tests/log/faillog/15_faillog_bad_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/faillog/15_faillog_bad_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/shadow b/tests/log/faillog/15_faillog_bad_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/faillog/15_faillog_bad_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/faillog/15_faillog_bad_option/data/usage.out b/tests/log/faillog/15_faillog_bad_option/data/usage.out new file mode 100644 index 00000000..06442743 --- /dev/null +++ b/tests/log/faillog/15_faillog_bad_option/data/usage.out @@ -0,0 +1,15 @@ +faillog: invalid option -- 'Z' +Usage: faillog [options] + +Options: + -a, --all display faillog records for all users + -h, --help display this help message and exit + -l, --lock-secs SEC after failed login lock account for SEC seconds + -m, --maximum MAX set maximum failed login counters to MAX + -r, --reset reset the counters of login failures + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS display faillog records more recent than DAYS + -u, --user LOGIN/RANGE display faillog record or maintains failure + counters and limits (if used with -r, -m, + or -l) only for the specified LOGIN(s) + diff --git a/tests/log/faillog/15_faillog_bad_option/faillog.test b/tests/log/faillog/15_faillog_bad_option/faillog.test new file mode 100755 index 00000000..3e566cd4 --- /dev/null +++ b/tests/log/faillog/15_faillog_bad_option/faillog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get faillog usage (faillog -Z)..." +faillog -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/16_faillog_extra_arg/config.txt b/tests/log/faillog/16_faillog_extra_arg/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/faillog/16_faillog_extra_arg/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/group b/tests/log/faillog/16_faillog_extra_arg/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow b/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd b/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow b/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/faillog/16_faillog_extra_arg/data/usage.out b/tests/log/faillog/16_faillog_extra_arg/data/usage.out new file mode 100644 index 00000000..1ec1fa26 --- /dev/null +++ b/tests/log/faillog/16_faillog_extra_arg/data/usage.out @@ -0,0 +1,15 @@ +faillog: unexpected argument: foo +Usage: faillog [options] + +Options: + -a, --all display faillog records for all users + -h, --help display this help message and exit + -l, --lock-secs SEC after failed login lock account for SEC seconds + -m, --maximum MAX set maximum failed login counters to MAX + -r, --reset reset the counters of login failures + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS display faillog records more recent than DAYS + -u, --user LOGIN/RANGE display faillog record or maintains failure + counters and limits (if used with -r, -m, + or -l) only for the specified LOGIN(s) + diff --git a/tests/log/faillog/16_faillog_extra_arg/faillog.test b/tests/log/faillog/16_faillog_extra_arg/faillog.test new file mode 100755 index 00000000..09770caf --- /dev/null +++ b/tests/log/faillog/16_faillog_extra_arg/faillog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog checks if there are extra arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get faillog usage (faillog foo)..." +faillog foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/17_faillog-t/config.txt b/tests/log/faillog/17_faillog-t/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/17_faillog-t/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/17_faillog-t/config/etc/group b/tests/log/faillog/17_faillog-t/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/17_faillog-t/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/17_faillog-t/config/etc/gshadow b/tests/log/faillog/17_faillog-t/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/17_faillog-t/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/17_faillog-t/config/etc/pam.d/login b/tests/log/faillog/17_faillog-t/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/17_faillog-t/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/17_faillog-t/config/etc/passwd b/tests/log/faillog/17_faillog-t/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/17_faillog-t/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/17_faillog-t/config/etc/shadow b/tests/log/faillog/17_faillog-t/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/17_faillog-t/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/17_faillog-t/data/faillog.list b/tests/log/faillog/17_faillog-t/data/faillog.list new file mode 100644 index 00000000..f5d3d8cd --- /dev/null +++ b/tests/log/faillog/17_faillog-t/data/faillog.list @@ -0,0 +1,4 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 diff --git a/tests/log/faillog/17_faillog-t/faillog.test b/tests/log/faillog/17_faillog-t/faillog.test new file mode 100755 index 00000000..217a63b5 --- /dev/null +++ b/tests/log/faillog/17_faillog-t/faillog.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz +echo "OK" + +echo -n "faillog..." +faillog -t 3 > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/17_faillog-t/login.exp b/tests/log/faillog/17_faillog-t/login.exp new file mode 100755 index 00000000..66de74b1 --- /dev/null +++ b/tests/log/faillog/17_faillog-t/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login -p $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/18_faillog-t_invalid/config.txt b/tests/log/faillog/18_faillog-t_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/18_faillog-t_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/group b/tests/log/faillog/18_faillog-t_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow b/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd b/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow b/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/18_faillog-t_invalid/data/faillog.err b/tests/log/faillog/18_faillog-t_invalid/data/faillog.err new file mode 100644 index 00000000..009c0f66 --- /dev/null +++ b/tests/log/faillog/18_faillog-t_invalid/data/faillog.err @@ -0,0 +1 @@ +faillog: invalid numeric argument 'bad' diff --git a/tests/log/faillog/18_faillog-t_invalid/faillog.test b/tests/log/faillog/18_faillog-t_invalid/faillog.test new file mode 100755 index 00000000..0405bcaf --- /dev/null +++ b/tests/log/faillog/18_faillog-t_invalid/faillog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -t bad..." +faillog -t bad 2>tmp/faillog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/faillog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/faillog.err tmp/faillog.err +echo "message OK." +rm -f tmp/faillog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config.txt b/tests/log/faillog/19_faillog_multiple_same_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list b/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list new file mode 100644 index 00000000..935d8439 --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 2 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/19_faillog_multiple_same_user/faillog.test b/tests/log/faillog/19_faillog_multiple_same_user/faillog.test new file mode 100755 index 00000000..21a6fffb --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/faillog.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/19_faillog_multiple_same_user/login.exp b/tests/log/faillog/19_faillog_multiple_same_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/19_faillog_multiple_same_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/20_faillog-r-u/config.txt b/tests/log/faillog/20_faillog-r-u/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/group b/tests/log/faillog/20_faillog-r-u/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/gshadow b/tests/log/faillog/20_faillog-r-u/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login b/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/passwd b/tests/log/faillog/20_faillog-r-u/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/shadow b/tests/log/faillog/20_faillog-r-u/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/20_faillog-r-u/data/faillog.list b/tests/log/faillog/20_faillog-r-u/data/faillog.list new file mode 100644 index 00000000..12c3f70f --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 0 0 diff --git a/tests/log/faillog/20_faillog-r-u/faillog.test b/tests/log/faillog/20_faillog-r-u/faillog.test new file mode 100755 index 00000000..4aa3d906 --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/faillog.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -r -u baz)..." +faillog -r -u baz +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/20_faillog-r-u/login.exp b/tests/log/faillog/20_faillog-r-u/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/20_faillog-r-u/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/21_faillog-r-u_range/config.txt b/tests/log/faillog/21_faillog-r-u_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/group b/tests/log/faillog/21_faillog-r-u_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow b/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login b/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd b/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow b/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/21_faillog-r-u_range/data/faillog.list b/tests/log/faillog/21_faillog-r-u_range/data/faillog.list new file mode 100644 index 00000000..fd0df36b --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 0 0 +foo 0 0 +baz 1 0 diff --git a/tests/log/faillog/21_faillog-r-u_range/faillog.test b/tests/log/faillog/21_faillog-r-u_range/faillog.test new file mode 100755 index 00000000..1b893581 --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/faillog.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset users (faillog -r -u 1000-1001)..." +faillog -r -u 1000-1001 +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/21_faillog-r-u_range/login.exp b/tests/log/faillog/21_faillog-r-u_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/21_faillog-r-u_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/22_faillog_removed_user/config.txt b/tests/log/faillog/22_faillog_removed_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/group b/tests/log/faillog/22_faillog_removed_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow b/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login b/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/passwd b/tests/log/faillog/22_faillog_removed_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/shadow b/tests/log/faillog/22_faillog_removed_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/22_faillog_removed_user/data/faillog.list b/tests/log/faillog/22_faillog_removed_user/data/faillog.list new file mode 100644 index 00000000..09f68d0c --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/data/faillog.list @@ -0,0 +1,4 @@ +Login Failures Maximum + +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/22_faillog_removed_user/faillog.test b/tests/log/faillog/22_faillog_removed_user/faillog.test new file mode 100755 index 00000000..d72ee5b6 --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove user bar from passwd and shadow..." +sed -e '/^bar:/d' -i /etc/passwd +sed -e '/^bar:/d' -i /etc/shadow +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/22_faillog_removed_user/login.exp b/tests/log/faillog/22_faillog_removed_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/22_faillog_removed_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/23_faillog-a_removed_user/config.txt b/tests/log/faillog/23_faillog-a_removed_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/group b/tests/log/faillog/23_faillog-a_removed_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow b/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login b/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd b/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow b/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list b/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list new file mode 100644 index 00000000..1eb072b1 --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list @@ -0,0 +1,23 @@ +Login Failures Maximum + +root 0 0 +daemon 0 0 +bin 0 0 +sys 0 0 +sync 0 0 +games 0 0 +man 0 0 +lp 0 0 +mail 0 0 +news 0 0 +uucp 0 0 +proxy 0 0 +www-data 0 0 +backup 0 0 +list 0 0 +irc 0 0 +gnats 0 0 +nobody 0 0 +Debian-exim 0 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/23_faillog-a_removed_user/faillog.test b/tests/log/faillog/23_faillog-a_removed_user/faillog.test new file mode 100755 index 00000000..c4406724 --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove user bar from passwd and shadow..." +sed -e '/^bar:/d' -i /etc/passwd +sed -e '/^bar:/d' -i /etc/shadow +echo "OK" + +echo -n "faillog..." +faillog -a> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/23_faillog-a_removed_user/login.exp b/tests/log/faillog/23_faillog-a_removed_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/23_faillog-a_removed_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/24_faillog-u_removed_user/config.txt b/tests/log/faillog/24_faillog-u_removed_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/24_faillog-u_removed_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/group b/tests/log/faillog/24_faillog-u_removed_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow b/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login b/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd b/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow b/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/24_faillog-u_removed_user/data/faillog.list b/tests/log/faillog/24_faillog-u_removed_user/data/faillog.list new file mode 100644 index 00000000..e69de29b diff --git a/tests/log/faillog/24_faillog-u_removed_user/faillog.test b/tests/log/faillog/24_faillog-u_removed_user/faillog.test new file mode 100755 index 00000000..d1fff47a --- /dev/null +++ b/tests/log/faillog/24_faillog-u_removed_user/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove user bar from passwd and shadow..." +sed -e '/^bar:/d' -i /etc/passwd +sed -e '/^bar:/d' -i /etc/shadow +echo "OK" + +echo -n "faillog -a -u 1001..." +faillog -a -u 1001> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/24_faillog-u_removed_user/login.exp b/tests/log/faillog/24_faillog-u_removed_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/24_faillog-u_removed_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config.txt b/tests/log/faillog/25_faillog-r-u_removed_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list b/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list new file mode 100644 index 00000000..1ad3edf7 --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list @@ -0,0 +1,24 @@ +Login Failures Maximum + +root 0 0 +daemon 0 0 +bin 0 0 +bar 0 0 +sys 0 0 +sync 0 0 +games 0 0 +man 0 0 +lp 0 0 +mail 0 0 +news 0 0 +uucp 0 0 +proxy 0 0 +www-data 0 0 +backup 0 0 +list 0 0 +irc 0 0 +gnats 0 0 +nobody 0 0 +Debian-exim 0 0 +foo 0 0 +baz 0 0 diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test b/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test new file mode 100755 index 00000000..f48435af --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" + +echo -n "Remove user bar from passwd and shadow..." +cp -a /etc/passwd /etc/shadow tmp/ +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +echo "OK" + +echo -n "faillog -r -u 1000..." +faillog -r -u 1000 +echo "OK." + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc +echo "OK" + +echo -n "faillog..." +faillog -a> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/login.exp b/tests/log/faillog/25_faillog-r-u_removed_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/25_faillog-r-u_removed_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt b/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list b/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list new file mode 100644 index 00000000..0f9aacfb --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list @@ -0,0 +1,24 @@ +Login Failures Maximum + +root 0 0 +daemon 0 0 +bin 0 0 +bar 0 0 +sys 0 0 +sync 0 0 +games 0 0 +man 0 0 +lp 0 0 +mail 0 0 +news 0 0 +uucp 0 0 +proxy 0 0 +www-data 0 0 +backup 0 0 +list 0 0 +irc 0 0 +gnats 0 0 +nobody 0 0 +Debian-exim 0 0 +foo 1 0 +baz 0 0 diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test b/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test new file mode 100755 index 00000000..5c140b9c --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" + +echo -n "Remove user bar from passwd and shadow..." +cp -a /etc/passwd /etc/shadow tmp/ +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +echo "OK" + +echo -n "faillog -r -u 40-2000..." +faillog -r -u 40-2000 +echo "OK." + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc +echo "OK" + +echo -n "faillog..." +faillog -a> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp b/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list new file mode 100644 index 00000000..1ad3edf7 --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list @@ -0,0 +1,24 @@ +Login Failures Maximum + +root 0 0 +daemon 0 0 +bin 0 0 +bar 0 0 +sys 0 0 +sync 0 0 +games 0 0 +man 0 0 +lp 0 0 +mail 0 0 +news 0 0 +uucp 0 0 +proxy 0 0 +www-data 0 0 +backup 0 0 +list 0 0 +irc 0 0 +gnats 0 0 +nobody 0 0 +Debian-exim 0 0 +foo 0 0 +baz 0 0 diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test new file mode 100755 index 00000000..ecf1f97e --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp bar +echo "OK" + +echo -n "Remove user bar from passwd and shadow..." +cp -a /etc/passwd /etc/shadow tmp/ +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +sed -e '/^bar:/d' -i /etc/passwd +sed -e '/^bar:/d' -i /etc/shadow +echo "OK" + +echo -n "faillog -r -u 40-2000..." +faillog -a -r -u 40-2000 +echo "OK." + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc +echo "OK" + +echo -n "faillog..." +faillog -a> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list new file mode 100644 index 00000000..3544ec4e --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list @@ -0,0 +1,24 @@ +Login Failures Maximum + +root 0 0 +daemon 0 0 +bin 0 0 +bar 1 0 +sys 0 0 +sync 0 0 +games 0 0 +man 0 0 +lp 0 0 +mail 0 0 +news 0 0 +uucp 0 0 +proxy 0 0 +www-data 0 0 +backup 0 0 +list 0 0 +irc 0 0 +gnats 0 0 +nobody 0 0 +Debian-exim 0 0 +foo 0 0 +baz 0 0 diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test new file mode 100755 index 00000000..5790ad97 --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp bar +echo "OK" + +echo -n "Remove user bar from passwd and shadow..." +cp -a /etc/passwd /etc/shadow tmp/ +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +sed -e '/^bar:/d' -i /etc/passwd +sed -e '/^bar:/d' -i /etc/shadow +echo "OK" + +echo -n "faillog -r -u -1000..." +faillog -a -r -u -1000 +echo "OK." + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc +echo "OK" + +echo -n "faillog..." +faillog -a> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list new file mode 100644 index 00000000..0f9aacfb --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list @@ -0,0 +1,24 @@ +Login Failures Maximum + +root 0 0 +daemon 0 0 +bin 0 0 +bar 0 0 +sys 0 0 +sync 0 0 +games 0 0 +man 0 0 +lp 0 0 +mail 0 0 +news 0 0 +uucp 0 0 +proxy 0 0 +www-data 0 0 +backup 0 0 +list 0 0 +irc 0 0 +gnats 0 0 +nobody 0 0 +Debian-exim 0 0 +foo 1 0 +baz 0 0 diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test new file mode 100755 index 00000000..9579ca6b --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp bar +echo "OK" + +echo -n "Remove user bar from passwd and shadow..." +cp -a /etc/passwd /etc/shadow tmp/ +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +sed -e '/^bar:/d' -i /etc/passwd +sed -e '/^bar:/d' -i /etc/shadow +echo "OK" + +echo -n "faillog -r -u 1001-..." +faillog -a -r -u 1001- +echo "OK." + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc +echo "OK" + +echo -n "faillog..." +faillog -a> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/30_faillog-r/config.txt b/tests/log/faillog/30_faillog-r/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/30_faillog-r/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/30_faillog-r/config/etc/group b/tests/log/faillog/30_faillog-r/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/30_faillog-r/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/30_faillog-r/config/etc/gshadow b/tests/log/faillog/30_faillog-r/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/30_faillog-r/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/30_faillog-r/config/etc/pam.d/login b/tests/log/faillog/30_faillog-r/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/30_faillog-r/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/30_faillog-r/config/etc/passwd b/tests/log/faillog/30_faillog-r/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/30_faillog-r/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/30_faillog-r/config/etc/shadow b/tests/log/faillog/30_faillog-r/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/30_faillog-r/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/30_faillog-r/data/faillog.list b/tests/log/faillog/30_faillog-r/data/faillog.list new file mode 100644 index 00000000..d96a9361 --- /dev/null +++ b/tests/log/faillog/30_faillog-r/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 0 0 +foo 0 0 +baz 0 0 diff --git a/tests/log/faillog/30_faillog-r/faillog.test b/tests/log/faillog/30_faillog-r/faillog.test new file mode 100755 index 00000000..cfb441fb --- /dev/null +++ b/tests/log/faillog/30_faillog-r/faillog.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -r)..." +faillog -r +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/30_faillog-r/login.exp b/tests/log/faillog/30_faillog-r/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/30_faillog-r/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config.txt b/tests/log/faillog/31_faillog-r-u_open_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list b/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list new file mode 100644 index 00000000..fd0df36b --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 0 0 +foo 0 0 +baz 1 0 diff --git a/tests/log/faillog/31_faillog-r-u_open_range/faillog.test b/tests/log/faillog/31_faillog-r-u_open_range/faillog.test new file mode 100755 index 00000000..9eb7bebe --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/faillog.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset users count (faillog -r -u -1001)..." +faillog -r -u -1001 +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/31_faillog-r-u_open_range/login.exp b/tests/log/faillog/31_faillog-r-u_open_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/31_faillog-r-u_open_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/32_faillog-l/config.txt b/tests/log/faillog/32_faillog-l/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/32_faillog-l/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/32_faillog-l/config/etc/group b/tests/log/faillog/32_faillog-l/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/32_faillog-l/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/32_faillog-l/config/etc/gshadow b/tests/log/faillog/32_faillog-l/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/32_faillog-l/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/32_faillog-l/config/etc/pam.d/login b/tests/log/faillog/32_faillog-l/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/32_faillog-l/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/32_faillog-l/config/etc/passwd b/tests/log/faillog/32_faillog-l/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/32_faillog-l/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/32_faillog-l/config/etc/shadow b/tests/log/faillog/32_faillog-l/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/32_faillog-l/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/32_faillog-l/data/faillog.list b/tests/log/faillog/32_faillog-l/data/faillog.list new file mode 100644 index 00000000..cb1d37b5 --- /dev/null +++ b/tests/log/faillog/32_faillog-l/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/32_faillog-l/faillog.test b/tests/log/faillog/32_faillog-l/faillog.test new file mode 100755 index 00000000..1e6360e1 --- /dev/null +++ b/tests/log/faillog/32_faillog-l/faillog.test @@ -0,0 +1,63 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -l 10)..." +faillog -l 10 +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "There should between 6 and 8 secondes remaining for baz..." +grep "^baz .* \[[678]s left\]$" tmp/faillog.out +echo "OK" +echo "The lock is displayed as 10s for foo..." +grep "^foo .* \[10s lock\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/32_faillog-l/login.exp b/tests/log/faillog/32_faillog-l/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/32_faillog-l/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/33_faillog-l-u_user/config.txt b/tests/log/faillog/33_faillog-l-u_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/group b/tests/log/faillog/33_faillog-l-u_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow b/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login b/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd b/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow b/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/33_faillog-l-u_user/data/faillog.list b/tests/log/faillog/33_faillog-l-u_user/data/faillog.list new file mode 100644 index 00000000..817ff454 --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/data/faillog.list @@ -0,0 +1 @@ +foo 1 0 diff --git a/tests/log/faillog/33_faillog-l-u_user/faillog.test b/tests/log/faillog/33_faillog-l-u_user/faillog.test new file mode 100755 index 00000000..f9ccf53c --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/faillog.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -l 10 -u foo)..." +faillog -l 10 -u foo +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +grep "left\|lock" tmp/faillog.out | cut -c-28 > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "The lock is displayed as 10s for foo..." +grep "^foo .* \[10s lock\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/33_faillog-l-u_user/login.exp b/tests/log/faillog/33_faillog-l-u_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/33_faillog-l-u_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/34_faillog-l-u_range/config.txt b/tests/log/faillog/34_faillog-l-u_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/group b/tests/log/faillog/34_faillog-l-u_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow b/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login b/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd b/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow b/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/34_faillog-l-u_range/data/faillog.list b/tests/log/faillog/34_faillog-l-u_range/data/faillog.list new file mode 100644 index 00000000..cb1d37b5 --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/34_faillog-l-u_range/faillog.test b/tests/log/faillog/34_faillog-l-u_range/faillog.test new file mode 100755 index 00000000..980b95ee --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/faillog.test @@ -0,0 +1,63 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -l 10 -u 1000-1001)..." +faillog -l 10 -u 1000-1001 +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "There should be between 3 and 5 secondes remaining for bar..." +grep "^bar .* \[[345]s left\]$" tmp/faillog.out +echo "OK" +echo "The lock is displayed as 10s for foo..." +grep "^foo .* \[10s lock\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/34_faillog-l-u_range/login.exp b/tests/log/faillog/34_faillog-l-u_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/34_faillog-l-u_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config.txt b/tests/log/faillog/35_faillog-l-u_open_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list b/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list new file mode 100644 index 00000000..cb1d37b5 --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/35_faillog-l-u_open_range/faillog.test b/tests/log/faillog/35_faillog-l-u_open_range/faillog.test new file mode 100755 index 00000000..3cc96550 --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/faillog.test @@ -0,0 +1,63 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -l 10 -u -1001)..." +faillog -l 10 -u -1001 +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "There should be between 2 and 5 secondes remaining for bar..." +grep "^bar .* \[[2345]s left\]$" tmp/faillog.out +echo "OK" +echo "The lock is displayed as 10s for foo..." +grep "^foo .* \[10s lock\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/35_faillog-l-u_open_range/login.exp b/tests/log/faillog/35_faillog-l-u_open_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/35_faillog-l-u_open_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config.txt b/tests/log/faillog/36_faillog-l-u_range_open/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list b/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list new file mode 100644 index 00000000..cb1d37b5 --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/36_faillog-l-u_range_open/faillog.test b/tests/log/faillog/36_faillog-l-u_range_open/faillog.test new file mode 100755 index 00000000..caf07421 --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/faillog.test @@ -0,0 +1,63 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -l 10 -u 1000-1001)..." +faillog -l 10 -u 1001- +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "There should be 6 or 7 secondes remaining for baz..." +grep "^baz .* \[[67]s left\]$" tmp/faillog.out +echo "OK" +echo "There should be 3 or 4 secondes remaining for bar..." +grep "^bar .* \[[34]s left\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/36_faillog-l-u_range_open/login.exp b/tests/log/faillog/36_faillog-l-u_range_open/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/36_faillog-l-u_range_open/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config.txt b/tests/log/faillog/37_faillog-l-a-u_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list b/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list new file mode 100644 index 00000000..817ff454 --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list @@ -0,0 +1 @@ +foo 1 0 diff --git a/tests/log/faillog/37_faillog-l-a-u_user/faillog.test b/tests/log/faillog/37_faillog-l-a-u_user/faillog.test new file mode 100755 index 00000000..9128abc8 --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/faillog.test @@ -0,0 +1,70 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove user foo from passwd and shadow..." +cp /etc/passwd /etc/shadow tmp/ +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +echo "OK" + +echo -n "reset old foo (faillog -l 10 -u 1000)..." +faillog -l 10 -a -u 1000 +echo "OK" + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc/ +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +grep "left\|lock" tmp/faillog.out | cut -c-28 > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "The lock is displayed as 10s for foo..." +grep "^foo .* \[10s lock\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/37_faillog-l-a-u_user/login.exp b/tests/log/faillog/37_faillog-l-a-u_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/37_faillog-l-a-u_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config.txt b/tests/log/faillog/38_faillog-l-a-u_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list b/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list new file mode 100644 index 00000000..cb1d37b5 --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/38_faillog-l-a-u_range/faillog.test b/tests/log/faillog/38_faillog-l-a-u_range/faillog.test new file mode 100755 index 00000000..a585e17e --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/faillog.test @@ -0,0 +1,73 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 1 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove users foo, bar, baz from passwd and shadow..." +cp /etc/passwd /etc/shadow tmp/ +sed -e '/^(foo|bar|baz):/d' -i /etc/passwd +sed -e '/^(foo|bar|baz):/d' -i /etc/shadow +echo "OK" + +echo -n "reset baz (faillog -l 10 -a -u 1000-1001)..." +faillog -l 10 -a -u 1000-1001 +echo "OK" + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc/ +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "There should be between 2 and 4 secondes remaining for bar..." +grep "^bar .* \[[2-4]s left\]$" tmp/faillog.out +echo "OK" +echo "The lock is displayed as 10s for foo..." +grep "^foo .* \[10s lock\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/38_faillog-l-a-u_range/login.exp b/tests/log/faillog/38_faillog-l-a-u_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/38_faillog-l-a-u_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt b/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list b/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list new file mode 100644 index 00000000..cb1d37b5 --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test b/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test new file mode 100755 index 00000000..b81b396d --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test @@ -0,0 +1,73 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 1 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove users foo, bar, baz from passwd and shadow..." +cp /etc/passwd /etc/shadow tmp/ +sed -e '/^(foo|bar|baz):/d' -i /etc/passwd +sed -e '/^(foo|bar|baz):/d' -i /etc/shadow +echo "OK" + +echo -n "reset baz (faillog -l 10 -a -u -1001)..." +faillog -l 10 -a -u -1001 +echo "OK" + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc/ +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "There should be between 2 and 4 secondes remaining for bar..." +grep "^bar .* \[[234]s left\]$" tmp/faillog.out +echo "OK" +echo "The lock is displayed as 10s for foo..." +grep "^foo .* \[10s lock\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp b/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt b/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list b/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list new file mode 100644 index 00000000..cb1d37b5 --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 0 +baz 1 0 diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test b/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test new file mode 100755 index 00000000..3f25fc5b --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test @@ -0,0 +1,73 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 1 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove users foo, bar, baz from passwd and shadow..." +cp /etc/passwd /etc/shadow tmp/ +sed -e '/^(foo|bar|baz):/d' -i /etc/passwd +sed -e '/^(foo|bar|baz):/d' -i /etc/shadow +echo "OK" + +echo -n "reset baz (faillog -a -l 10 -u 1001-)..." +faillog -a -l 10 -u 1001- +echo "OK" + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc/ +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "There should be between 6 and 8 secondes remaining for baz..." +grep "^baz .* \[[6-8]s left\]$" tmp/faillog.out +echo "OK" +echo "There should be between 2 and 4 secondes remaining for bar..." +grep "^bar .* \[[2-4]s left\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp b/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/41_faillog-l_invalid/config.txt b/tests/log/faillog/41_faillog-l_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/41_faillog-l_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/group b/tests/log/faillog/41_faillog-l_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow b/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd b/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow b/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/41_faillog-l_invalid/data/faillog.err b/tests/log/faillog/41_faillog-l_invalid/data/faillog.err new file mode 100644 index 00000000..009c0f66 --- /dev/null +++ b/tests/log/faillog/41_faillog-l_invalid/data/faillog.err @@ -0,0 +1 @@ +faillog: invalid numeric argument 'bad' diff --git a/tests/log/faillog/41_faillog-l_invalid/faillog.test b/tests/log/faillog/41_faillog-l_invalid/faillog.test new file mode 100755 index 00000000..3907eeee --- /dev/null +++ b/tests/log/faillog/41_faillog-l_invalid/faillog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -l bad..." +faillog -l bad 2>tmp/faillog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/faillog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/faillog.err tmp/faillog.err +echo "message OK." +rm -f tmp/faillog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/42_faillog-m/config.txt b/tests/log/faillog/42_faillog-m/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/42_faillog-m/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/42_faillog-m/config/etc/group b/tests/log/faillog/42_faillog-m/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/42_faillog-m/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/42_faillog-m/config/etc/gshadow b/tests/log/faillog/42_faillog-m/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/42_faillog-m/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/42_faillog-m/config/etc/pam.d/login b/tests/log/faillog/42_faillog-m/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/42_faillog-m/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/42_faillog-m/config/etc/passwd b/tests/log/faillog/42_faillog-m/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/42_faillog-m/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/42_faillog-m/config/etc/shadow b/tests/log/faillog/42_faillog-m/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/42_faillog-m/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/42_faillog-m/data/faillog.list b/tests/log/faillog/42_faillog-m/data/faillog.list new file mode 100644 index 00000000..29b7516d --- /dev/null +++ b/tests/log/faillog/42_faillog-m/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 10 +foo 1 10 +baz 1 10 diff --git a/tests/log/faillog/42_faillog-m/faillog.test b/tests/log/faillog/42_faillog-m/faillog.test new file mode 100755 index 00000000..867d41cd --- /dev/null +++ b/tests/log/faillog/42_faillog-m/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -m 10)..." +faillog -m 10 +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/42_faillog-m/login.exp b/tests/log/faillog/42_faillog-m/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/42_faillog-m/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/43_faillog-m-u_user/config.txt b/tests/log/faillog/43_faillog-m-u_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/group b/tests/log/faillog/43_faillog-m-u_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow b/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login b/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd b/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow b/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/43_faillog-m-u_user/data/faillog.list b/tests/log/faillog/43_faillog-m-u_user/data/faillog.list new file mode 100644 index 00000000..5ec24148 --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 10 +baz 1 0 diff --git a/tests/log/faillog/43_faillog-m-u_user/faillog.test b/tests/log/faillog/43_faillog-m-u_user/faillog.test new file mode 100755 index 00000000..d86c6ea2 --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -m 10 -u foo)..." +faillog -m 10 -u foo +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/43_faillog-m-u_user/login.exp b/tests/log/faillog/43_faillog-m-u_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/43_faillog-m-u_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/44_faillog-m-u_range/config.txt b/tests/log/faillog/44_faillog-m-u_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/group b/tests/log/faillog/44_faillog-m-u_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow b/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login b/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd b/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow b/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/44_faillog-m-u_range/data/faillog.list b/tests/log/faillog/44_faillog-m-u_range/data/faillog.list new file mode 100644 index 00000000..9af27b00 --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 10 +foo 1 10 +baz 1 0 diff --git a/tests/log/faillog/44_faillog-m-u_range/faillog.test b/tests/log/faillog/44_faillog-m-u_range/faillog.test new file mode 100755 index 00000000..f410ac3e --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -m 10 -u 1000-1001)..." +faillog -m 10 -u 1000-1001 +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/44_faillog-m-u_range/login.exp b/tests/log/faillog/44_faillog-m-u_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/44_faillog-m-u_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config.txt b/tests/log/faillog/45_faillog-m-u_open_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list b/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list new file mode 100644 index 00000000..9af27b00 --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 10 +foo 1 10 +baz 1 0 diff --git a/tests/log/faillog/45_faillog-m-u_open_range/faillog.test b/tests/log/faillog/45_faillog-m-u_open_range/faillog.test new file mode 100755 index 00000000..77d9202d --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog can set the maximum number of fail logins for a range of users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -m 10 -u -1001)..." +faillog -m 10 -u -1001 +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/45_faillog-m-u_open_range/login.exp b/tests/log/faillog/45_faillog-m-u_open_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/45_faillog-m-u_open_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config.txt b/tests/log/faillog/46_faillog-m-u_range_open/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list b/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list new file mode 100644 index 00000000..ea0845db --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 10 +foo 1 0 +baz 1 10 diff --git a/tests/log/faillog/46_faillog-m-u_range_open/faillog.test b/tests/log/faillog/46_faillog-m-u_range_open/faillog.test new file mode 100755 index 00000000..0bed6176 --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog can set the maximum number of fail logins for a range of users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "reset baz (faillog -m 10 -u 1000-1001)..." +faillog -m 10 -u 1001- +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/46_faillog-m-u_range_open/login.exp b/tests/log/faillog/46_faillog-m-u_range_open/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/46_faillog-m-u_range_open/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config.txt b/tests/log/faillog/47_faillog-m-a-u_user/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list b/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list new file mode 100644 index 00000000..5ec24148 --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 0 +foo 1 10 +baz 1 0 diff --git a/tests/log/faillog/47_faillog-m-a-u_user/faillog.test b/tests/log/faillog/47_faillog-m-a-u_user/faillog.test new file mode 100755 index 00000000..64d7f6c6 --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/faillog.test @@ -0,0 +1,67 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog can set the maximum number an removed user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 2 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove user foo from passwd and shadow..." +cp /etc/passwd /etc/shadow tmp/ +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +echo "OK" + +echo -n "reset old foo (faillog -m 10 -a -u 1000)..." +faillog -m 10 -a -u 1000 +echo "OK" + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc/ +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/47_faillog-m-a-u_user/login.exp b/tests/log/faillog/47_faillog-m-a-u_user/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/47_faillog-m-a-u_user/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config.txt b/tests/log/faillog/48_faillog-m-a-u_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list b/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list new file mode 100644 index 00000000..9af27b00 --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 10 +foo 1 10 +baz 1 0 diff --git a/tests/log/faillog/48_faillog-m-a-u_range/faillog.test b/tests/log/faillog/48_faillog-m-a-u_range/faillog.test new file mode 100755 index 00000000..cd35f273 --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/faillog.test @@ -0,0 +1,67 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 1 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove users foo, bar, baz from passwd and shadow..." +cp /etc/passwd /etc/shadow tmp/ +sed -e '/^(foo|bar|baz):/d' -i /etc/passwd +sed -e '/^(foo|bar|baz):/d' -i /etc/shadow +echo "OK" + +echo -n "reset baz (faillog -m 10 -a -u 1000-1001)..." +faillog -m 10 -a -u 1000-1001 +echo "OK" + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc/ +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/48_faillog-m-a-u_range/login.exp b/tests/log/faillog/48_faillog-m-a-u_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/48_faillog-m-a-u_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt b/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list b/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list new file mode 100644 index 00000000..9af27b00 --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 10 +foo 1 10 +baz 1 0 diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test b/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test new file mode 100755 index 00000000..8b865b30 --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test @@ -0,0 +1,67 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 1 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove users foo, bar, baz from passwd and shadow..." +cp /etc/passwd /etc/shadow tmp/ +sed -e '/^(foo|bar|baz):/d' -i /etc/passwd +sed -e '/^(foo|bar|baz):/d' -i /etc/shadow +echo "OK" + +echo -n "reset baz (faillog -m 10 -a -u -1001)..." +faillog -m 10 -a -u -1001 +echo "OK" + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc/ +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp b/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt b/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list b/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list new file mode 100644 index 00000000..ea0845db --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list @@ -0,0 +1,5 @@ +Login Failures Maximum + +bar 1 10 +foo 1 0 +baz 1 10 diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test b/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test new file mode 100755 index 00000000..c315f7cb --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test @@ -0,0 +1,67 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +sleep 1 +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "Remove users foo, bar, baz from passwd and shadow..." +cp /etc/passwd /etc/shadow tmp/ +sed -e '/^(foo|bar|baz):/d' -i /etc/passwd +sed -e '/^(foo|bar|baz):/d' -i /etc/shadow +echo "OK" + +echo -n "reset baz (faillog -m 10 -a -u 1001-)..." +faillog -m 10 -a -u 1001- +echo "OK" + +echo -n "Restore user foo..." +mv tmp/passwd tmp/shadow /etc/ +echo "OK" + +echo -n "faillog..." +faillog > tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp b/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/51_faillog-m_invalid/config.txt b/tests/log/faillog/51_faillog-m_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/51_faillog-m_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/group b/tests/log/faillog/51_faillog-m_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow b/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd b/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow b/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/faillog/51_faillog-m_invalid/data/faillog.err b/tests/log/faillog/51_faillog-m_invalid/data/faillog.err new file mode 100644 index 00000000..009c0f66 --- /dev/null +++ b/tests/log/faillog/51_faillog-m_invalid/data/faillog.err @@ -0,0 +1 @@ +faillog: invalid numeric argument 'bad' diff --git a/tests/log/faillog/51_faillog-m_invalid/faillog.test b/tests/log/faillog/51_faillog-m_invalid/faillog.test new file mode 100755 index 00000000..9e49dbc7 --- /dev/null +++ b/tests/log/faillog/51_faillog-m_invalid/faillog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "faillog -m bad..." +faillog -m bad 2>tmp/faillog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/faillog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/faillog.err tmp/faillog.err +echo "message OK." +rm -f tmp/faillog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config.txt b/tests/log/faillog/52_faillog-t-l_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/faillog/52_faillog-t-l_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out b/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out new file mode 100644 index 00000000..d5d28399 --- /dev/null +++ b/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out @@ -0,0 +1,14 @@ +Usage: faillog [options] + +Options: + -a, --all display faillog records for all users + -h, --help display this help message and exit + -l, --lock-secs SEC after failed login lock account for SEC seconds + -m, --maximum MAX set maximum failed login counters to MAX + -r, --reset reset the counters of login failures + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS display faillog records more recent than DAYS + -u, --user LOGIN/RANGE display faillog record or maintains failure + counters and limits (if used with -r, -m, + or -l) only for the specified LOGIN(s) + diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test b/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test new file mode 100755 index 00000000..fee28891 --- /dev/null +++ b/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog does not accept -l and -t atthe same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Bad faillog usage (faillog -t 10 -l 10)..." +faillog -t 10 -l 10 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config.txt b/tests/log/faillog/53_faillog-t-m_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/faillog/53_faillog-t-m_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out b/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out new file mode 100644 index 00000000..d5d28399 --- /dev/null +++ b/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out @@ -0,0 +1,14 @@ +Usage: faillog [options] + +Options: + -a, --all display faillog records for all users + -h, --help display this help message and exit + -l, --lock-secs SEC after failed login lock account for SEC seconds + -m, --maximum MAX set maximum failed login counters to MAX + -r, --reset reset the counters of login failures + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS display faillog records more recent than DAYS + -u, --user LOGIN/RANGE display faillog record or maintains failure + counters and limits (if used with -r, -m, + or -l) only for the specified LOGIN(s) + diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test b/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test new file mode 100755 index 00000000..0844392b --- /dev/null +++ b/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog does not accept -m and -t atthe same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Bad faillog usage (faillog -t 1 -m 1)..." +faillog -t 1 -m 1 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config.txt b/tests/log/faillog/54_faillog-t-r_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/faillog/54_faillog-t-r_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out b/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out new file mode 100644 index 00000000..d5d28399 --- /dev/null +++ b/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out @@ -0,0 +1,14 @@ +Usage: faillog [options] + +Options: + -a, --all display faillog records for all users + -h, --help display this help message and exit + -l, --lock-secs SEC after failed login lock account for SEC seconds + -m, --maximum MAX set maximum failed login counters to MAX + -r, --reset reset the counters of login failures + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS display faillog records more recent than DAYS + -u, --user LOGIN/RANGE display faillog record or maintains failure + counters and limits (if used with -r, -m, + or -l) only for the specified LOGIN(s) + diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test b/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test new file mode 100755 index 00000000..72cf6c73 --- /dev/null +++ b/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "faillog does not accept -r and -t atthe same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Bad faillog usage (faillog -t -r)..." +faillog -t 1 -r 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "faillog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/55_faillog_no_changes/config.txt b/tests/log/faillog/55_faillog_no_changes/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/group b/tests/log/faillog/55_faillog_no_changes/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow b/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login b/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/passwd b/tests/log/faillog/55_faillog_no_changes/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/shadow b/tests/log/faillog/55_faillog_no_changes/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/55_faillog_no_changes/data/faillog.stat b/tests/log/faillog/55_faillog_no_changes/data/faillog.stat new file mode 100644 index 00000000..fb96c4d9 --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/data/faillog.stat @@ -0,0 +1 @@ +0 root:root `/var/log/faillog' diff --git a/tests/log/faillog/55_faillog_no_changes/faillog.test b/tests/log/faillog/55_faillog_no_changes/faillog.test new file mode 100755 index 00000000..6be6fb7b --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/faillog.test @@ -0,0 +1,35 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "reset baz (faillog -l 0 -m 0 -u baz)..." +faillog -l 0 -m 0 -u baz +echo "OK" + +echo -n "Check permissions and size of the faillog..." +stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat +diff -rauN data/faillog.stat tmp/faillog.stat +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/55_faillog_no_changes/login.exp b/tests/log/faillog/55_faillog_no_changes/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/55_faillog_no_changes/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config.txt b/tests/log/faillog/56_faillog-l-m_empty_file/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/56_faillog-l-m_empty_file/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat b/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat new file mode 100644 index 00000000..66b0df04 --- /dev/null +++ b/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat @@ -0,0 +1 @@ +24072 root:root `/var/log/faillog' diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test b/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test new file mode 100755 index 00000000..bb0ef154 --- /dev/null +++ b/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test @@ -0,0 +1,35 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "reset baz (faillog -l 0 -m 0 -u baz)..." +faillog -a -l 1 -m 1 -u 1000-1002 +echo "OK" + +echo -n "Check size of the faillog..." +stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat +diff -rauN data/faillog.stat tmp/faillog.stat +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/57_faillog-r_empty_file/config.txt b/tests/log/faillog/57_faillog-r_empty_file/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/57_faillog-r_empty_file/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/group b/tests/log/faillog/57_faillog-r_empty_file/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow b/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login b/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd b/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow b/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat b/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat new file mode 100644 index 00000000..fb96c4d9 --- /dev/null +++ b/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat @@ -0,0 +1 @@ +0 root:root `/var/log/faillog' diff --git a/tests/log/faillog/57_faillog-r_empty_file/faillog.test b/tests/log/faillog/57_faillog-r_empty_file/faillog.test new file mode 100755 index 00000000..f52f470e --- /dev/null +++ b/tests/log/faillog/57_faillog-r_empty_file/faillog.test @@ -0,0 +1,35 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "reset baz (faillog -l 0 -m 0 -u baz)..." +faillog -a -r -u 1000-1002 +echo "OK" + +echo -n "Check size of the faillog..." +stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat +diff -rauN data/faillog.stat tmp/faillog.stat +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config.txt b/tests/log/faillog/58_faillog-l_no_failcount/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow new file mode 100644 index 00000000..52721ac3 --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:a:12977:0:99999:7::: +baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list b/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list new file mode 100644 index 00000000..405c1699 --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list @@ -0,0 +1,3 @@ +Login Failures Maximum + +foo 0 0 diff --git a/tests/log/faillog/58_faillog-l_no_failcount/faillog.test b/tests/log/faillog/58_faillog-l_no_failcount/faillog.test new file mode 100755 index 00000000..41e951f7 --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/faillog.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports the locktime even if timeout is not passwed when there are no failures" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "set locktime for foo (faillog -l 10 -u foo)..." +faillog -l 10 -u foo +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" + +echo -n "Reset failure counter for foo..." +faillog -r -u foo +echo "OK" + +echo -n "faillog..." +faillog -u foo> tmp/faillog.out +echo "OK." + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Check the list of users with failures..." +cut -c-28 tmp/faillog.out > tmp/faillog.list +diff -au data/faillog.list tmp/faillog.list +echo "OK" +echo "The lock is displayed as 10s for foo..." +grep "^foo .* \[10s lock\]$" tmp/faillog.out +echo "OK." + +rm -f tmp/faillog.out tmp/faillog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/faillog/58_faillog-l_no_failcount/login.exp b/tests/log/faillog/58_faillog-l_no_failcount/login.exp new file mode 100755 index 00000000..5df09032 --- /dev/null +++ b/tests/log/faillog/58_faillog-l_no_failcount/login.exp @@ -0,0 +1,26 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login $user\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config.txt b/tests/log/lastlog/01_lastlog_no_lastlog/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/01_lastlog_no_lastlog/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err b/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err new file mode 100644 index 00000000..935fdb5e --- /dev/null +++ b/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err @@ -0,0 +1 @@ +/var/log/lastlog: No such file or directory diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test b/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test new file mode 100755 index 00000000..d903f883 --- /dev/null +++ b/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test @@ -0,0 +1,51 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "lastlog detects missing /var/log/lastlog and does not create it" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/lastlog' 0 + +change_config + +echo -n "Remove /var/log/lastlog (it will not be restored)..." +rm -f /var/log/lastlog +echo "OK" + +echo -n "Execute lastlog (lastlog)..." +lastlog 2>tmp/lastlog.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/lastlog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/lastlog.err tmp/lastlog.err +echo "usage message OK." +rm -f tmp/lastlog.err + +echo -n "Check that the /var/log/lastlog file was not created"... +test ! -f /var/log/lastlog +echo "OK" + +touch /var/log/lastlog + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/02_lastlog_usage/config.txt b/tests/log/lastlog/02_lastlog_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/lastlog/02_lastlog_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/group b/tests/log/lastlog/02_lastlog_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/lastlog/02_lastlog_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow b/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/passwd b/tests/log/lastlog/02_lastlog_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/lastlog/02_lastlog_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/shadow b/tests/log/lastlog/02_lastlog_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/lastlog/02_lastlog_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/02_lastlog_usage/data/usage.out b/tests/log/lastlog/02_lastlog_usage/data/usage.out new file mode 100644 index 00000000..410197eb --- /dev/null +++ b/tests/log/lastlog/02_lastlog_usage/data/usage.out @@ -0,0 +1,9 @@ +Usage: lastlog [options] + +Options: + -b, --before DAYS print only lastlog records older than DAYS + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS print only lastlog records more recent than DAYS + -u, --user LOGIN print lastlog record of the specified LOGIN + diff --git a/tests/log/lastlog/02_lastlog_usage/lastlog.test b/tests/log/lastlog/02_lastlog_usage/lastlog.test new file mode 100755 index 00000000..344a1042 --- /dev/null +++ b/tests/log/lastlog/02_lastlog_usage/lastlog.test @@ -0,0 +1,35 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "lastlog can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get lastlog usage (lastlog -h)..." +lastlog -h >tmp/usage.out +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/03_lastlog_format/config.txt b/tests/log/lastlog/03_lastlog_format/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/03_lastlog_format/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/group b/tests/log/lastlog/03_lastlog_format/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/03_lastlog_format/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/gshadow b/tests/log/lastlog/03_lastlog_format/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/03_lastlog_format/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/passwd b/tests/log/lastlog/03_lastlog_format/config/etc/passwd new file mode 100644 index 00000000..ae6ebfe9 --- /dev/null +++ b/tests/log/lastlog/03_lastlog_format/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/shadow b/tests/log/lastlog/03_lastlog_format/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/log/lastlog/03_lastlog_format/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/03_lastlog_format/data/lastlog.out b/tests/log/lastlog/03_lastlog_format/data/lastlog.out new file mode 100644 index 00000000..280e1abf --- /dev/null +++ b/tests/log/lastlog/03_lastlog_format/data/lastlog.out @@ -0,0 +1,20 @@ +Username Port From Latest +root **Never logged in** +daemon **Never logged in** +bin **Never logged in** +sys **Never logged in** +sync **Never logged in** +games **Never logged in** +man **Never logged in** +lp **Never logged in** +mail **Never logged in** +news **Never logged in** +uucp **Never logged in** +proxy **Never logged in** +www-data **Never logged in** +backup **Never logged in** +list **Never logged in** +irc **Never logged in** +gnats **Never logged in** +nobody **Never logged in** +Debian-exim **Never logged in** diff --git a/tests/log/lastlog/03_lastlog_format/lastlog.test b/tests/log/lastlog/03_lastlog_format/lastlog.test new file mode 100755 index 00000000..b59c19b4 --- /dev/null +++ b/tests/log/lastlog/03_lastlog_format/lastlog.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +cp data/lastlog.out tmp/lastlog.out1 +cp data/lastlog.out tmp/lastlog.out2 +TTY=0 +while true +do + [ ! -e /dev/pts/$TTY ] && break + TTY=$((TTY+1)) +done + + +DATE=$(LC_ALL=C date +"%a %b %e %H:%M:%S %z %Y") +printf "%-16s %-8.8s %-16.16s %s\n" foo "pts/$TTY" "" "$DATE" >> tmp/lastlog.out1 + +echo -n "Trigger a connection as foo..." +./login.exp +echo "OK" + +DATE=$(LC_ALL=C date +"%a %b %e %H:%M:%S %z %Y") +printf "%-16s %-8.8s %-16.16s %s\n" foo "pts/$TTY" "" "$DATE" >> tmp/lastlog.out2 + +echo -n "lastlog..." +lastlog > tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the lastlog message..." +diff -au tmp/lastlog.out tmp/lastlog.out1 || diff -au tmp/lastlog.out tmp/lastlog.out2 +echo "lastlog message OK." +rm -f tmp/lastlog.out tmp/lastlog.out1 tmp/lastlog.out2 + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/03_lastlog_format/login.exp b/tests/log/lastlog/03_lastlog_format/login.exp new file mode 100755 index 00000000..c8866d92 --- /dev/null +++ b/tests/log/lastlog/03_lastlog_format/login.exp @@ -0,0 +1,13 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login -f foo\r" +expect "$ " + +send "exit\r" +exit 0 diff --git a/tests/log/lastlog/04_lastlog_mulitple/config.txt b/tests/log/lastlog/04_lastlog_mulitple/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/04_lastlog_mulitple/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/group b/tests/log/lastlog/04_lastlog_mulitple/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow b/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd b/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow b/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list b/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list new file mode 100644 index 00000000..ae27a131 --- /dev/null +++ b/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list @@ -0,0 +1,4 @@ +Username +bar +foo +baz diff --git a/tests/log/lastlog/04_lastlog_mulitple/lastlog.test b/tests/log/lastlog/04_lastlog_mulitple/lastlog.test new file mode 100755 index 00000000..630c7f5b --- /dev/null +++ b/tests/log/lastlog/04_lastlog_mulitple/lastlog.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +./login.exp baz +echo "OK" + +echo -n "lastlog..." +lastlog > tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | grep -v "Never logged in" | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/04_lastlog_mulitple/login.exp b/tests/log/lastlog/04_lastlog_mulitple/login.exp new file mode 100755 index 00000000..664f919e --- /dev/null +++ b/tests/log/lastlog/04_lastlog_mulitple/login.exp @@ -0,0 +1,19 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login -f $user\r" +expect "$ " + +send "exit\r" +exit 0 diff --git a/tests/log/lastlog/05_lastlog-u_ID/config.txt b/tests/log/lastlog/05_lastlog-u_ID/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/05_lastlog-u_ID/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/group b/tests/log/lastlog/05_lastlog-u_ID/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow b/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd b/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow b/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list b/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list new file mode 100644 index 00000000..aa542b81 --- /dev/null +++ b/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list @@ -0,0 +1,2 @@ +Username +bar diff --git a/tests/log/lastlog/05_lastlog-u_ID/lastlog.test b/tests/log/lastlog/05_lastlog-u_ID/lastlog.test new file mode 100755 index 00000000..b1de502b --- /dev/null +++ b/tests/log/lastlog/05_lastlog-u_ID/lastlog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u 1001..." +lastlog -u 1001> tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/06_lastlog-u_name/config.txt b/tests/log/lastlog/06_lastlog-u_name/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/06_lastlog-u_name/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/group b/tests/log/lastlog/06_lastlog-u_name/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow b/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd b/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow b/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list b/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list new file mode 100644 index 00000000..f886a83f --- /dev/null +++ b/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list @@ -0,0 +1,2 @@ +Username +baz diff --git a/tests/log/lastlog/06_lastlog-u_name/lastlog.test b/tests/log/lastlog/06_lastlog-u_name/lastlog.test new file mode 100755 index 00000000..b17312a4 --- /dev/null +++ b/tests/log/lastlog/06_lastlog-u_name/lastlog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u baz..." +lastlog -u baz> tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt b/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list b/tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list new file mode 100644 index 00000000..e69de29b diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test b/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test new file mode 100755 index 00000000..36d1a2a5 --- /dev/null +++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u 1003..." +lastlog -u 1003> tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +diff -au data/lastlog.list tmp/lastlog.out +echo "OK." + +rm -f tmp/lastlog.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt b/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err b/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err new file mode 100644 index 00000000..c604c0e1 --- /dev/null +++ b/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err @@ -0,0 +1 @@ +lastlog: Unknown user or range: me diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test b/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test new file mode 100755 index 00000000..66fdad0c --- /dev/null +++ b/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u me..." +lastlog -u me 2>tmp/lastlog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/lastlog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/lastlog.err tmp/lastlog.err +echo "message OK." +rm -f tmp/lastlog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/09_lastlog-u_range/config.txt b/tests/log/lastlog/09_lastlog-u_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/09_lastlog-u_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/group b/tests/log/lastlog/09_lastlog-u_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow b/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd b/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow b/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list b/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list new file mode 100644 index 00000000..0d06c77b --- /dev/null +++ b/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list @@ -0,0 +1,7 @@ +Username +bar +list +irc +gnats +Debian-exim +foo diff --git a/tests/log/lastlog/09_lastlog-u_range/lastlog.test b/tests/log/lastlog/09_lastlog-u_range/lastlog.test new file mode 100755 index 00000000..232d0884 --- /dev/null +++ b/tests/log/lastlog/09_lastlog-u_range/lastlog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u 38-1001..." +lastlog -u 38-1001> tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config.txt b/tests/log/lastlog/10_lastlog-u_open_range/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/10_lastlog-u_open_range/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list b/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list new file mode 100644 index 00000000..692874a8 --- /dev/null +++ b/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list @@ -0,0 +1,21 @@ +Username +root +daemon +bin +bar +sys +sync +games +man +lp +mail +news +uucp +proxy +www-data +backup +list +irc +gnats +Debian-exim +foo diff --git a/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test b/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test new file mode 100755 index 00000000..5bc3d6b7 --- /dev/null +++ b/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "lastlog supports open ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u -1001..." +lastlog -u -1001> tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config.txt b/tests/log/lastlog/11_lastlog-u_range_open/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/11_lastlog-u_range_open/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list b/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list new file mode 100644 index 00000000..4ad4379d --- /dev/null +++ b/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list @@ -0,0 +1,9 @@ +Username +bar +list +irc +gnats +nobody +Debian-exim +foo +baz diff --git a/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test b/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test new file mode 100755 index 00000000..ab36308b --- /dev/null +++ b/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "lastlog supports open ranges (2)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u 38-..." +lastlog -u 38-> tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt b/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err b/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err new file mode 100644 index 00000000..13416079 --- /dev/null +++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err @@ -0,0 +1 @@ +lastlog: Unknown user or range: foo-bar diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test b/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test new file mode 100755 index 00000000..85879b27 --- /dev/null +++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u foo-bar..." +lastlog -u foo-bar 2>tmp/lastlog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/lastlog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/lastlog.err tmp/lastlog.err +echo "message OK." +rm -f tmp/lastlog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt b/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err b/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err new file mode 100644 index 00000000..cff222b2 --- /dev/null +++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err @@ -0,0 +1 @@ +lastlog: Unknown user or range: foo- diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test b/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test new file mode 100755 index 00000000..6d6d09b3 --- /dev/null +++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u foo-..." +lastlog -u foo- 2>tmp/lastlog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/lastlog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/lastlog.err tmp/lastlog.err +echo "message OK." +rm -f tmp/lastlog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt b/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err b/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err new file mode 100644 index 00000000..999f9a20 --- /dev/null +++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err @@ -0,0 +1 @@ +lastlog: Unknown user or range: -foo diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test b/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test new file mode 100755 index 00000000..6cd61ef2 --- /dev/null +++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -u -foo..." +lastlog -u -foo 2>tmp/lastlog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/lastlog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/lastlog.err tmp/lastlog.err +echo "message OK." +rm -f tmp/lastlog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/15_lastlog_bad_option/config.txt b/tests/log/lastlog/15_lastlog_bad_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/lastlog/15_lastlog_bad_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/group b/tests/log/lastlog/15_lastlog_bad_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow b/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd b/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow b/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/15_lastlog_bad_option/data/usage.out b/tests/log/lastlog/15_lastlog_bad_option/data/usage.out new file mode 100644 index 00000000..fe1385a7 --- /dev/null +++ b/tests/log/lastlog/15_lastlog_bad_option/data/usage.out @@ -0,0 +1,10 @@ +lastlog: invalid option -- 'Z' +Usage: lastlog [options] + +Options: + -b, --before DAYS print only lastlog records older than DAYS + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS print only lastlog records more recent than DAYS + -u, --user LOGIN print lastlog record of the specified LOGIN + diff --git a/tests/log/lastlog/15_lastlog_bad_option/lastlog.test b/tests/log/lastlog/15_lastlog_bad_option/lastlog.test new file mode 100755 index 00000000..9e56fe27 --- /dev/null +++ b/tests/log/lastlog/15_lastlog_bad_option/lastlog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "lastlog can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get lastlog usage (lastlog -Z)..." +lastlog -Z 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config.txt b/tests/log/lastlog/16_lastlog_extra_arg/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/log/lastlog/16_lastlog_extra_arg/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out b/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out new file mode 100644 index 00000000..ab3455bd --- /dev/null +++ b/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out @@ -0,0 +1,10 @@ +lastlog: unexpected argument: foo +Usage: lastlog [options] + +Options: + -b, --before DAYS print only lastlog records older than DAYS + -h, --help display this help message and exit + -R, --root CHROOT_DIR directory to chroot into + -t, --time DAYS print only lastlog records more recent than DAYS + -u, --user LOGIN print lastlog record of the specified LOGIN + diff --git a/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test b/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test new file mode 100755 index 00000000..387c2921 --- /dev/null +++ b/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "lastlog checks if there are extra arguments" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get lastlog usage (lastlog foo)..." +lastlog foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/17_lastlog-t/config.txt b/tests/log/lastlog/17_lastlog-t/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/17_lastlog-t/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/group b/tests/log/lastlog/17_lastlog-t/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/17_lastlog-t/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/gshadow b/tests/log/lastlog/17_lastlog-t/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/17_lastlog-t/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/passwd b/tests/log/lastlog/17_lastlog-t/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/17_lastlog-t/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/shadow b/tests/log/lastlog/17_lastlog-t/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/17_lastlog-t/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/17_lastlog-t/data/lastlog.list b/tests/log/lastlog/17_lastlog-t/data/lastlog.list new file mode 100644 index 00000000..f81812d5 --- /dev/null +++ b/tests/log/lastlog/17_lastlog-t/data/lastlog.list @@ -0,0 +1,3 @@ +Username +bar +foo diff --git a/tests/log/lastlog/17_lastlog-t/lastlog.test b/tests/log/lastlog/17_lastlog-t/lastlog.test new file mode 100755 index 00000000..a000caee --- /dev/null +++ b/tests/log/lastlog/17_lastlog-t/lastlog.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "Trigger a connection as foo..." +LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz +echo "OK" + +echo -n "lastlog..." +lastlog -t 3 > tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/17_lastlog-t/login.exp b/tests/log/lastlog/17_lastlog-t/login.exp new file mode 100755 index 00000000..a0052334 --- /dev/null +++ b/tests/log/lastlog/17_lastlog-t/login.exp @@ -0,0 +1,19 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login -p -f $user\r" +expect "$ " + +send "exit\r" +exit 0 diff --git a/tests/log/lastlog/18_lastlog-b/config.txt b/tests/log/lastlog/18_lastlog-b/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/18_lastlog-b/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/group b/tests/log/lastlog/18_lastlog-b/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/18_lastlog-b/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/gshadow b/tests/log/lastlog/18_lastlog-b/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/18_lastlog-b/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/passwd b/tests/log/lastlog/18_lastlog-b/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/18_lastlog-b/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/shadow b/tests/log/lastlog/18_lastlog-b/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/18_lastlog-b/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/18_lastlog-b/data/lastlog.list b/tests/log/lastlog/18_lastlog-b/data/lastlog.list new file mode 100644 index 00000000..219b8dad --- /dev/null +++ b/tests/log/lastlog/18_lastlog-b/data/lastlog.list @@ -0,0 +1,21 @@ +Username +root +daemon +bin +sys +sync +games +man +lp +mail +news +uucp +proxy +www-data +backup +list +irc +gnats +nobody +Debian-exim +baz diff --git a/tests/log/lastlog/18_lastlog-b/lastlog.test b/tests/log/lastlog/18_lastlog-b/lastlog.test new file mode 100755 index 00000000..17349a3c --- /dev/null +++ b/tests/log/lastlog/18_lastlog-b/lastlog.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports all entry from /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "Trigger a connection as foo..." +LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo +echo "OK" +echo -n "Trigger a connection as bar..." +./login.exp bar +echo "OK" +echo -n "Trigger a connection as baz..." +LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz +echo "OK" + +echo -n "lastlog..." +lastlog -b 3 > tmp/lastlog.out +echo "OK." + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Check the list of logged in users..." +cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list +diff -au data/lastlog.list tmp/lastlog.list +echo "OK." + +rm -f tmp/lastlog.out tmp/lastlog.list + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/18_lastlog-b/login.exp b/tests/log/lastlog/18_lastlog-b/login.exp new file mode 100755 index 00000000..a0052334 --- /dev/null +++ b/tests/log/lastlog/18_lastlog-b/login.exp @@ -0,0 +1,19 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set user [lindex $argv 0] +} else { + set user "foo" +} + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login -p -f $user\r" +expect "$ " + +send "exit\r" +exit 0 diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config.txt b/tests/log/lastlog/19_lastlog-t_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/19_lastlog-t_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err b/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err new file mode 100644 index 00000000..8197db74 --- /dev/null +++ b/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err @@ -0,0 +1 @@ +lastlog: invalid numeric argument '-2' diff --git a/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test b/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test new file mode 100755 index 00000000..50f71b52 --- /dev/null +++ b/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -t -2..." +lastlog -t -2 2>tmp/lastlog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/lastlog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/lastlog.err tmp/lastlog.err +echo "message OK." +rm -f tmp/lastlog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config.txt b/tests/log/lastlog/20_lastlog-b_invalid/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/log/lastlog/20_lastlog-b_invalid/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd new file mode 100644 index 00000000..9d34d3af --- /dev/null +++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +bar:x:1001:1001::/home/bar:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow new file mode 100644 index 00000000..972f2cd0 --- /dev/null +++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +baz:!:12977:0:99999:7::: diff --git a/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err b/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err new file mode 100644 index 00000000..34429d41 --- /dev/null +++ b/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err @@ -0,0 +1 @@ +lastlog: invalid numeric argument '2a' diff --git a/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test b/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test new file mode 100755 index 00000000..af968131 --- /dev/null +++ b/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "reports invalid -b argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +> /var/log/lastlog +echo "OK" + +echo -n "lastlog -t 2a..." +lastlog -b 2a 2>tmp/lastlog.err && exit 1 || { + status=$? +} +echo "OK." + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "lastlog reported:" +echo "=======================================================================" +cat tmp/lastlog.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/lastlog.err tmp/lastlog.err +echo "message OK." +rm -f tmp/lastlog.err + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/login/01_login_prompt/config.txt b/tests/login/01_login_prompt/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/login/01_login_prompt/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/login/01_login_prompt/config/etc/group b/tests/login/01_login_prompt/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/login/01_login_prompt/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/login/01_login_prompt/config/etc/gshadow b/tests/login/01_login_prompt/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/login/01_login_prompt/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/login/01_login_prompt/config/etc/login.defs b/tests/login/01_login_prompt/config/etc/login.defs new file mode 100644 index 00000000..8605f437 --- /dev/null +++ b/tests/login/01_login_prompt/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/login/01_login_prompt/config/etc/passwd b/tests/login/01_login_prompt/config/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/login/01_login_prompt/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/login/01_login_prompt/config/etc/shadow b/tests/login/01_login_prompt/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/login/01_login_prompt/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/login/01_login_prompt/login.exp b/tests/login/01_login_prompt/login.exp new file mode 100755 index 00000000..05323aa3 --- /dev/null +++ b/tests/login/01_login_prompt/login.exp @@ -0,0 +1,23 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login\r" +expect " login: " +send "myuser\r" +expect "Password: " +send "myuserF00barbaz\r" +expect "$ " + +send "# expect uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " +send "id\r" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " +send "exit\r" + +exit 0 diff --git a/tests/login/01_login_prompt/login.test b/tests/login/01_login_prompt/login.test new file mode 100755 index 00000000..5ef6e924 --- /dev/null +++ b/tests/login/01_login_prompt/login.test @@ -0,0 +1,26 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +testname=$(basename $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "try regular login with user prompt" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./login.exp + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/login/02_login_user/config.txt b/tests/login/02_login_user/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/login/02_login_user/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/login/02_login_user/config/etc/group b/tests/login/02_login_user/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/login/02_login_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/login/02_login_user/config/etc/gshadow b/tests/login/02_login_user/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/login/02_login_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/login/02_login_user/config/etc/login.defs b/tests/login/02_login_user/config/etc/login.defs new file mode 100644 index 00000000..8605f437 --- /dev/null +++ b/tests/login/02_login_user/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/login/02_login_user/config/etc/passwd b/tests/login/02_login_user/config/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/login/02_login_user/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/login/02_login_user/config/etc/shadow b/tests/login/02_login_user/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/login/02_login_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/login/02_login_user/login.exp b/tests/login/02_login_user/login.exp new file mode 100755 index 00000000..c8b9b34d --- /dev/null +++ b/tests/login/02_login_user/login.exp @@ -0,0 +1,20 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login myuser\r" +expect "Password: " +send "myuserF00barbaz\r" +expect "$ " + +send "id\r" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " +send "exit\r" + +exit 0 + diff --git a/tests/login/02_login_user/login.test b/tests/login/02_login_user/login.test new file mode 100755 index 00000000..5ef6e924 --- /dev/null +++ b/tests/login/02_login_user/login.test @@ -0,0 +1,26 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +testname=$(basename $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "try regular login with user prompt" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./login.exp + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/login/03_login_check_tty/config.txt b/tests/login/03_login_check_tty/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/login/03_login_check_tty/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/login/03_login_check_tty/config/etc/group b/tests/login/03_login_check_tty/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/login/03_login_check_tty/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/login/03_login_check_tty/config/etc/gshadow b/tests/login/03_login_check_tty/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/login/03_login_check_tty/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/login/03_login_check_tty/config/etc/login.defs b/tests/login/03_login_check_tty/config/etc/login.defs new file mode 100644 index 00000000..8605f437 --- /dev/null +++ b/tests/login/03_login_check_tty/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/login/03_login_check_tty/config/etc/passwd b/tests/login/03_login_check_tty/config/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/login/03_login_check_tty/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/login/03_login_check_tty/config/etc/shadow b/tests/login/03_login_check_tty/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/login/03_login_check_tty/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/login/03_login_check_tty/login.exp b/tests/login/03_login_check_tty/login.exp new file mode 100755 index 00000000..cb511242 --- /dev/null +++ b/tests/login/03_login_check_tty/login.exp @@ -0,0 +1,22 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login myuser\r" +expect "Password: " +send "myuserF00barbaz\r" +expect "$ " + +send "# expecting c--x-wx--T 88 424242/myuser 5/tty\r" +expect "$ " +send "stat -c '%A %t %u/%U %g/%G' `tty`\r" +expect "crw------- 88 424242/myuser 5/tty\r" +expect "$ " +send "exit\r" + +exit 0 + diff --git a/tests/login/03_login_check_tty/login.test b/tests/login/03_login_check_tty/login.test new file mode 100755 index 00000000..5ef6e924 --- /dev/null +++ b/tests/login/03_login_check_tty/login.test @@ -0,0 +1,26 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +testname=$(basename $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "try regular login with user prompt" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./login.exp + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/01_create_user/config.txt b/tests/newusers/01_create_user/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/01_create_user/config/etc/group b/tests/newusers/01_create_user/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/01_create_user/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/01_create_user/config/etc/gshadow b/tests/newusers/01_create_user/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/01_create_user/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/01_create_user/config/etc/pam.d/common-password b/tests/newusers/01_create_user/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/01_create_user/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/01_create_user/config/etc/pam.d/newusers b/tests/newusers/01_create_user/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/01_create_user/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/01_create_user/config/etc/passwd b/tests/newusers/01_create_user/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/01_create_user/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/01_create_user/config/etc/shadow b/tests/newusers/01_create_user/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/01_create_user/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/01_create_user/data/group b/tests/newusers/01_create_user/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/01_create_user/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/01_create_user/data/gshadow b/tests/newusers/01_create_user/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/01_create_user/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/01_create_user/data/newusers.list b/tests/newusers/01_create_user/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/01_create_user/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/01_create_user/data/passwd b/tests/newusers/01_create_user/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/01_create_user/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/01_create_user/data/shadow b/tests/newusers/01_create_user/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/newusers/01_create_user/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/01_create_user/newusers.test b/tests/newusers/01_create_user/newusers.test new file mode 100755 index 00000000..049dd177 --- /dev/null +++ b/tests/newusers/01_create_user/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/02_update_password/config.txt b/tests/newusers/02_update_password/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/02_update_password/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/02_update_password/config/etc/group b/tests/newusers/02_update_password/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/02_update_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/02_update_password/config/etc/gshadow b/tests/newusers/02_update_password/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/02_update_password/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/02_update_password/config/etc/pam.d/common-password b/tests/newusers/02_update_password/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/02_update_password/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/02_update_password/config/etc/pam.d/newusers b/tests/newusers/02_update_password/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/02_update_password/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/02_update_password/config/etc/passwd b/tests/newusers/02_update_password/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/02_update_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/02_update_password/config/etc/shadow b/tests/newusers/02_update_password/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/02_update_password/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/02_update_password/data/newusers.list b/tests/newusers/02_update_password/data/newusers.list new file mode 100644 index 00000000..cc3b9ad4 --- /dev/null +++ b/tests/newusers/02_update_password/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/02_update_password/data/shadow b/tests/newusers/02_update_password/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/02_update_password/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/02_update_password/newusers.test b/tests/newusers/02_update_password/newusers.test new file mode 100755 index 00000000..17d08e2c --- /dev/null +++ b/tests/newusers/02_update_password/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the password of an existing user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/03_no_update_pid/config.txt b/tests/newusers/03_no_update_pid/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/03_no_update_pid/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/03_no_update_pid/config/etc/group b/tests/newusers/03_no_update_pid/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/03_no_update_pid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/03_no_update_pid/config/etc/gshadow b/tests/newusers/03_no_update_pid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/03_no_update_pid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password b/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers b/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/03_no_update_pid/config/etc/passwd b/tests/newusers/03_no_update_pid/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/03_no_update_pid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/03_no_update_pid/config/etc/shadow b/tests/newusers/03_no_update_pid/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/03_no_update_pid/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/03_no_update_pid/data/newusers.list b/tests/newusers/03_no_update_pid/data/newusers.list new file mode 100644 index 00000000..e3128e76 --- /dev/null +++ b/tests/newusers/03_no_update_pid/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:4242::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/03_no_update_pid/data/shadow b/tests/newusers/03_no_update_pid/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/03_no_update_pid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/03_no_update_pid/newusers.test b/tests/newusers/03_no_update_pid/newusers.test new file mode 100755 index 00000000..5e599246 --- /dev/null +++ b/tests/newusers/03_no_update_pid/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers does not change the pid of an existing user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/04_no_update_gid/config.txt b/tests/newusers/04_no_update_gid/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/04_no_update_gid/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/04_no_update_gid/config/etc/group b/tests/newusers/04_no_update_gid/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/04_no_update_gid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/04_no_update_gid/config/etc/gshadow b/tests/newusers/04_no_update_gid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/04_no_update_gid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password b/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers b/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/04_no_update_gid/config/etc/passwd b/tests/newusers/04_no_update_gid/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/04_no_update_gid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/04_no_update_gid/config/etc/shadow b/tests/newusers/04_no_update_gid/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/04_no_update_gid/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/04_no_update_gid/data/newusers.list b/tests/newusers/04_no_update_gid/data/newusers.list new file mode 100644 index 00000000..2610f3c6 --- /dev/null +++ b/tests/newusers/04_no_update_gid/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:4242:4242:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/04_no_update_gid/data/shadow b/tests/newusers/04_no_update_gid/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/04_no_update_gid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/04_no_update_gid/newusers.test b/tests/newusers/04_no_update_gid/newusers.test new file mode 100755 index 00000000..c1dabfa9 --- /dev/null +++ b/tests/newusers/04_no_update_gid/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers does not change the gid of an existing user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/05_create_user_pid/config.txt b/tests/newusers/05_create_user_pid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/05_create_user_pid/config/etc/group b/tests/newusers/05_create_user_pid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/05_create_user_pid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/05_create_user_pid/config/etc/gshadow b/tests/newusers/05_create_user_pid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/05_create_user_pid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password b/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers b/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/05_create_user_pid/config/etc/passwd b/tests/newusers/05_create_user_pid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/05_create_user_pid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/05_create_user_pid/config/etc/shadow b/tests/newusers/05_create_user_pid/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/05_create_user_pid/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/05_create_user_pid/data/group b/tests/newusers/05_create_user_pid/data/group new file mode 100644 index 00000000..96574a5a --- /dev/null +++ b/tests/newusers/05_create_user_pid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:4242: diff --git a/tests/newusers/05_create_user_pid/data/gshadow b/tests/newusers/05_create_user_pid/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/05_create_user_pid/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/05_create_user_pid/data/newusers.list b/tests/newusers/05_create_user_pid/data/newusers.list new file mode 100644 index 00000000..f374b1b3 --- /dev/null +++ b/tests/newusers/05_create_user_pid/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:4242::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/05_create_user_pid/data/passwd b/tests/newusers/05_create_user_pid/data/passwd new file mode 100644 index 00000000..a45d9a76 --- /dev/null +++ b/tests/newusers/05_create_user_pid/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:4242:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/05_create_user_pid/data/shadow b/tests/newusers/05_create_user_pid/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/newusers/05_create_user_pid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/05_create_user_pid/newusers.test b/tests/newusers/05_create_user_pid/newusers.test new file mode 100755 index 00000000..d2aa56a3 --- /dev/null +++ b/tests/newusers/05_create_user_pid/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with a given pid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/06_create_user_gid/config.txt b/tests/newusers/06_create_user_gid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/06_create_user_gid/config/etc/group b/tests/newusers/06_create_user_gid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/06_create_user_gid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/06_create_user_gid/config/etc/gshadow b/tests/newusers/06_create_user_gid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/06_create_user_gid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password b/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers b/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/06_create_user_gid/config/etc/passwd b/tests/newusers/06_create_user_gid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/06_create_user_gid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/06_create_user_gid/config/etc/shadow b/tests/newusers/06_create_user_gid/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/06_create_user_gid/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/06_create_user_gid/data/group b/tests/newusers/06_create_user_gid/data/group new file mode 100644 index 00000000..96574a5a --- /dev/null +++ b/tests/newusers/06_create_user_gid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:4242: diff --git a/tests/newusers/06_create_user_gid/data/gshadow b/tests/newusers/06_create_user_gid/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/06_create_user_gid/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/06_create_user_gid/data/newusers.list b/tests/newusers/06_create_user_gid/data/newusers.list new file mode 100644 index 00000000..50e75050 --- /dev/null +++ b/tests/newusers/06_create_user_gid/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::4242:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/06_create_user_gid/data/passwd b/tests/newusers/06_create_user_gid/data/passwd new file mode 100644 index 00000000..8ed5455a --- /dev/null +++ b/tests/newusers/06_create_user_gid/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:4242:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/06_create_user_gid/data/shadow b/tests/newusers/06_create_user_gid/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/newusers/06_create_user_gid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/06_create_user_gid/newusers.test b/tests/newusers/06_create_user_gid/newusers.test new file mode 100755 index 00000000..57cb0d52 --- /dev/null +++ b/tests/newusers/06_create_user_gid/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with a given gid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/07_create_user_pid_gid/config.txt b/tests/newusers/07_create_user_pid_gid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/group b/tests/newusers/07_create_user_pid_gid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/gshadow b/tests/newusers/07_create_user_pid_gid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/passwd b/tests/newusers/07_create_user_pid_gid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/shadow b/tests/newusers/07_create_user_pid_gid/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/07_create_user_pid_gid/data/group b/tests/newusers/07_create_user_pid_gid/data/group new file mode 100644 index 00000000..96574a5a --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:4242: diff --git a/tests/newusers/07_create_user_pid_gid/data/gshadow b/tests/newusers/07_create_user_pid_gid/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/07_create_user_pid_gid/data/newusers.list b/tests/newusers/07_create_user_pid_gid/data/newusers.list new file mode 100644 index 00000000..1701c92e --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:4242:4242:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/07_create_user_pid_gid/data/passwd b/tests/newusers/07_create_user_pid_gid/data/passwd new file mode 100644 index 00000000..a45d9a76 --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:4242:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/07_create_user_pid_gid/data/shadow b/tests/newusers/07_create_user_pid_gid/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/07_create_user_pid_gid/newusers.test b/tests/newusers/07_create_user_pid_gid/newusers.test new file mode 100755 index 00000000..e9b09148 --- /dev/null +++ b/tests/newusers/07_create_user_pid_gid/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with given pid and gid (both identical)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/08_create_user_pid_other-gid/config.txt b/tests/newusers/08_create_user_pid_other-gid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/group b/tests/newusers/08_create_user_pid_other-gid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow b/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd b/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow b/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/08_create_user_pid_other-gid/data/group b/tests/newusers/08_create_user_pid_other-gid/data/group new file mode 100644 index 00000000..b2d9984d --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:4243: diff --git a/tests/newusers/08_create_user_pid_other-gid/data/gshadow b/tests/newusers/08_create_user_pid_other-gid/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/08_create_user_pid_other-gid/data/newusers.list b/tests/newusers/08_create_user_pid_other-gid/data/newusers.list new file mode 100644 index 00000000..a71043dc --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:4242:4243:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/08_create_user_pid_other-gid/data/passwd b/tests/newusers/08_create_user_pid_other-gid/data/passwd new file mode 100644 index 00000000..fdefa6ce --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:4243:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/08_create_user_pid_other-gid/data/shadow b/tests/newusers/08_create_user_pid_other-gid/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/08_create_user_pid_other-gid/newusers.test b/tests/newusers/08_create_user_pid_other-gid/newusers.test new file mode 100755 index 00000000..66573dfa --- /dev/null +++ b/tests/newusers/08_create_user_pid_other-gid/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with given pid and gid (with different id)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config.txt b/tests/newusers/09_create_user_pid-as-user-bar/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group new file mode 100644 index 00000000..7c6bf3a6 --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1042: diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow new file mode 100644 index 00000000..0586f95b --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:x:: diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd new file mode 100644 index 00000000..26d70f24 --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1042:1042::/:/bin/false diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow new file mode 100644 index 00000000..aa523bda --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/group b/tests/newusers/09_create_user_pid-as-user-bar/data/group new file mode 100644 index 00000000..90da8d7f --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1042: +foo:x:1043: diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow b/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow new file mode 100644 index 00000000..d11bb83c --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:x:: +foo:*:: diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list b/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list new file mode 100644 index 00000000..56855340 --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:bar::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/passwd b/tests/newusers/09_create_user_pid-as-user-bar/data/passwd new file mode 100644 index 00000000..5f9155bb --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1042:1042::/:/bin/false +foo:x:1042:1043:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/shadow b/tests/newusers/09_create_user_pid-as-user-bar/data/shadow new file mode 100644 index 00000000..28046f81 --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/data/shadow @@ -0,0 +1,21 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/09_create_user_pid-as-user-bar/newusers.test b/tests/newusers/09_create_user_pid-as-user-bar/newusers.test new file mode 100755 index 00000000..93deeb23 --- /dev/null +++ b/tests/newusers/09_create_user_pid-as-user-bar/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with the pid of a named user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config.txt b/tests/newusers/10_create_user_gid-as-group-bar/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group new file mode 100644 index 00000000..4e6b697b --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1043: diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow new file mode 100644 index 00000000..0586f95b --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:x:: diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd new file mode 100644 index 00000000..901ce16e --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1042:1043::/:/bin/false diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow new file mode 100644 index 00000000..aa523bda --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list b/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/passwd b/tests/newusers/10_create_user_gid-as-group-bar/data/passwd new file mode 100644 index 00000000..e4742730 --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1042:1043::/:/bin/false +foo:x:1043:1043:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/shadow b/tests/newusers/10_create_user_gid-as-group-bar/data/shadow new file mode 100644 index 00000000..28046f81 --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/data/shadow @@ -0,0 +1,21 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/10_create_user_gid-as-group-bar/newusers.test b/tests/newusers/10_create_user_gid-as-group-bar/newusers.test new file mode 100755 index 00000000..ba852a4f --- /dev/null +++ b/tests/newusers/10_create_user_gid-as-group-bar/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with the gid of a named group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/11_update_gecos/config.txt b/tests/newusers/11_update_gecos/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/11_update_gecos/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/11_update_gecos/config/etc/group b/tests/newusers/11_update_gecos/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/11_update_gecos/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/11_update_gecos/config/etc/gshadow b/tests/newusers/11_update_gecos/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/11_update_gecos/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/11_update_gecos/config/etc/pam.d/common-password b/tests/newusers/11_update_gecos/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/11_update_gecos/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/11_update_gecos/config/etc/pam.d/newusers b/tests/newusers/11_update_gecos/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/11_update_gecos/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/11_update_gecos/config/etc/passwd b/tests/newusers/11_update_gecos/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/11_update_gecos/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/11_update_gecos/config/etc/shadow b/tests/newusers/11_update_gecos/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/11_update_gecos/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/11_update_gecos/data/newusers.list b/tests/newusers/11_update_gecos/data/newusers.list new file mode 100644 index 00000000..d4ac60ca --- /dev/null +++ b/tests/newusers/11_update_gecos/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field - updated::/bin/sh diff --git a/tests/newusers/11_update_gecos/data/passwd b/tests/newusers/11_update_gecos/data/passwd new file mode 100644 index 00000000..c84bc61d --- /dev/null +++ b/tests/newusers/11_update_gecos/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field - updated::/bin/sh diff --git a/tests/newusers/11_update_gecos/data/shadow b/tests/newusers/11_update_gecos/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/11_update_gecos/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/11_update_gecos/newusers.test b/tests/newusers/11_update_gecos/newusers.test new file mode 100755 index 00000000..fb57724f --- /dev/null +++ b/tests/newusers/11_update_gecos/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the gecos of an existing user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/12_update_shell/config.txt b/tests/newusers/12_update_shell/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/12_update_shell/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/12_update_shell/config/etc/group b/tests/newusers/12_update_shell/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/12_update_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/12_update_shell/config/etc/gshadow b/tests/newusers/12_update_shell/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/12_update_shell/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/12_update_shell/config/etc/pam.d/common-password b/tests/newusers/12_update_shell/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/12_update_shell/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/12_update_shell/config/etc/pam.d/newusers b/tests/newusers/12_update_shell/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/12_update_shell/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/12_update_shell/config/etc/passwd b/tests/newusers/12_update_shell/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/12_update_shell/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/12_update_shell/config/etc/shadow b/tests/newusers/12_update_shell/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/12_update_shell/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/12_update_shell/data/newusers.list b/tests/newusers/12_update_shell/data/newusers.list new file mode 100644 index 00000000..55add69f --- /dev/null +++ b/tests/newusers/12_update_shell/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field::/bin/bash diff --git a/tests/newusers/12_update_shell/data/passwd b/tests/newusers/12_update_shell/data/passwd new file mode 100644 index 00000000..8fc494c0 --- /dev/null +++ b/tests/newusers/12_update_shell/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/bash diff --git a/tests/newusers/12_update_shell/data/shadow b/tests/newusers/12_update_shell/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/12_update_shell/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/12_update_shell/newusers.test b/tests/newusers/12_update_shell/newusers.test new file mode 100755 index 00000000..aca25916 --- /dev/null +++ b/tests/newusers/12_update_shell/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the shell of an existing user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/13_create_user_new-home/config.txt b/tests/newusers/13_create_user_new-home/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/13_create_user_new-home/config/etc/group b/tests/newusers/13_create_user_new-home/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/13_create_user_new-home/config/etc/gshadow b/tests/newusers/13_create_user_new-home/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password b/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers b/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/13_create_user_new-home/config/etc/passwd b/tests/newusers/13_create_user_new-home/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/13_create_user_new-home/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/13_create_user_new-home/config/etc/shadow b/tests/newusers/13_create_user_new-home/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/13_create_user_new-home/data/group b/tests/newusers/13_create_user_new-home/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/13_create_user_new-home/data/gshadow b/tests/newusers/13_create_user_new-home/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/13_create_user_new-home/data/home_ls-a b/tests/newusers/13_create_user_new-home/data/home_ls-a new file mode 100644 index 00000000..81b7cb22 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/data/home_ls-a @@ -0,0 +1,2 @@ +drwxr-xr-x foo:foo `/tmp/test-newusers/.' +drwxrwxrwt root:root `/tmp/test-newusers/..' diff --git a/tests/newusers/13_create_user_new-home/data/newusers.list b/tests/newusers/13_create_user_new-home/data/newusers.list new file mode 100644 index 00000000..d2dacfd6 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field:/tmp/test-newusers:/bin/sh diff --git a/tests/newusers/13_create_user_new-home/data/passwd b/tests/newusers/13_create_user_new-home/data/passwd new file mode 100644 index 00000000..a6c525be --- /dev/null +++ b/tests/newusers/13_create_user_new-home/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field:/tmp/test-newusers:/bin/sh diff --git a/tests/newusers/13_create_user_new-home/data/shadow b/tests/newusers/13_create_user_new-home/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/newusers/13_create_user_new-home/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/13_create_user_new-home/newusers.test b/tests/newusers/13_create_user_new-home/newusers.test new file mode 100755 index 00000000..3a693c13 --- /dev/null +++ b/tests/newusers/13_create_user_new-home/newusers.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers creates the user's home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Home directory does not exist yet..." +test ! -d /tmp/test-newusers +echo "OK" + +trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0 + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +echo -n "Home directory was created..." +test -d /tmp/test-newusers +echo "OK" + +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" + +echo -n "Removing home directory..." +rm -rf /tmp/test-newusers +echo "OK" + +# cleanup +rm -f tmp/home_ls-a + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/14_create_user_existing-home/config.txt b/tests/newusers/14_create_user_existing-home/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/14_create_user_existing-home/config/etc/group b/tests/newusers/14_create_user_existing-home/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/14_create_user_existing-home/config/etc/gshadow b/tests/newusers/14_create_user_existing-home/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/14_create_user_existing-home/config/etc/passwd b/tests/newusers/14_create_user_existing-home/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/14_create_user_existing-home/config/etc/shadow b/tests/newusers/14_create_user_existing-home/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/14_create_user_existing-home/data/group b/tests/newusers/14_create_user_existing-home/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/14_create_user_existing-home/data/gshadow b/tests/newusers/14_create_user_existing-home/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/14_create_user_existing-home/data/home_ls-a b/tests/newusers/14_create_user_existing-home/data/home_ls-a new file mode 100644 index 00000000..50cd7c49 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/data/home_ls-a @@ -0,0 +1,2 @@ +drwxr-xr-x root:root `/tmp/test-newusers/.' +drwxrwxrwt root:root `/tmp/test-newusers/..' diff --git a/tests/newusers/14_create_user_existing-home/data/newusers.list b/tests/newusers/14_create_user_existing-home/data/newusers.list new file mode 100644 index 00000000..d2dacfd6 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field:/tmp/test-newusers:/bin/sh diff --git a/tests/newusers/14_create_user_existing-home/data/passwd b/tests/newusers/14_create_user_existing-home/data/passwd new file mode 100644 index 00000000..a6c525be --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field:/tmp/test-newusers:/bin/sh diff --git a/tests/newusers/14_create_user_existing-home/data/shadow b/tests/newusers/14_create_user_existing-home/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/14_create_user_existing-home/newusers.test b/tests/newusers/14_create_user_existing-home/newusers.test new file mode 100755 index 00000000..1410aa20 --- /dev/null +++ b/tests/newusers/14_create_user_existing-home/newusers.test @@ -0,0 +1,61 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with an existing home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Home directory does not exist yet..." +test ! -d /tmp/test-newusers +echo "OK" + +mkdir /tmp/test-newusers + +trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0 + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +echo -n "Home directory was created..." +test -d /tmp/test-newusers +echo "OK" + +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" + +echo -n "Removing home directory..." +rm -rf /tmp/test-newusers +echo "OK" + +# cleanup +rm -f tmp/home_ls-a + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/15_update_new-home/config.txt b/tests/newusers/15_update_new-home/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/15_update_new-home/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/15_update_new-home/config/etc/group b/tests/newusers/15_update_new-home/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/15_update_new-home/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/15_update_new-home/config/etc/gshadow b/tests/newusers/15_update_new-home/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/15_update_new-home/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/15_update_new-home/config/etc/pam.d/common-password b/tests/newusers/15_update_new-home/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/15_update_new-home/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/15_update_new-home/config/etc/pam.d/newusers b/tests/newusers/15_update_new-home/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/15_update_new-home/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/15_update_new-home/config/etc/passwd b/tests/newusers/15_update_new-home/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/15_update_new-home/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/15_update_new-home/config/etc/shadow b/tests/newusers/15_update_new-home/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/15_update_new-home/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/15_update_new-home/data/home_ls-a b/tests/newusers/15_update_new-home/data/home_ls-a new file mode 100644 index 00000000..81b7cb22 --- /dev/null +++ b/tests/newusers/15_update_new-home/data/home_ls-a @@ -0,0 +1,2 @@ +drwxr-xr-x foo:foo `/tmp/test-newusers/.' +drwxrwxrwt root:root `/tmp/test-newusers/..' diff --git a/tests/newusers/15_update_new-home/data/newusers.list b/tests/newusers/15_update_new-home/data/newusers.list new file mode 100644 index 00000000..b2025dec --- /dev/null +++ b/tests/newusers/15_update_new-home/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers:/bin/bash diff --git a/tests/newusers/15_update_new-home/data/passwd b/tests/newusers/15_update_new-home/data/passwd new file mode 100644 index 00000000..1db48b7a --- /dev/null +++ b/tests/newusers/15_update_new-home/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers:/bin/bash diff --git a/tests/newusers/15_update_new-home/data/shadow b/tests/newusers/15_update_new-home/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/15_update_new-home/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/15_update_new-home/newusers.test b/tests/newusers/15_update_new-home/newusers.test new file mode 100755 index 00000000..bc20ecf3 --- /dev/null +++ b/tests/newusers/15_update_new-home/newusers.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +# TODO: check what happens to the old home +log_start "$0" "newusers can update the home directory of an user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Home directory does not exist yet..." +test ! -d /tmp/test-newusers +echo "OK" + +trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0 + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +echo -n "Home directory was created..." +test -d /tmp/test-newusers +echo "OK" + +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" + +echo -n "Removing home directory..." +rm -rf /tmp/test-newusers +echo "OK" + +# cleanup +rm -f tmp/home_ls-a + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/16_update_existing-home/config.txt b/tests/newusers/16_update_existing-home/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/16_update_existing-home/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/16_update_existing-home/config/etc/group b/tests/newusers/16_update_existing-home/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/16_update_existing-home/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/16_update_existing-home/config/etc/gshadow b/tests/newusers/16_update_existing-home/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/16_update_existing-home/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password b/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers b/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/16_update_existing-home/config/etc/passwd b/tests/newusers/16_update_existing-home/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/16_update_existing-home/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/16_update_existing-home/config/etc/shadow b/tests/newusers/16_update_existing-home/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/16_update_existing-home/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/16_update_existing-home/data/home_ls-a b/tests/newusers/16_update_existing-home/data/home_ls-a new file mode 100644 index 00000000..50cd7c49 --- /dev/null +++ b/tests/newusers/16_update_existing-home/data/home_ls-a @@ -0,0 +1,2 @@ +drwxr-xr-x root:root `/tmp/test-newusers/.' +drwxrwxrwt root:root `/tmp/test-newusers/..' diff --git a/tests/newusers/16_update_existing-home/data/newusers.list b/tests/newusers/16_update_existing-home/data/newusers.list new file mode 100644 index 00000000..b2025dec --- /dev/null +++ b/tests/newusers/16_update_existing-home/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers:/bin/bash diff --git a/tests/newusers/16_update_existing-home/data/passwd b/tests/newusers/16_update_existing-home/data/passwd new file mode 100644 index 00000000..1db48b7a --- /dev/null +++ b/tests/newusers/16_update_existing-home/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers:/bin/bash diff --git a/tests/newusers/16_update_existing-home/data/shadow b/tests/newusers/16_update_existing-home/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/16_update_existing-home/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/16_update_existing-home/newusers.test b/tests/newusers/16_update_existing-home/newusers.test new file mode 100755 index 00000000..1d901fa1 --- /dev/null +++ b/tests/newusers/16_update_existing-home/newusers.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the home directory of an user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Home directory does not exist yet..." +test ! -d /tmp/test-newusers +echo "OK" + +mkdir /tmp/test-newusers +trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0 + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +echo -n "Home directory was created..." +test -d /tmp/test-newusers +echo "OK" + +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" + +echo -n "Removing home directory..." +rm -rf /tmp/test-newusers +echo "OK" + +# cleanup +rm -f tmp/home_ls-a + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/17_create_user_pid-already-used/config.txt b/tests/newusers/17_create_user_pid-already-used/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/group b/tests/newusers/17_create_user_pid-already-used/config/etc/group new file mode 100644 index 00000000..7c6bf3a6 --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1042: diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow b/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow new file mode 100644 index 00000000..0586f95b --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:x:: diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/passwd b/tests/newusers/17_create_user_pid-already-used/config/etc/passwd new file mode 100644 index 00000000..26d70f24 --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1042:1042::/:/bin/false diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/shadow b/tests/newusers/17_create_user_pid-already-used/config/etc/shadow new file mode 100644 index 00000000..aa523bda --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/newusers/17_create_user_pid-already-used/data/group b/tests/newusers/17_create_user_pid-already-used/data/group new file mode 100644 index 00000000..90da8d7f --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1042: +foo:x:1043: diff --git a/tests/newusers/17_create_user_pid-already-used/data/gshadow b/tests/newusers/17_create_user_pid-already-used/data/gshadow new file mode 100644 index 00000000..d11bb83c --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:x:: +foo:*:: diff --git a/tests/newusers/17_create_user_pid-already-used/data/newusers.list b/tests/newusers/17_create_user_pid-already-used/data/newusers.list new file mode 100644 index 00000000..f1c75fea --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:1042::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/17_create_user_pid-already-used/data/passwd b/tests/newusers/17_create_user_pid-already-used/data/passwd new file mode 100644 index 00000000..5f9155bb --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1042:1042::/:/bin/false +foo:x:1042:1043:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/17_create_user_pid-already-used/data/shadow b/tests/newusers/17_create_user_pid-already-used/data/shadow new file mode 100644 index 00000000..28046f81 --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/data/shadow @@ -0,0 +1,21 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/17_create_user_pid-already-used/newusers.test b/tests/newusers/17_create_user_pid-already-used/newusers.test new file mode 100755 index 00000000..8546a9b0 --- /dev/null +++ b/tests/newusers/17_create_user_pid-already-used/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with a pid already used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/18_create_user_gid-already-used/config.txt b/tests/newusers/18_create_user_gid-already-used/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/group b/tests/newusers/18_create_user_gid-already-used/config/etc/group new file mode 100644 index 00000000..4e6b697b --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1043: diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow b/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow new file mode 100644 index 00000000..0586f95b --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:x:: diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/passwd b/tests/newusers/18_create_user_gid-already-used/config/etc/passwd new file mode 100644 index 00000000..901ce16e --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1042:1043::/:/bin/false diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/shadow b/tests/newusers/18_create_user_gid-already-used/config/etc/shadow new file mode 100644 index 00000000..aa523bda --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/newusers/18_create_user_gid-already-used/data/newusers.list b/tests/newusers/18_create_user_gid-already-used/data/newusers.list new file mode 100644 index 00000000..17144183 --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::1043:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/18_create_user_gid-already-used/data/passwd b/tests/newusers/18_create_user_gid-already-used/data/passwd new file mode 100644 index 00000000..e4742730 --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1042:1043::/:/bin/false +foo:x:1043:1043:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/18_create_user_gid-already-used/data/shadow b/tests/newusers/18_create_user_gid-already-used/data/shadow new file mode 100644 index 00000000..28046f81 --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/data/shadow @@ -0,0 +1,21 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/18_create_user_gid-already-used/newusers.test b/tests/newusers/18_create_user_gid-already-used/newusers.test new file mode 100755 index 00000000..7b15be85 --- /dev/null +++ b/tests/newusers/18_create_user_gid-already-used/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user with a gid already used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/19_update_keep-old-home/config.txt b/tests/newusers/19_update_keep-old-home/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/19_update_keep-old-home/config/etc/group b/tests/newusers/19_update_keep-old-home/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/19_update_keep-old-home/config/etc/gshadow b/tests/newusers/19_update_keep-old-home/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/19_update_keep-old-home/config/etc/passwd b/tests/newusers/19_update_keep-old-home/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/19_update_keep-old-home/config/etc/shadow b/tests/newusers/19_update_keep-old-home/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/19_update_keep-old-home/data/home_ls-a b/tests/newusers/19_update_keep-old-home/data/home_ls-a new file mode 100644 index 00000000..85833ad1 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/data/home_ls-a @@ -0,0 +1,2 @@ +drwxr-xr-x foo:foo `/tmp/test-newusers2/.' +drwxrwxrwt root:root `/tmp/test-newusers2/..' diff --git a/tests/newusers/19_update_keep-old-home/data/home_ls-a.old b/tests/newusers/19_update_keep-old-home/data/home_ls-a.old new file mode 100644 index 00000000..c8d0412f --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/data/home_ls-a.old @@ -0,0 +1,3 @@ +-rw-r--r-- root:root `/tmp/test-newusers/foo' +drwxr-xr-x root:root `/tmp/test-newusers/.' +drwxrwxrwt root:root `/tmp/test-newusers/..' diff --git a/tests/newusers/19_update_keep-old-home/data/newusers.list b/tests/newusers/19_update_keep-old-home/data/newusers.list new file mode 100644 index 00000000..7864ffe2 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers2:/bin/bash diff --git a/tests/newusers/19_update_keep-old-home/data/passwd b/tests/newusers/19_update_keep-old-home/data/passwd new file mode 100644 index 00000000..23cd1295 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers2:/bin/bash diff --git a/tests/newusers/19_update_keep-old-home/data/shadow b/tests/newusers/19_update_keep-old-home/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/19_update_keep-old-home/newusers.test b/tests/newusers/19_update_keep-old-home/newusers.test new file mode 100755 index 00000000..74eea457 --- /dev/null +++ b/tests/newusers/19_update_keep-old-home/newusers.test @@ -0,0 +1,69 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +# I don't know if it's really a feature +log_start "$0" "newusers keeps the old home when changing the home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Home directory does not exist yet..." +test ! -d /tmp/test-newusers +echo "OK" + +mkdir /tmp/test-newusers +echo foo > /tmp/test-newusers/foo +trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0 + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +echo -n "Home directory was created..." +test -d /tmp/test-newusers2 +echo "OK" +echo -n "Old home directory is still there..." +test -d /tmp/test-newusers +echo "OK" + +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a.old +diff -rauN data/home_ls-a.old tmp/home_ls-a.old +echo "OK" +echo -n "Check content of /tmp/test-newusers2..." +stat --printf "%A %U:%G %N\n" /tmp/test-newusers2/* /tmp/test-newusers2/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" + +echo -n "Removing home directories..." +rm -rf /tmp/test-newusers /tmp/test-newusers2 +echo "OK" + +# cleanup +rm -f tmp/home_ls-a tmp/home_ls-a.old + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/20_multiple_users/config.txt b/tests/newusers/20_multiple_users/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/20_multiple_users/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/20_multiple_users/config/etc/group b/tests/newusers/20_multiple_users/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/20_multiple_users/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/20_multiple_users/config/etc/gshadow b/tests/newusers/20_multiple_users/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/20_multiple_users/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/20_multiple_users/config/etc/pam.d/common-password b/tests/newusers/20_multiple_users/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/20_multiple_users/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/20_multiple_users/config/etc/pam.d/newusers b/tests/newusers/20_multiple_users/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/20_multiple_users/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/20_multiple_users/config/etc/passwd b/tests/newusers/20_multiple_users/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/20_multiple_users/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/20_multiple_users/config/etc/shadow b/tests/newusers/20_multiple_users/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/20_multiple_users/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/20_multiple_users/data/group b/tests/newusers/20_multiple_users/data/group new file mode 100644 index 00000000..ee3ddc0c --- /dev/null +++ b/tests/newusers/20_multiple_users/data/group @@ -0,0 +1,58 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo +foo1:x:1000: +foo1a:x:1001: +foo2:x:2000: +foo3:x:2001: +foo4:x:3000: +foo5:x:3005: +foo6:x:3002: +foo7:x:61000: +foo8:x:3003: +foo9:x:3006: +foo10:x:3004: +foo11:x:63000: +foo12:x:3007: +foo13:x:3008: +foo14:x:59000: +foo15:x:59001: diff --git a/tests/newusers/20_multiple_users/data/gshadow b/tests/newusers/20_multiple_users/data/gshadow new file mode 100644 index 00000000..37b6caa2 --- /dev/null +++ b/tests/newusers/20_multiple_users/data/gshadow @@ -0,0 +1,57 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: +foo1a:*:: +foo2:*:: +foo3:*:: +foo4:*:: +foo5:*:: +foo6:*:: +foo7:*:: +foo8:*:: +foo9:*:: +foo10:*:: +foo11:*:: +foo12:*:: +foo13:*:: +foo14:*:: +foo15:*:: diff --git a/tests/newusers/20_multiple_users/data/newusers.list b/tests/newusers/20_multiple_users/data/newusers.list new file mode 100644 index 00000000..68d54c2b --- /dev/null +++ b/tests/newusers/20_multiple_users/data/newusers.list @@ -0,0 +1,17 @@ +foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh +foo1a:foo1aPas:foo1::User Foo - Gecos Field::/bin/sh +foo1b:foo1bPas::foo1a:User Foo - Gecos Field::/bin/sh +foo2:foo2Pass:2000:2000:User Foo - Gecos Field::/bin/sh +foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh +foo4:foo4Pass:3000::User Foo - Gecos Field::/bin/sh +foo5:foo5Pass::3005:User Foo - Gecos Field::/bin/sh +foo6:foo6Pass:::User Foo - Gecos Field::/bin/sh +foo7:foo7Pass:61000:61000:User Foo - Gecos Field::/bin/sh +foo8:foo8Pass:::User Foo - Gecos Field::/bin/sh +foo9:foo9Pass:62000::User Foo - Gecos Field::/bin/sh +foo10:foo10Pas:::User Foo - Gecos Field::/bin/sh +foo11:foo11Pas::63000:User Foo - Gecos Field::/bin/sh +foo12:foo12Pas:::User Foo - Gecos Field::/bin/sh +foo13:foo13Pas:::User Foo - Gecos Field::/bin/sh +foo14:foo14Pas:59000::User Foo - Gecos Field::/bin/sh +foo15:foo15Pas:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/20_multiple_users/data/passwd b/tests/newusers/20_multiple_users/data/passwd new file mode 100644 index 00000000..1dde7d59 --- /dev/null +++ b/tests/newusers/20_multiple_users/data/passwd @@ -0,0 +1,37 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh +foo1:x:1000:1000:User Foo - Gecos Field::/bin/sh +foo1a:x:1000:1001:User Foo - Gecos Field::/bin/sh +foo1b:x:1001:1001:User Foo - Gecos Field::/bin/sh +foo2:x:2000:2000:User Foo - Gecos Field::/bin/sh +foo3:x:2001:2001:User Foo - Gecos Field::/bin/sh +foo4:x:3000:3000:User Foo - Gecos Field::/bin/sh +foo5:x:3001:3005:User Foo - Gecos Field::/bin/sh +foo6:x:3002:3002:User Foo - Gecos Field::/bin/sh +foo7:x:61000:61000:User Foo - Gecos Field::/bin/sh +foo8:x:3003:3003:User Foo - Gecos Field::/bin/sh +foo9:x:62000:3006:User Foo - Gecos Field::/bin/sh +foo10:x:3004:3004:User Foo - Gecos Field::/bin/sh +foo11:x:3005:63000:User Foo - Gecos Field::/bin/sh +foo12:x:3006:3007:User Foo - Gecos Field::/bin/sh +foo13:x:3007:3008:User Foo - Gecos Field::/bin/sh +foo14:x:59000:59000:User Foo - Gecos Field::/bin/sh +foo15:x:59001:59001:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/20_multiple_users/data/shadow b/tests/newusers/20_multiple_users/data/shadow new file mode 100644 index 00000000..f77568e7 --- /dev/null +++ b/tests/newusers/20_multiple_users/data/shadow @@ -0,0 +1,37 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: +foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7::: +foo1a:@PASS_DES foo1aPas@:@TODAY@:0:99999:7::: +foo1b:@PASS_DES foo1bPas@:@TODAY@:0:99999:7::: +foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7::: +foo3:@PASS_DES foo3Pass@:@TODAY@:0:99999:7::: +foo4:@PASS_DES foo4Pass@:@TODAY@:0:99999:7::: +foo5:@PASS_DES foo5Pass@:@TODAY@:0:99999:7::: +foo6:@PASS_DES foo6Pass@:@TODAY@:0:99999:7::: +foo7:@PASS_DES foo7Pass@:@TODAY@:0:99999:7::: +foo8:@PASS_DES foo8Pass@:@TODAY@:0:99999:7::: +foo9:@PASS_DES foo9Pass@:@TODAY@:0:99999:7::: +foo10:@PASS_DES foo10Pas@:@TODAY@:0:99999:7::: +foo11:@PASS_DES foo11Pas@:@TODAY@:0:99999:7::: +foo12:@PASS_DES foo12Pas@:@TODAY@:0:99999:7::: +foo13:@PASS_DES foo13Pas@:@TODAY@:0:99999:7::: +foo14:@PASS_DES foo14Pas@:@TODAY@:0:99999:7::: +foo15:@PASS_DES foo15Pas@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/20_multiple_users/newusers.test b/tests/newusers/20_multiple_users/newusers.test new file mode 100755 index 00000000..8868f632 --- /dev/null +++ b/tests/newusers/20_multiple_users/newusers.test @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can add multiple users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list +cp /etc/shadow /tmp + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/21_create_user_UID_MAX/config.txt b/tests/newusers/21_create_user_UID_MAX/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/group b/tests/newusers/21_create_user_UID_MAX/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow b/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/passwd b/tests/newusers/21_create_user_UID_MAX/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/shadow b/tests/newusers/21_create_user_UID_MAX/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/21_create_user_UID_MAX/data/group b/tests/newusers/21_create_user_UID_MAX/data/group new file mode 100644 index 00000000..f1809d93 --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:60000: +foo2:x:1000: diff --git a/tests/newusers/21_create_user_UID_MAX/data/gshadow b/tests/newusers/21_create_user_UID_MAX/data/gshadow new file mode 100644 index 00000000..5e2c5d3c --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: +foo2:*:: diff --git a/tests/newusers/21_create_user_UID_MAX/data/newusers.list b/tests/newusers/21_create_user_UID_MAX/data/newusers.list new file mode 100644 index 00000000..30e9ec47 --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/data/newusers.list @@ -0,0 +1,2 @@ +foo1:foo1Pass:60000::User Foo - Gecos Field::/bin/sh +foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/21_create_user_UID_MAX/data/passwd b/tests/newusers/21_create_user_UID_MAX/data/passwd new file mode 100644 index 00000000..0af03d5a --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:60000:60000:User Foo - Gecos Field::/bin/sh +foo2:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/21_create_user_UID_MAX/data/shadow b/tests/newusers/21_create_user_UID_MAX/data/shadow new file mode 100644 index 00000000..e33ca21a --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/data/shadow @@ -0,0 +1,21 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7::: +foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/21_create_user_UID_MAX/newusers.test b/tests/newusers/21_create_user_UID_MAX/newusers.test new file mode 100755 index 00000000..bb0e4cff --- /dev/null +++ b/tests/newusers/21_create_user_UID_MAX/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers reuses a lower UID when UID_MAX is used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/22_create_user_GID_MAX/config.txt b/tests/newusers/22_create_user_GID_MAX/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/group b/tests/newusers/22_create_user_GID_MAX/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow b/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/passwd b/tests/newusers/22_create_user_GID_MAX/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/shadow b/tests/newusers/22_create_user_GID_MAX/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/22_create_user_GID_MAX/data/group b/tests/newusers/22_create_user_GID_MAX/data/group new file mode 100644 index 00000000..f1809d93 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:60000: +foo2:x:1000: diff --git a/tests/newusers/22_create_user_GID_MAX/data/gshadow b/tests/newusers/22_create_user_GID_MAX/data/gshadow new file mode 100644 index 00000000..5e2c5d3c --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: +foo2:*:: diff --git a/tests/newusers/22_create_user_GID_MAX/data/newusers.list b/tests/newusers/22_create_user_GID_MAX/data/newusers.list new file mode 100644 index 00000000..08a2eff5 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/data/newusers.list @@ -0,0 +1,2 @@ +foo1:foo1Pass::60000:User Foo - Gecos Field::/bin/sh +foo2:foo2Pass:60000::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/22_create_user_GID_MAX/data/passwd b/tests/newusers/22_create_user_GID_MAX/data/passwd new file mode 100644 index 00000000..7f7ec764 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:60000:User Foo - Gecos Field::/bin/sh +foo2:x:60000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/22_create_user_GID_MAX/data/shadow b/tests/newusers/22_create_user_GID_MAX/data/shadow new file mode 100644 index 00000000..e33ca21a --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/data/shadow @@ -0,0 +1,21 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7::: +foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/22_create_user_GID_MAX/newusers.test b/tests/newusers/22_create_user_GID_MAX/newusers.test new file mode 100755 index 00000000..e07b0812 --- /dev/null +++ b/tests/newusers/22_create_user_GID_MAX/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers reuses a lower GID when GID_MAX is used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/23_create_user_error_negativ_UID/config.txt b/tests/newusers/23_create_user_error_negativ_UID/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/group b/tests/newusers/23_create_user_error_negativ_UID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow b/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd b/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow b/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err new file mode 100644 index 00000000..d19a1814 --- /dev/null +++ b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err @@ -0,0 +1,3 @@ +newusers: user '-1' does not exist +newusers: line 1: can't create user +newusers: error detected, changes ignored diff --git a/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list new file mode 100644 index 00000000..16f7a03c --- /dev/null +++ b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:-1::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/23_create_user_error_negativ_UID/newusers.test b/tests/newusers/23_create_user_error_negativ_UID/newusers.test new file mode 100755 index 00000000..69704225 --- /dev/null +++ b/tests/newusers/23_create_user_error_negativ_UID/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails with negativ UID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/24_create_user_error_invalid_UID/config.txt b/tests/newusers/24_create_user_error_invalid_UID/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/group b/tests/newusers/24_create_user_error_invalid_UID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow b/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd b/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow b/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err new file mode 100644 index 00000000..d31a5706 --- /dev/null +++ b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err @@ -0,0 +1,3 @@ +newusers: invalid user ID '1foo' +newusers: line 1: can't create user +newusers: error detected, changes ignored diff --git a/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list new file mode 100644 index 00000000..11bf6b7a --- /dev/null +++ b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:1foo::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/24_create_user_error_invalid_UID/newusers.test b/tests/newusers/24_create_user_error_invalid_UID/newusers.test new file mode 100755 index 00000000..33d4c8b2 --- /dev/null +++ b/tests/newusers/24_create_user_error_invalid_UID/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails with invalid UID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config.txt b/tests/newusers/25_create_user_error_no_remaining_UID/config.txt new file mode 100644 index 00000000..63f3a933 --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/config.txt @@ -0,0 +1,2 @@ +UID_MIN 1000 +UID_MAX 1001 diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs new file mode 100644 index 00000000..d404e726 --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 1001 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err new file mode 100644 index 00000000..e12137fb --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err @@ -0,0 +1,3 @@ +newusers: Can't get unique UID (no more available UIDs) +newusers: line 3: can't create user +newusers: error detected, changes ignored diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list new file mode 100644 index 00000000..8d89304e --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list @@ -0,0 +1,3 @@ +foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh +foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh +foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test b/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test new file mode 100755 index 00000000..64123888 --- /dev/null +++ b/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails when there are no more available UIDs" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" +echo "newusers returned status '$status'" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config.txt b/tests/newusers/26_create_user_error_no_remaining_GID/config.txt new file mode 100644 index 00000000..06fe8087 --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/config.txt @@ -0,0 +1,4 @@ +UID_MIN 1000 +UID_MAX 1002 +GID_MIN 1000 +GID_MAX 1001 diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs new file mode 100644 index 00000000..67a02964 --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 1002 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 1001 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err new file mode 100644 index 00000000..1c506379 --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err @@ -0,0 +1,3 @@ +newusers: Can't get unique GID (no more available GIDs) +newusers: line 3: can't create group +newusers: error detected, changes ignored diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list new file mode 100644 index 00000000..8d89304e --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list @@ -0,0 +1,3 @@ +foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh +foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh +foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test b/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test new file mode 100755 index 00000000..f4c9683e --- /dev/null +++ b/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails when there are no more available GIDs" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" +echo "newusers returned status '$status'" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/27_create_user_error_invalid_username/config.txt b/tests/newusers/27_create_user_error_invalid_username/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/group b/tests/newusers/27_create_user_error_invalid_username/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow b/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd b/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow b/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/27_create_user_error_invalid_username/data/newusers.err b/tests/newusers/27_create_user_error_invalid_username/data/newusers.err new file mode 100644 index 00000000..1781a939 --- /dev/null +++ b/tests/newusers/27_create_user_error_invalid_username/data/newusers.err @@ -0,0 +1,3 @@ +newusers: invalid group name 'f o o' +newusers: line 1: can't create group +newusers: error detected, changes ignored diff --git a/tests/newusers/27_create_user_error_invalid_username/data/newusers.list b/tests/newusers/27_create_user_error_invalid_username/data/newusers.list new file mode 100644 index 00000000..9b2d68b1 --- /dev/null +++ b/tests/newusers/27_create_user_error_invalid_username/data/newusers.list @@ -0,0 +1 @@ +f o o:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/27_create_user_error_invalid_username/newusers.test b/tests/newusers/27_create_user_error_invalid_username/newusers.test new file mode 100755 index 00000000..7ba27801 --- /dev/null +++ b/tests/newusers/27_create_user_error_invalid_username/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails if the username is invalid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config.txt b/tests/newusers/28_create_user_error_invalid_groupname/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err new file mode 100644 index 00000000..1781a939 --- /dev/null +++ b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err @@ -0,0 +1,3 @@ +newusers: invalid group name 'f o o' +newusers: line 1: can't create group +newusers: error detected, changes ignored diff --git a/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list new file mode 100644 index 00000000..f57cf94c --- /dev/null +++ b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::f o o:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/28_create_user_error_invalid_groupname/newusers.test b/tests/newusers/28_create_user_error_invalid_groupname/newusers.test new file mode 100755 index 00000000..6503bf17 --- /dev/null +++ b/tests/newusers/28_create_user_error_invalid_groupname/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails if the groupname is invalid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err new file mode 100644 index 00000000..420b0762 --- /dev/null +++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err @@ -0,0 +1,3 @@ +newusers: invalid user name 'f o o' +newusers: line 1: can't create user +newusers: error detected, changes ignored diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list new file mode 100644 index 00000000..6f74caf3 --- /dev/null +++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list @@ -0,0 +1 @@ +f o o:fooPass::foo:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test new file mode 100755 index 00000000..9131db77 --- /dev/null +++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails if the username is invalid (even if groupname is valid)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/30_create_user_different_groupname/config.txt b/tests/newusers/30_create_user_different_groupname/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/group b/tests/newusers/30_create_user_different_groupname/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/gshadow b/tests/newusers/30_create_user_different_groupname/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/passwd b/tests/newusers/30_create_user_different_groupname/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/shadow b/tests/newusers/30_create_user_different_groupname/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/30_create_user_different_groupname/data/group b/tests/newusers/30_create_user_different_groupname/data/group new file mode 100644 index 00000000..75815b99 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:1000: diff --git a/tests/newusers/30_create_user_different_groupname/data/gshadow b/tests/newusers/30_create_user_different_groupname/data/gshadow new file mode 100644 index 00000000..e814af09 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/newusers/30_create_user_different_groupname/data/newusers.list b/tests/newusers/30_create_user_different_groupname/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/30_create_user_different_groupname/data/passwd b/tests/newusers/30_create_user_different_groupname/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/30_create_user_different_groupname/data/shadow b/tests/newusers/30_create_user_different_groupname/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/30_create_user_different_groupname/newusers.test b/tests/newusers/30_create_user_different_groupname/newusers.test new file mode 100755 index 00000000..c5fd4bb0 --- /dev/null +++ b/tests/newusers/30_create_user_different_groupname/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user and new group with different names" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/31_create_user_error_invalid_GID/config.txt b/tests/newusers/31_create_user_error_invalid_GID/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/group b/tests/newusers/31_create_user_error_invalid_GID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow b/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd b/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow b/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err new file mode 100644 index 00000000..8a425dfe --- /dev/null +++ b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err @@ -0,0 +1,3 @@ +newusers: invalid group ID '1foo' +newusers: line 1: can't create group +newusers: error detected, changes ignored diff --git a/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list new file mode 100644 index 00000000..09a2d0b1 --- /dev/null +++ b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::1foo:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/31_create_user_error_invalid_GID/newusers.test b/tests/newusers/31_create_user_error_invalid_GID/newusers.test new file mode 100755 index 00000000..01e701e5 --- /dev/null +++ b/tests/newusers/31_create_user_error_invalid_GID/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails with invalid GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt b/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt new file mode 100644 index 00000000..9f0f6106 --- /dev/null +++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt @@ -0,0 +1 @@ +group bar exist in gshadow, not in group diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow new file mode 100644 index 00000000..e814af09 --- /dev/null +++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err new file mode 100644 index 00000000..4d8ae702 --- /dev/null +++ b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err @@ -0,0 +1,3 @@ +newusers: group 'bar' is a shadow group, but does not exist in /etc/group +newusers: line 1: can't create group +newusers: error detected, changes ignored diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list new file mode 100644 index 00000000..f9d747c2 --- /dev/null +++ b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass::bar:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test b/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test new file mode 100755 index 00000000..40749e3b --- /dev/null +++ b/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails if a user references a group which exist in gshadow and not in group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/33_update_password_no_shadow_password/config.txt b/tests/newusers/33_update_password_no_shadow_password/config.txt new file mode 100644 index 00000000..02cfc9a9 --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/config.txt @@ -0,0 +1,2 @@ +User foo exists, with password fooPass +no user foo in /etc/shadow diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/group b/tests/newusers/33_update_password_no_shadow_password/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow b/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd b/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd new file mode 100644 index 00000000..90bf0abb --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow b/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/33_update_password_no_shadow_password/data/newusers.list b/tests/newusers/33_update_password_no_shadow_password/data/newusers.list new file mode 100644 index 00000000..cc3b9ad4 --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/33_update_password_no_shadow_password/data/passwd b/tests/newusers/33_update_password_no_shadow_password/data/passwd new file mode 100644 index 00000000..33b4c02a --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:@PASS_DES fooPass2@:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/33_update_password_no_shadow_password/newusers.test b/tests/newusers/33_update_password_no_shadow_password/newusers.test new file mode 100755 index 00000000..38189f78 --- /dev/null +++ b/tests/newusers/33_update_password_no_shadow_password/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the password of a user which does not exist in shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/34_update_password_no_shadow/config.txt b/tests/newusers/34_update_password_no_shadow/config.txt new file mode 100644 index 00000000..557c421c --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/config.txt @@ -0,0 +1,2 @@ +User foo exists, with password fooPass +/etc/shadow will be destroyed diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/group b/tests/newusers/34_update_password_no_shadow/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/gshadow b/tests/newusers/34_update_password_no_shadow/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/passwd b/tests/newusers/34_update_password_no_shadow/config/etc/passwd new file mode 100644 index 00000000..90bf0abb --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/shadow b/tests/newusers/34_update_password_no_shadow/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/34_update_password_no_shadow/data/newusers.list b/tests/newusers/34_update_password_no_shadow/data/newusers.list new file mode 100644 index 00000000..cc3b9ad4 --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/34_update_password_no_shadow/data/passwd b/tests/newusers/34_update_password_no_shadow/data/passwd new file mode 100644 index 00000000..33b4c02a --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:@PASS_DES fooPass2@:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/34_update_password_no_shadow/newusers.test b/tests/newusers/34_update_password_no_shadow/newusers.test new file mode 100755 index 00000000..1a9979e3 --- /dev/null +++ b/tests/newusers/34_update_password_no_shadow/newusers.test @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the password of an existing user, when there is no shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config +rm -f /etc/shadow /etc/gshadow + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/35_read_from_stdin/config.txt b/tests/newusers/35_read_from_stdin/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/35_read_from_stdin/config/etc/group b/tests/newusers/35_read_from_stdin/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/35_read_from_stdin/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/35_read_from_stdin/config/etc/gshadow b/tests/newusers/35_read_from_stdin/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/35_read_from_stdin/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password b/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers b/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/35_read_from_stdin/config/etc/passwd b/tests/newusers/35_read_from_stdin/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/35_read_from_stdin/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/35_read_from_stdin/config/etc/shadow b/tests/newusers/35_read_from_stdin/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/35_read_from_stdin/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/35_read_from_stdin/data/group b/tests/newusers/35_read_from_stdin/data/group new file mode 100644 index 00000000..15f4c27f --- /dev/null +++ b/tests/newusers/35_read_from_stdin/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:1000: +foo2:x:1001: diff --git a/tests/newusers/35_read_from_stdin/data/gshadow b/tests/newusers/35_read_from_stdin/data/gshadow new file mode 100644 index 00000000..5e2c5d3c --- /dev/null +++ b/tests/newusers/35_read_from_stdin/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: +foo2:*:: diff --git a/tests/newusers/35_read_from_stdin/data/newusers.list b/tests/newusers/35_read_from_stdin/data/newusers.list new file mode 100644 index 00000000..b51078f9 --- /dev/null +++ b/tests/newusers/35_read_from_stdin/data/newusers.list @@ -0,0 +1,2 @@ +foo1:foo1Pass:::User foo1 - Gecos Field::/bin/sh +foo2:foo2Pass:::User foo2 - Gecos Field::/bin/sh diff --git a/tests/newusers/35_read_from_stdin/data/passwd b/tests/newusers/35_read_from_stdin/data/passwd new file mode 100644 index 00000000..0c6350e0 --- /dev/null +++ b/tests/newusers/35_read_from_stdin/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:User foo1 - Gecos Field::/bin/sh +foo2:x:1001:1001:User foo2 - Gecos Field::/bin/sh diff --git a/tests/newusers/35_read_from_stdin/data/shadow b/tests/newusers/35_read_from_stdin/data/shadow new file mode 100644 index 00000000..e33ca21a --- /dev/null +++ b/tests/newusers/35_read_from_stdin/data/shadow @@ -0,0 +1,21 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7::: +foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/35_read_from_stdin/newusers.test b/tests/newusers/35_read_from_stdin/newusers.test new file mode 100755 index 00000000..a1355648 --- /dev/null +++ b/tests/newusers/35_read_from_stdin/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can read the list from stdin" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +cat data/newusers.list | newusers + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/36_create_user_encrypted/config.txt b/tests/newusers/36_create_user_encrypted/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/36_create_user_encrypted/config/etc/group b/tests/newusers/36_create_user_encrypted/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/36_create_user_encrypted/config/etc/gshadow b/tests/newusers/36_create_user_encrypted/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/36_create_user_encrypted/config/etc/passwd b/tests/newusers/36_create_user_encrypted/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/36_create_user_encrypted/config/etc/shadow b/tests/newusers/36_create_user_encrypted/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/36_create_user_encrypted/data/group b/tests/newusers/36_create_user_encrypted/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/36_create_user_encrypted/data/gshadow b/tests/newusers/36_create_user_encrypted/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/36_create_user_encrypted/data/newusers.list b/tests/newusers/36_create_user_encrypted/data/newusers.list new file mode 100644 index 00000000..4b43ba51 --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/data/newusers.list @@ -0,0 +1 @@ +foo:fo9LtdQDLJ8Fs:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/36_create_user_encrypted/data/passwd b/tests/newusers/36_create_user_encrypted/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/36_create_user_encrypted/data/shadow b/tests/newusers/36_create_user_encrypted/data/shadow new file mode 100644 index 00000000..1d221a81 --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:fo9LtdQDLJ8Fs:@TODAY@:0:99999:7::: diff --git a/tests/newusers/36_create_user_encrypted/newusers.test b/tests/newusers/36_create_user_encrypted/newusers.test new file mode 100755 index 00000000..ab0a2648 --- /dev/null +++ b/tests/newusers/36_create_user_encrypted/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can create a new user, and provide an already encrypted password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers -c NONE data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt b/tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password new file mode 100644 index 00000000..07f3f1de --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow new file mode 100644 index 00000000..cff74f8f --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test b/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test new file mode 100755 index 00000000..f916194c --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can encrypt the passwords with the MD5 algorithm" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/37_create_user_encrypt_MD5/config.txt b/tests/newusers/37_create_user_encrypt_MD5/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/group b/tests/newusers/37_create_user_encrypt_MD5/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow b/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd b/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow b/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/group b/tests/newusers/37_create_user_encrypt_MD5/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/gshadow b/tests/newusers/37_create_user_encrypt_MD5/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list b/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/passwd b/tests/newusers/37_create_user_encrypt_MD5/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/shadow b/tests/newusers/37_create_user_encrypt_MD5/data/shadow new file mode 100644 index 00000000..cff74f8f --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/37_create_user_encrypt_MD5/newusers.test b/tests/newusers/37_create_user_encrypt_MD5/newusers.test new file mode 100755 index 00000000..e497ca9c --- /dev/null +++ b/tests/newusers/37_create_user_encrypt_MD5/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can encrypt the passwords with the MD5 algorithm" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers -c MD5 data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config.txt b/tests/newusers/38_update_password_no_shadow_encrypted/config.txt new file mode 100644 index 00000000..b24760e3 --- /dev/null +++ b/tests/newusers/38_update_password_no_shadow_encrypted/config.txt @@ -0,0 +1,2 @@ +User foo exists, with password fooPass +shadow and gshadow will be removed. diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd new file mode 100644 index 00000000..90bf0abb --- /dev/null +++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list b/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list new file mode 100644 index 00000000..d70655e4 --- /dev/null +++ b/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list @@ -0,0 +1 @@ +foo:fozvMZd6F6hFU:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd b/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd new file mode 100644 index 00000000..a8e64254 --- /dev/null +++ b/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:fozvMZd6F6hFU:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test b/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test new file mode 100755 index 00000000..ba0b660d --- /dev/null +++ b/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the password of an existing user in the passwd file, with a pre-encrypted password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config +rm -f /etc/shadow /etc/gshadow + +newusers -c NONE data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt b/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt new file mode 100644 index 00000000..f21646ba --- /dev/null +++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt @@ -0,0 +1,2 @@ +User foo exists, with password fooPass +No user foo in shadow diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd new file mode 100644 index 00000000..90bf0abb --- /dev/null +++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list new file mode 100644 index 00000000..d70655e4 --- /dev/null +++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list @@ -0,0 +1 @@ +foo:fozvMZd6F6hFU:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd new file mode 100644 index 00000000..a8e64254 --- /dev/null +++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:fozvMZd6F6hFU:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test b/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test new file mode 100755 index 00000000..1daf41f6 --- /dev/null +++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the password of an existing user with a pre-encrypted password, when this user has no shadow entry" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers -c NONE data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/40_update_password_encrypted/config.txt b/tests/newusers/40_update_password_encrypted/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/40_update_password_encrypted/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/40_update_password_encrypted/config/etc/group b/tests/newusers/40_update_password_encrypted/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/40_update_password_encrypted/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/40_update_password_encrypted/config/etc/gshadow b/tests/newusers/40_update_password_encrypted/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/40_update_password_encrypted/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/40_update_password_encrypted/config/etc/passwd b/tests/newusers/40_update_password_encrypted/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/40_update_password_encrypted/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/40_update_password_encrypted/config/etc/shadow b/tests/newusers/40_update_password_encrypted/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/40_update_password_encrypted/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/40_update_password_encrypted/data/newusers.list b/tests/newusers/40_update_password_encrypted/data/newusers.list new file mode 100644 index 00000000..cc3b9ad4 --- /dev/null +++ b/tests/newusers/40_update_password_encrypted/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/40_update_password_encrypted/data/shadow b/tests/newusers/40_update_password_encrypted/data/shadow new file mode 100644 index 00000000..b4661438 --- /dev/null +++ b/tests/newusers/40_update_password_encrypted/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:fooPass2:13906:0:99999:7::: diff --git a/tests/newusers/40_update_password_encrypted/newusers.test b/tests/newusers/40_update_password_encrypted/newusers.test new file mode 100755 index 00000000..bb6be18f --- /dev/null +++ b/tests/newusers/40_update_password_encrypted/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the password of an existing user with a pre-encrypted password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers -c NONE data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password new file mode 100644 index 00000000..ab27f3eb --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha256 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow new file mode 100644 index 00000000..b07274fc --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test b/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test new file mode 100755 index 00000000..284bb3ea --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config.txt b/tests/newusers/41_create_user_encrypt_SHA256/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/group b/tests/newusers/41_create_user_encrypt_SHA256/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow b/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list b/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/passwd b/tests/newusers/41_create_user_encrypt_SHA256/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/shadow b/tests/newusers/41_create_user_encrypt_SHA256/data/shadow new file mode 100644 index 00000000..b07274fc --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/41_create_user_encrypt_SHA256/newusers.test b/tests/newusers/41_create_user_encrypt_SHA256/newusers.test new file mode 100755 index 00000000..ba0828d7 --- /dev/null +++ b/tests/newusers/41_create_user_encrypt_SHA256/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers -c SHA256 data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password new file mode 100644 index 00000000..cc251ada --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow new file mode 100644 index 00000000..1f9ef646 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA512 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test b/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test new file mode 100755 index 00000000..796dbcca --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can encrypt the passwords with the SHA512 algorithm" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config.txt b/tests/newusers/42_create_user_encrypt_SHA512/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/group b/tests/newusers/42_create_user_encrypt_SHA512/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow b/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list b/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/passwd b/tests/newusers/42_create_user_encrypt_SHA512/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/shadow b/tests/newusers/42_create_user_encrypt_SHA512/data/shadow new file mode 100644 index 00000000..1f9ef646 --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA512 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/42_create_user_encrypt_SHA512/newusers.test b/tests/newusers/42_create_user_encrypt_SHA512/newusers.test new file mode 100755 index 00000000..9036b9bc --- /dev/null +++ b/tests/newusers/42_create_user_encrypt_SHA512/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can encrypt the passwords with the SHA512 algorithm" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers -c SHA512 data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password new file mode 100644 index 00000000..a15d7a68 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha256 rounds=3000 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow new file mode 100644 index 00000000..b07274fc --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test new file mode 100755 index 00000000..6260beb4 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm and a specified number of rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "newusers -c SHA256 -s 3000 data/newusers.list" +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the number of rounds..." +rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow) +echo -n "($rounds)..." +if [ ! "$rounds" = 3000 ]; then + echo "Wrong number of rounds" + grep "^foo:" /etc/shadow + exit 1 +fi +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow new file mode 100644 index 00000000..b07274fc --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test new file mode 100755 index 00000000..26f87f2e --- /dev/null +++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm and a specified number of rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "newusers -c SHA256 -s 3000 data/newusers.list" +newusers -c SHA256 -s 3000 data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the number of rounds..." +rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow) +echo -n "($rounds)..." +if [ ! "$rounds" = 3000 ]; then + echo "Wrong number of rounds" + grep "^foo:" /etc/shadow + exit 1 +fi +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password new file mode 100644 index 00000000..7bdd3a22 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha256 rounds=300 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow new file mode 100644 index 00000000..b07274fc --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test new file mode 100755 index 00000000..e2c2c99b --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers: the minimum number of rounds for SHA256 is 1000" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "newusers data/newusers.list" +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the number of rounds..." +rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow) +echo -n "($rounds)..." +if [ ! "$rounds" = 1000 ] && [ ! "$rounds" = "" ]; then + echo "Wrong number of rounds" + grep "^foo:" /etc/shadow + exit 1 +fi +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow new file mode 100644 index 00000000..b07274fc --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test new file mode 100755 index 00000000..bea0ad81 --- /dev/null +++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers: the minimum number of rounds for SHA256 is 1000" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "newusers -c SHA256 -s 300 data/newusers.list" +newusers -c SHA256 -s 300 data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the number of rounds..." +rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow) +echo -n "($rounds)..." +if [ ! "$rounds" = 1000 ]; then + echo "Wrong number of rounds" + grep "^foo:" /etc/shadow + exit 1 +fi +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config.txt b/tests/newusers/45_create_user_encrypt_rounds_3000/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err new file mode 100644 index 00000000..4b285aff --- /dev/null +++ b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err @@ -0,0 +1,8 @@ +newusers: -s flag is only allowed with the -c flag +Usage: newusers [options] [input] + + -c, --crypt-method the crypt method (one of NONE DES MD5 SHA256 SHA512) + -r, --system create system accounts + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test b/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test new file mode 100755 index 00000000..acc96486 --- /dev/null +++ b/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers: the number of rounds cannot be specified without a -c method" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "newusers -s 3000 data/newusers.list ..." +newusers -s 3000 data/newusers.list 2> tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow new file mode 100644 index 00000000..cff74f8f --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test new file mode 100755 index 00000000..2a5bfb8d --- /dev/null +++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers ignore the number of rounds with the MD5 method" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "newusers -c MD5 -s 3000 data/newusers.list" +newusers -c MD5 -s 3000 data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config.txt b/tests/newusers/47_create_user_error_UID_4294967295/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err new file mode 100644 index 00000000..3fa2568b --- /dev/null +++ b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err @@ -0,0 +1,3 @@ +newusers: invalid user ID '4294967295' +newusers: line 1: can't create user +newusers: error detected, changes ignored diff --git a/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list new file mode 100644 index 00000000..db2d9a9f --- /dev/null +++ b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:4294967295::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/47_create_user_error_UID_4294967295/newusers.test b/tests/newusers/47_create_user_error_UID_4294967295/newusers.test new file mode 100755 index 00000000..33d4c8b2 --- /dev/null +++ b/tests/newusers/47_create_user_error_UID_4294967295/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails with invalid UID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config.txt b/tests/newusers/48_create_user_error_GID_4294967295/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err new file mode 100644 index 00000000..72803c56 --- /dev/null +++ b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err @@ -0,0 +1,3 @@ +newusers: invalid group ID '4294967295' +newusers: line 1: can't create group +newusers: error detected, changes ignored diff --git a/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list new file mode 100644 index 00000000..734a2047 --- /dev/null +++ b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:2147483648:4294967295:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/48_create_user_error_GID_4294967295/newusers.test b/tests/newusers/48_create_user_error_GID_4294967295/newusers.test new file mode 100755 index 00000000..33d4c8b2 --- /dev/null +++ b/tests/newusers/48_create_user_error_GID_4294967295/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers fails with invalid UID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Creating the users..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/newusers.err tmp/newusers.err +echo "error message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/49_multiple_system_users/config.txt b/tests/newusers/49_multiple_system_users/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/49_multiple_system_users/config/etc/group b/tests/newusers/49_multiple_system_users/config/etc/group new file mode 100644 index 00000000..35fb1e9c --- /dev/null +++ b/tests/newusers/49_multiple_system_users/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo +fooo:x:997: diff --git a/tests/newusers/49_multiple_system_users/config/etc/gshadow b/tests/newusers/49_multiple_system_users/config/etc/gshadow new file mode 100644 index 00000000..72f456f4 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: +fooo:x:: diff --git a/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password b/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers b/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/49_multiple_system_users/config/etc/passwd b/tests/newusers/49_multiple_system_users/config/etc/passwd new file mode 100644 index 00000000..a4907a14 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:998:998::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh +fooo:x:997:997:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/49_multiple_system_users/config/etc/shadow b/tests/newusers/49_multiple_system_users/config/etc/shadow new file mode 100644 index 00000000..4fee3da0 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/config/etc/shadow @@ -0,0 +1,21 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: +fooo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/49_multiple_system_users/data/group b/tests/newusers/49_multiple_system_users/data/group new file mode 100644 index 00000000..d9abdaa7 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/data/group @@ -0,0 +1,59 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo +fooo:x:997: +foo1:x:996: +foo1a:x:999: +foo2:x:2000: +foo3:x:994: +foo4:x:998: +foo5:x:3005: +foo6:x:992: +foo7:x:61000: +foo8:x:991: +foo9:x:995: +foo10:x:990: +foo11:x:63000: +foo12:x:988: +foo13:x:987: +foo14:x:993: +foo15:x:986: diff --git a/tests/newusers/49_multiple_system_users/data/gshadow b/tests/newusers/49_multiple_system_users/data/gshadow new file mode 100644 index 00000000..51dc7646 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/data/gshadow @@ -0,0 +1,59 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: +fooo:x:: +foo1:*:: +foo1a:*:: +foo2:*:: +foo3:*:: +foo4:*:: +foo5:*:: +foo6:*:: +foo7:*:: +foo8:*:: +foo9:*:: +foo10:*:: +foo11:*:: +foo12:*:: +foo13:*:: +foo14:*:: +foo15:*:: diff --git a/tests/newusers/49_multiple_system_users/data/newusers.list b/tests/newusers/49_multiple_system_users/data/newusers.list new file mode 100644 index 00000000..68d54c2b --- /dev/null +++ b/tests/newusers/49_multiple_system_users/data/newusers.list @@ -0,0 +1,17 @@ +foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh +foo1a:foo1aPas:foo1::User Foo - Gecos Field::/bin/sh +foo1b:foo1bPas::foo1a:User Foo - Gecos Field::/bin/sh +foo2:foo2Pass:2000:2000:User Foo - Gecos Field::/bin/sh +foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh +foo4:foo4Pass:3000::User Foo - Gecos Field::/bin/sh +foo5:foo5Pass::3005:User Foo - Gecos Field::/bin/sh +foo6:foo6Pass:::User Foo - Gecos Field::/bin/sh +foo7:foo7Pass:61000:61000:User Foo - Gecos Field::/bin/sh +foo8:foo8Pass:::User Foo - Gecos Field::/bin/sh +foo9:foo9Pass:62000::User Foo - Gecos Field::/bin/sh +foo10:foo10Pas:::User Foo - Gecos Field::/bin/sh +foo11:foo11Pas::63000:User Foo - Gecos Field::/bin/sh +foo12:foo12Pas:::User Foo - Gecos Field::/bin/sh +foo13:foo13Pas:::User Foo - Gecos Field::/bin/sh +foo14:foo14Pas:59000::User Foo - Gecos Field::/bin/sh +foo15:foo15Pas:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/49_multiple_system_users/data/passwd b/tests/newusers/49_multiple_system_users/data/passwd new file mode 100644 index 00000000..fb8a0751 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/data/passwd @@ -0,0 +1,38 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:998:998::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh +fooo:x:997:997:User Foo - Gecos Field::/bin/sh +foo1:x:996:996:User Foo - Gecos Field::/bin/sh +foo1a:x:996:999:User Foo - Gecos Field::/bin/sh +foo1b:x:995:999:User Foo - Gecos Field::/bin/sh +foo2:x:2000:2000:User Foo - Gecos Field::/bin/sh +foo3:x:994:994:User Foo - Gecos Field::/bin/sh +foo4:x:3000:998:User Foo - Gecos Field::/bin/sh +foo5:x:993:3005:User Foo - Gecos Field::/bin/sh +foo6:x:992:992:User Foo - Gecos Field::/bin/sh +foo7:x:61000:61000:User Foo - Gecos Field::/bin/sh +foo8:x:991:991:User Foo - Gecos Field::/bin/sh +foo9:x:62000:995:User Foo - Gecos Field::/bin/sh +foo10:x:990:990:User Foo - Gecos Field::/bin/sh +foo11:x:989:63000:User Foo - Gecos Field::/bin/sh +foo12:x:988:988:User Foo - Gecos Field::/bin/sh +foo13:x:987:987:User Foo - Gecos Field::/bin/sh +foo14:x:59000:993:User Foo - Gecos Field::/bin/sh +foo15:x:986:986:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/49_multiple_system_users/data/shadow b/tests/newusers/49_multiple_system_users/data/shadow new file mode 100644 index 00000000..bd434e37 --- /dev/null +++ b/tests/newusers/49_multiple_system_users/data/shadow @@ -0,0 +1,38 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: +fooo:eKzSSVkXDoVUM:13906:0:99999:7::: +foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7::: +foo1a:@PASS_DES foo1aPas@:@TODAY@:0:99999:7::: +foo1b:@PASS_DES foo1bPas@:@TODAY@:0:99999:7::: +foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7::: +foo3:@PASS_DES foo3Pass@:@TODAY@:0:99999:7::: +foo4:@PASS_DES foo4Pass@:@TODAY@:0:99999:7::: +foo5:@PASS_DES foo5Pass@:@TODAY@:0:99999:7::: +foo6:@PASS_DES foo6Pass@:@TODAY@:0:99999:7::: +foo7:@PASS_DES foo7Pass@:@TODAY@:0:99999:7::: +foo8:@PASS_DES foo8Pass@:@TODAY@:0:99999:7::: +foo9:@PASS_DES foo9Pass@:@TODAY@:0:99999:7::: +foo10:@PASS_DES foo10Pas@:@TODAY@:0:99999:7::: +foo11:@PASS_DES foo11Pas@:@TODAY@:0:99999:7::: +foo12:@PASS_DES foo12Pas@:@TODAY@:0:99999:7::: +foo13:@PASS_DES foo13Pas@:@TODAY@:0:99999:7::: +foo14:@PASS_DES foo14Pas@:@TODAY@:0:99999:7::: +foo15:@PASS_DES foo15Pas@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/49_multiple_system_users/newusers.test b/tests/newusers/49_multiple_system_users/newusers.test new file mode 100755 index 00000000..f9075d2b --- /dev/null +++ b/tests/newusers/49_multiple_system_users/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can add multiple system users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers --system data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/50_usage/config.txt b/tests/newusers/50_usage/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/50_usage/config/etc/group b/tests/newusers/50_usage/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/50_usage/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/50_usage/config/etc/gshadow b/tests/newusers/50_usage/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/50_usage/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/50_usage/config/etc/passwd b/tests/newusers/50_usage/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/50_usage/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/50_usage/config/etc/shadow b/tests/newusers/50_usage/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/50_usage/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/50_usage/data/usage.out b/tests/newusers/50_usage/data/usage.out new file mode 100644 index 00000000..82fa6416 --- /dev/null +++ b/tests/newusers/50_usage/data/usage.out @@ -0,0 +1,7 @@ +Usage: newusers [options] + +Options: + -h, --help display this help message and exit + -r, --system create system accounts + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/newusers/50_usage/newusers.test b/tests/newusers/50_usage/newusers.test new file mode 100755 index 00000000..3dca38a7 --- /dev/null +++ b/tests/newusers/50_usage/newusers.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get newusers usage (newusers -h)..." +newusers -h >tmp/usage.out +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/51_usage_invalid_option/config.txt b/tests/newusers/51_usage_invalid_option/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/51_usage_invalid_option/config/etc/group b/tests/newusers/51_usage_invalid_option/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/51_usage_invalid_option/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/51_usage_invalid_option/config/etc/gshadow b/tests/newusers/51_usage_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/51_usage_invalid_option/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/51_usage_invalid_option/config/etc/passwd b/tests/newusers/51_usage_invalid_option/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/51_usage_invalid_option/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/51_usage_invalid_option/config/etc/shadow b/tests/newusers/51_usage_invalid_option/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/51_usage_invalid_option/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/51_usage_invalid_option/data/usage.out b/tests/newusers/51_usage_invalid_option/data/usage.out new file mode 100644 index 00000000..e111c342 --- /dev/null +++ b/tests/newusers/51_usage_invalid_option/data/usage.out @@ -0,0 +1,8 @@ +newusers: invalid option -- 'Z' +Usage: newusers [options] + +Options: + -h, --help display this help message and exit + -r, --system create system accounts + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/newusers/51_usage_invalid_option/newusers.test b/tests/newusers/51_usage_invalid_option/newusers.test new file mode 100755 index 00000000..77dc8218 --- /dev/null +++ b/tests/newusers/51_usage_invalid_option/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers displays its usage message in case of bad usage" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call newusers with an invalid option (newusers -Z)..." +newusers -Z bin 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/52_usage_2_input_files/config.txt b/tests/newusers/52_usage_2_input_files/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/52_usage_2_input_files/config/etc/group b/tests/newusers/52_usage_2_input_files/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/52_usage_2_input_files/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/52_usage_2_input_files/config/etc/gshadow b/tests/newusers/52_usage_2_input_files/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/52_usage_2_input_files/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/52_usage_2_input_files/config/etc/passwd b/tests/newusers/52_usage_2_input_files/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/52_usage_2_input_files/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/52_usage_2_input_files/config/etc/shadow b/tests/newusers/52_usage_2_input_files/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/52_usage_2_input_files/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/52_usage_2_input_files/data/usage.out b/tests/newusers/52_usage_2_input_files/data/usage.out new file mode 100644 index 00000000..82fa6416 --- /dev/null +++ b/tests/newusers/52_usage_2_input_files/data/usage.out @@ -0,0 +1,7 @@ +Usage: newusers [options] + +Options: + -h, --help display this help message and exit + -r, --system create system accounts + -R, --root CHROOT_DIR directory to chroot into + diff --git a/tests/newusers/52_usage_2_input_files/newusers.test b/tests/newusers/52_usage_2_input_files/newusers.test new file mode 100755 index 00000000..255f1c4e --- /dev/null +++ b/tests/newusers/52_usage_2_input_files/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers displays its usage message in case of bad usage" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call newusers with 2 input files (newusers list1 list2)..." +newusers list1 list2 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/53_locked_passwd/config.txt b/tests/newusers/53_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/53_locked_passwd/config/etc/group b/tests/newusers/53_locked_passwd/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/53_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/53_locked_passwd/config/etc/gshadow b/tests/newusers/53_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/53_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/53_locked_passwd/config/etc/passwd b/tests/newusers/53_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/53_locked_passwd/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/53_locked_passwd/config/etc/shadow b/tests/newusers/53_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/53_locked_passwd/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/53_locked_passwd/data/newusers.list b/tests/newusers/53_locked_passwd/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/53_locked_passwd/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/53_locked_passwd/data/usage.out b/tests/newusers/53_locked_passwd/data/usage.out new file mode 100644 index 00000000..7a0563fa --- /dev/null +++ b/tests/newusers/53_locked_passwd/data/usage.out @@ -0,0 +1,2 @@ +newusers: existing lock file /etc/passwd.lock without a PID +newusers: cannot lock /etc/passwd; try again later. diff --git a/tests/newusers/53_locked_passwd/newusers.test b/tests/newusers/53_locked_passwd/newusers.test new file mode 100755 index 00000000..790582e1 --- /dev/null +++ b/tests/newusers/53_locked_passwd/newusers.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers warns when passwd is already locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Create user foo (newusers foo)..." +newusers data/newusers.list 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/54_locked_shadow/config.txt b/tests/newusers/54_locked_shadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/54_locked_shadow/config/etc/group b/tests/newusers/54_locked_shadow/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/54_locked_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/54_locked_shadow/config/etc/gshadow b/tests/newusers/54_locked_shadow/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/54_locked_shadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/54_locked_shadow/config/etc/passwd b/tests/newusers/54_locked_shadow/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/54_locked_shadow/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/54_locked_shadow/config/etc/shadow b/tests/newusers/54_locked_shadow/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/54_locked_shadow/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/54_locked_shadow/data/newusers.list b/tests/newusers/54_locked_shadow/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/54_locked_shadow/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/54_locked_shadow/data/usage.out b/tests/newusers/54_locked_shadow/data/usage.out new file mode 100644 index 00000000..309a750d --- /dev/null +++ b/tests/newusers/54_locked_shadow/data/usage.out @@ -0,0 +1,2 @@ +newusers: existing lock file /etc/shadow.lock without a PID +newusers: cannot lock /etc/shadow; try again later. diff --git a/tests/newusers/54_locked_shadow/newusers.test b/tests/newusers/54_locked_shadow/newusers.test new file mode 100755 index 00000000..c8b50381 --- /dev/null +++ b/tests/newusers/54_locked_shadow/newusers.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers warns when shadow is already locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Create user foo (newusers foo)..." +newusers data/newusers.list 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" +rm -f /etc/shadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/55_locked_group/config.txt b/tests/newusers/55_locked_group/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/55_locked_group/config/etc/group b/tests/newusers/55_locked_group/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/55_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/55_locked_group/config/etc/gshadow b/tests/newusers/55_locked_group/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/55_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/55_locked_group/config/etc/passwd b/tests/newusers/55_locked_group/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/55_locked_group/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/55_locked_group/config/etc/shadow b/tests/newusers/55_locked_group/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/55_locked_group/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/55_locked_group/data/newusers.list b/tests/newusers/55_locked_group/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/55_locked_group/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/55_locked_group/data/usage.out b/tests/newusers/55_locked_group/data/usage.out new file mode 100644 index 00000000..ad33b0c3 --- /dev/null +++ b/tests/newusers/55_locked_group/data/usage.out @@ -0,0 +1,2 @@ +newusers: existing lock file /etc/group.lock without a PID +newusers: cannot lock /etc/group; try again later. diff --git a/tests/newusers/55_locked_group/newusers.test b/tests/newusers/55_locked_group/newusers.test new file mode 100755 index 00000000..cae04587 --- /dev/null +++ b/tests/newusers/55_locked_group/newusers.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers warns when group is already locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Create user foo (newusers foo)..." +newusers data/newusers.list 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/56_locked_gshadow/config.txt b/tests/newusers/56_locked_gshadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/56_locked_gshadow/config/etc/group b/tests/newusers/56_locked_gshadow/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/56_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/56_locked_gshadow/config/etc/gshadow b/tests/newusers/56_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/56_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/56_locked_gshadow/config/etc/passwd b/tests/newusers/56_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/56_locked_gshadow/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/56_locked_gshadow/config/etc/shadow b/tests/newusers/56_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/56_locked_gshadow/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/56_locked_gshadow/data/newusers.list b/tests/newusers/56_locked_gshadow/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/newusers/56_locked_gshadow/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/56_locked_gshadow/data/usage.out b/tests/newusers/56_locked_gshadow/data/usage.out new file mode 100644 index 00000000..1d874cf4 --- /dev/null +++ b/tests/newusers/56_locked_gshadow/data/usage.out @@ -0,0 +1,2 @@ +newusers: existing lock file /etc/gshadow.lock without a PID +newusers: cannot lock /etc/gshadow; try again later. diff --git a/tests/newusers/56_locked_gshadow/newusers.test b/tests/newusers/56_locked_gshadow/newusers.test new file mode 100755 index 00000000..a317867b --- /dev/null +++ b/tests/newusers/56_locked_gshadow/newusers.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers warns when gshadow is already locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Create user foo (newusers foo)..." +newusers data/newusers.list 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/57_missing_input_file/config.txt b/tests/newusers/57_missing_input_file/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/57_missing_input_file/config/etc/group b/tests/newusers/57_missing_input_file/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/57_missing_input_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/57_missing_input_file/config/etc/gshadow b/tests/newusers/57_missing_input_file/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/57_missing_input_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/57_missing_input_file/config/etc/passwd b/tests/newusers/57_missing_input_file/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/57_missing_input_file/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/57_missing_input_file/config/etc/shadow b/tests/newusers/57_missing_input_file/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/57_missing_input_file/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/57_missing_input_file/data/usage.out b/tests/newusers/57_missing_input_file/data/usage.out new file mode 100644 index 00000000..6b55e2ab --- /dev/null +++ b/tests/newusers/57_missing_input_file/data/usage.out @@ -0,0 +1 @@ +newusers: data/newusers.list: No such file or directory diff --git a/tests/newusers/57_missing_input_file/newusers.test b/tests/newusers/57_missing_input_file/newusers.test new file mode 100755 index 00000000..7e74f73c --- /dev/null +++ b/tests/newusers/57_missing_input_file/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers warns when the input file cann be read" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call newusers with missing input file (newusers data/newusers.list)..." +newusers data/newusers.list 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/58_invalid_input_file/config.txt b/tests/newusers/58_invalid_input_file/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/newusers/58_invalid_input_file/config/etc/group b/tests/newusers/58_invalid_input_file/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/newusers/58_invalid_input_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/newusers/58_invalid_input_file/config/etc/gshadow b/tests/newusers/58_invalid_input_file/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/newusers/58_invalid_input_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/newusers/58_invalid_input_file/config/etc/passwd b/tests/newusers/58_invalid_input_file/config/etc/passwd new file mode 100644 index 00000000..5d27e129 --- /dev/null +++ b/tests/newusers/58_invalid_input_file/config/etc/passwd @@ -0,0 +1,26 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser1:x:424242:424242::/home:/bin/bash +myuser2:x:424243:424242::/home:/bin/bash +myuser3:x:424244:424242::/home:/bin/bash +myuser4:x:424245:424242::/home:/bin/bash +myuser5:x:424246:424242::/home:/bin/bash +myuser6:x:424247:424242::/home:/bin/bash +myuser7:x:424248:424242::/home:/bin/bash diff --git a/tests/newusers/58_invalid_input_file/config/etc/shadow b/tests/newusers/58_invalid_input_file/config/etc/shadow new file mode 100644 index 00000000..da4c2bc4 --- /dev/null +++ b/tests/newusers/58_invalid_input_file/config/etc/shadow @@ -0,0 +1,26 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: +myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5::: +myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0: +myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1: +myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0:: +myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: +myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1:: diff --git a/tests/newusers/58_invalid_input_file/data/newusers.err b/tests/newusers/58_invalid_input_file/data/newusers.err new file mode 100644 index 00000000..fe15bdcb --- /dev/null +++ b/tests/newusers/58_invalid_input_file/data/newusers.err @@ -0,0 +1,2 @@ +newusers: line 1: invalid line +newusers: error detected, changes ignored diff --git a/tests/newusers/58_invalid_input_file/data/newusers.list b/tests/newusers/58_invalid_input_file/data/newusers.list new file mode 100644 index 00000000..56266fd3 --- /dev/null +++ b/tests/newusers/58_invalid_input_file/data/newusers.list @@ -0,0 +1 @@ +foo:foo:Pass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/58_invalid_input_file/newusers.test b/tests/newusers/58_invalid_input_file/newusers.test new file mode 100755 index 00000000..b4f78899 --- /dev/null +++ b/tests/newusers/58_invalid_input_file/newusers.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers warns when the input is invalid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call newusers with invalid input (newusers data/newusers.list)..." +newusers data/newusers.list 2>tmp/newusers.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "newusers reported:" +echo "=======================================================================" +cat tmp/newusers.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/newusers.err tmp/newusers.err +echo "usage message OK." +rm -f tmp/newusers.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/59_no_gshadow_file/config.txt b/tests/newusers/59_no_gshadow_file/config.txt new file mode 100644 index 00000000..557c421c --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/config.txt @@ -0,0 +1,2 @@ +User foo exists, with password fooPass +/etc/shadow will be destroyed diff --git a/tests/newusers/59_no_gshadow_file/config/etc/group b/tests/newusers/59_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/newusers/59_no_gshadow_file/config/etc/gshadow b/tests/newusers/59_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/59_no_gshadow_file/config/etc/passwd b/tests/newusers/59_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/newusers/59_no_gshadow_file/config/etc/shadow b/tests/newusers/59_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/newusers/59_no_gshadow_file/data/group b/tests/newusers/59_no_gshadow_file/data/group new file mode 100644 index 00000000..a0ff22a4 --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:*:1000: diff --git a/tests/newusers/59_no_gshadow_file/data/newusers.list b/tests/newusers/59_no_gshadow_file/data/newusers.list new file mode 100644 index 00000000..cc3b9ad4 --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/59_no_gshadow_file/data/passwd b/tests/newusers/59_no_gshadow_file/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/59_no_gshadow_file/data/shadow b/tests/newusers/59_no_gshadow_file/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/59_no_gshadow_file/newusers.test b/tests/newusers/59_no_gshadow_file/newusers.test new file mode 100755 index 00000000..bf18186e --- /dev/null +++ b/tests/newusers/59_no_gshadow_file/newusers.test @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the password of an existing user, when there is no gshadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config +rm -f /etc/gshadow + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/60_update_no_gecos/config.txt b/tests/newusers/60_update_no_gecos/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/60_update_no_gecos/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/60_update_no_gecos/config/etc/group b/tests/newusers/60_update_no_gecos/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/60_update_no_gecos/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/60_update_no_gecos/config/etc/gshadow b/tests/newusers/60_update_no_gecos/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/60_update_no_gecos/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password b/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers b/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/60_update_no_gecos/config/etc/passwd b/tests/newusers/60_update_no_gecos/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/60_update_no_gecos/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/60_update_no_gecos/config/etc/shadow b/tests/newusers/60_update_no_gecos/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/60_update_no_gecos/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/60_update_no_gecos/data/newusers.list b/tests/newusers/60_update_no_gecos/data/newusers.list new file mode 100644 index 00000000..62336639 --- /dev/null +++ b/tests/newusers/60_update_no_gecos/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::::/bin/bash diff --git a/tests/newusers/60_update_no_gecos/data/passwd b/tests/newusers/60_update_no_gecos/data/passwd new file mode 100644 index 00000000..8fc494c0 --- /dev/null +++ b/tests/newusers/60_update_no_gecos/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/bash diff --git a/tests/newusers/60_update_no_gecos/data/shadow b/tests/newusers/60_update_no_gecos/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/60_update_no_gecos/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/60_update_no_gecos/newusers.test b/tests/newusers/60_update_no_gecos/newusers.test new file mode 100755 index 00000000..fb57724f --- /dev/null +++ b/tests/newusers/60_update_no_gecos/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the gecos of an existing user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/newusers/61_update_no_shell/config.txt b/tests/newusers/61_update_no_shell/config.txt new file mode 100644 index 00000000..ea4c3ad8 --- /dev/null +++ b/tests/newusers/61_update_no_shell/config.txt @@ -0,0 +1 @@ +User foo exists, with password fooPass diff --git a/tests/newusers/61_update_no_shell/config/etc/group b/tests/newusers/61_update_no_shell/config/etc/group new file mode 100644 index 00000000..555c889c --- /dev/null +++ b/tests/newusers/61_update_no_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:65535:foo diff --git a/tests/newusers/61_update_no_shell/config/etc/gshadow b/tests/newusers/61_update_no_shell/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/newusers/61_update_no_shell/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password b/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers b/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/newusers/61_update_no_shell/config/etc/passwd b/tests/newusers/61_update_no_shell/config/etc/passwd new file mode 100644 index 00000000..9de3b249 --- /dev/null +++ b/tests/newusers/61_update_no_shell/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field::/bin/sh diff --git a/tests/newusers/61_update_no_shell/config/etc/shadow b/tests/newusers/61_update_no_shell/config/etc/shadow new file mode 100644 index 00000000..13688768 --- /dev/null +++ b/tests/newusers/61_update_no_shell/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:eKzSSVkXDoVUM:13906:0:99999:7::: diff --git a/tests/newusers/61_update_no_shell/data/newusers.list b/tests/newusers/61_update_no_shell/data/newusers.list new file mode 100644 index 00000000..75e05829 --- /dev/null +++ b/tests/newusers/61_update_no_shell/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass2:::User Foo - Gecos Field - updated:: diff --git a/tests/newusers/61_update_no_shell/data/passwd b/tests/newusers/61_update_no_shell/data/passwd new file mode 100644 index 00000000..c84bc61d --- /dev/null +++ b/tests/newusers/61_update_no_shell/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:65535:65535:User Foo - Gecos Field - updated::/bin/sh diff --git a/tests/newusers/61_update_no_shell/data/shadow b/tests/newusers/61_update_no_shell/data/shadow new file mode 100644 index 00000000..c7f1556b --- /dev/null +++ b/tests/newusers/61_update_no_shell/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7::: diff --git a/tests/newusers/61_update_no_shell/newusers.test b/tests/newusers/61_update_no_shell/newusers.test new file mode 100755 index 00000000..fb57724f --- /dev/null +++ b/tests/newusers/61_update_no_shell/newusers.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers can update the gecos of an existing user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow new file mode 100644 index 00000000..3112803f --- /dev/null +++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12978:0:99999:7::: diff --git a/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out b/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out new file mode 100644 index 00000000..86a73e16 --- /dev/null +++ b/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out @@ -0,0 +1 @@ +foo L 07/14/2005 0 99999 7 -1 diff --git a/tests/passwd/01_passwd_-S_root_locked_account/passwd.test b/tests/passwd/01_passwd_-S_root_locked_account/passwd.test new file mode 100755 index 00000000..06416389 --- /dev/null +++ b/tests/passwd/01_passwd_-S_root_locked_account/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd can report the status of an account to root" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Request password information for user foo (passwd -S foo)..." +passwd -S foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out b/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out new file mode 100644 index 00000000..55af5a73 --- /dev/null +++ b/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out @@ -0,0 +1 @@ +foo P 07/13/2005 0 99999 7 -1 diff --git a/tests/passwd/02_passwd_-S_root_valid_account/passwd.test b/tests/passwd/02_passwd_-S_root_valid_account/passwd.test new file mode 100755 index 00000000..06416389 --- /dev/null +++ b/tests/passwd/02_passwd_-S_root_valid_account/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd can report the status of an account to root" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Request password information for user foo (passwd -S foo)..." +passwd -S foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow new file mode 100644 index 00000000..9b3b67fe --- /dev/null +++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo::12988:0:99998:8::: diff --git a/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out b/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out new file mode 100644 index 00000000..c64fb612 --- /dev/null +++ b/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out @@ -0,0 +1 @@ +foo NP 07/24/2005 0 99998 8 -1 diff --git a/tests/passwd/03_passwd_-S_root_empty_password/passwd.test b/tests/passwd/03_passwd_-S_root_empty_password/passwd.test new file mode 100755 index 00000000..06416389 --- /dev/null +++ b/tests/passwd/03_passwd_-S_root_empty_password/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd can report the status of an account to root" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Request password information for user foo (passwd -S foo)..." +passwd -S foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out new file mode 100644 index 00000000..e86159df --- /dev/null +++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out @@ -0,0 +1 @@ +foo P diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test new file mode 100755 index 00000000..e084d344 --- /dev/null +++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd can report the status of an account to root" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Request password information for user foo (passwd -S foo)..." +passwd -S foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check that /etc/shadow does not exist..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..dfb11c87 --- /dev/null +++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:!:1000:1000:::/bin/false diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out new file mode 100644 index 00000000..9ba8956a --- /dev/null +++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out @@ -0,0 +1 @@ +foo L diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test new file mode 100755 index 00000000..06416389 --- /dev/null +++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd can report the status of an account to root" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Request password information for user foo (passwd -S foo)..." +passwd -S foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out b/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/06_passwd_-l_root_lock_account/data/shadow b/tests/passwd/06_passwd_-l_root_lock_account/data/shadow new file mode 100644 index 00000000..79c859a6 --- /dev/null +++ b/tests/passwd/06_passwd_-l_root_lock_account/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/06_passwd_-l_root_lock_account/passwd.test b/tests/passwd/06_passwd_-l_root_lock_account/passwd.test new file mode 100755 index 00000000..3fabb129 --- /dev/null +++ b/tests/passwd/06_passwd_-l_root_lock_account/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can lock a password with passwd -l" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Lock foo's password (passwd -l foo)..." +passwd -l foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..440df65e --- /dev/null +++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:1000:1000:::/bin/false diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd new file mode 100644 index 00000000..3ca4f73b --- /dev/null +++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:1000:1000:::/bin/false diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test new file mode 100755 index 00000000..099c3807 --- /dev/null +++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd can lock a password in /etc/passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Lock foo's password (passwd -l foo)..." +passwd -l foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow new file mode 100644 index 00000000..79c859a6 --- /dev/null +++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out b/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow b/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test b/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test new file mode 100755 index 00000000..b5ac0d85 --- /dev/null +++ b/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can unlock a password with passwd -u" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "unlock foo's password (passwd -u foo)..." +passwd -u foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err b/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err new file mode 100644 index 00000000..2987d41f --- /dev/null +++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err @@ -0,0 +1,2 @@ +passwd: unlocking the password would result in a passwordless account. +You should set a password with usermod -p to unlock the password of this account. diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test b/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test new file mode 100755 index 00000000..a61e23df --- /dev/null +++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd -u cannot create a passwordless account" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Unlock foo's pasword (passwd -u foo)..." +passwd -u foo 2> tmp/passwd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.err +echo "=======================================================================" +echo -n "Check the error message..." +diff -au data/passwd.err tmp/passwd.err +echo "error message OK." +rm -f tmp/passwd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/10_passwd_-d_root/config/etc/group b/tests/passwd/10_passwd_-d_root/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/10_passwd_-d_root/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/10_passwd_-d_root/config/etc/gshadow b/tests/passwd/10_passwd_-d_root/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/10_passwd_-d_root/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/10_passwd_-d_root/config/etc/passwd b/tests/passwd/10_passwd_-d_root/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/10_passwd_-d_root/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/10_passwd_-d_root/config/etc/shadow b/tests/passwd/10_passwd_-d_root/config/etc/shadow new file mode 100644 index 00000000..79c859a6 --- /dev/null +++ b/tests/passwd/10_passwd_-d_root/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/10_passwd_-d_root/data/passwd.out b/tests/passwd/10_passwd_-d_root/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/10_passwd_-d_root/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/10_passwd_-d_root/data/shadow b/tests/passwd/10_passwd_-d_root/data/shadow new file mode 100644 index 00000000..85ef660c --- /dev/null +++ b/tests/passwd/10_passwd_-d_root/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo::12977:0:99999:7::: diff --git a/tests/passwd/10_passwd_-d_root/passwd.test b/tests/passwd/10_passwd_-d_root/passwd.test new file mode 100755 index 00000000..e1ac5f25 --- /dev/null +++ b/tests/passwd/10_passwd_-d_root/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can delete a password with passwd -d" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete foo's password (passwd -d foo)..." +passwd -d foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/group b/tests/passwd/11_passwd_--mindays_root/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/11_passwd_--mindays_root/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow b/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/passwd b/tests/passwd/11_passwd_--mindays_root/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/11_passwd_--mindays_root/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/shadow b/tests/passwd/11_passwd_--mindays_root/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/11_passwd_--mindays_root/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/11_passwd_--mindays_root/data/passwd.out b/tests/passwd/11_passwd_--mindays_root/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/11_passwd_--mindays_root/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/11_passwd_--mindays_root/data/shadow b/tests/passwd/11_passwd_--mindays_root/data/shadow new file mode 100644 index 00000000..f424ad64 --- /dev/null +++ b/tests/passwd/11_passwd_--mindays_root/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:10:99999:7::: diff --git a/tests/passwd/11_passwd_--mindays_root/passwd.test b/tests/passwd/11_passwd_--mindays_root/passwd.test new file mode 100755 index 00000000..409396f6 --- /dev/null +++ b/tests/passwd/11_passwd_--mindays_root/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can use passwd --mindays" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the min number of days for foo's password (passwd --mindays 10 foo)..." +passwd --mindays 10 foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/group b/tests/passwd/12_passwd_--maxdays_root/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow b/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd b/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow b/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/12_passwd_--maxdays_root/data/passwd.out b/tests/passwd/12_passwd_--maxdays_root/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/12_passwd_--maxdays_root/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/12_passwd_--maxdays_root/data/shadow b/tests/passwd/12_passwd_--maxdays_root/data/shadow new file mode 100644 index 00000000..82f40b67 --- /dev/null +++ b/tests/passwd/12_passwd_--maxdays_root/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:10:7::: diff --git a/tests/passwd/12_passwd_--maxdays_root/passwd.test b/tests/passwd/12_passwd_--maxdays_root/passwd.test new file mode 100755 index 00000000..a895e3ec --- /dev/null +++ b/tests/passwd/12_passwd_--maxdays_root/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can use passwd --maxdays" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the max number of days for foo's password (passwd --maxdays 10 foo)..." +passwd --maxdays 10 foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/group b/tests/passwd/13_passwd_--warndays_root/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/13_passwd_--warndays_root/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow b/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/passwd b/tests/passwd/13_passwd_--warndays_root/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/13_passwd_--warndays_root/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/shadow b/tests/passwd/13_passwd_--warndays_root/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/13_passwd_--warndays_root/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/13_passwd_--warndays_root/data/passwd.out b/tests/passwd/13_passwd_--warndays_root/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/13_passwd_--warndays_root/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/13_passwd_--warndays_root/data/shadow b/tests/passwd/13_passwd_--warndays_root/data/shadow new file mode 100644 index 00000000..a62edfa8 --- /dev/null +++ b/tests/passwd/13_passwd_--warndays_root/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:10::: diff --git a/tests/passwd/13_passwd_--warndays_root/passwd.test b/tests/passwd/13_passwd_--warndays_root/passwd.test new file mode 100755 index 00000000..18a8b87f --- /dev/null +++ b/tests/passwd/13_passwd_--warndays_root/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can use passwd --warndays" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the number of warning days for foo's password (passwd --warndays 10 foo)..." +passwd --warndays 10 foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/group b/tests/passwd/14_passwd_--inactive_root/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/14_passwd_--inactive_root/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow b/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/passwd b/tests/passwd/14_passwd_--inactive_root/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/14_passwd_--inactive_root/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/shadow b/tests/passwd/14_passwd_--inactive_root/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/14_passwd_--inactive_root/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/14_passwd_--inactive_root/data/passwd.out b/tests/passwd/14_passwd_--inactive_root/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/14_passwd_--inactive_root/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/14_passwd_--inactive_root/data/shadow b/tests/passwd/14_passwd_--inactive_root/data/shadow new file mode 100644 index 00000000..52dc3040 --- /dev/null +++ b/tests/passwd/14_passwd_--inactive_root/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:10:: diff --git a/tests/passwd/14_passwd_--inactive_root/passwd.test b/tests/passwd/14_passwd_--inactive_root/passwd.test new file mode 100755 index 00000000..52dbab07 --- /dev/null +++ b/tests/passwd/14_passwd_--inactive_root/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can use passwd --inactive" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the number of inactive days for foo's password (passwd --inactive 10 foo)..." +passwd --inactive 10 foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/group b/tests/passwd/15_passwd_--expire_root/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/15_passwd_--expire_root/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/gshadow b/tests/passwd/15_passwd_--expire_root/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/15_passwd_--expire_root/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/passwd b/tests/passwd/15_passwd_--expire_root/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/15_passwd_--expire_root/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/shadow b/tests/passwd/15_passwd_--expire_root/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/15_passwd_--expire_root/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/15_passwd_--expire_root/data/passwd.out b/tests/passwd/15_passwd_--expire_root/data/passwd.out new file mode 100644 index 00000000..55ce2cc8 --- /dev/null +++ b/tests/passwd/15_passwd_--expire_root/data/passwd.out @@ -0,0 +1 @@ +passwd: password expiry information changed. diff --git a/tests/passwd/15_passwd_--expire_root/data/shadow b/tests/passwd/15_passwd_--expire_root/data/shadow new file mode 100644 index 00000000..4cd6096c --- /dev/null +++ b/tests/passwd/15_passwd_--expire_root/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:0:0:99999:7::: diff --git a/tests/passwd/15_passwd_--expire_root/passwd.test b/tests/passwd/15_passwd_--expire_root/passwd.test new file mode 100755 index 00000000..f2ab71d7 --- /dev/null +++ b/tests/passwd/15_passwd_--expire_root/passwd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can use passwd --expire" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set foo's password as expired (passwd --expire foo)..." +passwd --expire foo > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/group b/tests/passwd/16_passwd_-S-a_root/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/16_passwd_-S-a_root/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow b/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/passwd b/tests/passwd/16_passwd_-S-a_root/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/16_passwd_-S-a_root/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/shadow b/tests/passwd/16_passwd_-S-a_root/config/etc/shadow new file mode 100644 index 00000000..3112803f --- /dev/null +++ b/tests/passwd/16_passwd_-S-a_root/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12978:0:99999:7::: diff --git a/tests/passwd/16_passwd_-S-a_root/data/passwd.out b/tests/passwd/16_passwd_-S-a_root/data/passwd.out new file mode 100644 index 00000000..5a1b4791 --- /dev/null +++ b/tests/passwd/16_passwd_-S-a_root/data/passwd.out @@ -0,0 +1,20 @@ +root P 07/27/2005 0 99999 7 -1 +daemon L 07/13/2005 0 99999 7 -1 +bin L 07/13/2005 0 99999 7 -1 +sys L 07/13/2005 0 99999 7 -1 +sync L 07/13/2005 0 99999 7 -1 +games L 07/13/2005 0 99999 7 -1 +man L 07/13/2005 0 99999 7 -1 +lp L 07/13/2005 0 99999 7 -1 +mail L 07/13/2005 0 99999 7 -1 +news L 07/13/2005 0 99999 7 -1 +uucp L 07/13/2005 0 99999 7 -1 +proxy L 07/13/2005 0 99999 7 -1 +www-data L 07/13/2005 0 99999 7 -1 +backup L 07/13/2005 0 99999 7 -1 +list L 07/13/2005 0 99999 7 -1 +irc L 07/13/2005 0 99999 7 -1 +gnats L 07/13/2005 0 99999 7 -1 +nobody L 07/13/2005 0 99999 7 -1 +Debian-exim L 07/13/2005 0 99999 7 -1 +foo L 07/14/2005 0 99999 7 -1 diff --git a/tests/passwd/16_passwd_-S-a_root/passwd.test b/tests/passwd/16_passwd_-S-a_root/passwd.test new file mode 100755 index 00000000..1b64c537 --- /dev/null +++ b/tests/passwd/16_passwd_-S-a_root/passwd.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd can report the status of an account to root" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config +echo -n "passwd -S -a..." +passwd -S -a > tmp/passwd.out +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.out +echo "=======================================================================" +echo -n "Check the message..." +diff -au data/passwd.out tmp/passwd.out +echo "message OK." +rm -f tmp/passwd.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/group b/tests/passwd/17_passwd_root_change_password/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/17_passwd_root_change_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/gshadow b/tests/passwd/17_passwd_root_change_password/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/17_passwd_root_change_password/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password b/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password new file mode 100644 index 00000000..38bce56f --- /dev/null +++ b/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/passwd b/tests/passwd/17_passwd_root_change_password/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/17_passwd_root_change_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/shadow b/tests/passwd/17_passwd_root_change_password/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/17_passwd_root_change_password/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/17_passwd_root_change_password/data/shadow b/tests/passwd/17_passwd_root_change_password/data/shadow new file mode 100644 index 00000000..6731888c --- /dev/null +++ b/tests/passwd/17_passwd_root_change_password/data/shadow @@ -0,0 +1,20 @@ +root:@PASS_MD5 rootpassword@:@TODAY@:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/17_passwd_root_change_password/passwd.exp b/tests/passwd/17_passwd_root_change_password/passwd.exp new file mode 100755 index 00000000..2696ffbc --- /dev/null +++ b/tests/passwd/17_passwd_root_change_password/passwd.exp @@ -0,0 +1,22 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "passwd\r" +expect "Enter new UNIX password: " +send "rootpassword\r" +expect "Retype new UNIX password: " +send "rootpassword\r" +expect "passwd: password updated successfully" +expect "# " +send "echo \$?\r" +expect "0" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/passwd/17_passwd_root_change_password/passwd.test b/tests/passwd/17_passwd_root_change_password/passwd.test new file mode 100755 index 00000000..e181273b --- /dev/null +++ b/tests/passwd/17_passwd_root_change_password/passwd.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can change her password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./passwd.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/group b/tests/passwd/18_passwd_root_change_password_user/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow b/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password b/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password new file mode 100644 index 00000000..442182ae --- /dev/null +++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd b/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow b/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow new file mode 100644 index 00000000..dced5601 --- /dev/null +++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7::: diff --git a/tests/passwd/18_passwd_root_change_password_user/data/shadow b/tests/passwd/18_passwd_root_change_password_user/data/shadow new file mode 100644 index 00000000..30ac54d2 --- /dev/null +++ b/tests/passwd/18_passwd_root_change_password_user/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES foopassword@:@TODAY@:0:99999:7::: diff --git a/tests/passwd/18_passwd_root_change_password_user/passwd.exp b/tests/passwd/18_passwd_root_change_password_user/passwd.exp new file mode 100755 index 00000000..5150c6ad --- /dev/null +++ b/tests/passwd/18_passwd_root_change_password_user/passwd.exp @@ -0,0 +1,22 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " + +send "passwd foo\r" +expect "Enter new UNIX password: " +send "foopassword\r" +expect "Retype new UNIX password: " +send "foopassword\r" +expect "passwd: password updated successfully" +expect "# " +send "echo \$?\r" +expect "0" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/passwd/18_passwd_root_change_password_user/passwd.test b/tests/passwd/18_passwd_root_change_password_user/passwd.test new file mode 100755 index 00000000..e181273b --- /dev/null +++ b/tests/passwd/18_passwd_root_change_password_user/passwd.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can change her password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./passwd.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/group b/tests/passwd/19_passwd_user_change_password/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/19_passwd_user_change_password/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/gshadow b/tests/passwd/19_passwd_user_change_password/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/19_passwd_user_change_password/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password b/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password new file mode 100644 index 00000000..a0d4283c --- /dev/null +++ b/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha256 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/passwd b/tests/passwd/19_passwd_user_change_password/config/etc/passwd new file mode 100644 index 00000000..82223ff6 --- /dev/null +++ b/tests/passwd/19_passwd_user_change_password/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/bash diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/shadow b/tests/passwd/19_passwd_user_change_password/config/etc/shadow new file mode 100644 index 00000000..18a7168c --- /dev/null +++ b/tests/passwd/19_passwd_user_change_password/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7::: diff --git a/tests/passwd/19_passwd_user_change_password/data/shadow b/tests/passwd/19_passwd_user_change_password/data/shadow new file mode 100644 index 00000000..a6386376 --- /dev/null +++ b/tests/passwd/19_passwd_user_change_password/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA256 password-foo@:@TODAY@:0:99999:7::: diff --git a/tests/passwd/19_passwd_user_change_password/passwd.exp b/tests/passwd/19_passwd_user_change_password/passwd.exp new file mode 100755 index 00000000..6a3f1b61 --- /dev/null +++ b/tests/passwd/19_passwd_user_change_password/passwd.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " +send "su -l foo\r" +expect "$ " +send "id\r" +expect "uid=1000(foo) gid=1000(foo) groups=1000(foo)" + +send "passwd\r" +expect "Changing password for foo." +expect "(current) UNIX password: " +send "foopassword\r" +expect "Enter new UNIX password: " +send "password-foo\r" +expect "Retype new UNIX password: " +send "password-foo\r" +expect "passwd: password updated successfully" +expect "$ " +send "echo \$?\r" +expect "0" +expect "$ " +send "exit\r" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/passwd/19_passwd_user_change_password/passwd.test b/tests/passwd/19_passwd_user_change_password/passwd.test new file mode 100755 index 00000000..e181273b --- /dev/null +++ b/tests/passwd/19_passwd_user_change_password/passwd.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can change her password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./passwd.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password new file mode 100644 index 00000000..cb8c7b71 --- /dev/null +++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd new file mode 100644 index 00000000..82223ff6 --- /dev/null +++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/bash diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow new file mode 100644 index 00000000..18a7168c --- /dev/null +++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7::: diff --git a/tests/passwd/20_passwd_user_change_password_same_user/data/shadow b/tests/passwd/20_passwd_user_change_password_same_user/data/shadow new file mode 100644 index 00000000..542ae829 --- /dev/null +++ b/tests/passwd/20_passwd_user_change_password_same_user/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_SHA512 password-foo@:@TODAY@:0:99999:7::: diff --git a/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp b/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp new file mode 100755 index 00000000..70d4b809 --- /dev/null +++ b/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp @@ -0,0 +1,31 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/sh +send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r" +expect "# " +send "su -l foo\r" +expect "$ " +send "id\r" +expect "uid=1000(foo) gid=1000(foo) groups=1000(foo)" + +send "passwd foo\r" +expect "Changing password for foo." +expect "(current) UNIX password: " +send "foopassword\r" +expect "Enter new UNIX password: " +send "password-foo\r" +expect "Retype new UNIX password: " +send "password-foo\r" +expect "passwd: password updated successfully" +expect "$ " +send "echo \$?\r" +expect "0" +expect "$ " +send "exit\r" +expect "# " +send "exit\r" +puts "OK\n" +exit 0 diff --git a/tests/passwd/20_passwd_user_change_password_same_user/passwd.test b/tests/passwd/20_passwd_user_change_password_same_user/passwd.test new file mode 100755 index 00000000..e181273b --- /dev/null +++ b/tests/passwd/20_passwd_user_change_password_same_user/passwd.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can change her password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./passwd.exp + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group new file mode 100644 index 00000000..fb4f67e5 --- /dev/null +++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo1:x:1001: diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow new file mode 100644 index 00000000..3e73b5ab --- /dev/null +++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo1:*:: diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd new file mode 100644 index 00000000..54cce8ec --- /dev/null +++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/bash +foo1:x:1001:1001:::/bin/bash diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow new file mode 100644 index 00000000..4f88f0c6 --- /dev/null +++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7::: +foo1:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7::: diff --git a/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err b/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err new file mode 100644 index 00000000..5b45f51a --- /dev/null +++ b/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err @@ -0,0 +1 @@ +passwd: You may not view or modify password information for foo1. diff --git a/tests/passwd/21_passwd_user_change_password_other_user/passwd.test b/tests/passwd/21_passwd_user_change_password_other_user/passwd.test new file mode 100755 index 00000000..bcb0a105 --- /dev/null +++ b/tests/passwd/21_passwd_user_change_password_other_user/passwd.test @@ -0,0 +1,53 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "root can change her password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +su -l foo -c "passwd foo1" 2>tmp/passwd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/passwd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/passwd.err tmp/passwd.err +echo "error message OK." +rm -f tmp/passwd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/passwd/22_passwd_usage/config.txt b/tests/passwd/22_passwd_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/passwd/22_passwd_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/passwd/22_passwd_usage/config/etc/group b/tests/passwd/22_passwd_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/passwd/22_passwd_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/passwd/22_passwd_usage/config/etc/gshadow b/tests/passwd/22_passwd_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/passwd/22_passwd_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/passwd/22_passwd_usage/config/etc/passwd b/tests/passwd/22_passwd_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/passwd/22_passwd_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/passwd/22_passwd_usage/config/etc/shadow b/tests/passwd/22_passwd_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/passwd/22_passwd_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/passwd/22_passwd_usage/data/usage.out b/tests/passwd/22_passwd_usage/data/usage.out new file mode 100644 index 00000000..21552feb --- /dev/null +++ b/tests/passwd/22_passwd_usage/data/usage.out @@ -0,0 +1,22 @@ +Usage: passwd [options] [LOGIN] + +Options: + -a, --all report password status on all accounts + -d, --delete delete the password for the named account + -e, --expire force expire the password for the named account + -h, --help display this help message and exit + -k, --keep-tokens change password only if expired + -i, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -l, --lock lock the password of the named account + -n, --mindays MIN_DAYS set minimum number of days before password + change to MIN_DAYS + -q, --quiet quiet mode + -r, --repository REPOSITORY change password in REPOSITORY repository + -R, --root CHROOT_DIR directory to chroot into + -S, --status report password status on the named account + -u, --unlock unlock the password of the named account + -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS + -x, --maxdays MAX_DAYS set maximum number of days before password + change to MAX_DAYS + diff --git a/tests/passwd/22_passwd_usage/passwd.test b/tests/passwd/22_passwd_usage/passwd.test new file mode 100755 index 00000000..077ec90d --- /dev/null +++ b/tests/passwd/22_passwd_usage/passwd.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "passwd can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get passwd usage (passwd -h)..." +passwd -h >tmp/usage.out + +echo "passwd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/run_all b/tests/run_all new file mode 100755 index 00000000..c5517d52 --- /dev/null +++ b/tests/run_all @@ -0,0 +1,1305 @@ +#!/bin/sh + +set -e + +export LC_ALL=C +unset LANG +unset LANGUAGE +. common/config.sh + +USE_PAM="yes" +FAILURE_TESTS="yes" + +succeded=0 +failed=0 +failed_tests="" + +run_test() +{ + [ -f RUN_TEST.STOP ] && exit 1 + + if $1 > $1.log + then + succeded=$((succeded+1)) + echo -n "+" + else + failed=$((failed+1)) + failed_tests="$failed_tests $1" + echo -n "-" + fi + cat $1.log >> testsuite.log + [ -f /etc/passwd.lock ] && echo $1 /etc/passwd.lock || true + [ -f /etc/group.lock ] && echo $1 /etc/group.lock || true + [ -f /etc/shadow.lock ] && echo $1 /etc/shadow.lock || true + [ -f /etc/gshadow.lock ] && echo $1 /etc/gshadow.lock || true + if [ "$(stat -c"%G" /etc/shadow)" != "shadow" ] + then + echo $1 + ls -l /etc/shadow + chgrp shadow /etc/shadow + fi + if [ -d /nonexistent ] + then + echo $1 /nonexistent + rmdir /nonexistent + fi +} + +echo "+: test passed" +echo "-: test failed" + +# Empty the complete log. +> testsuite.log + +find ${build_path} -name "*.gcda" -delete +run_test ./su/01/su_root.test +run_test ./su/01/su_user.test +find ${build_path} -name "*.gcda" -exec chmod a+rw {} \; +run_test ./su/02/env_FOO-options_--login +run_test ./su/02/env_FOO-options_--login_bash +run_test ./su/02/env_FOO-options_--preserve-environment +run_test ./su/02/env_FOO-options_--preserve-environment_bash +run_test ./su/02/env_FOO-options_- +run_test ./su/02/env_FOO-options_-_bash +run_test ./su/02/env_FOO-options_-l-m +run_test ./su/02/env_FOO-options_-l-m_bash +run_test ./su/02/env_FOO-options_-l +run_test ./su/02/env_FOO-options_-l_bash +run_test ./su/02/env_FOO-options_-m_bash +run_test ./su/02/env_FOO-options_-m +run_test ./su/02/env_FOO-options_-p +run_test ./su/02/env_FOO-options_-p_bash +run_test ./su/02/env_FOO-options__bash +run_test ./su/02/env_FOO-options_ +run_test ./su/02/env_FOO-options_-p- +run_test ./su/02/env_FOO-options_-p-_bash +run_test ./su/02/env_special-options_-l-p +run_test ./su/02/env_special-options_-l +run_test ./su/02/env_special-options_-l-p_bash +run_test ./su/02/env_special-options_-l_bash +run_test ./su/02/env_special-options_-p +run_test ./su/02/env_special-options_-p_bash +run_test ./su/02/env_special-options_ +run_test ./su/02/env_special-options__bash +run_test ./su/02/env_special_root-options_-l-p +run_test ./su/02/env_special_root-options_-l-p_bash +run_test ./su/02/env_special_root-options_-l +run_test ./su/02/env_special_root-options_-l_bash +run_test ./su/02/env_special_root-options_-p +run_test ./su/02/env_special_root-options_-p_bash +run_test ./su/02/env_special_root-options_ +run_test ./su/02/env_special_root-options__bash +run_test ./su/03/su_run_command01.test +run_test ./su/03/su_run_command02.test +run_test ./su/03/su_run_command03.test +run_test ./su/03/su_run_command04.test +run_test ./su/03/su_run_command05.test +run_test ./su/03/su_run_command06.test +run_test ./su/03/su_run_command07.test +run_test ./su/03/su_run_command08.test +run_test ./su/03/su_run_command09.test +run_test ./su/03/su_run_command10.test +run_test ./su/03/su_run_command11.test +run_test ./su/03/su_run_command12.test +run_test ./su/03/su_run_command13.test +run_test ./su/03/su_run_command14.test +run_test ./su/03/su_run_command15.test +run_test ./su/03/su_run_command16.test +run_test ./su/03/su_run_command17.test +run_test ./su/04/su_wrong_user.test +run_test ./su/04/su_user_wrong_passwd.test +run_test ./su/04/su_user_wrong_passwd_syslog.test +run_test ./su/05/su_user_wrong_passwd_syslog.test +run_test ./su/06/su_user_syslog.test +run_test ./su/07/su_user_syslog.test +run_test ./su/08/env_special-options_ +run_test ./su/08/env_special_root-options_ +run_test ./su/09/env_special-options_ +run_test ./su/09/env_special_root-options_ +run_test ./su/10_su_sulog_success/su.test +run_test ./su/11_su_sulog_failure/su.test +run_test ./su/12_su_child_failure/su.test +run_test ./su/13_su_child_success/su.test +run_test ./chage/01/run +find ${build_path} -name "*.gcda" -exec chmod a+rw {} \; +run_test ./chage/02/run +run_test ./chage/03_chsh_usage/chage.test +run_test ./chage/04_chsh_usage_invalid_option/chage.test +run_test ./chage/05_chsh_usage_2_users/chage.test +run_test ./chage/06_chsh_usage_no_users/chage.test +run_test ./chage/07_chsh_usage-l_exclusive/chage.test +run_test ./chage/08_chsh_usage_invalid_date/chage.test +run_test ./chage/09_chsh_usage_invalid_numeric_arg/chage.test +run_test ./chage/10_chsh-l/chage.test +run_test ./chage/11_chsh_usage_invalid_user/chage.test +run_test ./chage/12_chsh_usage-l_invalid_user2/chage.test +run_test ./chage/13_chsh_locked_passwd/chage.test +run_test ./chage/14_chsh_locked_shadow/chage.test +run_test ./chage/15_chage-I_no_shadow_entry/chage.test +run_test ./chage/16_chage-m_no_shadow_entry/chage.test +run_test ./chage/17_chage-M_no_shadow_entry/chage.test +run_test ./chage/18_chage-d_no_shadow_entry/chage.test +run_test ./chage/19_chage-W_no_shadow_entry/chage.test +run_test ./chage/20_chage-E_no_shadow_entry/chage.test +run_test ./chage/21_chage_no_shadow_file/chage.test +run_test ./chage/22_chage_myuser-l/chage.test +run_test ./chage/23_chage_myuser-I/chage.test +run_test ./chage/24_chage_myuser-l_other/chage.test +run_test ./chage/25_chage_interractive/chage.test +run_test ./chage/26_chage_interractive_date_0/chage.test +run_test ./chage/27_chage_interractive_date_-1/chage.test +run_test ./chage/28_chage_interractive_date_EPOCH/chage.test +run_test ./chage/29_chage_interractive_date_pre-EPOCH/chage.test +run_test ./chage/30_chage_interractive_date_pre-EPOCH2/chage.test +run_test ./chage/31_chage_interractive_date_invalid/chage.test +run_test ./chage/32_chage_interractive_date_invalid2/chage.test +run_test ./chage/33_chage_interractive-W_invalid1/chage.test +run_test ./chage/34_chage_interractive-W_invalid2/chage.test +run_test ./chage/35_chage_interractive-W-1/chage.test +run_test ./chage/36_chage_interractive-I_invalid1/chage.test +run_test ./chage/37_chage_interractive-I_invalid2/chage.test +run_test ./chage/38_chage_interractive-I-1/chage.test +run_test ./chage/39_chage_interractive-d-1/chage.test +run_test ./chsh/01/run +run_test ./chsh/02_chsh_usage/chsh.test +run_test ./chsh/03_chsh_usage_invalid_option/chsh.test +run_test ./chsh/04_chsh_usage_2_users/chsh.test +run_test ./chsh/05_chsh_myuser_restricted_shell/chsh.test +run_test ./chsh/06_chsh_myuser_non_restricted_shell/chsh.test +run_test ./chsh/07_chsh_usage_invalid_user/chsh.test +run_test ./chsh/08_chsh_myuser_to_restricted_shell/chsh.test +run_test ./chsh/09_chsh_myuser_to_missing_shell/chsh.test +run_test ./chsh/10_chsh_myuser_to_non_executable_shell/chsh.test +run_test ./chsh/11_chsh_auth_failure/chsh.test +run_test ./chsh/12_chsh_warning_missing_shell/chsh.test +run_test ./chsh/13_chsh_warning_non_executable/chsh.test +run_test ./chsh/14_chsh_locked_passwd/chsh.test +run_test ./chsh/15_chsh_PAM_error/chsh.test +run_test ./chroot/chage/01_chage--root/chage.test +run_test ./chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test +run_test ./chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test +run_test ./chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test +run_test ./chroot/chsh/01_chsh--root/chsh.test +run_test ./chroot/gpasswd/01_gpasswd--root/gpasswd.test +run_test ./chroot/groupadd/01_groupadd--root/groupadd.test +run_test ./chroot/groupdel/01_groupdel--root/groupdel.test +run_test ./chroot/groupmod/01_groupmod--root/groupmod.test +run_test ./chroot/grpck/01_grpck--root/grpck.test +run_test ./chroot/grpconv/01_grpconv--root/grpconv.test +run_test ./chroot/grpunconv/01_grpunconv--root/grpunconv.test +run_test ./chroot/lastlog/01_lastlog--root/lastlog.test +run_test ./chroot/login/01_login_sublogin/login.test +run_test ./chroot/pwck/01_pwck--root/pwck.test +run_test ./chroot/pwconv/01_pwconv--root/pwconv.test +run_test ./chroot/pwunconv/01_pwunconv--root/pwunconv.test +run_test ./chroot/useradd/01_useradd--root/useradd.test +run_test ./chroot/useradd/02_useradd--root_login.defs/useradd.test +run_test ./chroot/useradd/03_useradd--root_useradd.default/useradd.test +run_test ./chroot/useradd/04_useradd--root_useradd-D/useradd.test +run_test ./chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test +run_test ./chroot/userdel/01_userdel--root/userdel.test +run_test ./chroot/usermod/01_usermod--root/usermod.test +run_test ./convtools/01/run +run_test ./convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test +run_test ./convtools/03_grpconv_copy_passwd/grpconv.test +run_test ./convtools/04_grpconv_no_password/grpconv.test +run_test ./convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test +run_test ./convtools/06_grpconv_error_group_locked/grpconv.test +run_test ./convtools/07_grpconv_error_gshadow_locked/grpconv.test +run_test ./convtools/08_grpunconv_no_gshadow_file/grpunconv.test +run_test ./convtools/09_grpunconv_error_group_locked/grpunconv.test +run_test ./convtools/10_grpunconv_error_gshadow_locked/grpunconv.test +run_test ./convtools/11_pwconv_error_passwd_locked/pwconv.test +run_test ./convtools/12_pwconv_error_shadow_locked/pwconv.test +run_test ./convtools/13_pwunconv_error_passwd_locked/pwunconv.test +run_test ./convtools/14_pwunconv_error_shadow_locked/pwunconv.test +run_test ./convtools/15_pwconv_remove_shadow_only_entries/pwconv.test +run_test ./convtools/16_pwconv_copy_passwd/pwconv.test +run_test ./convtools/17_pwunconv_no_shadow_file/pwunconv.test +run_test ./convtools/18_pwunconv_user_not_in_shadow/pwunconv.test +run_test ./convtools/19_pwconv_NIS/pwconv.test +run_test ./convtools/20_pwunconv_usage_option/pwunconv.test +run_test ./convtools/21_pwunconv_keep_passwd_password/pwunconv.test +run_test ./convtools/22_grpunconv_usage_option/grpunconv.test +run_test ./convtools/23_grpunconv_keep_group_password/grpunconv.test +run_test ./convtools/24_grpunconv_no_gshadow_entry/grpunconv.test +run_test ./convtools/25_pwconv_usage_option/pwconv.test +run_test ./convtools/26_grpconv_usage_option/grpconv.test +run_test ./convtools/27_pwunconv_usage/pwunconv.test +run_test ./convtools/28_pwunconv_usage_extra_arg/pwunconv.test +run_test ./convtools/29_grpconv_usage/grpconv.test +run_test ./convtools/30_grpconv_usage_extra_arg/grpconv.test +run_test ./convtools/31_pwconv_usage/pwconv.test +run_test ./convtools/32_pwconv_usage_extra_arg/pwconv.test +run_test ./convtools/33_grpunconv_usage/grpunconv.test +run_test ./convtools/34_grpunconv_usage_extra_arg/grpunconv.test +run_test ./cptools/02_cppw_usage/cppw.test +run_test ./cptools/03_cppw_usage_invalid_option/cppw.test +run_test ./cptools/04_cppw_no_file_argument/cppw.test +run_test ./cptools/05_cppw_2_files/cppw.test +run_test ./cptools/06_cppw_no_file/cppw.test +run_test ./cptools/07_cppw_locked_passwd/cppw.test +run_test ./cptools/08_cppw-p/cppw.test +run_test ./cptools/09_cppw-g/cppw.test +run_test ./cptools/10_cppw-g-s/cppw.test +run_test ./cptools/11_cppw-p-s/cppw.test +run_test ./cptools/12_cppw-s_no_shadow_file/cppw.test +run_test ./debian/01/run +run_test ./grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test +run_test ./grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test +run_test ./grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test +run_test ./grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test +run_test ./grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test +run_test ./grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test +run_test ./grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test +run_test ./grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test +run_test ./grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test +run_test ./grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test +run_test ./grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test +run_test ./grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test +run_test ./grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test +run_test ./grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test +run_test ./grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test +run_test ./grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test +run_test ./grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test +run_test ./grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test +run_test ./grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test +run_test ./grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test +run_test ./grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test +run_test ./grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test +run_test ./grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test +run_test ./grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test +run_test ./grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test +run_test ./grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test +run_test ./grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test +run_test ./grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test +run_test ./grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test +run_test ./grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test +run_test ./grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test +run_test ./grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test +run_test ./grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test +run_test ./grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test +run_test ./grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test +run_test ./grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test +run_test ./grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test +run_test ./grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test +run_test ./grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test +run_test ./grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test +run_test ./grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test +run_test ./grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test +run_test ./grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test +run_test ./grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test +run_test ./grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test +run_test ./grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test +run_test ./grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test +run_test ./grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test +run_test ./grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test +run_test ./grouptools/gpasswd/61_gpasswd_usage/gpasswd.test +run_test ./grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test +run_test ./grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test +run_test ./grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test +run_test ./grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test +run_test ./grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test +run_test ./grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test +run_test ./grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test +run_test ./grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test +run_test ./grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test +run_test ./grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test +run_test ./grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test +run_test ./grouptools/groupadd/01_groupadd_add_group/groupadd.test +run_test ./grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test +run_test ./grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test +run_test ./grouptools/groupadd/04_groupadd_set_password/groupadd.test +run_test ./grouptools/groupadd/05_groupadd_set_GID/groupadd.test +run_test ./grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test +run_test ./grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test +run_test ./grouptools/groupadd/08_groupadd_locked_group/groupadd.test +run_test ./grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test +run_test ./grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test +run_test ./grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test +run_test ./grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test +run_test ./grouptools/groupadd/13_groupadd_invalid_name/groupadd.test +run_test ./grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test +run_test ./grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test +run_test ./grouptools/groupadd/16_groupadd_existing_group/groupadd.test +run_test ./grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test +run_test ./grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test +run_test ./grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test +run_test ./grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test +run_test ./grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test +run_test ./grouptools/groupadd/22_groupadd_usage/groupadd.test +run_test ./grouptools/groupadd/23_groupadd_no_groups/groupadd.test +run_test ./grouptools/groupadd/24_groupadd_2_groups/groupadd.test +run_test ./grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test +run_test ./grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test +run_test ./grouptools/groupadd/27_groupadd_invalid_option/groupadd.test +run_test ./grouptools/groupdel/01_groupdel_delete_group/groupdel.test +run_test ./grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test +run_test ./grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test +run_test ./grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test +run_test ./grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test +run_test ./grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test +run_test ./grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test +run_test ./grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test +run_test ./grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test +run_test ./grouptools/groupdel/10_groupdel_usage/groupdel.test +run_test ./grouptools/groupdel/11_groupdel_invalid_option/groupdel.test +run_test ./grouptools/groupmems/01_groupmems_root_add_user/groupmems.test +run_test ./grouptools/groupmems/02_groupmems_root_del_user/groupmems.test +run_test ./grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test +run_test ./grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test +run_test ./grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test +run_test ./grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/12_groupmems_user_add_user/groupmems.test +run_test ./grouptools/groupmems/13_groupmems_user_del_user/groupmems.test +run_test ./grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test +run_test ./grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test +run_test ./grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test +run_test ./grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test +run_test ./grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test +run_test ./grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test +run_test ./grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test +run_test ./grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test +run_test ./grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test +run_test ./grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test +run_test ./grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test +run_test ./grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test +run_test ./grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test +run_test ./grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test +run_test ./grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test +run_test ./grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test +run_test ./grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test +run_test ./grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test +run_test ./grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test +run_test ./grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test +run_test ./grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test +run_test ./grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test +run_test ./grouptools/groupmems/42_groupmems_user_list_users/groupmems.test +run_test ./grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test +run_test ./grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test +run_test ./grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test +run_test ./grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test +run_test ./grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test +run_test ./grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test +run_test ./grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test +run_test ./grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test +run_test ./grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test +run_test ./grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test +run_test ./grouptools/groupmems/53_groupmems_usage/groupmems.test +run_test ./grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test +run_test ./grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test +run_test ./grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test +run_test ./grouptools/groupmems/57_groupmems_authentication/groupmems.test +run_test ./grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test +run_test ./grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test +run_test ./grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test +run_test ./grouptools/groupmod/01_groupmod_change_gid/groupmod.test +run_test ./grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test +run_test ./grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test +run_test ./grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test +run_test ./grouptools/groupmod/06_groupmod_change_group_name/groupmod.test +run_test ./grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test +run_test ./grouptools/groupmod/09_groupmod_set_password/groupmod.test +run_test ./grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test +run_test ./grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test +run_test ./grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test +run_test ./grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test +run_test ./grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test +run_test ./grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test +run_test ./grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test +run_test ./grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test +run_test ./grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test +run_test ./grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test +run_test ./grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test +run_test ./grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test +run_test ./grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test +run_test ./grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test +run_test ./grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test +run_test ./grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test +run_test ./grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test +run_test ./grouptools/groupmod/28_groupmod_usage/groupmod.test +run_test ./grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test +run_test ./grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test +run_test ./grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test +run_test ./grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test +run_test ./grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test +run_test ./grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test +run_test ./grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/37_groupmod_invalid_option/groupmod.test +run_test ./log/faillog/01_faillog_no_faillog/faillog.test +run_test ./log/faillog/02_faillog_usage/faillog.test +run_test ./log/faillog/03_faillog_format/faillog.test +run_test ./log/faillog/04_faillog_mulitple/faillog.test +run_test ./log/faillog/05_faillog-u_ID/faillog.test +run_test ./log/faillog/06_faillog-u_name/faillog.test +run_test ./log/faillog/07_faillog-u_ID_invalid/faillog.test +run_test ./log/faillog/08_faillog-u_name_invalid/faillog.test +run_test ./log/faillog/09_faillog-u_range/faillog.test +run_test ./log/faillog/10_faillog-u_open_range/faillog.test +run_test ./log/faillog/11_faillog-u_range_open/faillog.test +run_test ./log/faillog/12_faillog-u_range_invalid1/faillog.test +run_test ./log/faillog/13_faillog-u_range_invalid2/faillog.test +run_test ./log/faillog/14_faillog-u_range_invalid3/faillog.test +run_test ./log/faillog/15_faillog_bad_option/faillog.test +run_test ./log/faillog/16_faillog_extra_arg/faillog.test +run_test ./log/faillog/17_faillog-t/faillog.test +run_test ./log/faillog/18_faillog-t_invalid/faillog.test +run_test ./log/faillog/19_faillog_multiple_same_user/faillog.test +run_test ./log/faillog/20_faillog-r-u/faillog.test +run_test ./log/faillog/21_faillog-r-u_range/faillog.test +run_test ./log/faillog/22_faillog_removed_user/faillog.test +run_test ./log/faillog/23_faillog-a_removed_user/faillog.test +run_test ./log/faillog/24_faillog-u_removed_user/faillog.test +run_test ./log/faillog/25_faillog-r-u_removed_user/faillog.test +run_test ./log/faillog/26_faillog-r-u_range_removed_user/faillog.test +run_test ./log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test +run_test ./log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test +run_test ./log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test +run_test ./log/faillog/30_faillog-r/faillog.test +run_test ./log/faillog/31_faillog-r-u_open_range/faillog.test +run_test ./log/faillog/32_faillog-l/faillog.test +run_test ./log/faillog/33_faillog-l-u_user/faillog.test +run_test ./log/faillog/34_faillog-l-u_range/faillog.test +run_test ./log/faillog/35_faillog-l-u_open_range/faillog.test +run_test ./log/faillog/36_faillog-l-u_range_open/faillog.test +run_test ./log/faillog/37_faillog-l-a-u_user/faillog.test +run_test ./log/faillog/38_faillog-l-a-u_range/faillog.test +run_test ./log/faillog/39_faillog-l-a-u_open_range/faillog.test +run_test ./log/faillog/40_faillog-l-a-u_range_open/faillog.test +run_test ./log/faillog/41_faillog-l_invalid/faillog.test +run_test ./log/faillog/42_faillog-m/faillog.test +run_test ./log/faillog/43_faillog-m-u_user/faillog.test +run_test ./log/faillog/44_faillog-m-u_range/faillog.test +run_test ./log/faillog/45_faillog-m-u_open_range/faillog.test +run_test ./log/faillog/46_faillog-m-u_range_open/faillog.test +run_test ./log/faillog/47_faillog-m-a-u_user/faillog.test +run_test ./log/faillog/48_faillog-m-a-u_range/faillog.test +run_test ./log/faillog/49_faillog-m-a-u_open_range/faillog.test +run_test ./log/faillog/50_faillog-m-a-u_range_open/faillog.test +run_test ./log/faillog/51_faillog-m_invalid/faillog.test +run_test ./log/faillog/52_faillog-t-l_exclusive/faillog.test +run_test ./log/faillog/53_faillog-t-m_exclusive/faillog.test +run_test ./log/faillog/54_faillog-t-r_exclusive/faillog.test +run_test ./log/faillog/55_faillog_no_changes/faillog.test +run_test ./log/faillog/56_faillog-l-m_empty_file/faillog.test +run_test ./log/faillog/57_faillog-r_empty_file/faillog.test +run_test ./log/faillog/58_faillog-l_no_failcount/faillog.test +run_test ./log/lastlog/01_lastlog_no_lastlog/lastlog.test +run_test ./log/lastlog/02_lastlog_usage/lastlog.test +run_test ./log/lastlog/03_lastlog_format/lastlog.test +run_test ./log/lastlog/04_lastlog_mulitple/lastlog.test +run_test ./log/lastlog/05_lastlog-u_ID/lastlog.test +run_test ./log/lastlog/06_lastlog-u_name/lastlog.test +run_test ./log/lastlog/07_lastlog-u_ID_invalid/lastlog.test +run_test ./log/lastlog/08_lastlog-u_name_invalid/lastlog.test +run_test ./log/lastlog/09_lastlog-u_range/lastlog.test +run_test ./log/lastlog/10_lastlog-u_open_range/lastlog.test +run_test ./log/lastlog/11_lastlog-u_range_open/lastlog.test +run_test ./log/lastlog/12_lastlog-u_range_invalid1/lastlog.test +run_test ./log/lastlog/13_lastlog-u_range_invalid2/lastlog.test +run_test ./log/lastlog/14_lastlog-u_range_invalid3/lastlog.test +run_test ./log/lastlog/15_lastlog_bad_option/lastlog.test +run_test ./log/lastlog/16_lastlog_extra_arg/lastlog.test +run_test ./log/lastlog/17_lastlog-t/lastlog.test +run_test ./log/lastlog/18_lastlog-b/lastlog.test +run_test ./log/lastlog/19_lastlog-t_invalid/lastlog.test +run_test ./log/lastlog/20_lastlog-b_invalid/lastlog.test +run_test ./usertools/01/01_useradd_add_user.test +run_test ./usertools/01/01_userdel_delete_user.test +run_test ./usertools/01/02_useradd_recreate_deleted_user.test +run_test ./usertools/01/03_useradd_additional_options.test +run_test ./usertools/01/04_useradd_add_user_with_existing_UID_fail.test +run_test ./usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test +run_test ./usertools/01/04_useradd_specified_UID.test +run_test ./usertools/01/04_useradd_specified_UID_and_GID.test +run_test ./usertools/01/04_userdel_delete_user_with_non_unique_UID.test +run_test ./usertools/01/05_useradd_invalid_numeric_primary_group.test +run_test ./usertools/01/06_useradd_invalid_named_primary_group.test +run_test ./usertools/01/07_useradd_numerical_primary_group.test +run_test ./usertools/01/08_useradd_named_primary_group.test +run_test ./usertools/01/09_usermod_change_user_info.test +run_test ./usertools/01/10_usermod_rename_user.test +run_test ./usertools/01/10_usermod_rename_user_in_group.test +run_test ./usertools/01/11_usermod_change_password.test +run_test ./usertools/01/11_usermod_lock_password.test +run_test ./usertools/01/11_usermod_unlock_empty_password.test +run_test ./usertools/01/11_usermod_unlock_password.test +run_test ./usertools/01/12_usermod_change_gid_name.test +run_test ./usertools/01/12_usermod_change_gid_number.test +run_test ./usertools/01/13_useradd_negative_UID.test +run_test ./usertools/01/14_useradd_out_of_range_UID.test +run_test ./usertools/01/15_useradd_specified_large_UID.test +run_test ./usertools/01/16_useradd_add_user_to_multiple_groups.test +run_test ./usertools/01/16_useradd_add_user_to_one_group.test +run_test ./usertools/01/17_useradd_create_homedir.test +run_test ./usertools/01/18_userdel_remove_homedir.test +run_test ./usertools/01/19_userdel_delete_user_in_group.test +run_test ./usertools/01/20_usermod_change_homedir.test +run_test ./usertools/01/21_usermod_change_and_move_homedir.test +run_test ./usertools/01/22_usermod_new_groups.test +run_test ./usertools/01/23_usermod_add_groups.test +run_test ./usertools/01/24_usermod_new_groups_remove_old_groups.test +run_test ./usertools/01/25_useradd_specified_large_UID2.test +run_test ./usertools/01/26_useradd_UID_-1.test +run_test ./usertools/02/useradd_default_default_values.test +run_test ./usertools/02/useradd_get_default_values.test +run_test ./usertools/02/useradd_change_default_INACTIVE.test +run_test ./usertools/02/useradd_change_default_SHELL.test +run_test ./usertools/02/useradd_change_default_EXPIRE.test +run_test ./usertools/02/useradd_change_default_GROUP.test +run_test ./usertools/02/useradd_change_default_HOME.test +run_test ./usertools/02/useradd_change_defaults.test +run_test ./usertools/03/useradd_change_defaults.test +run_test ./usertools/04/01_useradd_add_user.test +run_test ./usertools/05_userdel_del_from_group_members/userdel.test +run_test ./usertools/06_userdel_del_from_gshadow_members/userdel.test +run_test ./usertools/07_userdel_del_from_gshadow_admins/userdel.test +run_test ./usertools/08_userdel_del_from_group_and_gshadow/userdel.test +run_test ./usertools/09_userdel_del_homedir/userdel.test +run_test ./usertools/10_userdel_del_homedir_wrong_owner/userdel.test +run_test ./usertools/11_usermod_move_homedir/usermod.test +run_test ./usertools/12_usermod_move_homedir_dev_null/usermod.test +run_test ./usertools/13_usermod_move_homedir_file/usermod.test +run_test ./usertools/14_usermod_move_homedir_other_device/usermod.test +run_test ./usertools/15_usermod_change_supplementary_groups/usermod.test +run_test ./usertools/16_usermod_remove_supplementary_groups/usermod.test +run_test ./usertools/17_usermod_change_supplementary_groups_numerical/usermod.test +run_test ./usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test +run_test ./usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test +run_test ./usertools/20_usermod_rename_user_in_member_lists/usermod.test +run_test ./usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test +run_test ./usertools/22_usermod-a_existing_supplementary_group/usermod.test +run_test ./usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test +run_test ./usertools/24_usermod_locked_passwd/usermod.test +run_test ./usertools/25_usermod-G_locked_group/usermod.test +run_test ./usertools/26_usermod_locked_shadow/usermod.test +run_test ./usertools/27_usermod-G_locked_gshadow/usermod.test +run_test ./usertools/28_usermod-c_locked_group/usermod.test +run_test ./usertools/29_usermod-c_locked_gshadow/usermod.test +run_test ./usertools/30_usermod-l_locked_group/usermod.test +run_test ./usertools/31_usermod-l_locked_gshadow/usermod.test +run_test ./usertools/32_usermod-u_new_UID/usermod.test +run_test ./usertools/33_usermod-u_existing_UID/usermod.test +run_test ./usertools/34_usermod-u-o_existing_UID/usermod.test +run_test ./usertools/35_usermod-u_invalid_UID/usermod.test +run_test ./usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test +run_test ./usertools/37_Debian_Bug_470745/usermod.test +run_test ./usertools/38_usermod_invalid_user/usermod.test +run_test ./usertools/39_usermod_-c_invalid_comment/usermod.test +run_test ./usertools/40_usermod_-d_invalid_homedir/usermod.test +run_test ./usertools/41_usermod_-d_invalid_shell/usermod.test +run_test ./usertools/42_usermod_-g_invalid_group_name/usermod.test +run_test ./usertools/43_usermod_-g_invalid_group_ID/usermod.test +run_test ./usertools/44_usermod-l_existing_username/usermod.test +run_test ./usertools/45_usermod-l_existing_username_passwd/usermod.test +run_test ./usertools/46_usermod-l_existing_username_shadow/usermod.test +run_test ./usertools/47_usermod-l_no_shadow_file/usermod.test +run_test ./usertools/48_userdel_keep_group_if_primary_other_user/userdel.test +run_test ./usertools/49_userdel_delete_users_group/userdel.test +run_test ./usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test +run_test ./usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test +run_test ./usertools/52_userdel_delete_user_no_shadow_entry/userdel.test +run_test ./usertools/53_userdel_delete_user_no_shadow_file/userdel.test +run_test ./usertools/54_usermod-u_invalid_UID_4294967295/usermod.test +run_test ./usertools/55_userdel_busy_user/userdel.test +run_test ./usertools/56_userdel_locked_passwd/userdel.test +run_test ./usertools/57_userdel_locked_group/userdel.test +run_test ./usertools/58_userdel_locked_shadow/userdel.test +run_test ./usertools/59_userdel_locked_gshadow/userdel.test +run_test ./usertools/60_userdel_invalid_user/userdel.test +run_test ./usertools/61_userdel_del_homedir_with_symlinks/userdel.test +if [ "$USE_PAM" = "yes" ]; then + run_test ./usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test + run_test ./usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test + run_test ./usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test + run_test ./usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test + run_test ./usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test + run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test + run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test + run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test + run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test + run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test + run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test + run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test + run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test + run_test ./usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test + run_test ./usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test + run_test ./usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test + run_test ./usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test + run_test ./usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test + run_test ./usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test + run_test ./usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test + run_test ./usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test + run_test ./usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test + run_test ./usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test + run_test ./usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test + run_test ./usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test + run_test ./usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test + run_test ./usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test + run_test ./usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test + run_test ./usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test + run_test ./usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test + run_test ./usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test + run_test ./usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test + run_test ./usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test + run_test ./usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test +else + run_test ./usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test + run_test ./usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test + run_test ./usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test + run_test ./usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test + run_test ./usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test +fi +run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test +run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test +run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test +run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test +run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test +run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test +run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test +run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test +run_test ./usertools/useradd/01_useradd_usage/useradd.test +run_test ./usertools/useradd/02_useradd_usage_invalid_option/useradd.test +run_test ./usertools/useradd/03_useradd_usage_no_users/useradd.test +run_test ./usertools/useradd/04_useradd_usage_2_users/useradd.test +run_test ./usertools/useradd/05_useradd_usage-b_invalid1/useradd.test +run_test ./usertools/useradd/06_useradd_usage-b_invalid2/useradd.test +run_test ./usertools/useradd/07_useradd_usage-b_invalid3/useradd.test +run_test ./usertools/useradd/08_useradd_usage-c_invalid1/useradd.test +run_test ./usertools/useradd/09_useradd_usage-c_invalid2/useradd.test +run_test ./usertools/useradd/10_useradd_usage-d_invalid1/useradd.test +run_test ./usertools/useradd/11_useradd_usage-d_invalid2/useradd.test +run_test ./usertools/useradd/12_useradd_usage-d_invalid3/useradd.test +run_test ./usertools/useradd/13_useradd_usage-e_invalid1/useradd.test +run_test ./usertools/useradd/14_useradd_usage-e_invalid2/useradd.test +run_test ./usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test +run_test ./usertools/useradd/16_useradd_usage-f_invalid1/useradd.test +run_test ./usertools/useradd/17_useradd_usage-f_invalid2/useradd.test +run_test ./usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test +run_test ./usertools/useradd/19_useradd_usage-K_invalid1/useradd.test +run_test ./usertools/useradd/20_useradd_usage-O_invalid2/useradd.test +run_test ./usertools/useradd/21_useradd_usage-p_invalid1/useradd.test +run_test ./usertools/useradd/22_useradd_usage-p_invalid2/useradd.test +run_test ./usertools/useradd/23_useradd_usage-s_invalid1/useradd.test +run_test ./usertools/useradd/24_useradd_usage-s_invalid2/useradd.test +run_test ./usertools/useradd/25_useradd_usage-s_invalid3/useradd.test +run_test ./usertools/useradd/26_useradd_usage-o_without-u/useradd.test +run_test ./usertools/useradd/27_useradd_usage-k_without-m/useradd.test +run_test ./usertools/useradd/28_useradd_usage-U_with-g/useradd.test +run_test ./usertools/useradd/29_useradd_usage-U_with-N/useradd.test +run_test ./usertools/useradd/30_useradd_usage-m_with-M/useradd.test +run_test ./usertools/useradd/31_useradd_usage_user_with-D/useradd.test +run_test ./usertools/useradd/32_useradd_usage-D_with_other/useradd.test +run_test ./usertools/useradd/33_useradd_usage_invalid_username/useradd.test +run_test ./usertools/useradd/35_useradd_default_GROUP_name/useradd.test +run_test ./usertools/useradd/34_useradd_default_GROUP_GID/useradd.test +run_test ./usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test +run_test ./usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test +run_test ./usertools/useradd/38_useradd_default_INACTIVE/useradd.test +run_test ./usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test +run_test ./usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test +run_test ./usertools/useradd/41_useradd_default_default_SKEL/useradd.test +run_test ./usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test +run_test ./usertools/useradd/43_useradd_default_no_final_eol/useradd.test +run_test ./usertools/useradd/44_useradd_default_no_file/useradd.test +run_test ./usertools/useradd/45_useradd-G_UID_name/useradd.test +run_test ./usertools/useradd/46_useradd-G_UID_duplicate/useradd.test +run_test ./usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test +run_test ./usertools/useradd/48_useradd-G_name_duplicate/useradd.test +run_test ./usertools/useradd/49_useradd-G_invalid_group/useradd.test +run_test ./usertools/useradd/50_useradd-r/useradd.test +run_test ./usertools/useradd/51_useradd_already_exist/useradd.test +run_test ./usertools/useradd/52_useradd-U_group_already_exist/useradd.test +run_test ./usertools/useradd/53_useradd-G_empty/useradd.test +run_test ./usertools/useradd/54_useradd_no_shadow_file/useradd.test +run_test ./usertools/useradd/55_useradd_no_gshadow_file/useradd.test +run_test ./usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test +run_test ./usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test +run_test ./usertools/useradd/58_useradd-e_empty/useradd.test +run_test ./usertools/useradd/59_useradd-e-1-f-1/useradd.test +run_test ./usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test +run_test ./usertools/useradd/61_useradd-K/useradd.test +run_test ./usertools/useradd/62_useradd-p/useradd.test +run_test ./usertools/useradd/63_useradd-s/useradd.test +run_test ./usertools/useradd/64_useradd_locked_passwd/useradd.test +run_test ./usertools/useradd/65_useradd_locked_group/useradd.test +run_test ./usertools/useradd/66_useradd_locked_shadow/useradd.test +run_test ./usertools/useradd/67_useradd_locked_gshadow/useradd.test +run_test ./usertools/useradd/68_useradd-s_empty/useradd.test +run_test ./usertools/userdel/01_userdel_usage/userdel.test +run_test ./usertools/userdel/02_userdel_usage_invalid_option/userdel.test +run_test ./usertools/userdel/03_userdel_usage_no_users/userdel.test +run_test ./usertools/userdel/04_userdel_usage_2_users/userdel.test +run_test ./usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test +run_test ./usertools/userdel/06_userdel_no_usergroup/userdel.test +run_test ./usertools/userdel/07_userdel_usergroup_not_primary/userdel.test +run_test ./usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test +run_test ./usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test +run_test ./usertools/userdel/10_userdel_del_homedir_symlink/userdel.test +run_test ./usertools/usermod/01_usermod-p_no_shadow_file/usermod.test +run_test ./usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test +run_test ./usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test +run_test ./usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test +run_test ./usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test +run_test ./usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test +run_test ./usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test +run_test ./usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test +run_test ./usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test +run_test ./usertools/usermod/10_usermod_usage/usermod.test +run_test ./usertools/usermod/11_usermod_usage_bad_option/usermod.test +run_test ./usertools/usermod/12_usermod_usage_bad-f/usermod.test +run_test ./usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test +run_test ./usertools/usermod/14_usermod_usage_no_options/usermod.test +run_test ./usertools/usermod/15_usermod_usage_no_user/usermod.test +run_test ./usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test +run_test ./usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test +run_test ./usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test +run_test ./usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test +run_test ./usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test +run_test ./usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test +run_test ./usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test +run_test ./usertools/usermod/23_usermod-e_date/usermod.test +run_test ./usertools/usermod/24_usermod-e_date/usermod.test +run_test ./usertools/usermod/25_usermod-e_empty_arg/usermod.test +run_test ./usertools/usermod/26_usermod-e-1/usermod.test +run_test ./usertools/usermod/27_usermod-e_invalid1/usermod.test +run_test ./usertools/usermod/28_usermod-e_invalid2/usermod.test +run_test ./usertools/usermod/29_usermod_no_changes/usermod.test +run_test ./usertools/usermod/30_usermod_usage-a_without-G/usermod.test +run_test ./usertools/usermod/31_usermod_usage-o_without-u/usermod.test +run_test ./usertools/usermod/32_usermod_usage-m_without-d/usermod.test +run_test ./usertools/usermod/33_usermod_change_shell/usermod.test +run_test ./usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test +run_test ./usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test +run_test ./usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test +run_test ./usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test +run_test ./usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test +run_test ./usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test +run_test ./usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test +run_test ./usertools/usermod/41_usermod-u_faillog_not_created/usermod.test +run_test ./usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test +run_test ./usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test +run_test ./usertools/usermod/44_usermod-l_move_mailbox/usermod.test +run_test ./usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test +run_test ./usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test +run_test ./usertools/usermod/47_usermod-u_default_maildir/usermod.test +run_test ./usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test +run_test ./usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test +run_test ./usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test +run_test ./usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test +run_test ./usertools/usermod/52_usermod_move_homedir_symlink/usermod.test +run_test ./cptools/01/run1 +run_test ./cptools/01/run2 +run_test ./cptools/01/run3 +run_test ./cptools/01/run4 +run_test ./cktools/01/run1 +run_test ./cktools/01/run2 +run_test ./cktools/02_pwck_sort/pwck.test +run_test ./cktools/03_grpck_sort/grpck.test +run_test ./cktools/04_pwck_sort_missing_shadow_user/pwck.test +run_test ./cktools/05_grpck_sort_missing_shadow_group/grpck.test +run_test ./cktools/06_pwck_sort_NIS_server/pwck.test +run_test ./cktools/07_pwck_sort_NIS_client/pwck.test +run_test ./cktools/grpck/04_grpck_missing_field_group_delete/grpck.test +run_test ./cktools/grpck/05_grpck_missing_field_group_keep/grpck.test +run_test ./cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test +run_test ./cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test +run_test ./cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test +run_test ./cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test +run_test ./cktools/grpck/10_grpck_missing_field_group_local/grpck.test +run_test ./cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test +run_test ./cktools/grpck/12_grpck_unknown_user_group/grpck.test +run_test ./cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test +run_test ./cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test +run_test ./cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test +run_test ./cktools/grpck/16_grpck_duplicate_entry_group/grpck.test +run_test ./cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test +run_test ./cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test +run_test ./cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test +run_test ./cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test +run_test ./cktools/grpck/21_grpck_invalid_group_name/grpck.test +run_test ./cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test +run_test ./cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test +run_test ./cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test +run_test ./cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test +run_test ./cktools/grpck/26_grpck_no_gshadow_file/grpck.test +run_test ./cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test +run_test ./cktools/grpck/28_grpck_usage/grpck.test +run_test ./cktools/grpck/29_grpck_sort_readonly/grpck.test +run_test ./cktools/grpck/30_grpck_3_files/grpck.test +run_test ./cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test +run_test ./cktools/grpck/32_grpck_sort_nis/grpck.test +run_test ./cktools/grpck/33_grpck_locked_group/grpck.test +run_test ./cktools/grpck/34_grpck_locked_gshadow/grpck.test +run_test ./cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test +run_test ./cktools/grpck/36_grpck_password_group_gshadow/grpck.test +run_test ./cktools/grpck/37_grpck_invalid_option/grpck.test +run_test ./cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test +run_test ./cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test +run_test ./cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test +run_test ./cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test +run_test ./cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test +run_test ./cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test +run_test ./cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test +run_test ./cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test +run_test ./cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test +run_test ./cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test +run_test ./cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test +run_test ./cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test +run_test ./cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test +run_test ./cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test +run_test ./cktools/pwck/18_pwck_invalid_user_name/pwck.test +run_test ./cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test +run_test ./cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test +run_test ./cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test +run_test ./cktools/pwck/22_pwck_usage/pwck.test +run_test ./cktools/pwck/23_pwck_locked_passwd/pwck.test +run_test ./cktools/pwck/24_pwck_locked_shadow/pwck.test +run_test ./cktools/pwck/25_pwck_usage_invalid_option/pwck.test +run_test ./cktools/pwck/26_pwck_usage-s-r/pwck.test +run_test ./cktools/pwck/27_pwck_usage_3_files/pwck.test +run_test ./cktools/pwck/28_pwck_no_shadow_file/pwck.test +run_test ./cktools/pwck/29_pwck_password_change_in_future/pwck.test +run_test ./cktools/pwck/30_pwck_NIS_entries/pwck.test +run_test ./cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test +run_test ./cktools/pwck/32_pwck_quiet/pwck.test +if [ "$USE_PAM" != "yes" ]; then + run_test ./crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test + run_test ./crypt/login.defs_DES/01_chpasswd.test + run_test ./crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test + run_test ./crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test + run_test ./crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test + run_test ./crypt/login.defs_DES/05_chpasswd-e.test + run_test ./crypt/login.defs_DES/06_chpasswd-m.test +fi +run_test ./crypt/login.defs_DES/07_chgpasswd.test +run_test ./crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test +run_test ./crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test +run_test ./crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test +run_test ./crypt/login.defs_DES/11_chgpasswd-e.test +run_test ./crypt/login.defs_DES/12_chgpasswd-m.test +if [ "$USE_PAM" != "yes" ]; then + run_test ./crypt/login.defs_MD5/01_chpasswd.test + run_test ./crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test +fi +run_test ./crypt/login.defs_MD5/02_chgpasswd.test +run_test ./crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test +if [ "$USE_PAM" != "yes" ]; then + run_test ./crypt/login.defs_SHA256-round-max/01_chpasswd.test + run_test ./crypt/login.defs_SHA256-round-min-max/01_chpasswd.test + run_test ./crypt/login.defs_SHA256-round-min/01_chpasswd.test + run_test ./crypt/login.defs_SHA256/01_chpasswd.test + run_test ./crypt/login.defs_SHA512/01_chpasswd.test + run_test ./crypt/login.defs_none/01_chpasswd.test +fi +run_test ./crypt/login.defs_SHA256-round-max/02_chgpasswd.test +run_test ./crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test +run_test ./crypt/login.defs_SHA256-round-min/02_chgpasswd.test +run_test ./crypt/login.defs_SHA256/02_chgpasswd.test +run_test ./crypt/login.defs_SHA512/02_chgpasswd.test +run_test ./crypt/login.defs_none/02_chgpasswd.test +run_test ./newusers/01_create_user/newusers.test +run_test ./newusers/02_update_password/newusers.test +run_test ./newusers/03_no_update_pid/newusers.test +run_test ./newusers/04_no_update_gid/newusers.test +run_test ./newusers/05_create_user_pid/newusers.test +run_test ./newusers/06_create_user_gid/newusers.test +run_test ./newusers/07_create_user_pid_gid/newusers.test +run_test ./newusers/08_create_user_pid_other-gid/newusers.test +run_test ./newusers/09_create_user_pid-as-user-bar/newusers.test +run_test ./newusers/10_create_user_gid-as-group-bar/newusers.test +run_test ./newusers/11_update_gecos/newusers.test +run_test ./newusers/12_update_shell/newusers.test +run_test ./newusers/13_create_user_new-home/newusers.test +run_test ./newusers/14_create_user_existing-home/newusers.test +run_test ./newusers/15_update_new-home/newusers.test +run_test ./newusers/16_update_existing-home/newusers.test +run_test ./newusers/17_create_user_pid-already-used/newusers.test +run_test ./newusers/18_create_user_gid-already-used/newusers.test +run_test ./newusers/19_update_keep-old-home/newusers.test +run_test ./newusers/20_multiple_users/newusers.test +run_test ./newusers/21_create_user_UID_MAX/newusers.test +run_test ./newusers/22_create_user_GID_MAX/newusers.test +run_test ./newusers/23_create_user_error_negativ_UID/newusers.test +run_test ./newusers/24_create_user_error_invalid_UID/newusers.test +run_test ./newusers/25_create_user_error_no_remaining_UID/newusers.test +run_test ./newusers/26_create_user_error_no_remaining_GID/newusers.test +run_test ./newusers/27_create_user_error_invalid_username/newusers.test +run_test ./newusers/28_create_user_error_invalid_groupname/newusers.test +run_test ./newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test +run_test ./newusers/30_create_user_different_groupname/newusers.test +run_test ./newusers/31_create_user_error_invalid_GID/newusers.test +run_test ./newusers/32_create_user_error_gshadow_group_exists/newusers.test +run_test ./newusers/33_update_password_no_shadow_password/newusers.test +run_test ./newusers/34_update_password_no_shadow/newusers.test +run_test ./newusers/35_read_from_stdin/newusers.test +if [ "$USE_PAM" != "yes" ]; then + run_test ./newusers/36_create_user_encrypted/newusers.test + run_test ./newusers/37_create_user_encrypt_MD5/newusers.test + run_test ./newusers/38_update_password_no_shadow_encrypted/newusers.test + run_test ./newusers/39_update_password_no_shadow_password_encrypted/newusers.test + run_test ./newusers/40_update_password_encrypted/newusers.test + run_test ./newusers/41_create_user_encrypt_SHA256/newusers.test + run_test ./newusers/42_create_user_encrypt_SHA512/newusers.test + run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test + run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test + run_test ./newusers/45_create_user_encrypt_rounds_3000/newusers.test + run_test ./newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test +else + + run_test ./newusers/37_create_user_encrypt_MD5-PAM/newusers.test + + + + run_test ./newusers/41_create_user_encrypt_SHA256-PAM/newusers.test + run_test ./newusers/42_create_user_encrypt_SHA512-PAM/newusers.test + run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test + run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test + + +fi +run_test ./newusers/47_create_user_error_UID_4294967295/newusers.test +run_test ./newusers/48_create_user_error_GID_4294967295/newusers.test +run_test ./newusers/49_multiple_system_users/newusers.test +run_test ./newusers/50_usage/newusers.test +run_test ./newusers/51_usage_invalid_option/newusers.test +run_test ./newusers/52_usage_2_input_files/newusers.test +run_test ./newusers/53_locked_passwd/newusers.test +run_test ./newusers/54_locked_shadow/newusers.test +run_test ./newusers/55_locked_group/newusers.test +run_test ./newusers/56_locked_gshadow/newusers.test +run_test ./newusers/57_missing_input_file/newusers.test +run_test ./newusers/58_invalid_input_file/newusers.test +run_test ./newusers/59_no_gshadow_file/newusers.test +run_test ./newusers/60_update_no_gecos/newusers.test +run_test ./newusers/61_update_no_shell/newusers.test +run_test ./split_groups/01_useradd_split_group/useradd.test +run_test ./split_groups/02_useradd_no_split_group/useradd.test +run_test ./split_groups/03_useradd_split_group_already_split/useradd.test +run_test ./split_groups/04_useradd_split_group_already_full/useradd.test +run_test ./split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test +run_test ./split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test +run_test ./split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test +run_test ./split_groups/08_useradd_no_split_group_already_split/useradd.test +run_test ./split_groups/09_groupdel_split_group_already_split/groupdel.test +run_test ./split_groups/10_groupdel_no_split_group_already_split/groupdel.test +if [ "$FAILURE_TESTS" = "yes" ]; then +run_test ./failures/chage/01_chage_openRW_passwd_failure/chage.test +run_test ./failures/chage/02_chage_openRO_passwd_failure/chage.test +run_test ./failures/chage/03_chage_openRW_shadow_failure/chage.test +run_test ./failures/chage/04_chage_openRO_shadow_failure/chage.test +run_test ./failures/chage/05_chage_rename_shadow_failure/chage.test +run_test ./failures/chage/06_chage_rename_passwd_failure/chage.test +run_test ./failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test +run_test ./failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test +run_test ./failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test +run_test ./failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test +if [ "$USE_PAM" = "yes" ]; then + run_test ./failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test + run_test ./failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test + run_test ./failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test + run_test ./failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test + run_test ./failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test +fi +run_test ./failures/chsh/01_chsh_open_passwd_failure/chsh.test +run_test ./failures/chsh/02_chsh_rename_passwd_failure/chsh.test +run_test ./failures/cppw/01_cppw_open_passwd_in_failure/cppw.test +run_test ./failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test +run_test ./failures/cppw/03_cppw_rename_passwd_failure/cppw.test +run_test ./failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test +run_test ./failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test +run_test ./failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test +run_test ./failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test +run_test ./failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test +run_test ./failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test +run_test ./failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test +run_test ./failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test +run_test ./failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test +run_test ./failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test +run_test ./failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test +run_test ./failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test +run_test ./failures/groupadd/02_groupadd_group_rename_failure/groupadd.test +run_test ./failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test +run_test ./failures/groupadd/04_groupadd_group_open_failure/groupadd.test +run_test ./failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test +run_test ./failures/groupdel/02_groupdel_group_rename_failure/groupdel.test +run_test ./failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test +run_test ./failures/groupdel/04_groupdel_group_open_failure/groupdel.test +run_test ./failures/groupmems/01_groupmems_group_open_failure/groupmems.test +run_test ./failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test +run_test ./failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test +run_test ./failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test +run_test ./failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test +run_test ./failures/groupmod/04_groupmod_group_open_failure/groupmod.test +run_test ./failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test +run_test ./failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test +run_test ./failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test +run_test ./failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test +run_test ./failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test +run_test ./failures/grpck/01_grpck_system_group_open_failure/grpck.test +run_test ./failures/grpck/02_grpck_group_open_failure/grpck.test +run_test ./failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test +run_test ./failures/grpck/04_grpck_gshadow_open_failure/grpck.test +run_test ./failures/grpck/05_grpck_sort_group_rename_failure/grpck.test +run_test ./failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test +run_test ./failures/grpconv/01_grpconv_open_group_failure/grpconv.test +run_test ./failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test +run_test ./failures/grpconv/03_grpconv_rename_group_failure/grpconv.test +run_test ./failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test +run_test ./failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test +run_test ./failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test +run_test ./failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test +run_test ./failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test +run_test ./failures/newusers/01_newusers_open_passwd_failure/newusers.test +run_test ./failures/newusers/02_newusers_open_shadow_failure/newusers.test +run_test ./failures/newusers/03_newusers_open_group_failure/newusers.test +run_test ./failures/newusers/04_newusers_open_gshadow_failure/newusers.test +run_test ./failures/newusers/05_newusers_rename_passwd_failure/newusers.test +run_test ./failures/newusers/06_newusers_rename_shadow_failure/newusers.test +run_test ./failures/newusers/07_newusers_rename_group_failure/newusers.test +run_test ./failures/newusers/08_newusers_rename_gshadow_failure/newusers.test +run_test ./failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test +run_test ./failures/newusers/10_newusers_time_0/newusers.test +run_test ./failures/pwck/01_pwck_system_passwd_open_failure/pwck.test +run_test ./failures/pwck/02_pwck_passwd_open_failure/pwck.test +run_test ./failures/pwck/03_pwck_system_shadow_open_failure/pwck.test +run_test ./failures/pwck/04_pwck_shadow_open_failure/pwck.test +run_test ./failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test +run_test ./failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test +run_test ./failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test +run_test ./failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test +run_test ./failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test +run_test ./failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test +run_test ./failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test +run_test ./failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test +run_test ./failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test +run_test ./failures/pwconv/05_pwconv_time_0/pwconv.test +run_test ./failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test +run_test ./failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test +run_test ./failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test +run_test ./failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test +run_test ./failures/useradd/01_useradd_open_passwd_failure/useradd.test +run_test ./failures/useradd/02_useradd_open_shadow_failure/useradd.test +run_test ./failures/useradd/03_useradd_open_group_failure/useradd.test +run_test ./failures/useradd/04_useradd_open_gshadow_failure/useradd.test +run_test ./failures/useradd/05_useradd_rename_passwd_failure/useradd.test +run_test ./failures/useradd/06_useradd_rename_shadow_failure/useradd.test +run_test ./failures/useradd/07_useradd_rename_group_failure/useradd.test +run_test ./failures/useradd/08_useradd_rename_gshadow_failure/useradd.test +run_test ./failures/useradd/09_useradd_rename_defaults_failure/useradd.test +run_test ./failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test +run_test ./failures/useradd/11_useradd_time_0/useradd.test +run_test ./failures/useradd/12_useradd_open_subuid_failure/useradd.test +run_test ./failures/useradd/13_useradd_open_subgid_failure/useradd.test +run_test ./failures/useradd/14_username_rename_subuid_failure/useradd.test +run_test ./failures/useradd/15_username_rename_subgid_failure/useradd.test +run_test ./failures/userdel/01_userdel_gshadow_rename_failure/userdel.test +run_test ./failures/userdel/02_userdel_group_rename_failure/userdel.test +run_test ./failures/userdel/03_userdel_shadow_rename_failure/userdel.test +run_test ./failures/userdel/04_userdel_passwd_rename_failure/userdel.test +run_test ./failures/userdel/05_userdel_failure_remove_mailbox/userdel.test +run_test ./failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test +run_test ./failures/userdel/07_userdel_failure_remove_homedir/userdel.test +run_test ./failures/userdel/08_userdel_open_passwd_failure/userdel.test +run_test ./failures/userdel/09_userdel_open_shadow_failure/userdel.test +run_test ./failures/userdel/10_userdel_open_group_failure/userdel.test +run_test ./failures/userdel/11_userdel_open_gshadow_failure/userdel.test +run_test ./failures/userdel/12_userdel_open_subuid_failure/userdel.test +run_test ./failures/userdel/13_userdel_open_subgid_failure/userdel.test +run_test ./failures/userdel/14_userdel_rename_subuid_failure/usedel.test +run_test ./failures/userdel/15_userdel_rename_subgid_failure/usedel.test +run_test ./failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test +run_test ./failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test +run_test ./failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test +run_test ./failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test +run_test ./failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test +run_test ./failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test +run_test ./failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test +run_test ./failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test +run_test ./failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test +run_test ./failures/usermod/10_usermod_-p_time_0/usermod.test +run_test ./failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test +#run_test ./failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test +run_test ./failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test +run_test ./failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test +run_test ./failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test +run_test ./failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test +run_test ./failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test +run_test ./failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test +fi +run_test ./expiry/01_expiry_-c_no_expiry/expiry.test +run_test ./expiry/02_expiry_-c_expired/expiry.test +run_test ./expiry/03_expiry_-f_expired/expiry.test +run_test ./expiry/04_expiry_no_options/expiry.test +run_test ./expiry/05_expiry_-c_no_shadow_file/expiry.test +run_test ./expiry/06_expiry_-c_no_shadow_entry/expiry.test +run_test ./expiry/07_expiry_-c_expired_account/expiry.test +run_test ./expiry/08_expiry_-c_expired_max+inact/expiry.test +run_test ./expiry/09_expiry_-c_expired_not_inactive/expiry.test +run_test ./expiry/10_expiry_bad_option/expiry.test +run_test ./expiry/11_expiry_usage/expiry.test +run_test ./expiry/12_expiry_extra_arg/expiry.test +run_test ./expiry/13_expiry_usage-c-f/expiry.test +run_test ./passwd/01_passwd_-S_root_locked_account/passwd.test +run_test ./passwd/02_passwd_-S_root_valid_account/passwd.test +run_test ./passwd/03_passwd_-S_root_empty_password/passwd.test +run_test ./passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test +run_test ./passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test +run_test ./passwd/06_passwd_-l_root_lock_account/passwd.test +run_test ./passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test +run_test ./passwd/08_passwd_-u_root_unlock_account/passwd.test +run_test ./passwd/09_passwd_-u_root_unlock_to_empty/passwd.test +run_test ./passwd/10_passwd_-d_root/passwd.test +run_test ./passwd/11_passwd_--mindays_root/passwd.test +run_test ./passwd/12_passwd_--maxdays_root/passwd.test +run_test ./passwd/13_passwd_--warndays_root/passwd.test +run_test ./passwd/14_passwd_--inactive_root/passwd.test +run_test ./passwd/15_passwd_--expire_root/passwd.test +run_test ./passwd/16_passwd_-S-a_root/passwd.test +run_test ./passwd/17_passwd_root_change_password/passwd.test +run_test ./passwd/18_passwd_root_change_password_user/passwd.test +run_test ./passwd/19_passwd_user_change_password/passwd.test +run_test ./passwd/20_passwd_user_change_password_same_user/passwd.test +run_test ./passwd/21_passwd_user_change_password_other_user/passwd.test +run_test ./passwd/22_passwd_usage/passwd.test +run_test ./login/01_login_prompt/login.test +run_test ./login/02_login_user/login.test +run_test ./login/03_login_check_tty/login.test +find ${build_path} -name "*.gcda" -exec chmod a+rw {} \; +run_test ./subids/01_useradd_no_subids/useradd.test +run_test ./subids/02_useradd_with_subids/useradd.test +run_test ./subids/03_useradd_no_subgid/useradd.test +run_test ./subids/04_useradd_no_subuid/useradd.test +run_test ./subids/05_useradd_fill_gap_start/useradd.test +run_test ./subids/06_useradd_fill_gap_middle/useradd.test +run_test ./subids/07_useradd_fill_gap_end/useradd.test +run_test ./subids/08_useradd_no_more_subuids_start/useradd.test +run_test ./subids/09_useradd_no_more_subgids_start/useradd.test +run_test ./subids/10_useradd_no_more_subuids_end/useradd.test +run_test ./subids/11_useradd_no_more_subgids_end/useradd.test +run_test ./subids/12_useradd_invalid_subuid_configuration1/useradd.test +run_test ./subids/13_useradd_invalid_subuid_configuration2/useradd.test +run_test ./subids/14_useradd_invalid_subuid_configuration3/useradd.test +run_test ./subids/15_useradd_invalid_subgid_configuration1/useradd.test +run_test ./subids/16_useradd_invalid_subgid_configuration2/useradd.test +run_test ./subids/17_useradd_invalid_subgid_configuration3/useradd.test +run_test ./subids/18_useradd_min=max/useradd.test +run_test ./subids/19_useradd_locked_subuid/useradd.test +run_test ./subids/20_useradd_locked_subgid/useradd.test +run_test ./subids/21_usermod_create_subuid_range/usermod.test +run_test ./subids/22_usermod_create_subgid_range/usermod.test +run_test ./subids/23_usermod_create_subids_ranges/usermod.test +run_test ./subids/24_usermod_create_subids_overlapping_ranges/usermod.test +run_test ./subids/25_usermod_add_range/usermod.test +run_test ./subids/26_usermod_add_overlapping_ranges/usermod.test +run_test ./subids/27_usermod_remove_range_all/usermod.test +run_test ./subids/28_usermod_remove_range_partial_begin/usermod.test +run_test ./subids/29_usermod_remove_range_partial_middle/usermod.test +run_test ./subids/30_usermod_remove_range_partial_end/usermod.test +run_test ./subids/31_usermod_remove_outside_range/usermod.test +run_test ./subids/32_usermod_remove_overlapping_range_begin/usermod.test +run_test ./subids/33_usermod_remove_overlapping_range_end/usermod.test +run_test ./subids/34_usermod_remove_overlapping_range_all/usermod.test +run_test ./subids/35_usermod_remove_only_user_ranges/usermod.test +run_test ./subids/36_usermod_remove_with_comment/usermod.test +run_test ./subids/37_usermod_-v_invalid_range/usermod.test +run_test ./subids/38_usermod_-V_invalid_range/usermod.test +run_test ./subids/39_usermod_-w_invalid_range/usermod.test +run_test ./subids/40_usermod_-W_invalid_range/usermod.test +run_test ./subids/41_usermod_locked_subuid/usermod.test +run_test ./subids/42_usermod_locked_subgid/usermod.test +run_test ./subids/43_usermod_-w_no_subgid/usermod.test +run_test ./subids/44_usermod_-W_no_subgid/usermod.test +run_test ./subids/45_usermod_-v_no_subgid/usermod.test +run_test ./subids/46_usermod_-V_no_subgid/usermod.test +run_test ./subids/47_usermod_-v_invalid_range2/usermod.test +run_test ./subids/48_usermod_-v_invalid_range3/usermod.test +run_test ./subids/49_usermod_-v_invalid_range4/usermod.test +run_test ./subids/50_usermod_-v_invalid_range5/usermod.test +run_test ./subids/51_usermod_-v_invalid_range6/usermod.test +run_test ./subids/52_usermod_-v_invalid_range7/usermod.test +run_test ./subids/53_userdel_one_subuid_range/userdel.test +run_test ./subids/54_userdel_one_subgid_range/userdel.test +run_test ./subids/55_userdel_no_subuid/userdel.test +run_test ./subids/56_userdel_no_subgid/userdel.test +run_test ./subids/57_userdel_multiple_ranges/userdel.test +run_test ./subids/58_newusers_with_subids/newusers.test +run_test ./subids/59_newusers_no_subuid/newusers.test +run_test ./subids/60_newusers_no_subgid/newusers.test +run_test ./subids/61_newusers_user_alread_has_subgids/newusers.test +run_test ./subids/62_newusers_user_alread_has_subuids/newusers.test +run_test ./subids/63_useradd_fill_gap4/useradd.test +run_test ./subids/64_useradd_fill_gap5/useradd.test +run_test ./subids/65_useradd_fill_gap6/useradd.test +run_test ./subids/66_subordinate_range_cmp/useradd.test +run_test ./subids/67_invalid_subuid_file1/useradd.test +run_test ./subids/68_invalid_subuid_file2/useradd.test +run_test ./subids/69_invalid_subuid_file3/useradd.test +run_test ./subids/70_invalid_subuid_file4/useradd.test + +echo +echo "$succeded test(s) passed" +echo "$failed test(s) failed" +echo "log written in 'testsuite.log'" +if [ "$failed" != "0" ] +then + echo "the following tests failed:" + echo $failed_tests +fi + diff --git a/tests/run_all.coverage b/tests/run_all.coverage new file mode 100755 index 00000000..a49be436 --- /dev/null +++ b/tests/run_all.coverage @@ -0,0 +1,1324 @@ +#!/bin/sh + +set -e + +export LC_ALL=C +unset LANG +unset LANGUAGE +. common/config.sh + +USE_PAM="yes" +FAILURE_TESTS="yes" + +succeded=0 +failed=0 +failed_tests="" + +run_test() +{ + find $build_path -name "*.gcda" -delete + find $build_path -name "*.gcno" | while read f + do + g=${f%gcno}gcda + touch $g + chmod a+rw $g + done + + if $1 > $1.log + then + succeded=$((succeded+1)) + echo -n "+" + else + failed=$((failed+1)) + failed_tests="$failed_tests $1" + echo -n "-" + fi + cat $1.log >> testsuite.log + [ -f /etc/passwd.lock ] && echo $1 /etc/passwd.lock || true + [ -f /etc/group.lock ] && echo $1 /etc/group.lock || true + [ -f /etc/shadow.lock ] && echo $1 /etc/shadow.lock || true + [ -f /etc/gshadow.lock ] && echo $1 /etc/gshadow.lock || true + if [ "$(stat -c"%G" /etc/shadow)" != "shadow" ] + then + echo $1 + ls -l /etc/shadow + chgrp shadow /etc/shadow + fi + if [ -d /nonexistent ] + then + echo $1 /nonexistent + rmdir /nonexistent + fi + + find $build_path -name "*.gcda" -size 0 -delete + if echo $1 | grep -v -q debian + then + TESTNAME=$(echo $1| sed -e 's/^\.\///' -e 's/[.\/=-]/_/g') + lcov -q -c -d $build_path -o app_test.info -t $TESTNAME + lcov -q -a app_total.info -a app_test.info -o app_total.info + rm -f app_test.info + fi +} + +echo "+: test passed" +echo "-: test failed" + +# Empty the complete log. +> testsuite.log + +lcov -q -c -i -d $build_path -o app_base.info +lcov -q -a app_base.info -o app_total.info +rm -f app_base.info + +run_test ./su/01/su_root.test +run_test ./su/01/su_user.test +run_test ./su/02/env_FOO-options_--login +run_test ./su/02/env_FOO-options_--login_bash +run_test ./su/02/env_FOO-options_--preserve-environment +run_test ./su/02/env_FOO-options_--preserve-environment_bash +run_test ./su/02/env_FOO-options_- +run_test ./su/02/env_FOO-options_-_bash +run_test ./su/02/env_FOO-options_-l-m +run_test ./su/02/env_FOO-options_-l-m_bash +run_test ./su/02/env_FOO-options_-l +run_test ./su/02/env_FOO-options_-l_bash +run_test ./su/02/env_FOO-options_-m_bash +run_test ./su/02/env_FOO-options_-m +run_test ./su/02/env_FOO-options_-p +run_test ./su/02/env_FOO-options_-p_bash +run_test ./su/02/env_FOO-options__bash +run_test ./su/02/env_FOO-options_ +run_test ./su/02/env_FOO-options_-p- +run_test ./su/02/env_FOO-options_-p-_bash +run_test ./su/02/env_special-options_-l-p +run_test ./su/02/env_special-options_-l +run_test ./su/02/env_special-options_-l-p_bash +run_test ./su/02/env_special-options_-l_bash +run_test ./su/02/env_special-options_-p +run_test ./su/02/env_special-options_-p_bash +run_test ./su/02/env_special-options_ +run_test ./su/02/env_special-options__bash +run_test ./su/02/env_special_root-options_-l-p +run_test ./su/02/env_special_root-options_-l-p_bash +run_test ./su/02/env_special_root-options_-l +run_test ./su/02/env_special_root-options_-l_bash +run_test ./su/02/env_special_root-options_-p +run_test ./su/02/env_special_root-options_-p_bash +run_test ./su/02/env_special_root-options_ +run_test ./su/02/env_special_root-options__bash +run_test ./su/03/su_run_command01.test +run_test ./su/03/su_run_command02.test +run_test ./su/03/su_run_command03.test +run_test ./su/03/su_run_command04.test +run_test ./su/03/su_run_command05.test +run_test ./su/03/su_run_command06.test +run_test ./su/03/su_run_command07.test +run_test ./su/03/su_run_command08.test +run_test ./su/03/su_run_command09.test +run_test ./su/03/su_run_command10.test +run_test ./su/03/su_run_command11.test +run_test ./su/03/su_run_command12.test +run_test ./su/03/su_run_command13.test +run_test ./su/03/su_run_command14.test +run_test ./su/03/su_run_command15.test +run_test ./su/03/su_run_command16.test +run_test ./su/03/su_run_command17.test +run_test ./su/04/su_wrong_user.test +run_test ./su/04/su_user_wrong_passwd.test +run_test ./su/04/su_user_wrong_passwd_syslog.test +run_test ./su/05/su_user_wrong_passwd_syslog.test +run_test ./su/06/su_user_syslog.test +run_test ./su/07/su_user_syslog.test +run_test ./su/08/env_special-options_ +run_test ./su/08/env_special_root-options_ +run_test ./su/09/env_special-options_ +run_test ./su/09/env_special_root-options_ +run_test ./su/10_su_sulog_success/su.test +run_test ./su/11_su_sulog_failure/su.test +run_test ./su/12_su_child_failure/su.test +run_test ./su/13_su_child_success/su.test +run_test ./chage/01/run +run_test ./chage/02/run +run_test ./chage/03_chsh_usage/chage.test +run_test ./chage/04_chsh_usage_invalid_option/chage.test +run_test ./chage/05_chsh_usage_2_users/chage.test +run_test ./chage/06_chsh_usage_no_users/chage.test +run_test ./chage/07_chsh_usage-l_exclusive/chage.test +run_test ./chage/08_chsh_usage_invalid_date/chage.test +run_test ./chage/09_chsh_usage_invalid_numeric_arg/chage.test +run_test ./chage/10_chsh-l/chage.test +run_test ./chage/11_chsh_usage_invalid_user/chage.test +run_test ./chage/12_chsh_usage-l_invalid_user2/chage.test +run_test ./chage/13_chsh_locked_passwd/chage.test +run_test ./chage/14_chsh_locked_shadow/chage.test +run_test ./chage/15_chage-I_no_shadow_entry/chage.test +run_test ./chage/16_chage-m_no_shadow_entry/chage.test +run_test ./chage/17_chage-M_no_shadow_entry/chage.test +run_test ./chage/18_chage-d_no_shadow_entry/chage.test +run_test ./chage/19_chage-W_no_shadow_entry/chage.test +run_test ./chage/20_chage-E_no_shadow_entry/chage.test +run_test ./chage/21_chage_no_shadow_file/chage.test +run_test ./chage/22_chage_myuser-l/chage.test +run_test ./chage/23_chage_myuser-I/chage.test +run_test ./chage/24_chage_myuser-l_other/chage.test +run_test ./chage/25_chage_interractive/chage.test +run_test ./chage/26_chage_interractive_date_0/chage.test +run_test ./chage/27_chage_interractive_date_-1/chage.test +run_test ./chage/28_chage_interractive_date_EPOCH/chage.test +run_test ./chage/29_chage_interractive_date_pre-EPOCH/chage.test +run_test ./chage/30_chage_interractive_date_pre-EPOCH2/chage.test +run_test ./chage/31_chage_interractive_date_invalid/chage.test +run_test ./chage/32_chage_interractive_date_invalid2/chage.test +run_test ./chage/33_chage_interractive-W_invalid1/chage.test +run_test ./chage/34_chage_interractive-W_invalid2/chage.test +run_test ./chage/35_chage_interractive-W-1/chage.test +run_test ./chage/36_chage_interractive-I_invalid1/chage.test +run_test ./chage/37_chage_interractive-I_invalid2/chage.test +run_test ./chage/38_chage_interractive-I-1/chage.test +run_test ./chage/39_chage_interractive-d-1/chage.test +run_test ./chsh/01/run +run_test ./chsh/02_chsh_usage/chsh.test +run_test ./chsh/03_chsh_usage_invalid_option/chsh.test +run_test ./chsh/04_chsh_usage_2_users/chsh.test +run_test ./chsh/05_chsh_myuser_restricted_shell/chsh.test +run_test ./chsh/06_chsh_myuser_non_restricted_shell/chsh.test +run_test ./chsh/07_chsh_usage_invalid_user/chsh.test +run_test ./chsh/08_chsh_myuser_to_restricted_shell/chsh.test +run_test ./chsh/09_chsh_myuser_to_missing_shell/chsh.test +run_test ./chsh/10_chsh_myuser_to_non_executable_shell/chsh.test +run_test ./chsh/11_chsh_auth_failure/chsh.test +run_test ./chsh/12_chsh_warning_missing_shell/chsh.test +run_test ./chsh/13_chsh_warning_non_executable/chsh.test +run_test ./chsh/14_chsh_locked_passwd/chsh.test +run_test ./chsh/15_chsh_PAM_error/chsh.test +run_test ./chroot/chage/01_chage--root/chage.test +run_test ./chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test +run_test ./chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test +run_test ./chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test +run_test ./chroot/chsh/01_chsh--root/chsh.test +run_test ./chroot/gpasswd/01_gpasswd--root/gpasswd.test +run_test ./chroot/groupadd/01_groupadd--root/groupadd.test +run_test ./chroot/groupdel/01_groupdel--root/groupdel.test +run_test ./chroot/groupmod/01_groupmod--root/groupmod.test +run_test ./chroot/grpck/01_grpck--root/grpck.test +run_test ./chroot/grpconv/01_grpconv--root/grpconv.test +run_test ./chroot/grpunconv/01_grpunconv--root/grpunconv.test +run_test ./chroot/lastlog/01_lastlog--root/lastlog.test +run_test ./chroot/login/01_login_sublogin/login.test +run_test ./chroot/pwck/01_pwck--root/pwck.test +run_test ./chroot/pwconv/01_pwconv--root/pwconv.test +run_test ./chroot/pwunconv/01_pwunconv--root/pwunconv.test +run_test ./chroot/useradd/01_useradd--root/useradd.test +run_test ./chroot/useradd/02_useradd--root_login.defs/useradd.test +run_test ./chroot/useradd/03_useradd--root_useradd.default/useradd.test +run_test ./chroot/useradd/04_useradd--root_useradd-D/useradd.test +run_test ./chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test +run_test ./chroot/userdel/01_userdel--root/userdel.test +run_test ./chroot/usermod/01_usermod--root/usermod.test +run_test ./convtools/01/run +run_test ./convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test +run_test ./convtools/03_grpconv_copy_passwd/grpconv.test +run_test ./convtools/04_grpconv_no_password/grpconv.test +run_test ./convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test +run_test ./convtools/06_grpconv_error_group_locked/grpconv.test +run_test ./convtools/07_grpconv_error_gshadow_locked/grpconv.test +run_test ./convtools/08_grpunconv_no_gshadow_file/grpunconv.test +run_test ./convtools/09_grpunconv_error_group_locked/grpunconv.test +run_test ./convtools/10_grpunconv_error_gshadow_locked/grpunconv.test +run_test ./convtools/11_pwconv_error_passwd_locked/pwconv.test +run_test ./convtools/12_pwconv_error_shadow_locked/pwconv.test +run_test ./convtools/13_pwunconv_error_passwd_locked/pwunconv.test +run_test ./convtools/14_pwunconv_error_shadow_locked/pwunconv.test +run_test ./convtools/15_pwconv_remove_shadow_only_entries/pwconv.test +run_test ./convtools/16_pwconv_copy_passwd/pwconv.test +run_test ./convtools/17_pwunconv_no_shadow_file/pwunconv.test +run_test ./convtools/18_pwunconv_user_not_in_shadow/pwunconv.test +run_test ./convtools/19_pwconv_NIS/pwconv.test +run_test ./convtools/20_pwunconv_usage_option/pwunconv.test +run_test ./convtools/21_pwunconv_keep_passwd_password/pwunconv.test +run_test ./convtools/22_grpunconv_usage_option/grpunconv.test +run_test ./convtools/23_grpunconv_keep_group_password/grpunconv.test +run_test ./convtools/24_grpunconv_no_gshadow_entry/grpunconv.test +run_test ./convtools/25_pwconv_usage_option/pwconv.test +run_test ./convtools/26_grpconv_usage_option/grpconv.test +run_test ./convtools/27_pwunconv_usage/pwunconv.test +run_test ./convtools/28_pwunconv_usage_extra_arg/pwunconv.test +run_test ./convtools/29_grpconv_usage/grpconv.test +run_test ./convtools/30_grpconv_usage_extra_arg/grpconv.test +run_test ./convtools/31_pwconv_usage/pwconv.test +run_test ./convtools/32_pwconv_usage_extra_arg/pwconv.test +run_test ./convtools/33_grpunconv_usage/grpunconv.test +run_test ./convtools/34_grpunconv_usage_extra_arg/grpunconv.test +run_test ./cptools/02_cppw_usage/cppw.test +run_test ./cptools/03_cppw_usage_invalid_option/cppw.test +run_test ./cptools/04_cppw_no_file_argument/cppw.test +run_test ./cptools/05_cppw_2_files/cppw.test +run_test ./cptools/06_cppw_no_file/cppw.test +run_test ./cptools/07_cppw_locked_passwd/cppw.test +run_test ./cptools/08_cppw-p/cppw.test +run_test ./cptools/09_cppw-g/cppw.test +run_test ./cptools/10_cppw-g-s/cppw.test +run_test ./cptools/11_cppw-p-s/cppw.test +run_test ./cptools/12_cppw-s_no_shadow_file/cppw.test +run_test ./debian/01/run +run_test ./grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test +run_test ./grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test +run_test ./grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test +run_test ./grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test +run_test ./grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test +run_test ./grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test +run_test ./grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test +run_test ./grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test +run_test ./grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test +run_test ./grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test +run_test ./grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test +run_test ./grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test +run_test ./grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test +run_test ./grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test +run_test ./grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test +run_test ./grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test +run_test ./grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test +run_test ./grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test +run_test ./grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test +run_test ./grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test +run_test ./grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test +run_test ./grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test +run_test ./grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test +run_test ./grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test +run_test ./grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test +run_test ./grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test +run_test ./grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test +run_test ./grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test +run_test ./grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test +run_test ./grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test +run_test ./grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test +run_test ./grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test +run_test ./grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test +run_test ./grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test +run_test ./grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test +run_test ./grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test +run_test ./grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test +run_test ./grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test +run_test ./grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test +run_test ./grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test +run_test ./grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test +run_test ./grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test +run_test ./grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test +run_test ./grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test +run_test ./grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test +run_test ./grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test +run_test ./grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test +run_test ./grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test +run_test ./grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test +run_test ./grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test +run_test ./grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test +run_test ./grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test +run_test ./grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test +run_test ./grouptools/gpasswd/61_gpasswd_usage/gpasswd.test +run_test ./grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test +run_test ./grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test +run_test ./grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test +run_test ./grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test +run_test ./grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test +run_test ./grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test +run_test ./grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test +run_test ./grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test +run_test ./grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test +run_test ./grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test +run_test ./grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test +run_test ./grouptools/groupadd/01_groupadd_add_group/groupadd.test +run_test ./grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test +run_test ./grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test +run_test ./grouptools/groupadd/04_groupadd_set_password/groupadd.test +run_test ./grouptools/groupadd/05_groupadd_set_GID/groupadd.test +run_test ./grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test +run_test ./grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test +run_test ./grouptools/groupadd/08_groupadd_locked_group/groupadd.test +run_test ./grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test +run_test ./grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test +run_test ./grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test +run_test ./grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test +run_test ./grouptools/groupadd/13_groupadd_invalid_name/groupadd.test +run_test ./grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test +run_test ./grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test +run_test ./grouptools/groupadd/16_groupadd_existing_group/groupadd.test +run_test ./grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test +run_test ./grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test +run_test ./grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test +run_test ./grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test +run_test ./grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test +run_test ./grouptools/groupadd/22_groupadd_usage/groupadd.test +run_test ./grouptools/groupadd/23_groupadd_no_groups/groupadd.test +run_test ./grouptools/groupadd/24_groupadd_2_groups/groupadd.test +run_test ./grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test +run_test ./grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test +run_test ./grouptools/groupadd/27_groupadd_invalid_option/groupadd.test +run_test ./grouptools/groupdel/01_groupdel_delete_group/groupdel.test +run_test ./grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test +run_test ./grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test +run_test ./grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test +run_test ./grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test +run_test ./grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test +run_test ./grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test +run_test ./grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test +run_test ./grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test +run_test ./grouptools/groupdel/10_groupdel_usage/groupdel.test +run_test ./grouptools/groupdel/11_groupdel_invalid_option/groupdel.test +run_test ./grouptools/groupmems/01_groupmems_root_add_user/groupmems.test +run_test ./grouptools/groupmems/02_groupmems_root_del_user/groupmems.test +run_test ./grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test +run_test ./grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test +run_test ./grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test +run_test ./grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/12_groupmems_user_add_user/groupmems.test +run_test ./grouptools/groupmems/13_groupmems_user_del_user/groupmems.test +run_test ./grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test +run_test ./grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test +run_test ./grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test +run_test ./grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test +run_test ./grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test +run_test ./grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test +run_test ./grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test +run_test ./grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test +run_test ./grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test +run_test ./grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test +run_test ./grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test +run_test ./grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test +run_test ./grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test +run_test ./grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test +run_test ./grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test +run_test ./grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test +run_test ./grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test +run_test ./grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test +run_test ./grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test +run_test ./grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test +run_test ./grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test +run_test ./grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test +run_test ./grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test +run_test ./grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test +run_test ./grouptools/groupmems/42_groupmems_user_list_users/groupmems.test +run_test ./grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test +run_test ./grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test +run_test ./grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test +run_test ./grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test +run_test ./grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test +run_test ./grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test +run_test ./grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test +run_test ./grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test +run_test ./grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test +run_test ./grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test +run_test ./grouptools/groupmems/53_groupmems_usage/groupmems.test +run_test ./grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test +run_test ./grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test +run_test ./grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test +run_test ./grouptools/groupmems/57_groupmems_authentication/groupmems.test +run_test ./grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test +run_test ./grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test +run_test ./grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test +run_test ./grouptools/groupmod/01_groupmod_change_gid/groupmod.test +run_test ./grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test +run_test ./grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test +run_test ./grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test +run_test ./grouptools/groupmod/06_groupmod_change_group_name/groupmod.test +run_test ./grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test +run_test ./grouptools/groupmod/09_groupmod_set_password/groupmod.test +run_test ./grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test +run_test ./grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test +run_test ./grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test +run_test ./grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test +run_test ./grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test +run_test ./grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test +run_test ./grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test +run_test ./grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test +run_test ./grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test +run_test ./grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test +run_test ./grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test +run_test ./grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test +run_test ./grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test +run_test ./grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test +run_test ./grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test +run_test ./grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test +run_test ./grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test +run_test ./grouptools/groupmod/28_groupmod_usage/groupmod.test +run_test ./grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test +run_test ./grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test +run_test ./grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test +run_test ./grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test +run_test ./grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test +run_test ./grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test +run_test ./grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test +run_test ./grouptools/groupmod/37_groupmod_invalid_option/groupmod.test +run_test ./log/faillog/01_faillog_no_faillog/faillog.test +run_test ./log/faillog/02_faillog_usage/faillog.test +run_test ./log/faillog/03_faillog_format/faillog.test +run_test ./log/faillog/04_faillog_mulitple/faillog.test +run_test ./log/faillog/05_faillog-u_ID/faillog.test +run_test ./log/faillog/06_faillog-u_name/faillog.test +run_test ./log/faillog/07_faillog-u_ID_invalid/faillog.test +run_test ./log/faillog/08_faillog-u_name_invalid/faillog.test +run_test ./log/faillog/09_faillog-u_range/faillog.test +run_test ./log/faillog/10_faillog-u_open_range/faillog.test +run_test ./log/faillog/11_faillog-u_range_open/faillog.test +run_test ./log/faillog/12_faillog-u_range_invalid1/faillog.test +run_test ./log/faillog/13_faillog-u_range_invalid2/faillog.test +run_test ./log/faillog/14_faillog-u_range_invalid3/faillog.test +run_test ./log/faillog/15_faillog_bad_option/faillog.test +run_test ./log/faillog/16_faillog_extra_arg/faillog.test +run_test ./log/faillog/17_faillog-t/faillog.test +run_test ./log/faillog/18_faillog-t_invalid/faillog.test +run_test ./log/faillog/19_faillog_multiple_same_user/faillog.test +run_test ./log/faillog/20_faillog-r-u/faillog.test +run_test ./log/faillog/21_faillog-r-u_range/faillog.test +run_test ./log/faillog/22_faillog_removed_user/faillog.test +run_test ./log/faillog/23_faillog-a_removed_user/faillog.test +run_test ./log/faillog/24_faillog-u_removed_user/faillog.test +run_test ./log/faillog/25_faillog-r-u_removed_user/faillog.test +run_test ./log/faillog/26_faillog-r-u_range_removed_user/faillog.test +run_test ./log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test +run_test ./log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test +run_test ./log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test +run_test ./log/faillog/30_faillog-r/faillog.test +run_test ./log/faillog/31_faillog-r-u_open_range/faillog.test +run_test ./log/faillog/32_faillog-l/faillog.test +run_test ./log/faillog/33_faillog-l-u_user/faillog.test +run_test ./log/faillog/34_faillog-l-u_range/faillog.test +run_test ./log/faillog/35_faillog-l-u_open_range/faillog.test +run_test ./log/faillog/36_faillog-l-u_range_open/faillog.test +run_test ./log/faillog/37_faillog-l-a-u_user/faillog.test +run_test ./log/faillog/38_faillog-l-a-u_range/faillog.test +run_test ./log/faillog/39_faillog-l-a-u_open_range/faillog.test +run_test ./log/faillog/40_faillog-l-a-u_range_open/faillog.test +run_test ./log/faillog/41_faillog-l_invalid/faillog.test +run_test ./log/faillog/42_faillog-m/faillog.test +run_test ./log/faillog/43_faillog-m-u_user/faillog.test +run_test ./log/faillog/44_faillog-m-u_range/faillog.test +run_test ./log/faillog/45_faillog-m-u_open_range/faillog.test +run_test ./log/faillog/46_faillog-m-u_range_open/faillog.test +run_test ./log/faillog/47_faillog-m-a-u_user/faillog.test +run_test ./log/faillog/48_faillog-m-a-u_range/faillog.test +run_test ./log/faillog/49_faillog-m-a-u_open_range/faillog.test +run_test ./log/faillog/50_faillog-m-a-u_range_open/faillog.test +run_test ./log/faillog/51_faillog-m_invalid/faillog.test +run_test ./log/faillog/52_faillog-t-l_exclusive/faillog.test +run_test ./log/faillog/53_faillog-t-m_exclusive/faillog.test +run_test ./log/faillog/54_faillog-t-r_exclusive/faillog.test +run_test ./log/faillog/55_faillog_no_changes/faillog.test +run_test ./log/faillog/56_faillog-l-m_empty_file/faillog.test +run_test ./log/faillog/57_faillog-r_empty_file/faillog.test +run_test ./log/faillog/58_faillog-l_no_failcount/faillog.test +run_test ./log/lastlog/01_lastlog_no_lastlog/lastlog.test +run_test ./log/lastlog/02_lastlog_usage/lastlog.test +run_test ./log/lastlog/03_lastlog_format/lastlog.test +run_test ./log/lastlog/04_lastlog_mulitple/lastlog.test +run_test ./log/lastlog/05_lastlog-u_ID/lastlog.test +run_test ./log/lastlog/06_lastlog-u_name/lastlog.test +run_test ./log/lastlog/07_lastlog-u_ID_invalid/lastlog.test +run_test ./log/lastlog/08_lastlog-u_name_invalid/lastlog.test +run_test ./log/lastlog/09_lastlog-u_range/lastlog.test +run_test ./log/lastlog/10_lastlog-u_open_range/lastlog.test +run_test ./log/lastlog/11_lastlog-u_range_open/lastlog.test +run_test ./log/lastlog/12_lastlog-u_range_invalid1/lastlog.test +run_test ./log/lastlog/13_lastlog-u_range_invalid2/lastlog.test +run_test ./log/lastlog/14_lastlog-u_range_invalid3/lastlog.test +run_test ./log/lastlog/15_lastlog_bad_option/lastlog.test +run_test ./log/lastlog/16_lastlog_extra_arg/lastlog.test +run_test ./log/lastlog/17_lastlog-t/lastlog.test +run_test ./log/lastlog/18_lastlog-b/lastlog.test +run_test ./log/lastlog/19_lastlog-t_invalid/lastlog.test +run_test ./log/lastlog/20_lastlog-b_invalid/lastlog.test +run_test ./usertools/01/01_useradd_add_user.test +run_test ./usertools/01/01_userdel_delete_user.test +run_test ./usertools/01/02_useradd_recreate_deleted_user.test +run_test ./usertools/01/03_useradd_additional_options.test +run_test ./usertools/01/04_useradd_add_user_with_existing_UID_fail.test +run_test ./usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test +run_test ./usertools/01/04_useradd_specified_UID.test +run_test ./usertools/01/04_useradd_specified_UID_and_GID.test +run_test ./usertools/01/04_userdel_delete_user_with_non_unique_UID.test +run_test ./usertools/01/05_useradd_invalid_numeric_primary_group.test +run_test ./usertools/01/06_useradd_invalid_named_primary_group.test +run_test ./usertools/01/07_useradd_numerical_primary_group.test +run_test ./usertools/01/08_useradd_named_primary_group.test +run_test ./usertools/01/09_usermod_change_user_info.test +run_test ./usertools/01/10_usermod_rename_user.test +run_test ./usertools/01/10_usermod_rename_user_in_group.test +run_test ./usertools/01/11_usermod_change_password.test +run_test ./usertools/01/11_usermod_lock_password.test +run_test ./usertools/01/11_usermod_unlock_empty_password.test +run_test ./usertools/01/11_usermod_unlock_password.test +run_test ./usertools/01/12_usermod_change_gid_name.test +run_test ./usertools/01/12_usermod_change_gid_number.test +run_test ./usertools/01/13_useradd_negative_UID.test +run_test ./usertools/01/14_useradd_out_of_range_UID.test +run_test ./usertools/01/15_useradd_specified_large_UID.test +run_test ./usertools/01/16_useradd_add_user_to_multiple_groups.test +run_test ./usertools/01/16_useradd_add_user_to_one_group.test +run_test ./usertools/01/17_useradd_create_homedir.test +run_test ./usertools/01/18_userdel_remove_homedir.test +run_test ./usertools/01/19_userdel_delete_user_in_group.test +run_test ./usertools/01/20_usermod_change_homedir.test +run_test ./usertools/01/21_usermod_change_and_move_homedir.test +run_test ./usertools/01/22_usermod_new_groups.test +run_test ./usertools/01/23_usermod_add_groups.test +run_test ./usertools/01/24_usermod_new_groups_remove_old_groups.test +run_test ./usertools/01/25_useradd_specified_large_UID2.test +run_test ./usertools/01/26_useradd_UID_-1.test +run_test ./usertools/02/useradd_default_default_values.test +run_test ./usertools/02/useradd_get_default_values.test +run_test ./usertools/02/useradd_change_default_INACTIVE.test +run_test ./usertools/02/useradd_change_default_SHELL.test +run_test ./usertools/02/useradd_change_default_EXPIRE.test +run_test ./usertools/02/useradd_change_default_GROUP.test +run_test ./usertools/02/useradd_change_default_HOME.test +run_test ./usertools/02/useradd_change_defaults.test +run_test ./usertools/03/useradd_change_defaults.test +run_test ./usertools/04/01_useradd_add_user.test +run_test ./usertools/05_userdel_del_from_group_members/userdel.test +run_test ./usertools/06_userdel_del_from_gshadow_members/userdel.test +run_test ./usertools/07_userdel_del_from_gshadow_admins/userdel.test +run_test ./usertools/08_userdel_del_from_group_and_gshadow/userdel.test +run_test ./usertools/09_userdel_del_homedir/userdel.test +run_test ./usertools/10_userdel_del_homedir_wrong_owner/userdel.test +run_test ./usertools/11_usermod_move_homedir/usermod.test +run_test ./usertools/12_usermod_move_homedir_dev_null/usermod.test +run_test ./usertools/13_usermod_move_homedir_file/usermod.test +run_test ./usertools/14_usermod_move_homedir_other_device/usermod.test +run_test ./usertools/15_usermod_change_supplementary_groups/usermod.test +run_test ./usertools/16_usermod_remove_supplementary_groups/usermod.test +run_test ./usertools/17_usermod_change_supplementary_groups_numerical/usermod.test +run_test ./usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test +run_test ./usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test +run_test ./usertools/20_usermod_rename_user_in_member_lists/usermod.test +run_test ./usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test +run_test ./usertools/22_usermod-a_existing_supplementary_group/usermod.test +run_test ./usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test +run_test ./usertools/24_usermod_locked_passwd/usermod.test +run_test ./usertools/25_usermod-G_locked_group/usermod.test +run_test ./usertools/26_usermod_locked_shadow/usermod.test +run_test ./usertools/27_usermod-G_locked_gshadow/usermod.test +run_test ./usertools/28_usermod-c_locked_group/usermod.test +run_test ./usertools/29_usermod-c_locked_gshadow/usermod.test +run_test ./usertools/30_usermod-l_locked_group/usermod.test +run_test ./usertools/31_usermod-l_locked_gshadow/usermod.test +run_test ./usertools/32_usermod-u_new_UID/usermod.test +run_test ./usertools/33_usermod-u_existing_UID/usermod.test +run_test ./usertools/34_usermod-u-o_existing_UID/usermod.test +run_test ./usertools/35_usermod-u_invalid_UID/usermod.test +run_test ./usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test +run_test ./usertools/37_Debian_Bug_470745/usermod.test +run_test ./usertools/38_usermod_invalid_user/usermod.test +run_test ./usertools/39_usermod_-c_invalid_comment/usermod.test +run_test ./usertools/40_usermod_-d_invalid_homedir/usermod.test +run_test ./usertools/41_usermod_-d_invalid_shell/usermod.test +run_test ./usertools/42_usermod_-g_invalid_group_name/usermod.test +run_test ./usertools/43_usermod_-g_invalid_group_ID/usermod.test +run_test ./usertools/44_usermod-l_existing_username/usermod.test +run_test ./usertools/45_usermod-l_existing_username_passwd/usermod.test +run_test ./usertools/46_usermod-l_existing_username_shadow/usermod.test +run_test ./usertools/47_usermod-l_no_shadow_file/usermod.test +run_test ./usertools/48_userdel_keep_group_if_primary_other_user/userdel.test +run_test ./usertools/49_userdel_delete_users_group/userdel.test +run_test ./usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test +run_test ./usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test +run_test ./usertools/52_userdel_delete_user_no_shadow_entry/userdel.test +run_test ./usertools/53_userdel_delete_user_no_shadow_file/userdel.test +run_test ./usertools/54_usermod-u_invalid_UID_4294967295/usermod.test +run_test ./usertools/55_userdel_busy_user/userdel.test +run_test ./usertools/56_userdel_locked_passwd/userdel.test +run_test ./usertools/57_userdel_locked_group/userdel.test +run_test ./usertools/58_userdel_locked_shadow/userdel.test +run_test ./usertools/59_userdel_locked_gshadow/userdel.test +run_test ./usertools/60_userdel_invalid_user/userdel.test +run_test ./usertools/61_userdel_del_homedir_with_symlinks/userdel.test +if [ "$USE_PAM" = "yes" ]; then + run_test ./usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test + run_test ./usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test + run_test ./usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test + run_test ./usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test + run_test ./usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test + run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test + run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test + run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test + run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test + run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test + run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test + run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test + run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test + run_test ./usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test + run_test ./usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test + run_test ./usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test + run_test ./usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test + run_test ./usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test + run_test ./usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test + run_test ./usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test + run_test ./usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test + run_test ./usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test + run_test ./usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test + run_test ./usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test + run_test ./usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test + run_test ./usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test + run_test ./usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test + run_test ./usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test + run_test ./usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test + run_test ./usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test + run_test ./usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test + run_test ./usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test + run_test ./usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test + run_test ./usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test +else + run_test ./usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test + run_test ./usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test + run_test ./usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test + run_test ./usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test + run_test ./usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test +fi +run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test +run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test +run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test +run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test +run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test +run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test +run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test +run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test +run_test ./usertools/useradd/01_useradd_usage/useradd.test +run_test ./usertools/useradd/02_useradd_usage_invalid_option/useradd.test +run_test ./usertools/useradd/03_useradd_usage_no_users/useradd.test +run_test ./usertools/useradd/04_useradd_usage_2_users/useradd.test +run_test ./usertools/useradd/05_useradd_usage-b_invalid1/useradd.test +run_test ./usertools/useradd/06_useradd_usage-b_invalid2/useradd.test +run_test ./usertools/useradd/07_useradd_usage-b_invalid3/useradd.test +run_test ./usertools/useradd/08_useradd_usage-c_invalid1/useradd.test +run_test ./usertools/useradd/09_useradd_usage-c_invalid2/useradd.test +run_test ./usertools/useradd/10_useradd_usage-d_invalid1/useradd.test +run_test ./usertools/useradd/11_useradd_usage-d_invalid2/useradd.test +run_test ./usertools/useradd/12_useradd_usage-d_invalid3/useradd.test +run_test ./usertools/useradd/13_useradd_usage-e_invalid1/useradd.test +run_test ./usertools/useradd/14_useradd_usage-e_invalid2/useradd.test +run_test ./usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test +run_test ./usertools/useradd/16_useradd_usage-f_invalid1/useradd.test +run_test ./usertools/useradd/17_useradd_usage-f_invalid2/useradd.test +run_test ./usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test +run_test ./usertools/useradd/19_useradd_usage-K_invalid1/useradd.test +run_test ./usertools/useradd/20_useradd_usage-O_invalid2/useradd.test +run_test ./usertools/useradd/21_useradd_usage-p_invalid1/useradd.test +run_test ./usertools/useradd/22_useradd_usage-p_invalid2/useradd.test +run_test ./usertools/useradd/23_useradd_usage-s_invalid1/useradd.test +run_test ./usertools/useradd/24_useradd_usage-s_invalid2/useradd.test +run_test ./usertools/useradd/25_useradd_usage-s_invalid3/useradd.test +run_test ./usertools/useradd/26_useradd_usage-o_without-u/useradd.test +run_test ./usertools/useradd/27_useradd_usage-k_without-m/useradd.test +run_test ./usertools/useradd/28_useradd_usage-U_with-g/useradd.test +run_test ./usertools/useradd/29_useradd_usage-U_with-N/useradd.test +run_test ./usertools/useradd/30_useradd_usage-m_with-M/useradd.test +run_test ./usertools/useradd/31_useradd_usage_user_with-D/useradd.test +run_test ./usertools/useradd/32_useradd_usage-D_with_other/useradd.test +run_test ./usertools/useradd/33_useradd_usage_invalid_username/useradd.test +run_test ./usertools/useradd/35_useradd_default_GROUP_name/useradd.test +run_test ./usertools/useradd/34_useradd_default_GROUP_GID/useradd.test +run_test ./usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test +run_test ./usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test +run_test ./usertools/useradd/38_useradd_default_INACTIVE/useradd.test +run_test ./usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test +run_test ./usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test +run_test ./usertools/useradd/41_useradd_default_default_SKEL/useradd.test +run_test ./usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test +run_test ./usertools/useradd/43_useradd_default_no_final_eol/useradd.test +run_test ./usertools/useradd/44_useradd_default_no_file/useradd.test +run_test ./usertools/useradd/45_useradd-G_UID_name/useradd.test +run_test ./usertools/useradd/46_useradd-G_UID_duplicate/useradd.test +run_test ./usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test +run_test ./usertools/useradd/48_useradd-G_name_duplicate/useradd.test +run_test ./usertools/useradd/49_useradd-G_invalid_group/useradd.test +run_test ./usertools/useradd/50_useradd-r/useradd.test +run_test ./usertools/useradd/51_useradd_already_exist/useradd.test +run_test ./usertools/useradd/52_useradd-U_group_already_exist/useradd.test +run_test ./usertools/useradd/53_useradd-G_empty/useradd.test +run_test ./usertools/useradd/54_useradd_no_shadow_file/useradd.test +run_test ./usertools/useradd/55_useradd_no_gshadow_file/useradd.test +run_test ./usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test +run_test ./usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test +run_test ./usertools/useradd/58_useradd-e_empty/useradd.test +run_test ./usertools/useradd/59_useradd-e-1-f-1/useradd.test +run_test ./usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test +run_test ./usertools/useradd/61_useradd-K/useradd.test +run_test ./usertools/useradd/62_useradd-p/useradd.test +run_test ./usertools/useradd/63_useradd-s/useradd.test +run_test ./usertools/useradd/64_useradd_locked_passwd/useradd.test +run_test ./usertools/useradd/65_useradd_locked_group/useradd.test +run_test ./usertools/useradd/66_useradd_locked_shadow/useradd.test +run_test ./usertools/useradd/67_useradd_locked_gshadow/useradd.test +run_test ./usertools/useradd/68_useradd-s_empty/useradd.test +run_test ./usertools/userdel/01_userdel_usage/userdel.test +run_test ./usertools/userdel/02_userdel_usage_invalid_option/userdel.test +run_test ./usertools/userdel/03_userdel_usage_no_users/userdel.test +run_test ./usertools/userdel/04_userdel_usage_2_users/userdel.test +run_test ./usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test +run_test ./usertools/userdel/06_userdel_no_usergroup/userdel.test +run_test ./usertools/userdel/07_userdel_usergroup_not_primary/userdel.test +run_test ./usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test +run_test ./usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test +run_test ./usertools/userdel/10_userdel_del_homedir_symlink/userdel.test +run_test ./usertools/usermod/01_usermod-p_no_shadow_file/usermod.test +run_test ./usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test +run_test ./usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test +run_test ./usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test +run_test ./usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test +run_test ./usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test +run_test ./usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test +run_test ./usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test +run_test ./usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test +run_test ./usertools/usermod/10_usermod_usage/usermod.test +run_test ./usertools/usermod/11_usermod_usage_bad_option/usermod.test +run_test ./usertools/usermod/12_usermod_usage_bad-f/usermod.test +run_test ./usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test +run_test ./usertools/usermod/14_usermod_usage_no_options/usermod.test +run_test ./usertools/usermod/15_usermod_usage_no_user/usermod.test +run_test ./usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test +run_test ./usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test +run_test ./usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test +run_test ./usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test +run_test ./usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test +run_test ./usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test +run_test ./usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test +run_test ./usertools/usermod/23_usermod-e_date/usermod.test +run_test ./usertools/usermod/24_usermod-e_date/usermod.test +run_test ./usertools/usermod/25_usermod-e_empty_arg/usermod.test +run_test ./usertools/usermod/26_usermod-e-1/usermod.test +run_test ./usertools/usermod/27_usermod-e_invalid1/usermod.test +run_test ./usertools/usermod/28_usermod-e_invalid2/usermod.test +run_test ./usertools/usermod/29_usermod_no_changes/usermod.test +run_test ./usertools/usermod/30_usermod_usage-a_without-G/usermod.test +run_test ./usertools/usermod/31_usermod_usage-o_without-u/usermod.test +run_test ./usertools/usermod/32_usermod_usage-m_without-d/usermod.test +run_test ./usertools/usermod/33_usermod_change_shell/usermod.test +run_test ./usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test +run_test ./usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test +run_test ./usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test +run_test ./usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test +run_test ./usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test +run_test ./usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test +run_test ./usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test +run_test ./usertools/usermod/41_usermod-u_faillog_not_created/usermod.test +run_test ./usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test +run_test ./usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test +run_test ./usertools/usermod/44_usermod-l_move_mailbox/usermod.test +run_test ./usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test +run_test ./usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test +run_test ./usertools/usermod/47_usermod-u_default_maildir/usermod.test +run_test ./usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test +run_test ./usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test +run_test ./usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test +run_test ./usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test +run_test ./usertools/usermod/52_usermod_move_homedir_symlink/usermod.test +run_test ./cptools/01/run1 +run_test ./cptools/01/run2 +run_test ./cptools/01/run3 +run_test ./cptools/01/run4 +run_test ./cktools/01/run1 +run_test ./cktools/01/run2 +run_test ./cktools/02_pwck_sort/pwck.test +run_test ./cktools/03_grpck_sort/grpck.test +run_test ./cktools/04_pwck_sort_missing_shadow_user/pwck.test +run_test ./cktools/05_grpck_sort_missing_shadow_group/grpck.test +run_test ./cktools/06_pwck_sort_NIS_server/pwck.test +run_test ./cktools/07_pwck_sort_NIS_client/pwck.test +run_test ./cktools/grpck/04_grpck_missing_field_group_delete/grpck.test +run_test ./cktools/grpck/05_grpck_missing_field_group_keep/grpck.test +run_test ./cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test +run_test ./cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test +run_test ./cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test +run_test ./cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test +run_test ./cktools/grpck/10_grpck_missing_field_group_local/grpck.test +run_test ./cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test +run_test ./cktools/grpck/12_grpck_unknown_user_group/grpck.test +run_test ./cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test +run_test ./cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test +run_test ./cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test +run_test ./cktools/grpck/16_grpck_duplicate_entry_group/grpck.test +run_test ./cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test +run_test ./cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test +run_test ./cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test +run_test ./cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test +run_test ./cktools/grpck/21_grpck_invalid_group_name/grpck.test +run_test ./cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test +run_test ./cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test +run_test ./cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test +run_test ./cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test +run_test ./cktools/grpck/26_grpck_no_gshadow_file/grpck.test +run_test ./cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test +run_test ./cktools/grpck/28_grpck_usage/grpck.test +run_test ./cktools/grpck/29_grpck_sort_readonly/grpck.test +run_test ./cktools/grpck/30_grpck_3_files/grpck.test +run_test ./cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test +run_test ./cktools/grpck/32_grpck_sort_nis/grpck.test +run_test ./cktools/grpck/33_grpck_locked_group/grpck.test +run_test ./cktools/grpck/34_grpck_locked_gshadow/grpck.test +run_test ./cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test +run_test ./cktools/grpck/36_grpck_password_group_gshadow/grpck.test +run_test ./cktools/grpck/37_grpck_invalid_option/grpck.test +run_test ./cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test +run_test ./cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test +run_test ./cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test +run_test ./cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test +run_test ./cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test +run_test ./cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test +run_test ./cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test +run_test ./cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test +run_test ./cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test +run_test ./cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test +run_test ./cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test +run_test ./cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test +run_test ./cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test +run_test ./cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test +run_test ./cktools/pwck/18_pwck_invalid_user_name/pwck.test +run_test ./cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test +run_test ./cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test +run_test ./cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test +run_test ./cktools/pwck/22_pwck_usage/pwck.test +run_test ./cktools/pwck/23_pwck_locked_passwd/pwck.test +run_test ./cktools/pwck/24_pwck_locked_shadow/pwck.test +run_test ./cktools/pwck/25_pwck_usage_invalid_option/pwck.test +run_test ./cktools/pwck/26_pwck_usage-s-r/pwck.test +run_test ./cktools/pwck/27_pwck_usage_3_files/pwck.test +run_test ./cktools/pwck/28_pwck_no_shadow_file/pwck.test +run_test ./cktools/pwck/29_pwck_password_change_in_future/pwck.test +run_test ./cktools/pwck/30_pwck_NIS_entries/pwck.test +run_test ./cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test +run_test ./cktools/pwck/32_pwck_quiet/pwck.test +if [ "$USE_PAM" != "yes" ]; then + run_test ./crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test + run_test ./crypt/login.defs_DES/01_chpasswd.test + run_test ./crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test + run_test ./crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test + run_test ./crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test + run_test ./crypt/login.defs_DES/05_chpasswd-e.test + run_test ./crypt/login.defs_DES/06_chpasswd-m.test +fi +run_test ./crypt/login.defs_DES/07_chgpasswd.test +run_test ./crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test +run_test ./crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test +run_test ./crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test +run_test ./crypt/login.defs_DES/11_chgpasswd-e.test +run_test ./crypt/login.defs_DES/12_chgpasswd-m.test +if [ "$USE_PAM" != "yes" ]; then + run_test ./crypt/login.defs_MD5/01_chpasswd.test + run_test ./crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test +fi +run_test ./crypt/login.defs_MD5/02_chgpasswd.test +run_test ./crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test +if [ "$USE_PAM" != "yes" ]; then + run_test ./crypt/login.defs_SHA256-round-max/01_chpasswd.test + run_test ./crypt/login.defs_SHA256-round-min-max/01_chpasswd.test + run_test ./crypt/login.defs_SHA256-round-min/01_chpasswd.test + run_test ./crypt/login.defs_SHA256/01_chpasswd.test + run_test ./crypt/login.defs_SHA512/01_chpasswd.test + run_test ./crypt/login.defs_none/01_chpasswd.test +fi +run_test ./crypt/login.defs_SHA256-round-max/02_chgpasswd.test +run_test ./crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test +run_test ./crypt/login.defs_SHA256-round-min/02_chgpasswd.test +run_test ./crypt/login.defs_SHA256/02_chgpasswd.test +run_test ./crypt/login.defs_SHA512/02_chgpasswd.test +run_test ./crypt/login.defs_none/02_chgpasswd.test +run_test ./newusers/01_create_user/newusers.test +run_test ./newusers/02_update_password/newusers.test +run_test ./newusers/03_no_update_pid/newusers.test +run_test ./newusers/04_no_update_gid/newusers.test +run_test ./newusers/05_create_user_pid/newusers.test +run_test ./newusers/06_create_user_gid/newusers.test +run_test ./newusers/07_create_user_pid_gid/newusers.test +run_test ./newusers/08_create_user_pid_other-gid/newusers.test +run_test ./newusers/09_create_user_pid-as-user-bar/newusers.test +run_test ./newusers/10_create_user_gid-as-group-bar/newusers.test +run_test ./newusers/11_update_gecos/newusers.test +run_test ./newusers/12_update_shell/newusers.test +run_test ./newusers/13_create_user_new-home/newusers.test +run_test ./newusers/14_create_user_existing-home/newusers.test +run_test ./newusers/15_update_new-home/newusers.test +run_test ./newusers/16_update_existing-home/newusers.test +run_test ./newusers/17_create_user_pid-already-used/newusers.test +run_test ./newusers/18_create_user_gid-already-used/newusers.test +run_test ./newusers/19_update_keep-old-home/newusers.test +run_test ./newusers/20_multiple_users/newusers.test +run_test ./newusers/21_create_user_UID_MAX/newusers.test +run_test ./newusers/22_create_user_GID_MAX/newusers.test +run_test ./newusers/23_create_user_error_negativ_UID/newusers.test +run_test ./newusers/24_create_user_error_invalid_UID/newusers.test +run_test ./newusers/25_create_user_error_no_remaining_UID/newusers.test +run_test ./newusers/26_create_user_error_no_remaining_GID/newusers.test +run_test ./newusers/27_create_user_error_invalid_username/newusers.test +run_test ./newusers/28_create_user_error_invalid_groupname/newusers.test +run_test ./newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test +run_test ./newusers/30_create_user_different_groupname/newusers.test +run_test ./newusers/31_create_user_error_invalid_GID/newusers.test +run_test ./newusers/32_create_user_error_gshadow_group_exists/newusers.test +run_test ./newusers/33_update_password_no_shadow_password/newusers.test +run_test ./newusers/34_update_password_no_shadow/newusers.test +run_test ./newusers/35_read_from_stdin/newusers.test +if [ "$USE_PAM" != "yes" ]; then + run_test ./newusers/36_create_user_encrypted/newusers.test + run_test ./newusers/37_create_user_encrypt_MD5/newusers.test + run_test ./newusers/38_update_password_no_shadow_encrypted/newusers.test + run_test ./newusers/39_update_password_no_shadow_password_encrypted/newusers.test + run_test ./newusers/40_update_password_encrypted/newusers.test + run_test ./newusers/41_create_user_encrypt_SHA256/newusers.test + run_test ./newusers/42_create_user_encrypt_SHA512/newusers.test + run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test + run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test + run_test ./newusers/45_create_user_encrypt_rounds_3000/newusers.test + run_test ./newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test +else + + run_test ./newusers/37_create_user_encrypt_MD5-PAM/newusers.test + + + + run_test ./newusers/41_create_user_encrypt_SHA256-PAM/newusers.test + run_test ./newusers/42_create_user_encrypt_SHA512-PAM/newusers.test + run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test + run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test + + +fi +run_test ./newusers/47_create_user_error_UID_4294967295/newusers.test +run_test ./newusers/48_create_user_error_GID_4294967295/newusers.test +run_test ./newusers/49_multiple_system_users/newusers.test +run_test ./newusers/50_usage/newusers.test +run_test ./newusers/51_usage_invalid_option/newusers.test +run_test ./newusers/52_usage_2_input_files/newusers.test +run_test ./newusers/53_locked_passwd/newusers.test +run_test ./newusers/54_locked_shadow/newusers.test +run_test ./newusers/55_locked_group/newusers.test +run_test ./newusers/56_locked_gshadow/newusers.test +run_test ./newusers/57_missing_input_file/newusers.test +run_test ./newusers/58_invalid_input_file/newusers.test +run_test ./newusers/59_no_gshadow_file/newusers.test +run_test ./newusers/60_update_no_gecos/newusers.test +run_test ./newusers/61_update_no_shell/newusers.test +run_test ./split_groups/01_useradd_split_group/useradd.test +run_test ./split_groups/02_useradd_no_split_group/useradd.test +run_test ./split_groups/03_useradd_split_group_already_split/useradd.test +run_test ./split_groups/04_useradd_split_group_already_full/useradd.test +run_test ./split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test +run_test ./split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test +run_test ./split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test +run_test ./split_groups/08_useradd_no_split_group_already_split/useradd.test +run_test ./split_groups/09_groupdel_split_group_already_split/groupdel.test +run_test ./split_groups/10_groupdel_no_split_group_already_split/groupdel.test +if [ "$FAILURE_TESTS" = "yes" ]; then +run_test ./failures/chage/01_chage_openRW_passwd_failure/chage.test +run_test ./failures/chage/02_chage_openRO_passwd_failure/chage.test +run_test ./failures/chage/03_chage_openRW_shadow_failure/chage.test +run_test ./failures/chage/04_chage_openRO_shadow_failure/chage.test +run_test ./failures/chage/05_chage_rename_shadow_failure/chage.test +run_test ./failures/chage/06_chage_rename_passwd_failure/chage.test +run_test ./failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test +run_test ./failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test +run_test ./failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test +run_test ./failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test +if [ "$USE_PAM" = "yes" ]; then + run_test ./failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test + run_test ./failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test + run_test ./failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test + run_test ./failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test + run_test ./failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test +fi +run_test ./failures/chsh/01_chsh_open_passwd_failure/chsh.test +run_test ./failures/chsh/02_chsh_rename_passwd_failure/chsh.test +run_test ./failures/cppw/01_cppw_open_passwd_in_failure/cppw.test +run_test ./failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test +run_test ./failures/cppw/03_cppw_rename_passwd_failure/cppw.test +run_test ./failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test +run_test ./failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test +run_test ./failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test +run_test ./failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test +run_test ./failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test +run_test ./failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test +run_test ./failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test +run_test ./failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test +run_test ./failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test +run_test ./failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test +run_test ./failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test +run_test ./failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test +run_test ./failures/groupadd/02_groupadd_group_rename_failure/groupadd.test +run_test ./failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test +run_test ./failures/groupadd/04_groupadd_group_open_failure/groupadd.test +run_test ./failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test +run_test ./failures/groupdel/02_groupdel_group_rename_failure/groupdel.test +run_test ./failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test +run_test ./failures/groupdel/04_groupdel_group_open_failure/groupdel.test +run_test ./failures/groupmems/01_groupmems_group_open_failure/groupmems.test +run_test ./failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test +run_test ./failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test +run_test ./failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test +run_test ./failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test +run_test ./failures/groupmod/04_groupmod_group_open_failure/groupmod.test +run_test ./failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test +run_test ./failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test +run_test ./failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test +run_test ./failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test +run_test ./failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test +run_test ./failures/grpck/01_grpck_system_group_open_failure/grpck.test +run_test ./failures/grpck/02_grpck_group_open_failure/grpck.test +run_test ./failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test +run_test ./failures/grpck/04_grpck_gshadow_open_failure/grpck.test +run_test ./failures/grpck/05_grpck_sort_group_rename_failure/grpck.test +run_test ./failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test +run_test ./failures/grpconv/01_grpconv_open_group_failure/grpconv.test +run_test ./failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test +run_test ./failures/grpconv/03_grpconv_rename_group_failure/grpconv.test +run_test ./failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test +run_test ./failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test +run_test ./failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test +run_test ./failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test +run_test ./failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test +run_test ./failures/newusers/01_newusers_open_passwd_failure/newusers.test +run_test ./failures/newusers/02_newusers_open_shadow_failure/newusers.test +run_test ./failures/newusers/03_newusers_open_group_failure/newusers.test +run_test ./failures/newusers/04_newusers_open_gshadow_failure/newusers.test +run_test ./failures/newusers/05_newusers_rename_passwd_failure/newusers.test +run_test ./failures/newusers/06_newusers_rename_shadow_failure/newusers.test +run_test ./failures/newusers/07_newusers_rename_group_failure/newusers.test +run_test ./failures/newusers/08_newusers_rename_gshadow_failure/newusers.test +run_test ./failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test +run_test ./failures/newusers/10_newusers_time_0/newusers.test +run_test ./failures/pwck/01_pwck_system_passwd_open_failure/pwck.test +run_test ./failures/pwck/02_pwck_passwd_open_failure/pwck.test +run_test ./failures/pwck/03_pwck_system_shadow_open_failure/pwck.test +run_test ./failures/pwck/04_pwck_shadow_open_failure/pwck.test +run_test ./failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test +run_test ./failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test +run_test ./failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test +run_test ./failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test +run_test ./failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test +run_test ./failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test +run_test ./failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test +run_test ./failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test +run_test ./failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test +run_test ./failures/pwconv/05_pwconv_time_0/pwconv.test +run_test ./failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test +run_test ./failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test +run_test ./failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test +run_test ./failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test +run_test ./failures/useradd/01_useradd_open_passwd_failure/useradd.test +run_test ./failures/useradd/02_useradd_open_shadow_failure/useradd.test +run_test ./failures/useradd/03_useradd_open_group_failure/useradd.test +run_test ./failures/useradd/04_useradd_open_gshadow_failure/useradd.test +run_test ./failures/useradd/05_useradd_rename_passwd_failure/useradd.test +run_test ./failures/useradd/06_useradd_rename_shadow_failure/useradd.test +run_test ./failures/useradd/07_useradd_rename_group_failure/useradd.test +run_test ./failures/useradd/08_useradd_rename_gshadow_failure/useradd.test +run_test ./failures/useradd/09_useradd_rename_defaults_failure/useradd.test +run_test ./failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test +run_test ./failures/useradd/11_useradd_time_0/useradd.test +run_test ./failures/useradd/12_useradd_open_subuid_failure/useradd.test +run_test ./failures/useradd/13_useradd_open_subgid_failure/useradd.test +run_test ./failures/useradd/14_username_rename_subuid_failure/useradd.test +run_test ./failures/useradd/15_username_rename_subgid_failure/useradd.test +run_test ./failures/userdel/01_userdel_gshadow_rename_failure/userdel.test +run_test ./failures/userdel/02_userdel_group_rename_failure/userdel.test +run_test ./failures/userdel/03_userdel_shadow_rename_failure/userdel.test +run_test ./failures/userdel/04_userdel_passwd_rename_failure/userdel.test +run_test ./failures/userdel/05_userdel_failure_remove_mailbox/userdel.test +run_test ./failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test +run_test ./failures/userdel/07_userdel_failure_remove_homedir/userdel.test +run_test ./failures/userdel/08_userdel_open_passwd_failure/userdel.test +run_test ./failures/userdel/09_userdel_open_shadow_failure/userdel.test +run_test ./failures/userdel/10_userdel_open_group_failure/userdel.test +run_test ./failures/userdel/11_userdel_open_gshadow_failure/userdel.test +run_test ./failures/userdel/12_userdel_open_subuid_failure/userdel.test +run_test ./failures/userdel/13_userdel_open_subgid_failure/userdel.test +run_test ./failures/userdel/14_userdel_rename_subuid_failure/usedel.test +run_test ./failures/userdel/15_userdel_rename_subgid_failure/usedel.test +run_test ./failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test +run_test ./failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test +run_test ./failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test +run_test ./failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test +run_test ./failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test +run_test ./failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test +run_test ./failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test +run_test ./failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test +run_test ./failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test +run_test ./failures/usermod/10_usermod_-p_time_0/usermod.test +run_test ./failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test +#run_test ./failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test +run_test ./failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test +run_test ./failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test +run_test ./failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test +run_test ./failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test +run_test ./failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test +run_test ./failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test +fi +run_test ./expiry/01_expiry_-c_no_expiry/expiry.test +run_test ./expiry/02_expiry_-c_expired/expiry.test +run_test ./expiry/03_expiry_-f_expired/expiry.test +run_test ./expiry/04_expiry_no_options/expiry.test +run_test ./expiry/05_expiry_-c_no_shadow_file/expiry.test +run_test ./expiry/06_expiry_-c_no_shadow_entry/expiry.test +run_test ./expiry/07_expiry_-c_expired_account/expiry.test +run_test ./expiry/08_expiry_-c_expired_max+inact/expiry.test +run_test ./expiry/09_expiry_-c_expired_not_inactive/expiry.test +run_test ./expiry/10_expiry_bad_option/expiry.test +run_test ./expiry/11_expiry_usage/expiry.test +run_test ./expiry/12_expiry_extra_arg/expiry.test +run_test ./expiry/13_expiry_usage-c-f/expiry.test +run_test ./passwd/01_passwd_-S_root_locked_account/passwd.test +run_test ./passwd/02_passwd_-S_root_valid_account/passwd.test +run_test ./passwd/03_passwd_-S_root_empty_password/passwd.test +run_test ./passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test +run_test ./passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test +run_test ./passwd/06_passwd_-l_root_lock_account/passwd.test +run_test ./passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test +run_test ./passwd/08_passwd_-u_root_unlock_account/passwd.test +run_test ./passwd/09_passwd_-u_root_unlock_to_empty/passwd.test +run_test ./passwd/10_passwd_-d_root/passwd.test +run_test ./passwd/11_passwd_--mindays_root/passwd.test +run_test ./passwd/12_passwd_--maxdays_root/passwd.test +run_test ./passwd/13_passwd_--warndays_root/passwd.test +run_test ./passwd/14_passwd_--inactive_root/passwd.test +run_test ./passwd/15_passwd_--expire_root/passwd.test +run_test ./passwd/16_passwd_-S-a_root/passwd.test +run_test ./passwd/17_passwd_root_change_password/passwd.test +run_test ./passwd/18_passwd_root_change_password_user/passwd.test +run_test ./passwd/19_passwd_user_change_password/passwd.test +run_test ./passwd/20_passwd_user_change_password_same_user/passwd.test +run_test ./passwd/21_passwd_user_change_password_other_user/passwd.test +run_test ./passwd/22_passwd_usage/passwd.test +run_test ./login/01_login_prompt/login.test +run_test ./login/02_login_user/login.test +run_test ./login/03_login_check_tty/login.test +run_test ./subids/01_useradd_no_subids/useradd.test +run_test ./subids/02_useradd_with_subids/useradd.test +run_test ./subids/03_useradd_no_subgid/useradd.test +run_test ./subids/04_useradd_no_subuid/useradd.test +run_test ./subids/05_useradd_fill_gap_start/useradd.test +run_test ./subids/06_useradd_fill_gap_middle/useradd.test +run_test ./subids/07_useradd_fill_gap_end/useradd.test +run_test ./subids/08_useradd_no_more_subuids_start/useradd.test +run_test ./subids/09_useradd_no_more_subgids_start/useradd.test +run_test ./subids/10_useradd_no_more_subuids_end/useradd.test +run_test ./subids/11_useradd_no_more_subgids_end/useradd.test +run_test ./subids/12_useradd_invalid_subuid_configuration1/useradd.test +run_test ./subids/13_useradd_invalid_subuid_configuration2/useradd.test +run_test ./subids/14_useradd_invalid_subuid_configuration3/useradd.test +run_test ./subids/15_useradd_invalid_subgid_configuration1/useradd.test +run_test ./subids/16_useradd_invalid_subgid_configuration2/useradd.test +run_test ./subids/17_useradd_invalid_subgid_configuration3/useradd.test +run_test ./subids/18_useradd_min=max/useradd.test +run_test ./subids/19_useradd_locked_subuid/useradd.test +run_test ./subids/20_useradd_locked_subgid/useradd.test +run_test ./subids/21_usermod_create_subuid_range/usermod.test +run_test ./subids/22_usermod_create_subgid_range/usermod.test +run_test ./subids/23_usermod_create_subids_ranges/usermod.test +run_test ./subids/24_usermod_create_subids_overlapping_ranges/usermod.test +run_test ./subids/25_usermod_add_range/usermod.test +run_test ./subids/26_usermod_add_overlapping_ranges/usermod.test +run_test ./subids/27_usermod_remove_range_all/usermod.test +run_test ./subids/28_usermod_remove_range_partial_begin/usermod.test +run_test ./subids/29_usermod_remove_range_partial_middle/usermod.test +run_test ./subids/30_usermod_remove_range_partial_end/usermod.test +run_test ./subids/31_usermod_remove_outside_range/usermod.test +run_test ./subids/32_usermod_remove_overlapping_range_begin/usermod.test +run_test ./subids/33_usermod_remove_overlapping_range_end/usermod.test +run_test ./subids/34_usermod_remove_overlapping_range_all/usermod.test +run_test ./subids/35_usermod_remove_only_user_ranges/usermod.test +run_test ./subids/36_usermod_remove_with_comment/usermod.test +run_test ./subids/37_usermod_-v_invalid_range/usermod.test +run_test ./subids/38_usermod_-V_invalid_range/usermod.test +run_test ./subids/39_usermod_-w_invalid_range/usermod.test +run_test ./subids/40_usermod_-W_invalid_range/usermod.test +run_test ./subids/41_usermod_locked_subuid/usermod.test +run_test ./subids/42_usermod_locked_subgid/usermod.test +run_test ./subids/43_usermod_-w_no_subgid/usermod.test +run_test ./subids/44_usermod_-W_no_subgid/usermod.test +run_test ./subids/45_usermod_-v_no_subgid/usermod.test +run_test ./subids/46_usermod_-V_no_subgid/usermod.test +run_test ./subids/47_usermod_-v_invalid_range2/usermod.test +run_test ./subids/48_usermod_-v_invalid_range3/usermod.test +run_test ./subids/49_usermod_-v_invalid_range4/usermod.test +run_test ./subids/50_usermod_-v_invalid_range5/usermod.test +run_test ./subids/51_usermod_-v_invalid_range6/usermod.test +run_test ./subids/52_usermod_-v_invalid_range7/usermod.test +run_test ./subids/53_userdel_one_subuid_range/userdel.test +run_test ./subids/54_userdel_one_subgid_range/userdel.test +run_test ./subids/55_userdel_no_subuid/userdel.test +run_test ./subids/56_userdel_no_subgid/userdel.test +run_test ./subids/57_userdel_multiple_ranges/userdel.test +run_test ./subids/58_newusers_with_subids/newusers.test +run_test ./subids/59_newusers_no_subuid/newusers.test +run_test ./subids/60_newusers_no_subgid/newusers.test +run_test ./subids/61_newusers_user_alread_has_subgids/newusers.test +run_test ./subids/62_newusers_user_alread_has_subuids/newusers.test +run_test ./subids/63_useradd_fill_gap4/useradd.test +run_test ./subids/64_useradd_fill_gap5/useradd.test +run_test ./subids/65_useradd_fill_gap6/useradd.test +run_test ./subids/66_subordinate_range_cmp/useradd.test +run_test ./subids/67_invalid_subuid_file1/useradd.test +run_test ./subids/68_invalid_subuid_file2/useradd.test +run_test ./subids/69_invalid_subuid_file3/useradd.test +run_test ./subids/70_invalid_subuid_file4/useradd.test + +echo + +genhtml --quiet --frames --output-directory coverage.test --show-details app_total.info + +echo +echo "$succeded test(s) passed" +echo "$failed test(s) failed" +echo "log written in 'testsuite.log'" +if [ "$failed" != "0" ] +then + echo "the following tests failed:" + echo $failed_tests +fi + diff --git a/tests/split_groups/01_useradd_split_group/config.txt b/tests/split_groups/01_useradd_split_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/01_useradd_split_group/config/etc/default/useradd b/tests/split_groups/01_useradd_split_group/config/etc/default/useradd new file mode 100644 index 00000000..64dec7d9 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=100 +# +# The default home directory. Same as DHOME for adduser +HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=-1 +# +# The default expire date +EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=no diff --git a/tests/split_groups/01_useradd_split_group/config/etc/group b/tests/split_groups/01_useradd_split_group/config/etc/group new file mode 100644 index 00000000..af7aa3b4 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo1:x:1000: +foo2:x:1001: diff --git a/tests/split_groups/01_useradd_split_group/config/etc/gshadow b/tests/split_groups/01_useradd_split_group/config/etc/gshadow new file mode 100644 index 00000000..cfa80d56 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2 +foo1:*:: +foo2:*:: diff --git a/tests/split_groups/01_useradd_split_group/config/etc/login.defs b/tests/split_groups/01_useradd_split_group/config/etc/login.defs new file mode 100644 index 00000000..b3b37df0 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 2 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/01_useradd_split_group/config/etc/passwd b/tests/split_groups/01_useradd_split_group/config/etc/passwd new file mode 100644 index 00000000..708e6ef3 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/split_groups/01_useradd_split_group/config/etc/shadow b/tests/split_groups/01_useradd_split_group/config/etc/shadow new file mode 100644 index 00000000..f13ec565 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/split_groups/01_useradd_split_group/data/group b/tests/split_groups/01_useradd_split_group/data/group new file mode 100644 index 00000000..f7d6d122 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/data/group @@ -0,0 +1,46 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/01_useradd_split_group/data/gshadow b/tests/split_groups/01_useradd_split_group/data/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/data/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/01_useradd_split_group/data/passwd b/tests/split_groups/01_useradd_split_group/data/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/data/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/01_useradd_split_group/data/shadow b/tests/split_groups/01_useradd_split_group/data/shadow new file mode 100644 index 00000000..cb7911b3 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/data/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:@TODAY@:0:99999:7::: diff --git a/tests/split_groups/01_useradd_split_group/useradd.test b/tests/split_groups/01_useradd_split_group/useradd.test new file mode 100755 index 00000000..402aad96 --- /dev/null +++ b/tests/split_groups/01_useradd_split_group/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user to a group with a full line" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo3, in group foo (useradd -G foo foo3)..." +useradd -G foo foo3 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/02_useradd_no_split_group/config.txt b/tests/split_groups/02_useradd_no_split_group/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd b/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd new file mode 100644 index 00000000..64dec7d9 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=100 +# +# The default home directory. Same as DHOME for adduser +HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=-1 +# +# The default expire date +EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=no diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/group b/tests/split_groups/02_useradd_no_split_group/config/etc/group new file mode 100644 index 00000000..af7aa3b4 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo1:x:1000: +foo2:x:1001: diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow b/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow new file mode 100644 index 00000000..cfa80d56 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2 +foo1:*:: +foo2:*:: diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs b/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs new file mode 100644 index 00000000..46b28762 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 0 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/passwd b/tests/split_groups/02_useradd_no_split_group/config/etc/passwd new file mode 100644 index 00000000..708e6ef3 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/shadow b/tests/split_groups/02_useradd_no_split_group/config/etc/shadow new file mode 100644 index 00000000..f13ec565 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/split_groups/02_useradd_no_split_group/data/group b/tests/split_groups/02_useradd_no_split_group/data/group new file mode 100644 index 00000000..355db7e8 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/data/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2,foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/02_useradd_no_split_group/data/gshadow b/tests/split_groups/02_useradd_no_split_group/data/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/data/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/02_useradd_no_split_group/data/passwd b/tests/split_groups/02_useradd_no_split_group/data/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/data/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/02_useradd_no_split_group/data/shadow b/tests/split_groups/02_useradd_no_split_group/data/shadow new file mode 100644 index 00000000..cb7911b3 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/data/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:@TODAY@:0:99999:7::: diff --git a/tests/split_groups/02_useradd_no_split_group/useradd.test b/tests/split_groups/02_useradd_no_split_group/useradd.test new file mode 100755 index 00000000..402aad96 --- /dev/null +++ b/tests/split_groups/02_useradd_no_split_group/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user to a group with a full line" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo3, in group foo (useradd -G foo foo3)..." +useradd -G foo foo3 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/03_useradd_split_group_already_split/config.txt b/tests/split_groups/03_useradd_split_group_already_split/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd b/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd new file mode 100644 index 00000000..64dec7d9 --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=100 +# +# The default home directory. Same as DHOME for adduser +HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=-1 +# +# The default expire date +EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=no diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/group b/tests/split_groups/03_useradd_split_group_already_split/config/etc/group new file mode 100644 index 00000000..f7d6d122 --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/group @@ -0,0 +1,46 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow b/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs b/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs new file mode 100644 index 00000000..b3b37df0 --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 2 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd b/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow b/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow new file mode 100644 index 00000000..81582a0c --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/group b/tests/split_groups/03_useradd_split_group_already_split/data/group new file mode 100644 index 00000000..3c1c18b9 --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/data/group @@ -0,0 +1,47 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3,foo4 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: +foo4:x:1003: diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/gshadow b/tests/split_groups/03_useradd_split_group_already_split/data/gshadow new file mode 100644 index 00000000..ca307abe --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/data/gshadow @@ -0,0 +1,46 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3,foo4 +foo1:*:: +foo2:*:: +foo3:!:: +foo4:!:: diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/passwd b/tests/split_groups/03_useradd_split_group_already_split/data/passwd new file mode 100644 index 00000000..f60db364 --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/data/passwd @@ -0,0 +1,23 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh +foo4:x:1003:1003::/home/foo4:/bin/sh diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/shadow b/tests/split_groups/03_useradd_split_group_already_split/data/shadow new file mode 100644 index 00000000..3ee0375f --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/data/shadow @@ -0,0 +1,23 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: +foo4:!:@TODAY@:0:99999:7::: diff --git a/tests/split_groups/03_useradd_split_group_already_split/useradd.test b/tests/split_groups/03_useradd_split_group_already_split/useradd.test new file mode 100755 index 00000000..5c8fbad8 --- /dev/null +++ b/tests/split_groups/03_useradd_split_group_already_split/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user to a group already split" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo4, in group foo (useradd -G foo foo4)..." +useradd -G foo foo4 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/04_useradd_split_group_already_full/config.txt b/tests/split_groups/04_useradd_split_group_already_full/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd b/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd new file mode 100644 index 00000000..64dec7d9 --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=100 +# +# The default home directory. Same as DHOME for adduser +HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=-1 +# +# The default expire date +EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=no diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/group b/tests/split_groups/04_useradd_split_group_already_full/config/etc/group new file mode 100644 index 00000000..355db7e8 --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2,foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow b/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs b/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs new file mode 100644 index 00000000..b3b37df0 --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 2 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd b/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow b/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow new file mode 100644 index 00000000..81582a0c --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/group b/tests/split_groups/04_useradd_split_group_already_full/data/group new file mode 100644 index 00000000..3c1c18b9 --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/data/group @@ -0,0 +1,47 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3,foo4 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: +foo4:x:1003: diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/gshadow b/tests/split_groups/04_useradd_split_group_already_full/data/gshadow new file mode 100644 index 00000000..ca307abe --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/data/gshadow @@ -0,0 +1,46 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3,foo4 +foo1:*:: +foo2:*:: +foo3:!:: +foo4:!:: diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/passwd b/tests/split_groups/04_useradd_split_group_already_full/data/passwd new file mode 100644 index 00000000..f60db364 --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/data/passwd @@ -0,0 +1,23 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh +foo4:x:1003:1003::/home/foo4:/bin/sh diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/shadow b/tests/split_groups/04_useradd_split_group_already_full/data/shadow new file mode 100644 index 00000000..3ee0375f --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/data/shadow @@ -0,0 +1,23 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: +foo4:!:@TODAY@:0:99999:7::: diff --git a/tests/split_groups/04_useradd_split_group_already_full/useradd.test b/tests/split_groups/04_useradd_split_group_already_full/useradd.test new file mode 100755 index 00000000..f4aab688 --- /dev/null +++ b/tests/split_groups/04_useradd_split_group_already_full/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user to a group with already more user than allowed" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo4, in group foo (useradd -G foo foo4)..." +useradd -G foo foo4 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group new file mode 100644 index 00000000..bdc82974 --- /dev/null +++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group @@ -0,0 +1,46 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:pass1:999:foo1,foo2 +foo:pass2:999:foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs new file mode 100644 index 00000000..b3b37df0 --- /dev/null +++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 2 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow new file mode 100644 index 00000000..81582a0c --- /dev/null +++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err new file mode 100644 index 00000000..050950f9 --- /dev/null +++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err @@ -0,0 +1,2 @@ +Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck. +useradd: failed to prepare the new /etc/group entry 'foo' diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test new file mode 100755 index 00000000..165e47d0 --- /dev/null +++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user to a group already split, with different group passwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo4, in group foo (useradd -G foo foo4)..." +useradd -G foo foo4 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group new file mode 100644 index 00000000..792c688e --- /dev/null +++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group @@ -0,0 +1,46 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:pass:998:foo1,foo2 +foo:pass:999:foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs new file mode 100644 index 00000000..b3b37df0 --- /dev/null +++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 2 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow new file mode 100644 index 00000000..81582a0c --- /dev/null +++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err new file mode 100644 index 00000000..050950f9 --- /dev/null +++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err @@ -0,0 +1,2 @@ +Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck. +useradd: failed to prepare the new /etc/group entry 'foo' diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test new file mode 100755 index 00000000..970d10cf --- /dev/null +++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user to a group already split, with different GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo4, in group foo (useradd -G foo foo4)..." +useradd -G foo foo4 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd new file mode 100644 index 00000000..64dec7d9 --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=100 +# +# The default home directory. Same as DHOME for adduser +HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=-1 +# +# The default expire date +EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=no diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group new file mode 100644 index 00000000..c4ea1f03 --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group @@ -0,0 +1,46 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3,foo1 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs new file mode 100644 index 00000000..b3b37df0 --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 2 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow new file mode 100644 index 00000000..81582a0c --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group new file mode 100644 index 00000000..3c1c18b9 --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group @@ -0,0 +1,47 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3,foo4 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: +foo4:x:1003: diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow new file mode 100644 index 00000000..ca307abe --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow @@ -0,0 +1,46 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3,foo4 +foo1:*:: +foo2:*:: +foo3:!:: +foo4:!:: diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd new file mode 100644 index 00000000..f60db364 --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd @@ -0,0 +1,23 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh +foo4:x:1003:1003::/home/foo4:/bin/sh diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow new file mode 100644 index 00000000..3ee0375f --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow @@ -0,0 +1,23 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: +foo4:!:@TODAY@:0:99999:7::: diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test new file mode 100755 index 00000000..5c8fbad8 --- /dev/null +++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user to a group already split" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo4, in group foo (useradd -G foo foo4)..." +useradd -G foo foo4 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config.txt b/tests/split_groups/08_useradd_no_split_group_already_split/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/08_useradd_no_split_group_already_split/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group new file mode 100644 index 00000000..f7d6d122 --- /dev/null +++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group @@ -0,0 +1,46 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs new file mode 100644 index 00000000..46b28762 --- /dev/null +++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 0 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow new file mode 100644 index 00000000..81582a0c --- /dev/null +++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err b/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err new file mode 100644 index 00000000..050950f9 --- /dev/null +++ b/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err @@ -0,0 +1,2 @@ +Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck. +useradd: failed to prepare the new /etc/group entry 'foo' diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test b/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test new file mode 100755 index 00000000..055dec9f --- /dev/null +++ b/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user to a group already split, with MAX_MEMBERS_PER_GROUP set to 0" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo4, in group foo (useradd -G foo foo4)..." +useradd -G foo foo4 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config.txt b/tests/split_groups/09_groupdel_split_group_already_split/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group new file mode 100644 index 00000000..f7d6d122 --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group @@ -0,0 +1,46 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs new file mode 100644 index 00000000..b3b37df0 --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 2 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow new file mode 100644 index 00000000..81582a0c --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: diff --git a/tests/split_groups/09_groupdel_split_group_already_split/data/group b/tests/split_groups/09_groupdel_split_group_already_split/data/group new file mode 100644 index 00000000..7053f0e6 --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow b/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow new file mode 100644 index 00000000..f2ee7ec0 --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test b/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test new file mode 100755 index 00000000..0789a2ec --- /dev/null +++ b/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Delete a split group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt b/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group new file mode 100644 index 00000000..f7d6d122 --- /dev/null +++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group @@ -0,0 +1,46 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999:foo1,foo2 +foo:x:999:foo3 +foo1:x:1000: +foo2:x:1001: +foo3:x:1002: diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow new file mode 100644 index 00000000..39460afe --- /dev/null +++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo1,foo2,foo3 +foo1:*:: +foo2:*:: +foo3:!:: diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs new file mode 100644 index 00000000..46b28762 --- /dev/null +++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs @@ -0,0 +1,317 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +MAX_MEMBERS_PER_GROUP 0 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd new file mode 100644 index 00000000..6a6f62f3 --- /dev/null +++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo1:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false +foo3:x:1002:1002::/home/foo3:/bin/sh diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow new file mode 100644 index 00000000..81582a0c --- /dev/null +++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo1:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +foo3:!:13946:0:99999:7::: diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err b/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err new file mode 100644 index 00000000..7bd0741e --- /dev/null +++ b/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err @@ -0,0 +1,2 @@ +Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck. +groupdel: cannot remove entry 'foo' from /etc/group diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test b/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test new file mode 100755 index 00000000..b1086b60 --- /dev/null +++ b/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Delete a split group, with MAX_MEMBERS_PER_GROUP set to 0" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete group foo (groupdel foo)..." +groupdel foo 2>tmp/groupdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "groupdel reported:" +echo "=======================================================================" +cat tmp/groupdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/groupdel.err tmp/groupdel.err +echo "error message OK." +rm -f tmp/groupdel.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/01/config.txt b/tests/su/01/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/01/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/01/config/etc/group b/tests/su/01/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/01/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/01/config/etc/gshadow b/tests/su/01/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/01/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/01/config/etc/passwd b/tests/su/01/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/01/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/01/config/etc/shadow b/tests/su/01/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/01/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/01/run_su.exp b/tests/su/01/run_su.exp new file mode 100755 index 00000000..2610363c --- /dev/null +++ b/tests/su/01/run_su.exp @@ -0,0 +1,73 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: run_su.exp <user> <password> <prompt>" + exit 1 +} + +set user [lindex $argv 0] +set password [lindex $argv 1] +set prompt [lindex $argv 2] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the passwordless 'testsuite' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su testsuite + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'testsuite'" +send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "uid=424243(testsuite) gid=424243 groups=424243" +} + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now switch to user '$user'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "su $user\r" ;# Switch to the user +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (su is not ready to receive the password) +sleep 0.1 + +send "$password\r" ;# Send the password + +send_user "\n# password '$password' sent\n\n" +send_user "# expect prompt '$prompt'" + +expect { + # Wait for the new prompt + "$prompt" { + send_user "\n\n# make sure we are '$user'\n" + send_user "# id should return '($user).*($user).*($user)" + send "\r" ;# restore the prompt for the logs + send "id\r" ;# Verify the id + + expect { + -re "\\($user\\).*\\($user\\).*\\($user\\)" { + expect "$prompt" + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } + } + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/su/01/su_root.test b/tests/su/01/su_root.test new file mode 100755 index 00000000..1bc22686 --- /dev/null +++ b/tests/su/01/su_root.test @@ -0,0 +1,25 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to root" + + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su.exp root rootF00barbaz '# ' + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/01/su_user.test b/tests/su/01/su_user.test new file mode 100755 index 00000000..7fd1f578 --- /dev/null +++ b/tests/su/01/su_user.test @@ -0,0 +1,25 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su.exp myuser myuserF00barbaz '$ ' + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/02/config.txt b/tests/su/02/config.txt new file mode 100644 index 00000000..70dfcd2f --- /dev/null +++ b/tests/su/02/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +# /etc/profile is empty to avoid interferences. diff --git a/tests/su/02/config/etc/group b/tests/su/02/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/02/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/02/config/etc/gshadow b/tests/su/02/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/02/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/02/config/etc/passwd b/tests/su/02/config/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/su/02/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/02/config/etc/profile b/tests/su/02/config/etc/profile new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/02/config/etc/shadow b/tests/su/02/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/02/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/02/env_FOO-options_ b/tests/su/02/env_FOO-options_ new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_ @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_- b/tests/su/02/env_FOO-options_- new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_- @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_--login b/tests/su/02/env_FOO-options_--login new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_--login @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_--login.exp b/tests/su/02/env_FOO-options_--login.exp new file mode 100755 index 00000000..8cd7679b --- /dev/null +++ b/tests/su/02/env_FOO-options_--login.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# su --login, make a login shell +# +#============================================================================= +send "/bin/su --login $command myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be empty" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options_--login_bash b/tests/su/02/env_FOO-options_--login_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_--login_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_--preserve-environment b/tests/su/02/env_FOO-options_--preserve-environment new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_--preserve-environment @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_--preserve-environment.exp b/tests/su/02/env_FOO-options_--preserve-environment.exp new file mode 100755 index 00000000..88932bb2 --- /dev/null +++ b/tests/su/02/env_FOO-options_--preserve-environment.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# su --preserve-environment, as for regular su, environment is preserved +# +#============================================================================= +send "/bin/su $command -m myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be 'bar'" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"bar\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options_--preserve-environment_bash b/tests/su/02/env_FOO-options_--preserve-environment_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_--preserve-environment_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-.exp b/tests/su/02/env_FOO-options_-.exp new file mode 100755 index 00000000..6ba3e005 --- /dev/null +++ b/tests/su/02/env_FOO-options_-.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# su -, make a login shell +# +#============================================================================= +send "/bin/su - $command myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be empty" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options_-_bash b/tests/su/02/env_FOO-options_-_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-l b/tests/su/02/env_FOO-options_-l new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-l @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-l-m b/tests/su/02/env_FOO-options_-l-m new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-l-m @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-l-m.exp b/tests/su/02/env_FOO-options_-l-m.exp new file mode 100755 index 00000000..8b187a6b --- /dev/null +++ b/tests/su/02/env_FOO-options_-l-m.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# su -l -m, make a login shell, but preserve environment +# +#============================================================================= +send "/bin/su -l -m $command myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be 'bar'" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"bar\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options_-l-m_bash b/tests/su/02/env_FOO-options_-l-m_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-l-m_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-l.exp b/tests/su/02/env_FOO-options_-l.exp new file mode 100755 index 00000000..a23f8c4d --- /dev/null +++ b/tests/su/02/env_FOO-options_-l.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# su -l, make a login shell +# +#============================================================================= +send "/bin/su - $command myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be empty" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options_-l_bash b/tests/su/02/env_FOO-options_-l_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-l_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-m b/tests/su/02/env_FOO-options_-m new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-m @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-m.exp b/tests/su/02/env_FOO-options_-m.exp new file mode 100755 index 00000000..061aacb3 --- /dev/null +++ b/tests/su/02/env_FOO-options_-m.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# su -m, as for regular su, environment is preserved +# +#============================================================================= +send "/bin/su $command -m myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be 'bar'" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"bar\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options_-m_bash b/tests/su/02/env_FOO-options_-m_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-m_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-p b/tests/su/02/env_FOO-options_-p new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-p @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-p- b/tests/su/02/env_FOO-options_-p- new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-p- @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-p-.exp b/tests/su/02/env_FOO-options_-p-.exp new file mode 100755 index 00000000..fc848966 --- /dev/null +++ b/tests/su/02/env_FOO-options_-p-.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# su -p -, make a login shell, but preserve environment +# +#============================================================================= +send "/bin/su -p $command - myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be 'bar'" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"bar\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options_-p-_bash b/tests/su/02/env_FOO-options_-p-_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-p-_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_-p.exp b/tests/su/02/env_FOO-options_-p.exp new file mode 100755 index 00000000..061aacb3 --- /dev/null +++ b/tests/su/02/env_FOO-options_-p.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# su -m, as for regular su, environment is preserved +# +#============================================================================= +send "/bin/su $command -m myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be 'bar'" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"bar\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options_-p_bash b/tests/su/02/env_FOO-options_-p_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options_-p_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_FOO-options_.exp b/tests/su/02/env_FOO-options_.exp new file mode 100755 index 00000000..ff87b2eb --- /dev/null +++ b/tests/su/02/env_FOO-options_.exp @@ -0,0 +1,48 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export FOO=bar\r" +expect "# " + +#============================================================================= +# +# Regular su, preserve environment +# +#============================================================================= +send "/bin/su myuser $command\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# FOO should be 'bar'" +send "\r" +expect "$ " + +send "echo \"FOO=\\\"\$FOO\\\"\"\r" +expect "FOO=\"bar\"\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_FOO-options__bash b/tests/su/02/env_FOO-options__bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_FOO-options__bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special-options_ b/tests/su/02/env_special-options_ new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special-options_ @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special-options_-l b/tests/su/02/env_special-options_-l new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special-options_-l @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special-options_-l-p b/tests/su/02/env_special-options_-l-p new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special-options_-l-p @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special-options_-l-p.exp b/tests/su/02/env_special-options_-l-p.exp new file mode 100755 index 00000000..15c10b62 --- /dev/null +++ b/tests/su/02/env_special-options_-l-p.exp @@ -0,0 +1,55 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "# " + +#============================================================================= +# +# su -m -l, make a login shell, but preserve environment +# However, PATH is not preserved, but set to what it would be with login +# +#============================================================================= +send "/bin/su -p $command -l myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# Even with -p, PATH is reset" +send "\r" +expect "$ " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r" +expect "$ " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/root'root'root'/bin/bash'\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_special-options_-l-p_bash b/tests/su/02/env_special-options_-l-p_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special-options_-l-p_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special-options_-l.exp b/tests/su/02/env_special-options_-l.exp new file mode 100755 index 00000000..75df5dcc --- /dev/null +++ b/tests/su/02/env_special-options_-l.exp @@ -0,0 +1,54 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "# " + +#============================================================================= +# +# su -l, make a login shell +# +#============================================================================= +send "/bin/su - $command myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# PATH should be '/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games'" +send "\r" +expect "$ " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r" +expect "$ " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/home/'myuser'myuser'/bin/sh'\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_special-options_-l_bash b/tests/su/02/env_special-options_-l_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special-options_-l_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special-options_-p b/tests/su/02/env_special-options_-p new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special-options_-p @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special-options_-p.exp b/tests/su/02/env_special-options_-p.exp new file mode 100755 index 00000000..3a7143c6 --- /dev/null +++ b/tests/su/02/env_special-options_-p.exp @@ -0,0 +1,56 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect -re "PATH=\"(.*)\"\r" {set PATH $expect_out(1,string)} +send_user "PATH='$PATH'" +expect "# " + +#============================================================================= +# +# su -m, as for regular su, environment is preserved +# +#============================================================================= +send "/bin/su $command -m myuser\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# Even with -p, PATH is reset" +send "\r" +expect "$ " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r" +expect "$ " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/root'root'root'/bin/bash'\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_special-options_-p_bash b/tests/su/02/env_special-options_-p_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special-options_-p_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special-options_.exp b/tests/su/02/env_special-options_.exp new file mode 100755 index 00000000..63d70e16 --- /dev/null +++ b/tests/su/02/env_special-options_.exp @@ -0,0 +1,55 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "# " + +#============================================================================= +# +# Regular su, preserve environment +# However, PATH is reset +# +#============================================================================= +send "/bin/su myuser $command\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# PATH should be '/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games'" +send "\r" +expect "$ " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r" +expect "$ " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/home/'myuser'myuser'/bin/sh'\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_special-options__bash b/tests/su/02/env_special-options__bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special-options__bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special_root-options_ b/tests/su/02/env_special_root-options_ new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special_root-options_ @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special_root-options_-l b/tests/su/02/env_special_root-options_-l new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special_root-options_-l @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special_root-options_-l-p b/tests/su/02/env_special_root-options_-l-p new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special_root-options_-l-p @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special_root-options_-l-p.exp b/tests/su/02/env_special_root-options_-l-p.exp new file mode 100755 index 00000000..8ddae3d4 --- /dev/null +++ b/tests/su/02/env_special_root-options_-l-p.exp @@ -0,0 +1,57 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "# " + +#============================================================================= +# +# su -l -p root, make a login shell, but preserve environment +# However, PATH is not preserved, but set to what it would be with login +# for root +# +#============================================================================= +send "/bin/su -p $command - root\r" +expect "# " + +send "id\n" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send_user "\n# Even with -p, PATH is reset" +send "\r" +expect "# " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r" +expect "# " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/root'root'root'/bin/bash'\r" +expect "# " + +send "exit\r" +expect "# " + + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_special_root-options_-l-p_bash b/tests/su/02/env_special_root-options_-l-p_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special_root-options_-l-p_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special_root-options_-l.exp b/tests/su/02/env_special_root-options_-l.exp new file mode 100755 index 00000000..6a58849c --- /dev/null +++ b/tests/su/02/env_special_root-options_-l.exp @@ -0,0 +1,54 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "# " + +#============================================================================= +# +# su -l root, make a login shell +# +#============================================================================= +send "/bin/su $command -l root\r" +expect "# " + +send "id\n" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send_user "\n# PATH should be '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'" +send "\r" +expect "# " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r" +expect "# " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/root'root'root'/bin/bash'\r" +expect "# " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_special_root-options_-l_bash b/tests/su/02/env_special_root-options_-l_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special_root-options_-l_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special_root-options_-p b/tests/su/02/env_special_root-options_-p new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special_root-options_-p @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special_root-options_-p.exp b/tests/su/02/env_special_root-options_-p.exp new file mode 100755 index 00000000..453c02cd --- /dev/null +++ b/tests/su/02/env_special_root-options_-p.exp @@ -0,0 +1,56 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect -re "PATH=\"(.*)\"\r" {set PATH $expect_out(1,string)} +send_user "PATH='$PATH'" +expect "# " + +#============================================================================= +# +# su -p root, as for regular su, environment is preserved +# +#============================================================================= +send "/bin/su $command -m\r" +expect "# " + +send "id\n" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send_user "\n# Even with -p, PATH is reset" +send "\r" +expect "# " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r" +expect "# " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/root'root'root'/bin/bash'\r" +expect "# " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_special_root-options_-p_bash b/tests/su/02/env_special_root-options_-p_bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special_root-options_-p_bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/env_special_root-options_.exp b/tests/su/02/env_special_root-options_.exp new file mode 100755 index 00000000..0b86452b --- /dev/null +++ b/tests/su/02/env_special_root-options_.exp @@ -0,0 +1,55 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "# " + +#============================================================================= +# +# Regular su to root, preserve environment +# However, PATH is reset +# +#============================================================================= +send "/bin/su $command\r" +expect "# " + +send "id\n" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send_user "\n# PATH should be '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'" +send "\r" +expect "# " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r" +expect "# " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/root'root'root'/bin/bash'\r" +expect "# " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/02/env_special_root-options__bash b/tests/su/02/env_special_root-options__bash new file mode 120000 index 00000000..11a6d1a5 --- /dev/null +++ b/tests/su/02/env_special_root-options__bash @@ -0,0 +1 @@ +run_env_test.sh \ No newline at end of file diff --git a/tests/su/02/run_env_test.sh b/tests/su/02/run_env_test.sh new file mode 100755 index 00000000..525d6193 --- /dev/null +++ b/tests/su/02/run_env_test.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +testname=$(basename $0) + +. ../../common/config.sh +. ../../common/log.sh + +command="" + +case "$testname" in + *_bash) + log_start "$0" "propagation of environment variable FOO in command bash: $testname" + testname=$(echo "$testname" | sed -s 's/_bash$//') + command="-c bash" + echo testname: $testname + ;; + *) + log_start "$0" "propagation of environment variable FOO: $test" + ;; +esac + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +"./$testname.exp" "$command" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/config/etc/group b/tests/su/03/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/03/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/03/config/etc/gshadow b/tests/su/03/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/03/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/03/config/etc/passwd b/tests/su/03/config/etc/passwd new file mode 100644 index 00000000..eabf5091 --- /dev/null +++ b/tests/su/03/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/: +testsuite::424242:424242::/home/: diff --git a/tests/su/03/config/etc/shadow b/tests/su/03/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/03/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/03/data/ls.out b/tests/su/03/data/ls.out new file mode 100644 index 00000000..ee19d5d1 --- /dev/null +++ b/tests/su/03/data/ls.out @@ -0,0 +1 @@ +etc diff --git a/tests/su/03/su_run_command01.test b/tests/su/03/su_run_command01.test new file mode 100755 index 00000000..776d43f7 --- /dev/null +++ b/tests/su/03/su_run_command01.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands: su myuser -c 'ls config'" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su myuser -c 'ls config'> tmp/out 2> tmp/err" +/bin/su myuser -c 'ls config'> tmp/out 2> tmp/err + +echo "su reported:" +echo "=== stdout ===" +cat tmp/out +echo "=== stderr ===" +cat tmp/err +echo "==============" + +echo -n "Checking tmp/out..." +diff -au data/ls.out tmp/out +rm -f tmp/out +echo "OK" + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command02.test b/tests/su/03/su_run_command02.test new file mode 100755 index 00000000..ff0c4345 --- /dev/null +++ b/tests/su/03/su_run_command02.test @@ -0,0 +1,36 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands: su -- myuser -c 'ls config'" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -- myuser -c 'ls config'> tmp/out 2> tmp/err" +/bin/su -- myuser -c 'ls config'> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +diff -au data/ls.out tmp/out +rm -f tmp/out +echo "OK" + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command03.test b/tests/su/03/su_run_command03.test new file mode 100755 index 00000000..2abde6a1 --- /dev/null +++ b/tests/su/03/su_run_command03.test @@ -0,0 +1,36 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands: su myuser -- -c 'ls config'" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su myuser -- -c 'ls config'> tmp/out 2> tmp/err" +/bin/su myuser -- -c 'ls config'> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +diff -au data/ls.out tmp/out +rm -f tmp/out +echo "OK" + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command04.test b/tests/su/03/su_run_command04.test new file mode 100755 index 00000000..c2a09c2d --- /dev/null +++ b/tests/su/03/su_run_command04.test @@ -0,0 +1,36 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands: su -c 'ls config' myuser" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -c 'ls config' myuser> tmp/out 2> tmp/err" +/bin/su -c 'ls config' myuser> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +diff -au data/ls.out tmp/out +rm -f tmp/out +echo "OK" + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command05.test b/tests/su/03/su_run_command05.test new file mode 100755 index 00000000..f7d278b6 --- /dev/null +++ b/tests/su/03/su_run_command05.test @@ -0,0 +1,36 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands: su -c 'ls config' -- myuser" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -c 'ls config' -- myuser> tmp/out 2> tmp/err" +/bin/su -c 'ls config' -- myuser> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +diff -au data/ls.out tmp/out +rm -f tmp/out +echo "OK" + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command06.test b/tests/su/03/su_run_command06.test new file mode 100755 index 00000000..146af834 --- /dev/null +++ b/tests/su/03/su_run_command06.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su myuser -c pwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su myuser -c pwd> tmp/out 2> tmp/err" +/bin/su myuser -c pwd> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + */su/03) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '.../su/03'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command07.test b/tests/su/03/su_run_command07.test new file mode 100755 index 00000000..9f08c2a0 --- /dev/null +++ b/tests/su/03/su_run_command07.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su - myuser -c pwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su - myuser -c pwd> tmp/out 2> tmp/err" +/bin/su - myuser -c pwd> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + /home) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '/home'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command08.test b/tests/su/03/su_run_command08.test new file mode 100755 index 00000000..51b8bab4 --- /dev/null +++ b/tests/su/03/su_run_command08.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su - -- myuser -c pwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su - -- myuser -c pwd> tmp/out 2> tmp/err" +/bin/su - -- myuser -c pwd> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + /home) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '/home'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command09.test b/tests/su/03/su_run_command09.test new file mode 100755 index 00000000..d24df2ca --- /dev/null +++ b/tests/su/03/su_run_command09.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su - myuser -- -c pwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su - myuser -- -c pwd> tmp/out 2> tmp/err" +/bin/su - myuser -- -c pwd> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + /home) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '/home'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command10.test b/tests/su/03/su_run_command10.test new file mode 100755 index 00000000..c74f79fc --- /dev/null +++ b/tests/su/03/su_run_command10.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su -l myuser -c pwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -l myuser -c pwd> tmp/out 2> tmp/err" +/bin/su -l myuser -c pwd> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + /home) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '/home'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command11.test b/tests/su/03/su_run_command11.test new file mode 100755 index 00000000..8a6311bd --- /dev/null +++ b/tests/su/03/su_run_command11.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su --login -- myuser -c pwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su --login -- myuser -c pwd> tmp/out 2> tmp/err" +/bin/su --login -- myuser -c pwd> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + /home) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '/home'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command12.test b/tests/su/03/su_run_command12.test new file mode 100755 index 00000000..6ac4f20e --- /dev/null +++ b/tests/su/03/su_run_command12.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su -l myuser -- -c pwd" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -l myuser -- -c pwd> tmp/out 2> tmp/err" +/bin/su -l myuser -- -c pwd> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + /home) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '/home'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command13.test b/tests/su/03/su_run_command13.test new file mode 100755 index 00000000..c52dd933 --- /dev/null +++ b/tests/su/03/su_run_command13.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su -p -c pwd -- - myuser" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -p -c pwd -- - myuser> tmp/out 2> tmp/err" +/bin/su -p -c pwd -- - myuser> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + */su/03) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '.../su/03'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || { + echo "FAIL" + echo "tmp/err is not empty:" + cat tmp/err + false +} +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command14.test b/tests/su/03/su_run_command14.test new file mode 100755 index 00000000..82f29271 --- /dev/null +++ b/tests/su/03/su_run_command14.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su -p -c pwd - myuser" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -p -c pwd - myuser> tmp/out 2> tmp/err" +/bin/su -p -c pwd - myuser> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + */su/03) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '.../su/03'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command15.test b/tests/su/03/su_run_command15.test new file mode 100755 index 00000000..7e34e48f --- /dev/null +++ b/tests/su/03/su_run_command15.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su -c pwd -p - myuser" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -c pwd -p - myuser> tmp/out 2> tmp/err" +/bin/su -c pwd -p - myuser> tmp/out 2> tmp/err + +echo "su reported:" +echo "=== stdout ===" +cat tmp/out +echo "=== stderr ===" +cat tmp/err +echo "==============" + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + */su/03) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '.../su/03'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command16.test b/tests/su/03/su_run_command16.test new file mode 100755 index 00000000..4fbe1afa --- /dev/null +++ b/tests/su/03/su_run_command16.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su -c pwd - -p myuser" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -c pwd - -p myuser> tmp/out 2> tmp/err" +/bin/su -c pwd - -p myuser> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + */su/03) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '.../su/03'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/03/su_run_command17.test b/tests/su/03/su_run_command17.test new file mode 100755 index 00000000..c1f15c5e --- /dev/null +++ b/tests/su/03/su_run_command17.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "Running commands (check working directory): su -c pwd - myuser -p" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su -c pwd - myuser -p> tmp/out 2> tmp/err" +/bin/su -c pwd - myuser -p> tmp/out 2> tmp/err + +echo -n "Checking tmp/out..." +case "$(cat tmp/out)" in + */su/03) + echo "OK" + ;; + *) + echo "FAIL" + echo "working directory: '$(cat tmp/out)' instead of '.../su/03'" + rm -f tmp/out + false + ;; +esac +rm -f tmp/out + +echo -n "Checking tmp/err..." +[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/04/config.txt b/tests/su/04/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/04/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/04/config/etc/group b/tests/su/04/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/04/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/04/config/etc/gshadow b/tests/su/04/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/04/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/04/config/etc/login.defs b/tests/su/04/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/su/04/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/04/config/etc/passwd b/tests/su/04/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/04/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/04/config/etc/shadow b/tests/su/04/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/04/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/04/config/var/log/auth.log b/tests/su/04/config/var/log/auth.log new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/04/data/wrong_user.err b/tests/su/04/data/wrong_user.err new file mode 100644 index 00000000..774438e9 --- /dev/null +++ b/tests/su/04/data/wrong_user.err @@ -0,0 +1 @@ +No passwd entry for user 'myuser2' diff --git a/tests/su/04/run_su_failed.exp b/tests/su/04/run_su_failed.exp new file mode 100755 index 00000000..3ef2443b --- /dev/null +++ b/tests/su/04/run_su_failed.exp @@ -0,0 +1,58 @@ +#!/usr/bin/expect + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: run_su.exp <user> <password> <prompt>" + exit 1 +} + +set user [lindex $argv 0] +set password [lindex $argv 1] +set prompt [lindex $argv 2] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the passwordless 'testsuite' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su testsuite + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'testsuite'" +send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424243(testsuite) gid=424243 groups=424243\r" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now switch to user '$user'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "su $user\r" ;# Switch to the user +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (su is not ready to receive the password) +sleep 0.1 + +send "$password\r" ;# Send the password + +send_user "\n# password '$password' sent\n\n" +send_user "# expect failure" + +expect "su: Authentication failure\r" +expect "$ " ;# Wait for the prompt + +send_user "\n\n# make sure we are still 'testsuite'" +send "\r" ;# restore the prompt for the logs +expect "$ " ;# Wait for the prompt +send "id\r" ;# Verify we are really testsuite + +expect "uid=424243(testsuite) gid=424243 groups=424243\r" +expect "$ " ;# Wait for the prompt +send "exit\r" +puts "\nPASS" +exit 0 diff --git a/tests/su/04/su_user_wrong_passwd.test b/tests/su/04/su_user_wrong_passwd.test new file mode 100755 index 00000000..757f0f10 --- /dev/null +++ b/tests/su/04/su_user_wrong_passwd.test @@ -0,0 +1,24 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ ' + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/04/su_user_wrong_passwd_syslog.test b/tests/su/04/su_user_wrong_passwd_syslog.test new file mode 100755 index 00000000..6c6a55d4 --- /dev/null +++ b/tests/su/04/su_user_wrong_passwd_syslog.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ ' + +echo + +echo -n "Syncing disks..." +sync +echo "OK" +echo "auth.log contains:" +echo "=======================================================================" +cat /var/log/auth.log +echo "=======================================================================" +echo -n "Looking for 'FAILED su for myuser by testsuite' in /var/log/auth.log..." +grep -q "FAILED su for myuser by testsuite" /var/log/auth.log +echo "OK" +echo -n "Looking for '- pts/[0-9]+ testsuite:myuser' in /var/log/auth.log..." +grep -q -E "\- /dev/pts/[0-9]+ testsuite:myuser" /var/log/auth.log +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/04/su_wrong_user.test b/tests/su/04/su_wrong_user.test new file mode 100755 index 00000000..96b4dc3a --- /dev/null +++ b/tests/su/04/su_wrong_user.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + + +log_start "$0" "su with a wrong user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo "/bin/su myuser2 -c pwd> tmp/out 2> tmp/err" +/bin/su myuser2 -c pwd> tmp/out 2> tmp/err || { + status=$? +} + +echo -n "Checking status=1..." +test "$status" = "1" +echo OK + +echo -n "Checking tmp/out..." +[ "$(wc -c tmp/out)" = "0 tmp/out" ] || { + echo "FAIL" + echo "tmp/out is not empty:" + cat tmp/out + false +} +rm -f tmp/out +echo "OK" + +echo -n "Checking tmp/err..." +diff -au data/wrong_user.err tmp/err +rm -f tmp/err +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/05/config.txt b/tests/su/05/config.txt new file mode 100644 index 00000000..e70e04ed --- /dev/null +++ b/tests/su/05/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz +# +# Same config as 04, with SYSLOG_SU_ENAB set to "no" diff --git a/tests/su/05/config/etc/group b/tests/su/05/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/05/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/05/config/etc/gshadow b/tests/su/05/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/05/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/05/config/etc/login.defs b/tests/su/05/config/etc/login.defs new file mode 100644 index 00000000..9194c83c --- /dev/null +++ b/tests/su/05/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB no +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/05/config/etc/passwd b/tests/su/05/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/05/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/05/config/etc/shadow b/tests/su/05/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/05/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/05/config/var/log/auth.log b/tests/su/05/config/var/log/auth.log new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/05/run_su_failed.exp b/tests/su/05/run_su_failed.exp new file mode 100755 index 00000000..3ef2443b --- /dev/null +++ b/tests/su/05/run_su_failed.exp @@ -0,0 +1,58 @@ +#!/usr/bin/expect + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: run_su.exp <user> <password> <prompt>" + exit 1 +} + +set user [lindex $argv 0] +set password [lindex $argv 1] +set prompt [lindex $argv 2] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the passwordless 'testsuite' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su testsuite + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'testsuite'" +send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect "uid=424243(testsuite) gid=424243 groups=424243\r" + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now switch to user '$user'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "su $user\r" ;# Switch to the user +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (su is not ready to receive the password) +sleep 0.1 + +send "$password\r" ;# Send the password + +send_user "\n# password '$password' sent\n\n" +send_user "# expect failure" + +expect "su: Authentication failure\r" +expect "$ " ;# Wait for the prompt + +send_user "\n\n# make sure we are still 'testsuite'" +send "\r" ;# restore the prompt for the logs +expect "$ " ;# Wait for the prompt +send "id\r" ;# Verify we are really testsuite + +expect "uid=424243(testsuite) gid=424243 groups=424243\r" +expect "$ " ;# Wait for the prompt +send "exit\r" +puts "\nPASS" +exit 0 diff --git a/tests/su/05/su_user_wrong_passwd_syslog.test b/tests/su/05/su_user_wrong_passwd_syslog.test new file mode 100755 index 00000000..339e6ff9 --- /dev/null +++ b/tests/su/05/su_user_wrong_passwd_syslog.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ ' + +echo + +echo -n "Syncing disks..." +sync +echo "OK" +echo "auth.log contains:" +echo "=======================================================================" +cat /var/log/auth.log +echo "=======================================================================" +echo -n "Looking for 'FAILED su for myuser by testsuite' in /var/log/auth.log..." +grep -q "FAILED su for myuser by testsuite" /var/log/auth.log +echo "OK" +echo -n "'- pts/[0-9]+ testsuite:myuser' should not be logged in /var/log/auth.log..." +grep -v -q -E "\- pts/[0-9]+ testsuite:myuser" /var/log/auth.log +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/06/config.txt b/tests/su/06/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/06/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/06/config/etc/group b/tests/su/06/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/06/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/06/config/etc/gshadow b/tests/su/06/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/06/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/06/config/etc/login.defs b/tests/su/06/config/etc/login.defs new file mode 100644 index 00000000..84fb3cce --- /dev/null +++ b/tests/su/06/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/06/config/etc/passwd b/tests/su/06/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/06/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/06/config/etc/shadow b/tests/su/06/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/06/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/06/config/var/log/auth.log b/tests/su/06/config/var/log/auth.log new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/06/run_su.exp b/tests/su/06/run_su.exp new file mode 100755 index 00000000..2610363c --- /dev/null +++ b/tests/su/06/run_su.exp @@ -0,0 +1,73 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: run_su.exp <user> <password> <prompt>" + exit 1 +} + +set user [lindex $argv 0] +set password [lindex $argv 1] +set prompt [lindex $argv 2] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the passwordless 'testsuite' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su testsuite + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'testsuite'" +send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "uid=424243(testsuite) gid=424243 groups=424243" +} + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now switch to user '$user'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "su $user\r" ;# Switch to the user +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (su is not ready to receive the password) +sleep 0.1 + +send "$password\r" ;# Send the password + +send_user "\n# password '$password' sent\n\n" +send_user "# expect prompt '$prompt'" + +expect { + # Wait for the new prompt + "$prompt" { + send_user "\n\n# make sure we are '$user'\n" + send_user "# id should return '($user).*($user).*($user)" + send "\r" ;# restore the prompt for the logs + send "id\r" ;# Verify the id + + expect { + -re "\\($user\\).*\\($user\\).*\\($user\\)" { + expect "$prompt" + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } + } + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/su/06/su_user_syslog.test b/tests/su/06/su_user_syslog.test new file mode 100755 index 00000000..50ca92e4 --- /dev/null +++ b/tests/su/06/su_user_syslog.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su.exp myuser myuserF00barbaz '$ ' + +echo +echo -n "Syncing disks..." +sync +echo "OK" +echo "auth.log contains:" +echo "=======================================================================" +cat /var/log/auth.log +echo "=======================================================================" +echo -n "Looking for 'Successful su for myuser by testsuite' in /var/log/auth.log..." +grep -q "Successful su for myuser by testsuite" /var/log/auth.log +echo "OK" +echo -n "Looking for '+ pts/[0-9]+ tstsuite:myuser' in /var/log/auth.log..." +grep -q -E "\+ /dev/pts/[0-9]+ testsuite:myuser" /var/log/auth.log +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/07/config.txt b/tests/su/07/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/07/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/07/config/etc/group b/tests/su/07/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/07/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/07/config/etc/gshadow b/tests/su/07/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/07/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/07/config/etc/login.defs b/tests/su/07/config/etc/login.defs new file mode 100644 index 00000000..9194c83c --- /dev/null +++ b/tests/su/07/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB no +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/07/config/etc/passwd b/tests/su/07/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/07/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/07/config/etc/shadow b/tests/su/07/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/07/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/07/config/var/log/auth.log b/tests/su/07/config/var/log/auth.log new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/07/run_su.exp b/tests/su/07/run_su.exp new file mode 100755 index 00000000..2610363c --- /dev/null +++ b/tests/su/07/run_su.exp @@ -0,0 +1,73 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: run_su.exp <user> <password> <prompt>" + exit 1 +} + +set user [lindex $argv 0] +set password [lindex $argv 1] +set prompt [lindex $argv 2] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the passwordless 'testsuite' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su testsuite + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'testsuite'" +send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "uid=424243(testsuite) gid=424243 groups=424243" +} + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now switch to user '$user'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "su $user\r" ;# Switch to the user +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (su is not ready to receive the password) +sleep 0.1 + +send "$password\r" ;# Send the password + +send_user "\n# password '$password' sent\n\n" +send_user "# expect prompt '$prompt'" + +expect { + # Wait for the new prompt + "$prompt" { + send_user "\n\n# make sure we are '$user'\n" + send_user "# id should return '($user).*($user).*($user)" + send "\r" ;# restore the prompt for the logs + send "id\r" ;# Verify the id + + expect { + -re "\\($user\\).*\\($user\\).*\\($user\\)" { + expect "$prompt" + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } + } + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/su/07/su_user_syslog.test b/tests/su/07/su_user_syslog.test new file mode 100755 index 00000000..3c841218 --- /dev/null +++ b/tests/su/07/su_user_syslog.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su.exp myuser myuserF00barbaz '$ ' + +echo +echo -n "Syncing disks..." +sync +echo "OK" +echo "auth.log contains:" +echo "=======================================================================" +cat /var/log/auth.log +echo "=======================================================================" +echo -n "Looking for 'Successful su for myuser by testsuite' in /var/log/auth.log..." +grep -q "Successful su for myuser by testsuite" /var/log/auth.log +echo "OK" +echo -n "Looking for '+ pts/[0-9]+ tstsuite:myuser' in /var/log/auth.log..." +grep -v -q -E "\+ pts/[0-9]+ testsuite:myuser" /var/log/auth.log +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/08/config.txt b/tests/su/08/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/08/config/etc/group b/tests/su/08/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/08/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/08/config/etc/gshadow b/tests/su/08/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/08/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/08/config/etc/login.defs b/tests/su/08/config/etc/login.defs new file mode 100644 index 00000000..76d8ddb1 --- /dev/null +++ b/tests/su/08/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/08/config/etc/passwd b/tests/su/08/config/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/su/08/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/08/config/etc/shadow b/tests/su/08/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/08/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/08/env_special-options_ b/tests/su/08/env_special-options_ new file mode 120000 index 00000000..63719379 --- /dev/null +++ b/tests/su/08/env_special-options_ @@ -0,0 +1 @@ +../02/env_special-options_ \ No newline at end of file diff --git a/tests/su/08/env_special-options_.exp b/tests/su/08/env_special-options_.exp new file mode 120000 index 00000000..29a97c53 --- /dev/null +++ b/tests/su/08/env_special-options_.exp @@ -0,0 +1 @@ +../02/env_special-options_.exp \ No newline at end of file diff --git a/tests/su/08/env_special_root-options_ b/tests/su/08/env_special_root-options_ new file mode 120000 index 00000000..0494b21f --- /dev/null +++ b/tests/su/08/env_special_root-options_ @@ -0,0 +1 @@ +../02/env_special_root-options_ \ No newline at end of file diff --git a/tests/su/08/env_special_root-options_.exp b/tests/su/08/env_special_root-options_.exp new file mode 120000 index 00000000..c306c0a1 --- /dev/null +++ b/tests/su/08/env_special_root-options_.exp @@ -0,0 +1 @@ +../02/env_special_root-options_.exp \ No newline at end of file diff --git a/tests/su/09/config.txt b/tests/su/09/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/09/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/09/config/etc/group b/tests/su/09/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/09/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/09/config/etc/gshadow b/tests/su/09/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/09/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/09/config/etc/login.defs b/tests/su/09/config/etc/login.defs new file mode 100644 index 00000000..8605f437 --- /dev/null +++ b/tests/su/09/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +#ENV_SUPATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +#ENV_PATH /usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/09/config/etc/passwd b/tests/su/09/config/etc/passwd new file mode 100644 index 00000000..9bdeb8ce --- /dev/null +++ b/tests/su/09/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home/:/bin/sh +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/09/config/etc/shadow b/tests/su/09/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/09/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/09/env_special-options_ b/tests/su/09/env_special-options_ new file mode 120000 index 00000000..63719379 --- /dev/null +++ b/tests/su/09/env_special-options_ @@ -0,0 +1 @@ +../02/env_special-options_ \ No newline at end of file diff --git a/tests/su/09/env_special-options_.exp b/tests/su/09/env_special-options_.exp new file mode 100755 index 00000000..66f13fdf --- /dev/null +++ b/tests/su/09/env_special-options_.exp @@ -0,0 +1,55 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "# " + +#============================================================================= +# +# Regular su, preserve environment +# However, PATH is reset +# +#============================================================================= +send "/bin/su myuser $command\r" +expect "$ " + +send "id\n" +expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r" +expect "$ " + +send_user "\n# PATH should be '/bin:/usr/bin'" +send "\r" +expect "$ " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/bin:/usr/bin\"\r" +expect "$ " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/home/'myuser'myuser'/bin/sh'\r" +expect "$ " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/09/env_special_root-options_ b/tests/su/09/env_special_root-options_ new file mode 120000 index 00000000..0494b21f --- /dev/null +++ b/tests/su/09/env_special_root-options_ @@ -0,0 +1 @@ +../02/env_special_root-options_ \ No newline at end of file diff --git a/tests/su/09/env_special_root-options_.exp b/tests/su/09/env_special_root-options_.exp new file mode 100755 index 00000000..a9cc1d88 --- /dev/null +++ b/tests/su/09/env_special_root-options_.exp @@ -0,0 +1,55 @@ +#!/usr/bin/expect + +if {$argc == 1} { + set command [lindex $argv 0] +} else { + set command "" +} + + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "id\r" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send "export PATH=bar:\$PATH\r" +expect "# " +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "# " + +#============================================================================= +# +# Regular su to root, preserve environment +# However, PATH is reset +# +#============================================================================= +send "/bin/su $command\r" +expect "# " + +send "id\n" +expect "uid=0(root) gid=0(root) groups=0(root)\r" +expect "# " + +send_user "\n# PATH should be '/sbin:/bin:/usr/sbin:/usr/bin'" +send "\r" +expect "# " + +send "echo \"PATH=\\\"\$PATH\\\"\"\r" +expect "PATH=\"/sbin:/bin:/usr/sbin:/usr/bin\"\r" +expect "# " + +send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r" +expect "'/root'root'root'/bin/bash'\r" +expect "# " + +send "exit\r" +expect "# " + +puts "\nPASS" +exit 0 + diff --git a/tests/su/10_su_sulog_success/config.txt b/tests/su/10_su_sulog_success/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/10_su_sulog_success/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/10_su_sulog_success/config/etc/group b/tests/su/10_su_sulog_success/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/10_su_sulog_success/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/10_su_sulog_success/config/etc/gshadow b/tests/su/10_su_sulog_success/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/10_su_sulog_success/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/10_su_sulog_success/config/etc/login.defs b/tests/su/10_su_sulog_success/config/etc/login.defs new file mode 100644 index 00000000..01f6718c --- /dev/null +++ b/tests/su/10_su_sulog_success/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB no +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/10_su_sulog_success/config/etc/passwd b/tests/su/10_su_sulog_success/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/10_su_sulog_success/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/10_su_sulog_success/config/etc/shadow b/tests/su/10_su_sulog_success/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/10_su_sulog_success/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/10_su_sulog_success/config/var/log/sulog b/tests/su/10_su_sulog_success/config/var/log/sulog new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/10_su_sulog_success/data/sulog b/tests/su/10_su_sulog_success/data/sulog new file mode 100644 index 00000000..cba81e9b --- /dev/null +++ b/tests/su/10_su_sulog_success/data/sulog @@ -0,0 +1 @@ +2 /var/log/sulog diff --git a/tests/su/10_su_sulog_success/run_su.exp b/tests/su/10_su_sulog_success/run_su.exp new file mode 100755 index 00000000..2610363c --- /dev/null +++ b/tests/su/10_su_sulog_success/run_su.exp @@ -0,0 +1,73 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: run_su.exp <user> <password> <prompt>" + exit 1 +} + +set user [lindex $argv 0] +set password [lindex $argv 1] +set prompt [lindex $argv 2] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the passwordless 'testsuite' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su testsuite + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'testsuite'" +send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "uid=424243(testsuite) gid=424243 groups=424243" +} + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now switch to user '$user'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "su $user\r" ;# Switch to the user +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (su is not ready to receive the password) +sleep 0.1 + +send "$password\r" ;# Send the password + +send_user "\n# password '$password' sent\n\n" +send_user "# expect prompt '$prompt'" + +expect { + # Wait for the new prompt + "$prompt" { + send_user "\n\n# make sure we are '$user'\n" + send_user "# id should return '($user).*($user).*($user)" + send "\r" ;# restore the prompt for the logs + send "id\r" ;# Verify the id + + expect { + -re "\\($user\\).*\\($user\\).*\\($user\\)" { + expect "$prompt" + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } + } + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/su/10_su_sulog_success/su.test b/tests/su/10_su_sulog_success/su.test new file mode 100755 index 00000000..79beb185 --- /dev/null +++ b/tests/su/10_su_sulog_success/su.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su.exp myuser myuserF00barbaz '$ ' + +echo -n "Check /var/log/sulog..." +wc -l /var/log/sulog > tmp/sulog +d=$(date +"SU %m/%d %H:%M") +cat /var/log/sulog | \ + egrep -v "$d \+ /dev/pts/[0-9]* root-testsuite" | \ + egrep -v "$d \+ /dev/pts/[0-9]* testsuite-myuser" \ + >> tmp/sulog || true +diff -auN tmp/sulog data/sulog +echo "OK" +rm -f tmp/sulog + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/11_su_sulog_failure/config.txt b/tests/su/11_su_sulog_failure/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/11_su_sulog_failure/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/11_su_sulog_failure/config/etc/group b/tests/su/11_su_sulog_failure/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/11_su_sulog_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/11_su_sulog_failure/config/etc/gshadow b/tests/su/11_su_sulog_failure/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/11_su_sulog_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/11_su_sulog_failure/config/etc/login.defs b/tests/su/11_su_sulog_failure/config/etc/login.defs new file mode 100644 index 00000000..01f6718c --- /dev/null +++ b/tests/su/11_su_sulog_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB no +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/11_su_sulog_failure/config/etc/passwd b/tests/su/11_su_sulog_failure/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/11_su_sulog_failure/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/11_su_sulog_failure/config/etc/shadow b/tests/su/11_su_sulog_failure/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/11_su_sulog_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/11_su_sulog_failure/config/var/log/sulog b/tests/su/11_su_sulog_failure/config/var/log/sulog new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/11_su_sulog_failure/data/sulog b/tests/su/11_su_sulog_failure/data/sulog new file mode 100644 index 00000000..cba81e9b --- /dev/null +++ b/tests/su/11_su_sulog_failure/data/sulog @@ -0,0 +1 @@ +2 /var/log/sulog diff --git a/tests/su/11_su_sulog_failure/run_su.exp b/tests/su/11_su_sulog_failure/run_su.exp new file mode 100755 index 00000000..57bb98f5 --- /dev/null +++ b/tests/su/11_su_sulog_failure/run_su.exp @@ -0,0 +1,67 @@ +#!/usr/bin/expect + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: run_su.exp <user> <password> <prompt>" + exit 1 +} + +set user [lindex $argv 0] +set password [lindex $argv 1] +set prompt [lindex $argv 2] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the passwordless 'testsuite' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su testsuite + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'testsuite'" +send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "uid=424243(testsuite) gid=424243 groups=424243" +} + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now switch to user '$user'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "su $user\r" ;# Switch to the user +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (su is not ready to receive the password) +sleep 0.1 + +send "$password wrong\r" ;# Send the password + +send_user "\n# password '$password wrong' sent\n\n" +send_user "# expect prompt '$ '" + +expect { + # Wait for the new prompt + "$ " { + send_user "\n\n# make sure we are 'testsuite'\n" + send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" + send "\r" ;# restore the prompt for the logs + send "id\r" ;# Verify the id + expect "uid=424243(testsuite) gid=424243 groups=424243" + send "exit\r" + puts "\nPASS" + exit 0 + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/su/11_su_sulog_failure/su.test b/tests/su/11_su_sulog_failure/su.test new file mode 100755 index 00000000..9ca17696 --- /dev/null +++ b/tests/su/11_su_sulog_failure/su.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su.exp myuser myuserF00barbaz '$ ' + +echo -n "Check /var/log/sulog..." +wc -l /var/log/sulog > tmp/sulog +d1=$(date +"SU %m/%d %H:%M") +d2=$(date -d"1 minute ago" +"SU %m/%d %H:%M") +cat /var/log/sulog | \ + egrep -v "$d1 \+ /dev/pts/[0-9]* root-testsuite" | \ + egrep -v "$d2 \+ /dev/pts/[0-9]* root-testsuite" | \ + egrep -v "$d1 - /dev/pts/[0-9]* testsuite-myuser" | \ + egrep -v "$d2 - /dev/pts/[0-9]* testsuite-myuser" \ + >> tmp/sulog || true +diff -au data/sulog tmp/sulog +echo "OK" +rm -f tmp/sulog + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/12_su_child_failure/config.txt b/tests/su/12_su_child_failure/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/12_su_child_failure/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/12_su_child_failure/config/etc/group b/tests/su/12_su_child_failure/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/12_su_child_failure/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/12_su_child_failure/config/etc/gshadow b/tests/su/12_su_child_failure/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/12_su_child_failure/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/12_su_child_failure/config/etc/login.defs b/tests/su/12_su_child_failure/config/etc/login.defs new file mode 100644 index 00000000..01f6718c --- /dev/null +++ b/tests/su/12_su_child_failure/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB no +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/12_su_child_failure/config/etc/passwd b/tests/su/12_su_child_failure/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/12_su_child_failure/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/12_su_child_failure/config/etc/shadow b/tests/su/12_su_child_failure/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/12_su_child_failure/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/12_su_child_failure/config/var/log/sulog b/tests/su/12_su_child_failure/config/var/log/sulog new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/12_su_child_failure/su.test b/tests/su/12_su_child_failure/su.test new file mode 100755 index 00000000..948f113a --- /dev/null +++ b/tests/su/12_su_child_failure/su.test @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su return failures of its child" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Run su, execute false..." +su -l myuser -c false && exit || { + status=$? +} +echo "OK" + +echo -n "Check the return status..." +[ "$status" = "1" ] +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/13_su_child_success/config.txt b/tests/su/13_su_child_success/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/su/13_su_child_success/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/13_su_child_success/config/etc/group b/tests/su/13_su_child_success/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/su/13_su_child_success/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/13_su_child_success/config/etc/gshadow b/tests/su/13_su_child_success/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/su/13_su_child_success/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/13_su_child_success/config/etc/login.defs b/tests/su/13_su_child_success/config/etc/login.defs new file mode 100644 index 00000000..01f6718c --- /dev/null +++ b/tests/su/13_su_child_success/config/etc/login.defs @@ -0,0 +1,315 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB no +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/su/13_su_child_success/config/etc/passwd b/tests/su/13_su_child_success/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/su/13_su_child_success/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/13_su_child_success/config/etc/shadow b/tests/su/13_su_child_success/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/su/13_su_child_success/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/13_su_child_success/config/var/log/sulog b/tests/su/13_su_child_success/config/var/log/sulog new file mode 100644 index 00000000..e69de29b diff --git a/tests/su/13_su_child_success/su.test b/tests/su/13_su_child_success/su.test new file mode 100755 index 00000000..6ff932c0 --- /dev/null +++ b/tests/su/13_su_child_success/su.test @@ -0,0 +1,31 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su return failures of its child" + + +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Run su, execute false..." +su -l myuser -c true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/01_useradd_no_subids/config.txt b/tests/subids/01_useradd_no_subids/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/01_useradd_no_subids/config/etc/default/useradd b/tests/subids/01_useradd_no_subids/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/01_useradd_no_subids/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/01_useradd_no_subids/config/etc/group b/tests/subids/01_useradd_no_subids/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/01_useradd_no_subids/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/01_useradd_no_subids/config/etc/gshadow b/tests/subids/01_useradd_no_subids/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/01_useradd_no_subids/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/01_useradd_no_subids/config/etc/passwd b/tests/subids/01_useradd_no_subids/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/01_useradd_no_subids/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/01_useradd_no_subids/config/etc/shadow b/tests/subids/01_useradd_no_subids/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/01_useradd_no_subids/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/01_useradd_no_subids/config/etc/subgid b/tests/subids/01_useradd_no_subids/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/01_useradd_no_subids/config/etc/subuid b/tests/subids/01_useradd_no_subids/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/01_useradd_no_subids/data/group b/tests/subids/01_useradd_no_subids/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/01_useradd_no_subids/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/01_useradd_no_subids/data/gshadow b/tests/subids/01_useradd_no_subids/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/01_useradd_no_subids/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/01_useradd_no_subids/data/passwd b/tests/subids/01_useradd_no_subids/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/01_useradd_no_subids/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/01_useradd_no_subids/data/shadow b/tests/subids/01_useradd_no_subids/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/01_useradd_no_subids/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/01_useradd_no_subids/useradd.test b/tests/subids/01_useradd_no_subids/useradd.test new file mode 100755 index 00000000..768d0aa6 --- /dev/null +++ b/tests/subids/01_useradd_no_subids/useradd.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd does not create /etc/sub[ug]id" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove /etc/subgid /etc/subuid..." +rm -f /etc/subgid /etc/subuid +echo "OK" + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check that /etc/subuid and /etc/subgid were not created..." +test ! -f /etc/subgid +test ! -f /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/02_useradd_with_subids/config.txt b/tests/subids/02_useradd_with_subids/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/02_useradd_with_subids/config/etc/default/useradd b/tests/subids/02_useradd_with_subids/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/02_useradd_with_subids/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/02_useradd_with_subids/config/etc/group b/tests/subids/02_useradd_with_subids/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/02_useradd_with_subids/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/02_useradd_with_subids/config/etc/gshadow b/tests/subids/02_useradd_with_subids/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/02_useradd_with_subids/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/02_useradd_with_subids/config/etc/passwd b/tests/subids/02_useradd_with_subids/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/02_useradd_with_subids/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/02_useradd_with_subids/config/etc/shadow b/tests/subids/02_useradd_with_subids/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/02_useradd_with_subids/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/02_useradd_with_subids/config/etc/subgid b/tests/subids/02_useradd_with_subids/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/02_useradd_with_subids/config/etc/subuid b/tests/subids/02_useradd_with_subids/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/02_useradd_with_subids/data/group b/tests/subids/02_useradd_with_subids/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/02_useradd_with_subids/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/02_useradd_with_subids/data/gshadow b/tests/subids/02_useradd_with_subids/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/02_useradd_with_subids/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/02_useradd_with_subids/data/passwd b/tests/subids/02_useradd_with_subids/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/02_useradd_with_subids/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/02_useradd_with_subids/data/shadow b/tests/subids/02_useradd_with_subids/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/02_useradd_with_subids/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/02_useradd_with_subids/data/subgid b/tests/subids/02_useradd_with_subids/data/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/02_useradd_with_subids/data/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/02_useradd_with_subids/data/subuid b/tests/subids/02_useradd_with_subids/data/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/02_useradd_with_subids/data/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/02_useradd_with_subids/useradd.test b/tests/subids/02_useradd_with_subids/useradd.test new file mode 100755 index 00000000..e9154c1c --- /dev/null +++ b/tests/subids/02_useradd_with_subids/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd adds subids in /etc/sub[ug]id" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/03_useradd_no_subgid/config.txt b/tests/subids/03_useradd_no_subgid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/03_useradd_no_subgid/config/etc/default/useradd b/tests/subids/03_useradd_no_subgid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/03_useradd_no_subgid/config/etc/group b/tests/subids/03_useradd_no_subgid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/03_useradd_no_subgid/config/etc/gshadow b/tests/subids/03_useradd_no_subgid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/03_useradd_no_subgid/config/etc/passwd b/tests/subids/03_useradd_no_subgid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/03_useradd_no_subgid/config/etc/shadow b/tests/subids/03_useradd_no_subgid/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/03_useradd_no_subgid/config/etc/subgid b/tests/subids/03_useradd_no_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/03_useradd_no_subgid/config/etc/subuid b/tests/subids/03_useradd_no_subgid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/03_useradd_no_subgid/data/group b/tests/subids/03_useradd_no_subgid/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/03_useradd_no_subgid/data/gshadow b/tests/subids/03_useradd_no_subgid/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/03_useradd_no_subgid/data/passwd b/tests/subids/03_useradd_no_subgid/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/03_useradd_no_subgid/data/shadow b/tests/subids/03_useradd_no_subgid/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/03_useradd_no_subgid/data/subuid b/tests/subids/03_useradd_no_subgid/data/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/data/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/03_useradd_no_subgid/useradd.test b/tests/subids/03_useradd_no_subgid/useradd.test new file mode 100755 index 00000000..53127107 --- /dev/null +++ b/tests/subids/03_useradd_no_subgid/useradd.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd creates subids in /etc/subuid even if /etc/subgid does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove /etc/subgid..." +rm -f /etc/subgid +echo "OK" + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +test ! -f /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/04_useradd_no_subuid/config.txt b/tests/subids/04_useradd_no_subuid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/04_useradd_no_subuid/config/etc/default/useradd b/tests/subids/04_useradd_no_subuid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/04_useradd_no_subuid/config/etc/group b/tests/subids/04_useradd_no_subuid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/04_useradd_no_subuid/config/etc/gshadow b/tests/subids/04_useradd_no_subuid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/04_useradd_no_subuid/config/etc/passwd b/tests/subids/04_useradd_no_subuid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/04_useradd_no_subuid/config/etc/shadow b/tests/subids/04_useradd_no_subuid/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/04_useradd_no_subuid/config/etc/subgid b/tests/subids/04_useradd_no_subuid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/04_useradd_no_subuid/config/etc/subuid b/tests/subids/04_useradd_no_subuid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/04_useradd_no_subuid/data/group b/tests/subids/04_useradd_no_subuid/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/04_useradd_no_subuid/data/gshadow b/tests/subids/04_useradd_no_subuid/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/04_useradd_no_subuid/data/passwd b/tests/subids/04_useradd_no_subuid/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/04_useradd_no_subuid/data/shadow b/tests/subids/04_useradd_no_subuid/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/04_useradd_no_subuid/data/subgid b/tests/subids/04_useradd_no_subuid/data/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/data/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/04_useradd_no_subuid/useradd.test b/tests/subids/04_useradd_no_subuid/useradd.test new file mode 100755 index 00000000..ce0b8b79 --- /dev/null +++ b/tests/subids/04_useradd_no_subuid/useradd.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd creates subids in /etc/subgid even if /etc/subuid does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/subuid..." +rm -f /etc/subuid +echo "OK" + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +test ! -f /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/05_useradd_fill_gap_start/config.txt b/tests/subids/05_useradd_fill_gap_start/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd b/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/group b/tests/subids/05_useradd_fill_gap_start/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow b/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/passwd b/tests/subids/05_useradd_fill_gap_start/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/shadow b/tests/subids/05_useradd_fill_gap_start/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/subgid b/tests/subids/05_useradd_fill_gap_start/config/etc/subgid new file mode 100644 index 00000000..909f4ac2 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/config/etc/subgid @@ -0,0 +1 @@ +root:110000:10000 diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/subuid b/tests/subids/05_useradd_fill_gap_start/config/etc/subuid new file mode 100644 index 00000000..909f4ac2 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/config/etc/subuid @@ -0,0 +1 @@ +root:110000:10000 diff --git a/tests/subids/05_useradd_fill_gap_start/data/group b/tests/subids/05_useradd_fill_gap_start/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/05_useradd_fill_gap_start/data/gshadow b/tests/subids/05_useradd_fill_gap_start/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/05_useradd_fill_gap_start/data/passwd b/tests/subids/05_useradd_fill_gap_start/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/05_useradd_fill_gap_start/data/shadow b/tests/subids/05_useradd_fill_gap_start/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/05_useradd_fill_gap_start/data/subgid b/tests/subids/05_useradd_fill_gap_start/data/subgid new file mode 100644 index 00000000..73b57376 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/data/subgid @@ -0,0 +1,2 @@ +root:110000:10000 +foo:100000:10000 diff --git a/tests/subids/05_useradd_fill_gap_start/data/subuid b/tests/subids/05_useradd_fill_gap_start/data/subuid new file mode 100644 index 00000000..73b57376 --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/data/subuid @@ -0,0 +1,2 @@ +root:110000:10000 +foo:100000:10000 diff --git a/tests/subids/05_useradd_fill_gap_start/useradd.test b/tests/subids/05_useradd_fill_gap_start/useradd.test new file mode 100755 index 00000000..ac7e9ffd --- /dev/null +++ b/tests/subids/05_useradd_fill_gap_start/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd creates subids in /etc/sub[ug]id at the begining" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/06_useradd_fill_gap_middle/config.txt b/tests/subids/06_useradd_fill_gap_middle/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd b/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/group b/tests/subids/06_useradd_fill_gap_middle/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow b/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd b/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow b/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid b/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid new file mode 100644 index 00000000..8b9c643b --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid @@ -0,0 +1,2 @@ +root:100000:100000 +root:210000:10000 diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid b/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid new file mode 100644 index 00000000..8b9c643b --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid @@ -0,0 +1,2 @@ +root:100000:100000 +root:210000:10000 diff --git a/tests/subids/06_useradd_fill_gap_middle/data/group b/tests/subids/06_useradd_fill_gap_middle/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/06_useradd_fill_gap_middle/data/gshadow b/tests/subids/06_useradd_fill_gap_middle/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/06_useradd_fill_gap_middle/data/passwd b/tests/subids/06_useradd_fill_gap_middle/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/06_useradd_fill_gap_middle/data/shadow b/tests/subids/06_useradd_fill_gap_middle/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/06_useradd_fill_gap_middle/data/subgid b/tests/subids/06_useradd_fill_gap_middle/data/subgid new file mode 100644 index 00000000..c6e45a01 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/data/subgid @@ -0,0 +1,3 @@ +root:100000:100000 +root:210000:10000 +foo:200000:10000 diff --git a/tests/subids/06_useradd_fill_gap_middle/data/subuid b/tests/subids/06_useradd_fill_gap_middle/data/subuid new file mode 100644 index 00000000..c6e45a01 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/data/subuid @@ -0,0 +1,3 @@ +root:100000:100000 +root:210000:10000 +foo:200000:10000 diff --git a/tests/subids/06_useradd_fill_gap_middle/useradd.test b/tests/subids/06_useradd_fill_gap_middle/useradd.test new file mode 100755 index 00000000..484164e0 --- /dev/null +++ b/tests/subids/06_useradd_fill_gap_middle/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd creates subids in /etc/sub[ug]id between 2 used ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/07_useradd_fill_gap_end/config.txt b/tests/subids/07_useradd_fill_gap_end/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd b/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/group b/tests/subids/07_useradd_fill_gap_end/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow b/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/passwd b/tests/subids/07_useradd_fill_gap_end/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/shadow b/tests/subids/07_useradd_fill_gap_end/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/subgid b/tests/subids/07_useradd_fill_gap_end/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/subuid b/tests/subids/07_useradd_fill_gap_end/config/etc/subuid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/config/etc/subuid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/07_useradd_fill_gap_end/data/group b/tests/subids/07_useradd_fill_gap_end/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/07_useradd_fill_gap_end/data/gshadow b/tests/subids/07_useradd_fill_gap_end/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/07_useradd_fill_gap_end/data/passwd b/tests/subids/07_useradd_fill_gap_end/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/07_useradd_fill_gap_end/data/shadow b/tests/subids/07_useradd_fill_gap_end/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/07_useradd_fill_gap_end/data/subgid b/tests/subids/07_useradd_fill_gap_end/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/07_useradd_fill_gap_end/data/subuid b/tests/subids/07_useradd_fill_gap_end/data/subuid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/data/subuid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/07_useradd_fill_gap_end/useradd.test b/tests/subids/07_useradd_fill_gap_end/useradd.test new file mode 100755 index 00000000..11754516 --- /dev/null +++ b/tests/subids/07_useradd_fill_gap_end/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd creates subids in /etc/sub[ug]id at the end" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/08_useradd_no_more_subuids_start/config.txt b/tests/subids/08_useradd_no_more_subuids_start/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd b/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/group b/tests/subids/08_useradd_no_more_subuids_start/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow b/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd b/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow b/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid new file mode 100644 index 00000000..2342814b --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid @@ -0,0 +1 @@ +root:110000:600100000 diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid new file mode 100644 index 00000000..bafb12d6 --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid @@ -0,0 +1 @@ +root:109999:600100000 diff --git a/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err b/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err new file mode 100644 index 00000000..133e01fb --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Can't get unique subordinate UID range +useradd: can't create subordinate user IDs diff --git a/tests/subids/08_useradd_no_more_subuids_start/useradd.test b/tests/subids/08_useradd_no_more_subuids_start/useradd.test new file mode 100755 index 00000000..fea00a14 --- /dev/null +++ b/tests/subids/08_useradd_no_more_subuids_start/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports failure if there are no subids available in /etc/subuid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/09_useradd_no_more_subgids_start/config.txt b/tests/subids/09_useradd_no_more_subgids_start/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd b/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/group b/tests/subids/09_useradd_no_more_subgids_start/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow b/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd b/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow b/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid new file mode 100644 index 00000000..bafb12d6 --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid @@ -0,0 +1 @@ +root:109999:600100000 diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid new file mode 100644 index 00000000..2342814b --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid @@ -0,0 +1 @@ +root:110000:600100000 diff --git a/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err b/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err new file mode 100644 index 00000000..d832f1ff --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Can't get unique subordinate GID range +useradd: can't create subordinate group IDs diff --git a/tests/subids/09_useradd_no_more_subgids_start/useradd.test b/tests/subids/09_useradd_no_more_subgids_start/useradd.test new file mode 100755 index 00000000..3f237999 --- /dev/null +++ b/tests/subids/09_useradd_no_more_subgids_start/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports failure if there are no subids available in /etc/subgid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/10_useradd_no_more_subuids_end/config.txt b/tests/subids/10_useradd_no_more_subuids_end/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd b/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/group b/tests/subids/10_useradd_no_more_subuids_end/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow b/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd b/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow b/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid new file mode 100644 index 00000000..b6bb1327 --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid @@ -0,0 +1 @@ +root:100000:599990002 diff --git a/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err b/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err new file mode 100644 index 00000000..133e01fb --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Can't get unique subordinate UID range +useradd: can't create subordinate user IDs diff --git a/tests/subids/10_useradd_no_more_subuids_end/useradd.test b/tests/subids/10_useradd_no_more_subuids_end/useradd.test new file mode 100755 index 00000000..fea00a14 --- /dev/null +++ b/tests/subids/10_useradd_no_more_subuids_end/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports failure if there are no subids available in /etc/subuid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/11_useradd_no_more_subgids_end/config.txt b/tests/subids/11_useradd_no_more_subgids_end/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd b/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/group b/tests/subids/11_useradd_no_more_subgids_end/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow b/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd b/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow b/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid new file mode 100644 index 00000000..b6bb1327 --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990002 diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err b/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err new file mode 100644 index 00000000..d832f1ff --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Can't get unique subordinate GID range +useradd: can't create subordinate group IDs diff --git a/tests/subids/11_useradd_no_more_subgids_end/useradd.test b/tests/subids/11_useradd_no_more_subgids_end/useradd.test new file mode 100755 index 00000000..3f237999 --- /dev/null +++ b/tests/subids/11_useradd_no_more_subgids_end/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports failure if there are no subids available in /etc/subgid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config.txt b/tests/subids/12_useradd_invalid_subuid_configuration1/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs new file mode 100644 index 00000000..333f706c --- /dev/null +++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs @@ -0,0 +1,343 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 +# Per user subordinate UIDs +SUB_UID_MAX 100000 +SUB_UID_MIN 600100000 +SUB_UID_COUNT 10000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 +# Per user subordinate GIDs +#SUB_GID_MAX 100000 +#SUB_GID_MIN 600100000 +#SUB_GID_COUNT 10000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err b/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err new file mode 100644 index 00000000..c7c46fb4 --- /dev/null +++ b/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Invalid configuration: SUB_UID_MIN (600100000), SUB_UID_MAX (100000), SUB_UID_COUNT (10000) +useradd: can't create subordinate user IDs diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test b/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test new file mode 100755 index 00000000..a350e39d --- /dev/null +++ b/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports invalid subuid configuration" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config.txt b/tests/subids/13_useradd_invalid_subuid_configuration2/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs new file mode 100644 index 00000000..fe06be7e --- /dev/null +++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs @@ -0,0 +1,343 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 +# Per user subordinate UIDs +SUB_UID_MIN 100000 +SUB_UID_MAX 600100000 +SUB_UID_COUNT 600100000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 +# Per user subordinate GIDs +#SUB_GID_MIN 100000 +#SUB_GID_MAX 600100000 +#SUB_GID_COUNT 600100000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err b/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err new file mode 100644 index 00000000..469e0a83 --- /dev/null +++ b/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Invalid configuration: SUB_UID_MIN (100000), SUB_UID_MAX (600100000), SUB_UID_COUNT (600100000) +useradd: can't create subordinate user IDs diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test b/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test new file mode 100755 index 00000000..a350e39d --- /dev/null +++ b/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports invalid subuid configuration" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config.txt b/tests/subids/14_useradd_invalid_subuid_configuration3/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs new file mode 100644 index 00000000..7bf536a7 --- /dev/null +++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs @@ -0,0 +1,343 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 +# Per user subordinate UIDs +SUB_UID_MIN 100000 +SUB_UID_MAX 100000 +SUB_UID_COUNT 2 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 +# Per user subordinate GIDs +#SUB_GID_MIN 100000 +#SUB_GID_MAX 100000 +#SUB_GID_COUNT 2 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err b/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err new file mode 100644 index 00000000..3ab22c5e --- /dev/null +++ b/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Invalid configuration: SUB_UID_MIN (100000), SUB_UID_MAX (100000), SUB_UID_COUNT (2) +useradd: can't create subordinate user IDs diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test b/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test new file mode 100755 index 00000000..a350e39d --- /dev/null +++ b/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports invalid subuid configuration" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config.txt b/tests/subids/15_useradd_invalid_subgid_configuration1/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs new file mode 100644 index 00000000..76ea4aa8 --- /dev/null +++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs @@ -0,0 +1,343 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 +# Per user subordinate UIDs +#SUB_UID_MAX 100000 +#SUB_UID_MIN 600100000 +#SUB_UID_COUNT 10000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 +# Per user subordinate GIDs +SUB_GID_MAX 100000 +SUB_GID_MIN 600100000 +SUB_GID_COUNT 10000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err b/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err new file mode 100644 index 00000000..9c4c6645 --- /dev/null +++ b/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Invalid configuration: SUB_GID_MIN (600100000), SUB_GID_MAX (100000), SUB_GID_COUNT (10000) +useradd: can't create subordinate group IDs diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test b/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test new file mode 100755 index 00000000..a737c534 --- /dev/null +++ b/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports invalid subgid configuration" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config.txt b/tests/subids/16_useradd_invalid_subgid_configuration2/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs new file mode 100644 index 00000000..b35b2aa4 --- /dev/null +++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs @@ -0,0 +1,343 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 +# Per user subordinate UIDs +#SUB_UID_MIN 100000 +#SUB_UID_MAX 600100000 +#SUB_UID_COUNT 600100000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 +# Per user subordinate GIDs +SUB_GID_MIN 100000 +SUB_GID_MAX 600100000 +SUB_GID_COUNT 600100000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err b/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err new file mode 100644 index 00000000..53b37e0b --- /dev/null +++ b/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Invalid configuration: SUB_GID_MIN (100000), SUB_GID_MAX (600100000), SUB_GID_COUNT (600100000) +useradd: can't create subordinate group IDs diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test b/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test new file mode 100755 index 00000000..a737c534 --- /dev/null +++ b/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports invalid subgid configuration" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config.txt b/tests/subids/17_useradd_invalid_subgid_configuration3/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs new file mode 100644 index 00000000..6cde54fd --- /dev/null +++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs @@ -0,0 +1,343 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 +# Per user subordinate UIDs +#SUB_UID_MIN 100000 +#SUB_UID_MAX 100000 +#SUB_UID_COUNT 2 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 +# Per user subordinate GIDs +SUB_GID_MIN 100000 +SUB_GID_MAX 100000 +SUB_GID_COUNT 2 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err b/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err new file mode 100644 index 00000000..fd9289d1 --- /dev/null +++ b/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err @@ -0,0 +1,2 @@ +useradd: Invalid configuration: SUB_GID_MIN (100000), SUB_GID_MAX (100000), SUB_GID_COUNT (2) +useradd: can't create subordinate group IDs diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test b/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test new file mode 100755 index 00000000..a737c534 --- /dev/null +++ b/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd reports invalid subgid configuration" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/18_useradd_min=max/config.txt b/tests/subids/18_useradd_min=max/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/18_useradd_min=max/config/etc/default/useradd b/tests/subids/18_useradd_min=max/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/18_useradd_min=max/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/18_useradd_min=max/config/etc/group b/tests/subids/18_useradd_min=max/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/18_useradd_min=max/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/18_useradd_min=max/config/etc/gshadow b/tests/subids/18_useradd_min=max/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/18_useradd_min=max/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/18_useradd_min=max/config/etc/login.defs b/tests/subids/18_useradd_min=max/config/etc/login.defs new file mode 100644 index 00000000..573f830d --- /dev/null +++ b/tests/subids/18_useradd_min=max/config/etc/login.defs @@ -0,0 +1,343 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 +# Per user subordinate UIDs +SUB_UID_MIN 100000 +SUB_UID_MAX 100000 +SUB_UID_COUNT 1 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 +# Per user subordinate GIDs +SUB_GID_MIN 100000 +SUB_GID_MAX 100000 +SUB_GID_COUNT 1 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +ENCRYPT_METHOD SHA512 + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/subids/18_useradd_min=max/config/etc/passwd b/tests/subids/18_useradd_min=max/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/18_useradd_min=max/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/18_useradd_min=max/config/etc/shadow b/tests/subids/18_useradd_min=max/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/18_useradd_min=max/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/18_useradd_min=max/config/etc/subgid b/tests/subids/18_useradd_min=max/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/18_useradd_min=max/config/etc/subuid b/tests/subids/18_useradd_min=max/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/18_useradd_min=max/data/group b/tests/subids/18_useradd_min=max/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/18_useradd_min=max/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/18_useradd_min=max/data/gshadow b/tests/subids/18_useradd_min=max/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/18_useradd_min=max/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/18_useradd_min=max/data/passwd b/tests/subids/18_useradd_min=max/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/18_useradd_min=max/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/18_useradd_min=max/data/shadow b/tests/subids/18_useradd_min=max/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/18_useradd_min=max/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/18_useradd_min=max/data/subgid b/tests/subids/18_useradd_min=max/data/subgid new file mode 100644 index 00000000..25a4ca74 --- /dev/null +++ b/tests/subids/18_useradd_min=max/data/subgid @@ -0,0 +1 @@ +foo:100000:1 diff --git a/tests/subids/18_useradd_min=max/data/subuid b/tests/subids/18_useradd_min=max/data/subuid new file mode 100644 index 00000000..25a4ca74 --- /dev/null +++ b/tests/subids/18_useradd_min=max/data/subuid @@ -0,0 +1 @@ +foo:100000:1 diff --git a/tests/subids/18_useradd_min=max/useradd.test b/tests/subids/18_useradd_min=max/useradd.test new file mode 100755 index 00000000..10bb7b76 --- /dev/null +++ b/tests/subids/18_useradd_min=max/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd can create one subid in /etc/sub[ug]id when SUB_.ID_MIN=SUB_.ID_MAX" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/19_useradd_locked_subuid/config.txt b/tests/subids/19_useradd_locked_subuid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd b/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/group b/tests/subids/19_useradd_locked_subuid/config/etc/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/subids/19_useradd_locked_subuid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/gshadow b/tests/subids/19_useradd_locked_subuid/config/etc/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/subids/19_useradd_locked_subuid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/passwd b/tests/subids/19_useradd_locked_subuid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/19_useradd_locked_subuid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/shadow b/tests/subids/19_useradd_locked_subuid/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/subids/19_useradd_locked_subuid/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/subgid b/tests/subids/19_useradd_locked_subuid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/subuid b/tests/subids/19_useradd_locked_subuid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/19_useradd_locked_subuid/data/useradd.err b/tests/subids/19_useradd_locked_subuid/data/useradd.err new file mode 100644 index 00000000..c7854079 --- /dev/null +++ b/tests/subids/19_useradd_locked_subuid/data/useradd.err @@ -0,0 +1,2 @@ +useradd: existing lock file /etc/subuid.lock without a PID +useradd: cannot lock /etc/subuid; try again later. diff --git a/tests/subids/19_useradd_locked_subuid/useradd.test b/tests/subids/19_useradd_locked_subuid/useradd.test new file mode 100755 index 00000000..279573fc --- /dev/null +++ b/tests/subids/19_useradd_locked_subuid/useradd.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd checks if the subuid file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subuid.lock' 0 + +change_config + +echo -n "Create lock file for /etc/subuid..." +touch /etc/subuid.lock +echo "done" + +echo -n "Add user foo (useradd foo)..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/subuid.lock + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/20_useradd_locked_subgid/config.txt b/tests/subids/20_useradd_locked_subgid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd b/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/group b/tests/subids/20_useradd_locked_subgid/config/etc/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/subids/20_useradd_locked_subgid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/gshadow b/tests/subids/20_useradd_locked_subgid/config/etc/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/subids/20_useradd_locked_subgid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/passwd b/tests/subids/20_useradd_locked_subgid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/20_useradd_locked_subgid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/shadow b/tests/subids/20_useradd_locked_subgid/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/subids/20_useradd_locked_subgid/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/subgid b/tests/subids/20_useradd_locked_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/subuid b/tests/subids/20_useradd_locked_subgid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/20_useradd_locked_subgid/data/useradd.err b/tests/subids/20_useradd_locked_subgid/data/useradd.err new file mode 100644 index 00000000..13bbf3b9 --- /dev/null +++ b/tests/subids/20_useradd_locked_subgid/data/useradd.err @@ -0,0 +1,2 @@ +useradd: existing lock file /etc/subgid.lock without a PID +useradd: cannot lock /etc/subgid; try again later. diff --git a/tests/subids/20_useradd_locked_subgid/useradd.test b/tests/subids/20_useradd_locked_subgid/useradd.test new file mode 100755 index 00000000..145ac984 --- /dev/null +++ b/tests/subids/20_useradd_locked_subgid/useradd.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd checks if the subgid file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subgid.lock' 0 + +change_config + +echo -n "Create lock file for /etc/subgid..." +touch /etc/subgid.lock +echo "done" + +echo -n "Add user foo (useradd foo)..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/subgid.lock + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/21_usermod_create_subuid_range/config.txt b/tests/subids/21_usermod_create_subuid_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/21_usermod_create_subuid_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd b/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/group b/tests/subids/21_usermod_create_subuid_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/21_usermod_create_subuid_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow b/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/passwd b/tests/subids/21_usermod_create_subuid_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/21_usermod_create_subuid_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/shadow b/tests/subids/21_usermod_create_subuid_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/21_usermod_create_subuid_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/subgid b/tests/subids/21_usermod_create_subuid_range/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/subuid b/tests/subids/21_usermod_create_subuid_range/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/21_usermod_create_subuid_range/data/subuid b/tests/subids/21_usermod_create_subuid_range/data/subuid new file mode 100644 index 00000000..b1cd7048 --- /dev/null +++ b/tests/subids/21_usermod_create_subuid_range/data/subuid @@ -0,0 +1 @@ +foo:100000:501 diff --git a/tests/subids/21_usermod_create_subuid_range/usermod.test b/tests/subids/21_usermod_create_subuid_range/usermod.test new file mode 100755 index 00000000..3c5470d7 --- /dev/null +++ b/tests/subids/21_usermod_create_subuid_range/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can create a subuid range" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create range of subuid for user foo (usermod -v 100000-100500 foo)..." +usermod -v 100000-100500 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/22_usermod_create_subgid_range/config.txt b/tests/subids/22_usermod_create_subgid_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/22_usermod_create_subgid_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd b/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/group b/tests/subids/22_usermod_create_subgid_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/22_usermod_create_subgid_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow b/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/passwd b/tests/subids/22_usermod_create_subgid_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/22_usermod_create_subgid_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/shadow b/tests/subids/22_usermod_create_subgid_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/22_usermod_create_subgid_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/subgid b/tests/subids/22_usermod_create_subgid_range/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/subuid b/tests/subids/22_usermod_create_subgid_range/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/22_usermod_create_subgid_range/data/subgid b/tests/subids/22_usermod_create_subgid_range/data/subgid new file mode 100644 index 00000000..b1cd7048 --- /dev/null +++ b/tests/subids/22_usermod_create_subgid_range/data/subgid @@ -0,0 +1 @@ +foo:100000:501 diff --git a/tests/subids/22_usermod_create_subgid_range/usermod.test b/tests/subids/22_usermod_create_subgid_range/usermod.test new file mode 100755 index 00000000..a5045a40 --- /dev/null +++ b/tests/subids/22_usermod_create_subgid_range/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can create a subgid range" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create range of subgid for user foo (usermod -w 100000-100500 foo)..." +usermod -w 100000-100500 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/23_usermod_create_subids_ranges/config.txt b/tests/subids/23_usermod_create_subids_ranges/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd b/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/group b/tests/subids/23_usermod_create_subids_ranges/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow b/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd b/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow b/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/subgid b/tests/subids/23_usermod_create_subids_ranges/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/subuid b/tests/subids/23_usermod_create_subids_ranges/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/23_usermod_create_subids_ranges/data/subgid b/tests/subids/23_usermod_create_subids_ranges/data/subgid new file mode 100644 index 00000000..e0a6b2f3 --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/data/subgid @@ -0,0 +1,3 @@ +foo:102000:501 +foo:101000:502 +foo:100000:502 diff --git a/tests/subids/23_usermod_create_subids_ranges/data/subuid b/tests/subids/23_usermod_create_subids_ranges/data/subuid new file mode 100644 index 00000000..8d10ef63 --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/data/subuid @@ -0,0 +1,2 @@ +foo:100000:501 +foo:101000:501 diff --git a/tests/subids/23_usermod_create_subids_ranges/usermod.test b/tests/subids/23_usermod_create_subids_ranges/usermod.test new file mode 100755 index 00000000..fccfade4 --- /dev/null +++ b/tests/subids/23_usermod_create_subids_ranges/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can create multiple subuid and subgid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create ranges of subuid and subgid for user foo (usermod -v 101000-101500 -w 100000-100501 -w 101000-101501 -w 102000-102500 -v 100000-100500 foo)..." +usermod -v 101000-101500 -w 100000-100501 -w 101000-101501 -w 102000-102500 -v 100000-100500 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt b/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid new file mode 100644 index 00000000..e1960c7d --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid @@ -0,0 +1,3 @@ +foo:100000:402 +foo:100500:1002 +foo:100000:502 diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid new file mode 100644 index 00000000..e07aca96 --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid @@ -0,0 +1,4 @@ +foo:200011:10 +foo:200000:11 +foo:100000:1001 +foo:101000:501 diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test b/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test new file mode 100755 index 00000000..ad1725b6 --- /dev/null +++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can create overlapping subuid and subgid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create ranges of subuid and subgid for user foo (usermod -v 101000-101500 -w 100000-100501 -w 100500-101501 -v 100000-101000 -v 200000-200010 -v 200011-200020 -w 100000-100401 foo)..." +usermod -v 101000-101500 -w 100000-100501 -w 100500-101501 -v 100000-101000 -v 200000-200010 -v 200011-200020 -w 100000-100401 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/25_usermod_add_range/config.txt b/tests/subids/25_usermod_add_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/25_usermod_add_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/25_usermod_add_range/config/etc/default/useradd b/tests/subids/25_usermod_add_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/25_usermod_add_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/25_usermod_add_range/config/etc/group b/tests/subids/25_usermod_add_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/25_usermod_add_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/25_usermod_add_range/config/etc/gshadow b/tests/subids/25_usermod_add_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/25_usermod_add_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/25_usermod_add_range/config/etc/passwd b/tests/subids/25_usermod_add_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/25_usermod_add_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/25_usermod_add_range/config/etc/shadow b/tests/subids/25_usermod_add_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/25_usermod_add_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/25_usermod_add_range/config/etc/subgid b/tests/subids/25_usermod_add_range/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/25_usermod_add_range/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/25_usermod_add_range/config/etc/subuid b/tests/subids/25_usermod_add_range/config/etc/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/25_usermod_add_range/config/etc/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/25_usermod_add_range/data/subgid b/tests/subids/25_usermod_add_range/data/subgid new file mode 100644 index 00000000..e4babf0d --- /dev/null +++ b/tests/subids/25_usermod_add_range/data/subgid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:150000:502 diff --git a/tests/subids/25_usermod_add_range/data/subuid b/tests/subids/25_usermod_add_range/data/subuid new file mode 100644 index 00000000..80fb2821 --- /dev/null +++ b/tests/subids/25_usermod_add_range/data/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:120000:501 diff --git a/tests/subids/25_usermod_add_range/usermod.test b/tests/subids/25_usermod_add_range/usermod.test new file mode 100755 index 00000000..52788751 --- /dev/null +++ b/tests/subids/25_usermod_add_range/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can add subuid and subgid ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add ranges of subuid and subgid for user foo (usermod -v 120000-120500 -w 150000-150501 foo)..." +usermod -v 120000-120500 -w 150000-150501 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config.txt b/tests/subids/26_usermod_add_overlapping_ranges/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/26_usermod_add_overlapping_ranges/data/subgid b/tests/subids/26_usermod_add_overlapping_ranges/data/subgid new file mode 100644 index 00000000..455f5311 --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/data/subgid @@ -0,0 +1,3 @@ +foo:100000:10000 +foo:200000:10000 +foo:100000:50502 diff --git a/tests/subids/26_usermod_add_overlapping_ranges/data/subuid b/tests/subids/26_usermod_add_overlapping_ranges/data/subuid new file mode 100644 index 00000000..072266bc --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/data/subuid @@ -0,0 +1,3 @@ +foo:100000:10000 +foo:200000:10000 +foo:110000:10501 diff --git a/tests/subids/26_usermod_add_overlapping_ranges/usermod.test b/tests/subids/26_usermod_add_overlapping_ranges/usermod.test new file mode 100755 index 00000000..9224181d --- /dev/null +++ b/tests/subids/26_usermod_add_overlapping_ranges/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can add subuid and subgid ranges overlapping with existing ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add ranges of subuid and subgid for user foo (usermod -v 110000-120500 -w 100000-150501 -v 200000-200500 foo)..." +usermod -v 110000-120500 -w 100000-150501 -v 200000-200500 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/27_usermod_remove_range_all/config.txt b/tests/subids/27_usermod_remove_range_all/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd b/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/group b/tests/subids/27_usermod_remove_range_all/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/gshadow b/tests/subids/27_usermod_remove_range_all/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/passwd b/tests/subids/27_usermod_remove_range_all/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/shadow b/tests/subids/27_usermod_remove_range_all/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/subgid b/tests/subids/27_usermod_remove_range_all/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/subuid b/tests/subids/27_usermod_remove_range_all/config/etc/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/config/etc/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/27_usermod_remove_range_all/data/subgid b/tests/subids/27_usermod_remove_range_all/data/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/27_usermod_remove_range_all/data/subuid b/tests/subids/27_usermod_remove_range_all/data/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/27_usermod_remove_range_all/usermod.test b/tests/subids/27_usermod_remove_range_all/usermod.test new file mode 100755 index 00000000..0bd7f0be --- /dev/null +++ b/tests/subids/27_usermod_remove_range_all/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can remove subuid and subgid ranges matching boundaries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..." +usermod -V 100000-109999 -W 100000-109999 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config.txt b/tests/subids/28_usermod_remove_range_partial_begin/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/28_usermod_remove_range_partial_begin/data/subgid b/tests/subids/28_usermod_remove_range_partial_begin/data/subgid new file mode 100644 index 00000000..8feb16c4 --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/data/subgid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200001:9999 diff --git a/tests/subids/28_usermod_remove_range_partial_begin/data/subuid b/tests/subids/28_usermod_remove_range_partial_begin/data/subuid new file mode 100644 index 00000000..454c624e --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/data/subuid @@ -0,0 +1,2 @@ +foo:106000:4000 +foo:209999:1 diff --git a/tests/subids/28_usermod_remove_range_partial_begin/usermod.test b/tests/subids/28_usermod_remove_range_partial_begin/usermod.test new file mode 100755 index 00000000..03a79667 --- /dev/null +++ b/tests/subids/28_usermod_remove_range_partial_begin/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can remove partial subuid and subgid ranges with matching lower boundaries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-105999 -W 200000-200000 foo)..." +usermod -V 100000-105999 -W 200000-200000 -V 200000-209998 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config.txt b/tests/subids/29_usermod_remove_range_partial_middle/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/29_usermod_remove_range_partial_middle/data/subgid b/tests/subids/29_usermod_remove_range_partial_middle/data/subgid new file mode 100644 index 00000000..179115c0 --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/data/subgid @@ -0,0 +1,2 @@ +foo:100000:5000 +foo:109999:1 diff --git a/tests/subids/29_usermod_remove_range_partial_middle/data/subuid b/tests/subids/29_usermod_remove_range_partial_middle/data/subuid new file mode 100644 index 00000000..b1f3d76d --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/data/subuid @@ -0,0 +1,4 @@ +foo:100000:1 +foo:200000:5000 +foo:207001:2999 +foo:106000:4000 diff --git a/tests/subids/29_usermod_remove_range_partial_middle/usermod.test b/tests/subids/29_usermod_remove_range_partial_middle/usermod.test new file mode 100755 index 00000000..bba46bc6 --- /dev/null +++ b/tests/subids/29_usermod_remove_range_partial_middle/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can remove partial subuid and subgid ranges included in existing ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-105999 -W 105000-109998 -V 205000-207000 foo)..." +usermod -V 100001-105999 -W 105000-109998 -V 205000-207000 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/30_usermod_remove_range_partial_end/config.txt b/tests/subids/30_usermod_remove_range_partial_end/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd b/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/group b/tests/subids/30_usermod_remove_range_partial_end/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow b/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd b/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow b/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/30_usermod_remove_range_partial_end/data/subgid b/tests/subids/30_usermod_remove_range_partial_end/data/subgid new file mode 100644 index 00000000..707bde62 --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/data/subgid @@ -0,0 +1 @@ +foo:100000:5000 diff --git a/tests/subids/30_usermod_remove_range_partial_end/data/subuid b/tests/subids/30_usermod_remove_range_partial_end/data/subuid new file mode 100644 index 00000000..88ff38c0 --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/data/subuid @@ -0,0 +1,2 @@ +foo:100000:1 +foo:200000:9999 diff --git a/tests/subids/30_usermod_remove_range_partial_end/usermod.test b/tests/subids/30_usermod_remove_range_partial_end/usermod.test new file mode 100755 index 00000000..c1107166 --- /dev/null +++ b/tests/subids/30_usermod_remove_range_partial_end/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can remove partial subuid and subgid ranges with matching upper boundaries" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-109999 -W 105000-109999 -V 209998-209999 foo)..." +usermod -V 100001-109999 -W 105000-109999 -V 209999-209999 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/31_usermod_remove_outside_range/config.txt b/tests/subids/31_usermod_remove_outside_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd b/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/group b/tests/subids/31_usermod_remove_outside_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow b/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/passwd b/tests/subids/31_usermod_remove_outside_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/shadow b/tests/subids/31_usermod_remove_outside_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/subgid b/tests/subids/31_usermod_remove_outside_range/config/etc/subgid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/config/etc/subgid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/subuid b/tests/subids/31_usermod_remove_outside_range/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/31_usermod_remove_outside_range/data/subgid b/tests/subids/31_usermod_remove_outside_range/data/subgid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/data/subgid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/31_usermod_remove_outside_range/data/subuid b/tests/subids/31_usermod_remove_outside_range/data/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/data/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/31_usermod_remove_outside_range/usermod.test b/tests/subids/31_usermod_remove_outside_range/usermod.test new file mode 100755 index 00000000..477c7223 --- /dev/null +++ b/tests/subids/31_usermod_remove_outside_range/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod does not remove subuid and subgid ranges if provided ranges are outside of existing ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 1000-99999 -W 110000-199999 foo)..." +usermod -V 1000-99999 -W 110000-199999 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt b/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid new file mode 100644 index 00000000..c2dcd1ac --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid @@ -0,0 +1 @@ +foo:109999:1 diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid new file mode 100644 index 00000000..30bf143e --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid @@ -0,0 +1,2 @@ +foo:100001:9999 +foo:209999:1 diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test b/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test new file mode 100755 index 00000000..1f2766a8 --- /dev/null +++ b/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can remove partial subuid and subgid ranges overlapping beginning of existing ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 10000-100000 -W 5000-109998 -V 110000-209998 foo)..." +usermod -V 10000-100000 -W 5000-109998 -V 110000-209998 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config.txt b/tests/subids/33_usermod_remove_overlapping_range_end/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid b/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid new file mode 100644 index 00000000..707bde62 --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid @@ -0,0 +1 @@ +foo:100000:5000 diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid b/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid new file mode 100644 index 00000000..88ff38c0 --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid @@ -0,0 +1,2 @@ +foo:100000:1 +foo:200000:9999 diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test b/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test new file mode 100755 index 00000000..545fd279 --- /dev/null +++ b/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can remove partial subuid and subgid ranges overlapping upper boundaries of existing ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-109999 -W 105000-120000 -V 209999-210001 foo)..." +usermod -V 100001-109999 -W 105000-120000 -V 209999-210001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config.txt b/tests/subids/34_usermod_remove_overlapping_range_all/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/data/subgid b/tests/subids/34_usermod_remove_overlapping_range_all/data/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid b/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid new file mode 100644 index 00000000..92313ecd --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid @@ -0,0 +1 @@ +foo:100000:9999 diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test b/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test new file mode 100755 index 00000000..ba781eb9 --- /dev/null +++ b/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can remove partial subuid and subgid ranges whose boundaries overlap boundaries of existing ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -W 99997-110002 -V 109999-210000 foo)..." +usermod -W 99997-110002 -V 109999-210000 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config.txt b/tests/subids/35_usermod_remove_only_user_ranges/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid new file mode 100644 index 00000000..81c71347 --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid @@ -0,0 +1,4 @@ +root:100000:10000 +foo:100000:10000 +foo:200000:10000 +foo:100000:10000 diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid new file mode 100644 index 00000000..96f82748 --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid @@ -0,0 +1,4 @@ +foo:100000:10000 +foo:200000:10000 +root:100000:10000 +foo:100000:10000 diff --git a/tests/subids/35_usermod_remove_only_user_ranges/data/subgid b/tests/subids/35_usermod_remove_only_user_ranges/data/subgid new file mode 100644 index 00000000..ba36f20b --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/data/subgid @@ -0,0 +1,2 @@ +root:100000:10000 +foo:200000:10000 diff --git a/tests/subids/35_usermod_remove_only_user_ranges/data/subuid b/tests/subids/35_usermod_remove_only_user_ranges/data/subuid new file mode 100644 index 00000000..5000837d --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/data/subuid @@ -0,0 +1,2 @@ +foo:200000:10000 +root:100000:10000 diff --git a/tests/subids/35_usermod_remove_only_user_ranges/usermod.test b/tests/subids/35_usermod_remove_only_user_ranges/usermod.test new file mode 100755 index 00000000..191ffb23 --- /dev/null +++ b/tests/subids/35_usermod_remove_only_user_ranges/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod does not remove subuid and subgid ranges of other users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..." +usermod -V 100000-109999 -W 100000-109999 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/36_usermod_remove_with_comment/config.txt b/tests/subids/36_usermod_remove_with_comment/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd b/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/group b/tests/subids/36_usermod_remove_with_comment/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow b/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/passwd b/tests/subids/36_usermod_remove_with_comment/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/shadow b/tests/subids/36_usermod_remove_with_comment/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/subgid b/tests/subids/36_usermod_remove_with_comment/config/etc/subgid new file mode 100644 index 00000000..efd5bbc3 --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/config/etc/subgid @@ -0,0 +1,3 @@ +foo:100000:10000 +# This is a duplicate entry +foo:100000:10000 diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/subuid b/tests/subids/36_usermod_remove_with_comment/config/etc/subuid new file mode 100644 index 00000000..efd5bbc3 --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/config/etc/subuid @@ -0,0 +1,3 @@ +foo:100000:10000 +# This is a duplicate entry +foo:100000:10000 diff --git a/tests/subids/36_usermod_remove_with_comment/data/subgid b/tests/subids/36_usermod_remove_with_comment/data/subgid new file mode 100644 index 00000000..cbb145cb --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/data/subgid @@ -0,0 +1 @@ +# This is a duplicate entry diff --git a/tests/subids/36_usermod_remove_with_comment/data/subuid b/tests/subids/36_usermod_remove_with_comment/data/subuid new file mode 100644 index 00000000..cbb145cb --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/data/subuid @@ -0,0 +1 @@ +# This is a duplicate entry diff --git a/tests/subids/36_usermod_remove_with_comment/usermod.test b/tests/subids/36_usermod_remove_with_comment/usermod.test new file mode 100755 index 00000000..ae1e1469 --- /dev/null +++ b/tests/subids/36_usermod_remove_with_comment/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod ignores and keeps comments when ranges are removed" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..." +usermod -V 100000-109999 -W 100000-109999 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/37_usermod_-v_invalid_range/config.txt b/tests/subids/37_usermod_-v_invalid_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd b/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/group b/tests/subids/37_usermod_-v_invalid_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow b/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd b/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow b/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid b/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid b/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/37_usermod_-v_invalid_range/data/usermod.err b/tests/subids/37_usermod_-v_invalid_range/data/usermod.err new file mode 100644 index 00000000..b8633767 --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate uid range '110000-100000' diff --git a/tests/subids/37_usermod_-v_invalid_range/usermod.test b/tests/subids/37_usermod_-v_invalid_range/usermod.test new file mode 100755 index 00000000..4f0ec180 --- /dev/null +++ b/tests/subids/37_usermod_-v_invalid_range/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "min > max (usermod -v 110000-100000 foo)..." +usermod -v 110000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/38_usermod_-V_invalid_range/config.txt b/tests/subids/38_usermod_-V_invalid_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd b/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/group b/tests/subids/38_usermod_-V_invalid_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow b/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd b/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow b/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid b/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid b/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/38_usermod_-V_invalid_range/data/usermod.err b/tests/subids/38_usermod_-V_invalid_range/data/usermod.err new file mode 100644 index 00000000..2d8964d1 --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate uid range '110000' diff --git a/tests/subids/38_usermod_-V_invalid_range/usermod.test b/tests/subids/38_usermod_-V_invalid_range/usermod.test new file mode 100755 index 00000000..462c803f --- /dev/null +++ b/tests/subids/38_usermod_-V_invalid_range/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "range is a single value (usermod -V 110000 foo)..." +usermod -V 110000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/39_usermod_-w_invalid_range/config.txt b/tests/subids/39_usermod_-w_invalid_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd b/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/group b/tests/subids/39_usermod_-w_invalid_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow b/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd b/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow b/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid b/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid b/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/39_usermod_-w_invalid_range/data/usermod.err b/tests/subids/39_usermod_-w_invalid_range/data/usermod.err new file mode 100644 index 00000000..1e3eb0bc --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate gid range '100000a-110000' diff --git a/tests/subids/39_usermod_-w_invalid_range/usermod.test b/tests/subids/39_usermod_-w_invalid_range/usermod.test new file mode 100755 index 00000000..8d56dc32 --- /dev/null +++ b/tests/subids/39_usermod_-w_invalid_range/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "characters insterted in range (usermod -w 100000a-110000 foo)..." +usermod -w 100000a-110000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/40_usermod_-W_invalid_range/config.txt b/tests/subids/40_usermod_-W_invalid_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd b/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/group b/tests/subids/40_usermod_-W_invalid_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow b/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd b/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow b/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid b/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid b/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/40_usermod_-W_invalid_range/data/usermod.err b/tests/subids/40_usermod_-W_invalid_range/data/usermod.err new file mode 100644 index 00000000..15803ff3 --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate gid range '100000-110000a' diff --git a/tests/subids/40_usermod_-W_invalid_range/usermod.test b/tests/subids/40_usermod_-W_invalid_range/usermod.test new file mode 100755 index 00000000..803ab621 --- /dev/null +++ b/tests/subids/40_usermod_-W_invalid_range/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "invalid characters appended (usermod -W 100000-110000a foo)..." +usermod -W 100000-110000a foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/41_usermod_locked_subuid/config.txt b/tests/subids/41_usermod_locked_subuid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd b/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/group b/tests/subids/41_usermod_locked_subuid/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/subids/41_usermod_locked_subuid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/gshadow b/tests/subids/41_usermod_locked_subuid/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/subids/41_usermod_locked_subuid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/passwd b/tests/subids/41_usermod_locked_subuid/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/41_usermod_locked_subuid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/shadow b/tests/subids/41_usermod_locked_subuid/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/41_usermod_locked_subuid/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/subgid b/tests/subids/41_usermod_locked_subuid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/subuid b/tests/subids/41_usermod_locked_subuid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/41_usermod_locked_subuid/data/usermod.err b/tests/subids/41_usermod_locked_subuid/data/usermod.err new file mode 100644 index 00000000..5d2daeb8 --- /dev/null +++ b/tests/subids/41_usermod_locked_subuid/data/usermod.err @@ -0,0 +1,2 @@ +usermod: existing lock file /etc/subuid.lock without a PID +usermod: cannot lock /etc/subuid; try again later. diff --git a/tests/subids/41_usermod_locked_subuid/usermod.test b/tests/subids/41_usermod_locked_subuid/usermod.test new file mode 100755 index 00000000..8b954ea0 --- /dev/null +++ b/tests/subids/41_usermod_locked_subuid/usermod.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks if the subuid file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subuid.lock' 0 + +change_config + +echo -n "Create lock file for /etc/subuid..." +touch /etc/subuid.lock +echo "done" + +echo -n "Add subuid ranges to user foo (usermod -v 100000-100000 foo)..." +usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/subuid.lock + +echo -n "Check returned status ($status)..." +test "$status" = "16" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/42_usermod_locked_subgid/config.txt b/tests/subids/42_usermod_locked_subgid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd b/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/group b/tests/subids/42_usermod_locked_subgid/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/subids/42_usermod_locked_subgid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/gshadow b/tests/subids/42_usermod_locked_subgid/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/subids/42_usermod_locked_subgid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/passwd b/tests/subids/42_usermod_locked_subgid/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/42_usermod_locked_subgid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/shadow b/tests/subids/42_usermod_locked_subgid/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/42_usermod_locked_subgid/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/subgid b/tests/subids/42_usermod_locked_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/subuid b/tests/subids/42_usermod_locked_subgid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/42_usermod_locked_subgid/data/usermod.err b/tests/subids/42_usermod_locked_subgid/data/usermod.err new file mode 100644 index 00000000..dee7b1db --- /dev/null +++ b/tests/subids/42_usermod_locked_subgid/data/usermod.err @@ -0,0 +1,2 @@ +usermod: existing lock file /etc/subgid.lock without a PID +usermod: cannot lock /etc/subgid; try again later. diff --git a/tests/subids/42_usermod_locked_subgid/usermod.test b/tests/subids/42_usermod_locked_subgid/usermod.test new file mode 100755 index 00000000..c44be3a4 --- /dev/null +++ b/tests/subids/42_usermod_locked_subgid/usermod.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks if the subgid file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subgid.lock' 0 + +change_config + +echo -n "Create lock file for /etc/subgid..." +touch /etc/subgid.lock +echo "done" + +echo -n "Add subgid ranges to user foo (usermod -w 100000-100000 foo)..." +usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/subgid.lock + +echo -n "Check returned status ($status)..." +test "$status" = "18" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/43_usermod_-w_no_subgid/config.txt b/tests/subids/43_usermod_-w_no_subgid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd b/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/group b/tests/subids/43_usermod_-w_no_subgid/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow b/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd b/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow b/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/subgid b/tests/subids/43_usermod_-w_no_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/subuid b/tests/subids/43_usermod_-w_no_subgid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/43_usermod_-w_no_subgid/data/usermod.err b/tests/subids/43_usermod_-w_no_subgid/data/usermod.err new file mode 100644 index 00000000..4f03a68d --- /dev/null +++ b/tests/subids/43_usermod_-w_no_subgid/data/usermod.err @@ -0,0 +1 @@ +usermod: /etc/subgid does not exist, you cannot use the flags -w or -W diff --git a/tests/subids/43_usermod_-w_no_subgid/usermod.test b/tests/subids/43_usermod_-w_no_subgid/usermod.test new file mode 100755 index 00000000..118bc4a7 --- /dev/null +++ b/tests/subids/43_usermod_-w_no_subgid/usermod.test @@ -0,0 +1,64 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -w fails is there is no subgid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove /etc/subgid..." +rm -f /etc/subgid +echo "OK" + +echo -n "Add subgid ranges to user foo (usermod -w 100000-100000 foo)..." +usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +test ! -f /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/44_usermod_-W_no_subgid/config.txt b/tests/subids/44_usermod_-W_no_subgid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd b/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/group b/tests/subids/44_usermod_-W_no_subgid/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow b/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd b/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow b/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/subgid b/tests/subids/44_usermod_-W_no_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/subuid b/tests/subids/44_usermod_-W_no_subgid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/44_usermod_-W_no_subgid/data/usermod.err b/tests/subids/44_usermod_-W_no_subgid/data/usermod.err new file mode 100644 index 00000000..4f03a68d --- /dev/null +++ b/tests/subids/44_usermod_-W_no_subgid/data/usermod.err @@ -0,0 +1 @@ +usermod: /etc/subgid does not exist, you cannot use the flags -w or -W diff --git a/tests/subids/44_usermod_-W_no_subgid/usermod.test b/tests/subids/44_usermod_-W_no_subgid/usermod.test new file mode 100755 index 00000000..da7788e0 --- /dev/null +++ b/tests/subids/44_usermod_-W_no_subgid/usermod.test @@ -0,0 +1,64 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -W fails is there is no subgid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove /etc/subgid..." +rm -f /etc/subgid +echo "OK" + +echo -n "Remove subgid ranges to user foo (usermod -W 100000-100000 foo)..." +usermod -W 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +test ! -f /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/45_usermod_-v_no_subgid/config.txt b/tests/subids/45_usermod_-v_no_subgid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd b/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/group b/tests/subids/45_usermod_-v_no_subgid/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow b/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd b/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow b/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/subgid b/tests/subids/45_usermod_-v_no_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/subuid b/tests/subids/45_usermod_-v_no_subgid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/45_usermod_-v_no_subgid/data/usermod.err b/tests/subids/45_usermod_-v_no_subgid/data/usermod.err new file mode 100644 index 00000000..e3ea042b --- /dev/null +++ b/tests/subids/45_usermod_-v_no_subgid/data/usermod.err @@ -0,0 +1 @@ +usermod: /etc/subuid does not exist, you cannot use the flags -v or -V diff --git a/tests/subids/45_usermod_-v_no_subgid/usermod.test b/tests/subids/45_usermod_-v_no_subgid/usermod.test new file mode 100755 index 00000000..af1359d0 --- /dev/null +++ b/tests/subids/45_usermod_-v_no_subgid/usermod.test @@ -0,0 +1,64 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -v fails is there is no subuid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove /etc/subuid..." +rm -f /etc/subuid +echo "OK" + +echo -n "Add subuid ranges to user foo (usermod -v 100000-100000 foo)..." +usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +test ! -f /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/46_usermod_-V_no_subgid/config.txt b/tests/subids/46_usermod_-V_no_subgid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd b/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/group b/tests/subids/46_usermod_-V_no_subgid/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow b/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd b/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow b/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/subgid b/tests/subids/46_usermod_-V_no_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/subuid b/tests/subids/46_usermod_-V_no_subgid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/46_usermod_-V_no_subgid/data/usermod.err b/tests/subids/46_usermod_-V_no_subgid/data/usermod.err new file mode 100644 index 00000000..e3ea042b --- /dev/null +++ b/tests/subids/46_usermod_-V_no_subgid/data/usermod.err @@ -0,0 +1 @@ +usermod: /etc/subuid does not exist, you cannot use the flags -v or -V diff --git a/tests/subids/46_usermod_-V_no_subgid/usermod.test b/tests/subids/46_usermod_-V_no_subgid/usermod.test new file mode 100755 index 00000000..df95f3ff --- /dev/null +++ b/tests/subids/46_usermod_-V_no_subgid/usermod.test @@ -0,0 +1,64 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -V fails is there is no subuid file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "remove /etc/subuid..." +rm -f /etc/subuid +echo "OK" + +echo -n "Remove subuid ranges to user foo (usermod -V 100000-100000 foo)..." +usermod -V 100000-100000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +test ! -f /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/47_usermod_-v_invalid_range2/config.txt b/tests/subids/47_usermod_-v_invalid_range2/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd b/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/group b/tests/subids/47_usermod_-v_invalid_range2/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow b/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd b/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow b/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err b/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err new file mode 100644 index 00000000..384efdc2 --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate uid range 'a100000-110000' diff --git a/tests/subids/47_usermod_-v_invalid_range2/usermod.test b/tests/subids/47_usermod_-v_invalid_range2/usermod.test new file mode 100755 index 00000000..776e383a --- /dev/null +++ b/tests/subids/47_usermod_-v_invalid_range2/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "invalid characters at the beginning (usermod -v a100000-110000 foo)..." +usermod -v a100000-110000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/48_usermod_-v_invalid_range3/config.txt b/tests/subids/48_usermod_-v_invalid_range3/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd b/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/group b/tests/subids/48_usermod_-v_invalid_range3/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow b/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd b/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow b/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err b/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err new file mode 100644 index 00000000..26b59635 --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate uid range '' diff --git a/tests/subids/48_usermod_-v_invalid_range3/usermod.test b/tests/subids/48_usermod_-v_invalid_range3/usermod.test new file mode 100755 index 00000000..33633220 --- /dev/null +++ b/tests/subids/48_usermod_-v_invalid_range3/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "empty range (usermod -v '' foo)..." +usermod -v '' foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/49_usermod_-v_invalid_range4/config.txt b/tests/subids/49_usermod_-v_invalid_range4/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd b/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/group b/tests/subids/49_usermod_-v_invalid_range4/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow b/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd b/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow b/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err b/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err new file mode 100644 index 00000000..3b7df620 --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate uid range '-100000-110000' diff --git a/tests/subids/49_usermod_-v_invalid_range4/usermod.test b/tests/subids/49_usermod_-v_invalid_range4/usermod.test new file mode 100755 index 00000000..c0b93574 --- /dev/null +++ b/tests/subids/49_usermod_-v_invalid_range4/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "negative UID (usermod -v -100000-110000 foo)..." +usermod -v -100000-110000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/50_usermod_-v_invalid_range5/config.txt b/tests/subids/50_usermod_-v_invalid_range5/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd b/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/group b/tests/subids/50_usermod_-v_invalid_range5/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow b/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd b/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow b/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err b/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err new file mode 100644 index 00000000..4d538c9b --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate uid range '9223372036854775808-110000' diff --git a/tests/subids/50_usermod_-v_invalid_range5/usermod.test b/tests/subids/50_usermod_-v_invalid_range5/usermod.test new file mode 100755 index 00000000..ddd831f2 --- /dev/null +++ b/tests/subids/50_usermod_-v_invalid_range5/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "out of range UID (usermod -v 9223372036854775808-110000 foo)..." +usermod -v 9223372036854775808-110000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/51_usermod_-v_invalid_range6/config.txt b/tests/subids/51_usermod_-v_invalid_range6/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd b/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/group b/tests/subids/51_usermod_-v_invalid_range6/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow b/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd b/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow b/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err b/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err new file mode 100644 index 00000000..64d4f808 --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate uid range '110000-9223372036854775808' diff --git a/tests/subids/51_usermod_-v_invalid_range6/usermod.test b/tests/subids/51_usermod_-v_invalid_range6/usermod.test new file mode 100755 index 00000000..3b23c76f --- /dev/null +++ b/tests/subids/51_usermod_-v_invalid_range6/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "out of range UID (usermod -v 110000-9223372036854775808 foo)..." +usermod -v 110000-9223372036854775808 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/52_usermod_-v_invalid_range7/config.txt b/tests/subids/52_usermod_-v_invalid_range7/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd b/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/group b/tests/subids/52_usermod_-v_invalid_range7/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow b/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd b/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow b/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid new file mode 100644 index 00000000..f42862e3 --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid @@ -0,0 +1,2 @@ +foo:100000:10000 +foo:200000:10000 diff --git a/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err b/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err new file mode 100644 index 00000000..746202a9 --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid subordinate uid range '100000--110000' diff --git a/tests/subids/52_usermod_-v_invalid_range7/usermod.test b/tests/subids/52_usermod_-v_invalid_range7/usermod.test new file mode 100755 index 00000000..a00cf16d --- /dev/null +++ b/tests/subids/52_usermod_-v_invalid_range7/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod reports failure to parse ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "negative upper limit (usermod -v 100000--110000 foo)..." +usermod -v 100000--110000 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/53_userdel_one_subuid_range/config.txt b/tests/subids/53_userdel_one_subuid_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd b/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/group b/tests/subids/53_userdel_one_subuid_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow b/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/passwd b/tests/subids/53_userdel_one_subuid_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/shadow b/tests/subids/53_userdel_one_subuid_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/subgid b/tests/subids/53_userdel_one_subuid_range/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/subuid b/tests/subids/53_userdel_one_subuid_range/config/etc/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/config/etc/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/53_userdel_one_subuid_range/data/group b/tests/subids/53_userdel_one_subuid_range/data/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/53_userdel_one_subuid_range/data/gshadow b/tests/subids/53_userdel_one_subuid_range/data/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/53_userdel_one_subuid_range/data/passwd b/tests/subids/53_userdel_one_subuid_range/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/53_userdel_one_subuid_range/data/shadow b/tests/subids/53_userdel_one_subuid_range/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/53_userdel_one_subuid_range/data/subuid b/tests/subids/53_userdel_one_subuid_range/data/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/53_userdel_one_subuid_range/userdel.test b/tests/subids/53_userdel_one_subuid_range/userdel.test new file mode 100755 index 00000000..2588794a --- /dev/null +++ b/tests/subids/53_userdel_one_subuid_range/userdel.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel can delete an user with its subordinate UIDs range" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/54_userdel_one_subgid_range/config.txt b/tests/subids/54_userdel_one_subgid_range/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd b/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/group b/tests/subids/54_userdel_one_subgid_range/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow b/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/passwd b/tests/subids/54_userdel_one_subgid_range/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/shadow b/tests/subids/54_userdel_one_subgid_range/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/subgid b/tests/subids/54_userdel_one_subgid_range/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/subuid b/tests/subids/54_userdel_one_subgid_range/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/54_userdel_one_subgid_range/data/group b/tests/subids/54_userdel_one_subgid_range/data/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/54_userdel_one_subgid_range/data/gshadow b/tests/subids/54_userdel_one_subgid_range/data/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/54_userdel_one_subgid_range/data/passwd b/tests/subids/54_userdel_one_subgid_range/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/54_userdel_one_subgid_range/data/shadow b/tests/subids/54_userdel_one_subgid_range/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/54_userdel_one_subgid_range/data/subgid b/tests/subids/54_userdel_one_subgid_range/data/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/54_userdel_one_subgid_range/userdel.test b/tests/subids/54_userdel_one_subgid_range/userdel.test new file mode 100755 index 00000000..4ac57f8e --- /dev/null +++ b/tests/subids/54_userdel_one_subgid_range/userdel.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel can delete an user with its subordinate GIDs range" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/55_userdel_no_subuid/config.txt b/tests/subids/55_userdel_no_subuid/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/55_userdel_no_subuid/config/etc/default/useradd b/tests/subids/55_userdel_no_subuid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/55_userdel_no_subuid/config/etc/group b/tests/subids/55_userdel_no_subuid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/55_userdel_no_subuid/config/etc/gshadow b/tests/subids/55_userdel_no_subuid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/55_userdel_no_subuid/config/etc/passwd b/tests/subids/55_userdel_no_subuid/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/55_userdel_no_subuid/config/etc/shadow b/tests/subids/55_userdel_no_subuid/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/55_userdel_no_subuid/config/etc/subgid b/tests/subids/55_userdel_no_subuid/config/etc/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/config/etc/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/55_userdel_no_subuid/config/etc/subuid b/tests/subids/55_userdel_no_subuid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/55_userdel_no_subuid/data/group b/tests/subids/55_userdel_no_subuid/data/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/55_userdel_no_subuid/data/gshadow b/tests/subids/55_userdel_no_subuid/data/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/55_userdel_no_subuid/data/passwd b/tests/subids/55_userdel_no_subuid/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/55_userdel_no_subuid/data/shadow b/tests/subids/55_userdel_no_subuid/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/55_userdel_no_subuid/data/subgid b/tests/subids/55_userdel_no_subuid/data/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/55_userdel_no_subuid/userdel.test b/tests/subids/55_userdel_no_subuid/userdel.test new file mode 100755 index 00000000..8b9f33ff --- /dev/null +++ b/tests/subids/55_userdel_no_subuid/userdel.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel can remove an user with its subordinate GIDs even if /etc/subuid does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/subgid..." +rm -f /etc/subuid +echo "OK" + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +test ! -f /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/56_userdel_no_subgid/config.txt b/tests/subids/56_userdel_no_subgid/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/56_userdel_no_subgid/config/etc/default/useradd b/tests/subids/56_userdel_no_subgid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/56_userdel_no_subgid/config/etc/group b/tests/subids/56_userdel_no_subgid/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/56_userdel_no_subgid/config/etc/gshadow b/tests/subids/56_userdel_no_subgid/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/56_userdel_no_subgid/config/etc/passwd b/tests/subids/56_userdel_no_subgid/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/56_userdel_no_subgid/config/etc/shadow b/tests/subids/56_userdel_no_subgid/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/56_userdel_no_subgid/config/etc/subgid b/tests/subids/56_userdel_no_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/56_userdel_no_subgid/config/etc/subuid b/tests/subids/56_userdel_no_subgid/config/etc/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/config/etc/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/56_userdel_no_subgid/data/group b/tests/subids/56_userdel_no_subgid/data/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/56_userdel_no_subgid/data/gshadow b/tests/subids/56_userdel_no_subgid/data/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/56_userdel_no_subgid/data/passwd b/tests/subids/56_userdel_no_subgid/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/56_userdel_no_subgid/data/shadow b/tests/subids/56_userdel_no_subgid/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/56_userdel_no_subgid/data/subuid b/tests/subids/56_userdel_no_subgid/data/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/56_userdel_no_subgid/userdel.test b/tests/subids/56_userdel_no_subgid/userdel.test new file mode 100755 index 00000000..fe545c0e --- /dev/null +++ b/tests/subids/56_userdel_no_subgid/userdel.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel can remove an user with its subordinate UIDs even if /etc/subgid does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/subgid..." +rm -f /etc/subgid +echo "OK" + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +test ! -f /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/57_userdel_multiple_ranges/config.txt b/tests/subids/57_userdel_multiple_ranges/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd b/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/group b/tests/subids/57_userdel_multiple_ranges/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow b/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/passwd b/tests/subids/57_userdel_multiple_ranges/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/shadow b/tests/subids/57_userdel_multiple_ranges/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/subgid b/tests/subids/57_userdel_multiple_ranges/config/etc/subgid new file mode 100644 index 00000000..4b52edcb --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/config/etc/subgid @@ -0,0 +1,14 @@ +#1 +foo:10000:500 +#2 +foo:100000:10000 +foo:100000:5000 +#3 +foo:200000:10000 +foo:200000:20000 +#4 +foo:300000:10000 +roo:300000:10000 +foo:300000:10000 +foo:400000:10000 +root:500000:1000 diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/subuid b/tests/subids/57_userdel_multiple_ranges/config/etc/subuid new file mode 100644 index 00000000..4b52edcb --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/config/etc/subuid @@ -0,0 +1,14 @@ +#1 +foo:10000:500 +#2 +foo:100000:10000 +foo:100000:5000 +#3 +foo:200000:10000 +foo:200000:20000 +#4 +foo:300000:10000 +roo:300000:10000 +foo:300000:10000 +foo:400000:10000 +root:500000:1000 diff --git a/tests/subids/57_userdel_multiple_ranges/data/group b/tests/subids/57_userdel_multiple_ranges/data/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/57_userdel_multiple_ranges/data/gshadow b/tests/subids/57_userdel_multiple_ranges/data/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/57_userdel_multiple_ranges/data/passwd b/tests/subids/57_userdel_multiple_ranges/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/57_userdel_multiple_ranges/data/shadow b/tests/subids/57_userdel_multiple_ranges/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/57_userdel_multiple_ranges/data/subgid b/tests/subids/57_userdel_multiple_ranges/data/subgid new file mode 100644 index 00000000..adb2561c --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/data/subgid @@ -0,0 +1,6 @@ +#1 +#2 +#3 +#4 +roo:300000:10000 +root:500000:1000 diff --git a/tests/subids/57_userdel_multiple_ranges/data/subuid b/tests/subids/57_userdel_multiple_ranges/data/subuid new file mode 100644 index 00000000..adb2561c --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/data/subuid @@ -0,0 +1,6 @@ +#1 +#2 +#3 +#4 +roo:300000:10000 +root:500000:1000 diff --git a/tests/subids/57_userdel_multiple_ranges/userdel.test b/tests/subids/57_userdel_multiple_ranges/userdel.test new file mode 100755 index 00000000..93f116fc --- /dev/null +++ b/tests/subids/57_userdel_multiple_ranges/userdel.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel can delete an user with its subordinate UIDs ranges" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/58_newusers_with_subids/config.txt b/tests/subids/58_newusers_with_subids/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/58_newusers_with_subids/config/etc/group b/tests/subids/58_newusers_with_subids/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/58_newusers_with_subids/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/58_newusers_with_subids/config/etc/gshadow b/tests/subids/58_newusers_with_subids/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/58_newusers_with_subids/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password b/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers b/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/subids/58_newusers_with_subids/config/etc/passwd b/tests/subids/58_newusers_with_subids/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/58_newusers_with_subids/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/58_newusers_with_subids/config/etc/shadow b/tests/subids/58_newusers_with_subids/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/58_newusers_with_subids/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/58_newusers_with_subids/config/etc/subgid b/tests/subids/58_newusers_with_subids/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/58_newusers_with_subids/config/etc/subuid b/tests/subids/58_newusers_with_subids/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/58_newusers_with_subids/data/group b/tests/subids/58_newusers_with_subids/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/58_newusers_with_subids/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/58_newusers_with_subids/data/gshadow b/tests/subids/58_newusers_with_subids/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/subids/58_newusers_with_subids/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/58_newusers_with_subids/data/newusers.list b/tests/subids/58_newusers_with_subids/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/subids/58_newusers_with_subids/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/58_newusers_with_subids/data/passwd b/tests/subids/58_newusers_with_subids/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/subids/58_newusers_with_subids/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/58_newusers_with_subids/data/shadow b/tests/subids/58_newusers_with_subids/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/subids/58_newusers_with_subids/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/subids/58_newusers_with_subids/data/subgid b/tests/subids/58_newusers_with_subids/data/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/58_newusers_with_subids/data/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/58_newusers_with_subids/data/subuid b/tests/subids/58_newusers_with_subids/data/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/58_newusers_with_subids/data/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/58_newusers_with_subids/newusers.test b/tests/subids/58_newusers_with_subids/newusers.test new file mode 100755 index 00000000..2b69632c --- /dev/null +++ b/tests/subids/58_newusers_with_subids/newusers.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers creates subordinate IDs" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/59_newusers_no_subuid/config.txt b/tests/subids/59_newusers_no_subuid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/59_newusers_no_subuid/config/etc/group b/tests/subids/59_newusers_no_subuid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/59_newusers_no_subuid/config/etc/gshadow b/tests/subids/59_newusers_no_subuid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/subids/59_newusers_no_subuid/config/etc/passwd b/tests/subids/59_newusers_no_subuid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/59_newusers_no_subuid/config/etc/shadow b/tests/subids/59_newusers_no_subuid/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/59_newusers_no_subuid/config/etc/subgid b/tests/subids/59_newusers_no_subuid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/59_newusers_no_subuid/config/etc/subuid b/tests/subids/59_newusers_no_subuid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/59_newusers_no_subuid/data/group b/tests/subids/59_newusers_no_subuid/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/59_newusers_no_subuid/data/gshadow b/tests/subids/59_newusers_no_subuid/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/59_newusers_no_subuid/data/newusers.list b/tests/subids/59_newusers_no_subuid/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/59_newusers_no_subuid/data/passwd b/tests/subids/59_newusers_no_subuid/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/59_newusers_no_subuid/data/shadow b/tests/subids/59_newusers_no_subuid/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/subids/59_newusers_no_subuid/data/subgid b/tests/subids/59_newusers_no_subuid/data/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/data/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/59_newusers_no_subuid/newusers.test b/tests/subids/59_newusers_no_subuid/newusers.test new file mode 100755 index 00000000..f99d9a5b --- /dev/null +++ b/tests/subids/59_newusers_no_subuid/newusers.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers create subordinate GIDs even if /etc/subuid does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/subuid..." +rm -f /etc/subuid +echo "OK" + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +test ! -f /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/60_newusers_no_subgid/config.txt b/tests/subids/60_newusers_no_subgid/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/60_newusers_no_subgid/config/etc/group b/tests/subids/60_newusers_no_subgid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/60_newusers_no_subgid/config/etc/gshadow b/tests/subids/60_newusers_no_subgid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/subids/60_newusers_no_subgid/config/etc/passwd b/tests/subids/60_newusers_no_subgid/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/60_newusers_no_subgid/config/etc/shadow b/tests/subids/60_newusers_no_subgid/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/60_newusers_no_subgid/config/etc/subgid b/tests/subids/60_newusers_no_subgid/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/60_newusers_no_subgid/config/etc/subuid b/tests/subids/60_newusers_no_subgid/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/60_newusers_no_subgid/data/group b/tests/subids/60_newusers_no_subgid/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/60_newusers_no_subgid/data/gshadow b/tests/subids/60_newusers_no_subgid/data/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/subids/60_newusers_no_subgid/data/newusers.list b/tests/subids/60_newusers_no_subgid/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/60_newusers_no_subgid/data/passwd b/tests/subids/60_newusers_no_subgid/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/60_newusers_no_subgid/data/shadow b/tests/subids/60_newusers_no_subgid/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/subids/60_newusers_no_subgid/data/subuid b/tests/subids/60_newusers_no_subgid/data/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/data/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/60_newusers_no_subgid/newusers.test b/tests/subids/60_newusers_no_subgid/newusers.test new file mode 100755 index 00000000..32a41746 --- /dev/null +++ b/tests/subids/60_newusers_no_subgid/newusers.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers create subordinate UIDs even if /etc/subgid does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/subgid..." +rm -f /etc/subgid +echo "OK" + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +test ! -f /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/61_newusers_user_already_has_subgids/config.txt b/tests/subids/61_newusers_user_already_has_subgids/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/group b/tests/subids/61_newusers_user_already_has_subgids/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow b/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd b/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow b/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow new file mode 100644 index 00000000..648c54d1 --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid new file mode 100644 index 00000000..c6faa363 --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid @@ -0,0 +1 @@ +foo:200000:2000 diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/group b/tests/subids/61_newusers_user_already_has_subgids/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/gshadow b/tests/subids/61_newusers_user_already_has_subgids/data/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list b/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/passwd b/tests/subids/61_newusers_user_already_has_subgids/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/shadow b/tests/subids/61_newusers_user_already_has_subgids/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/subuid b/tests/subids/61_newusers_user_already_has_subgids/data/subuid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/data/subuid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/61_newusers_user_already_has_subgids/newusers.test b/tests/subids/61_newusers_user_already_has_subgids/newusers.test new file mode 100755 index 00000000..752932e3 --- /dev/null +++ b/tests/subids/61_newusers_user_already_has_subgids/newusers.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers does not create subordinate GIDs if the user already has subordinate GIDs" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl config/etc/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/62_newusers_user_already_has_subuids/config.txt b/tests/subids/62_newusers_user_already_has_subuids/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/group b/tests/subids/62_newusers_user_already_has_subuids/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow b/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd b/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow b/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow new file mode 100644 index 00000000..648c54d1 --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid new file mode 100644 index 00000000..ad0d53aa --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid @@ -0,0 +1,2 @@ +root:150000:10000 +foo:200000:2000 diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/group b/tests/subids/62_newusers_user_already_has_subuids/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/gshadow b/tests/subids/62_newusers_user_already_has_subuids/data/gshadow new file mode 100644 index 00000000..be1575eb --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:x:: diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list b/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list new file mode 100644 index 00000000..9c40fa2b --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list @@ -0,0 +1 @@ +foo:fooPass:::User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/passwd b/tests/subids/62_newusers_user_already_has_subuids/data/passwd new file mode 100644 index 00000000..7bf7386c --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:User Foo - Gecos Field::/bin/sh diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/shadow b/tests/subids/62_newusers_user_already_has_subuids/data/shadow new file mode 100644 index 00000000..491b593a --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:@PASS_DES fooPass@:@TODAY@:0:99999:7::: diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/subgid b/tests/subids/62_newusers_user_already_has_subuids/data/subgid new file mode 100644 index 00000000..3f7fd12f --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/data/subgid @@ -0,0 +1 @@ +foo:100000:10000 diff --git a/tests/subids/62_newusers_user_already_has_subuids/newusers.test b/tests/subids/62_newusers_user_already_has_subuids/newusers.test new file mode 100755 index 00000000..d300db8e --- /dev/null +++ b/tests/subids/62_newusers_user_already_has_subuids/newusers.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "newusers does not create subordinate UIDs if the user already has subordinate UIDs" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +newusers data/newusers.list + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +../../common/compare_file.pl data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +../../common/compare_file.pl config/etc/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/63_useradd_fill_gap4/config.txt b/tests/subids/63_useradd_fill_gap4/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd b/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/group b/tests/subids/63_useradd_fill_gap4/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/gshadow b/tests/subids/63_useradd_fill_gap4/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/passwd b/tests/subids/63_useradd_fill_gap4/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/shadow b/tests/subids/63_useradd_fill_gap4/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/subgid b/tests/subids/63_useradd_fill_gap4/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/subuid b/tests/subids/63_useradd_fill_gap4/config/etc/subuid new file mode 100644 index 00000000..5d64255f --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/config/etc/subuid @@ -0,0 +1,3 @@ +root:100000:599990001 +# This is after max +root:600100001:10000 diff --git a/tests/subids/63_useradd_fill_gap4/data/group b/tests/subids/63_useradd_fill_gap4/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/63_useradd_fill_gap4/data/gshadow b/tests/subids/63_useradd_fill_gap4/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/63_useradd_fill_gap4/data/passwd b/tests/subids/63_useradd_fill_gap4/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/63_useradd_fill_gap4/data/shadow b/tests/subids/63_useradd_fill_gap4/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/63_useradd_fill_gap4/data/subgid b/tests/subids/63_useradd_fill_gap4/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/63_useradd_fill_gap4/data/subuid b/tests/subids/63_useradd_fill_gap4/data/subuid new file mode 100644 index 00000000..15b3a3cb --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/data/subuid @@ -0,0 +1,4 @@ +root:100000:599990001 +root:600100001:10000 +# This is after max +foo:600090001:10000 diff --git a/tests/subids/63_useradd_fill_gap4/useradd.test b/tests/subids/63_useradd_fill_gap4/useradd.test new file mode 100755 index 00000000..eb399cf3 --- /dev/null +++ b/tests/subids/63_useradd_fill_gap4/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd fills subids gaps in /etc/sub[ug]id" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/64_useradd_fill_gap5/config.txt b/tests/subids/64_useradd_fill_gap5/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd b/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/group b/tests/subids/64_useradd_fill_gap5/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/gshadow b/tests/subids/64_useradd_fill_gap5/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/passwd b/tests/subids/64_useradd_fill_gap5/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/shadow b/tests/subids/64_useradd_fill_gap5/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/subgid b/tests/subids/64_useradd_fill_gap5/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/subuid b/tests/subids/64_useradd_fill_gap5/config/etc/subuid new file mode 100644 index 00000000..c178aee9 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/config/etc/subuid @@ -0,0 +1,3 @@ +root:100000:599990001 +# This is after max +root:600100002:10000 diff --git a/tests/subids/64_useradd_fill_gap5/data/group b/tests/subids/64_useradd_fill_gap5/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/64_useradd_fill_gap5/data/gshadow b/tests/subids/64_useradd_fill_gap5/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/64_useradd_fill_gap5/data/passwd b/tests/subids/64_useradd_fill_gap5/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/64_useradd_fill_gap5/data/shadow b/tests/subids/64_useradd_fill_gap5/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/64_useradd_fill_gap5/data/subgid b/tests/subids/64_useradd_fill_gap5/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/64_useradd_fill_gap5/data/subuid b/tests/subids/64_useradd_fill_gap5/data/subuid new file mode 100644 index 00000000..a992af14 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/data/subuid @@ -0,0 +1,4 @@ +root:100000:599990001 +root:600100002:10000 +# This is after max +foo:600090001:10000 diff --git a/tests/subids/64_useradd_fill_gap5/useradd.test b/tests/subids/64_useradd_fill_gap5/useradd.test new file mode 100755 index 00000000..eb399cf3 --- /dev/null +++ b/tests/subids/64_useradd_fill_gap5/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd fills subids gaps in /etc/sub[ug]id" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/65_useradd_fill_gap6/config.txt b/tests/subids/65_useradd_fill_gap6/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd b/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/group b/tests/subids/65_useradd_fill_gap6/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/gshadow b/tests/subids/65_useradd_fill_gap6/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/passwd b/tests/subids/65_useradd_fill_gap6/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/shadow b/tests/subids/65_useradd_fill_gap6/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/subgid b/tests/subids/65_useradd_fill_gap6/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/subuid b/tests/subids/65_useradd_fill_gap6/config/etc/subuid new file mode 100644 index 00000000..7f96123f --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/config/etc/subuid @@ -0,0 +1 @@ +root:90000:5000 diff --git a/tests/subids/65_useradd_fill_gap6/data/group b/tests/subids/65_useradd_fill_gap6/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/65_useradd_fill_gap6/data/gshadow b/tests/subids/65_useradd_fill_gap6/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/65_useradd_fill_gap6/data/passwd b/tests/subids/65_useradd_fill_gap6/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/65_useradd_fill_gap6/data/shadow b/tests/subids/65_useradd_fill_gap6/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/65_useradd_fill_gap6/data/subgid b/tests/subids/65_useradd_fill_gap6/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/65_useradd_fill_gap6/data/subuid b/tests/subids/65_useradd_fill_gap6/data/subuid new file mode 100644 index 00000000..d275cb0c --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/data/subuid @@ -0,0 +1,2 @@ +root:90000:5000 +foo:100000:10000 diff --git a/tests/subids/65_useradd_fill_gap6/useradd.test b/tests/subids/65_useradd_fill_gap6/useradd.test new file mode 100755 index 00000000..11baa08b --- /dev/null +++ b/tests/subids/65_useradd_fill_gap6/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd create subids in /etc/sub[ug]id (range occupied before min)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/66_subordinate_range_cmp/config.txt b/tests/subids/66_subordinate_range_cmp/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd b/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/group b/tests/subids/66_subordinate_range_cmp/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/gshadow b/tests/subids/66_subordinate_range_cmp/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/passwd b/tests/subids/66_subordinate_range_cmp/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/shadow b/tests/subids/66_subordinate_range_cmp/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/subgid b/tests/subids/66_subordinate_range_cmp/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/subuid b/tests/subids/66_subordinate_range_cmp/config/etc/subuid new file mode 100644 index 00000000..973cff0f --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/config/etc/subuid @@ -0,0 +1,15 @@ +#1 +root:90000:5000 +sfoo:300000:10000 +root:300000:10000 +root:200000:15000 +root:200000:10000 +root:100000:5000 +#2 +root:90000:5000 +root:200000:10000 +root:200000:15000 +root:300000:10000 +sfoo:300000:10000 +root:100000:5000 +#3 diff --git a/tests/subids/66_subordinate_range_cmp/data/group b/tests/subids/66_subordinate_range_cmp/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/66_subordinate_range_cmp/data/gshadow b/tests/subids/66_subordinate_range_cmp/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/66_subordinate_range_cmp/data/passwd b/tests/subids/66_subordinate_range_cmp/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/66_subordinate_range_cmp/data/shadow b/tests/subids/66_subordinate_range_cmp/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/66_subordinate_range_cmp/data/subgid b/tests/subids/66_subordinate_range_cmp/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/66_subordinate_range_cmp/data/subuid b/tests/subids/66_subordinate_range_cmp/data/subuid new file mode 100644 index 00000000..1bd00221 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/data/subuid @@ -0,0 +1,16 @@ +root:90000:5000 +root:90000:5000 +root:100000:5000 +root:100000:5000 +root:200000:10000 +root:200000:10000 +root:200000:15000 +root:200000:15000 +root:300000:10000 +root:300000:10000 +sfoo:300000:10000 +sfoo:300000:10000 +#3 +#2 +#1 +foo:105000:10000 diff --git a/tests/subids/66_subordinate_range_cmp/useradd.test b/tests/subids/66_subordinate_range_cmp/useradd.test new file mode 100755 index 00000000..966db071 --- /dev/null +++ b/tests/subids/66_subordinate_range_cmp/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "test the sort algorithm for subordinate IDs" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/67_invalid_subuid_file1/config.txt b/tests/subids/67_invalid_subuid_file1/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd b/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/group b/tests/subids/67_invalid_subuid_file1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/gshadow b/tests/subids/67_invalid_subuid_file1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/passwd b/tests/subids/67_invalid_subuid_file1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/shadow b/tests/subids/67_invalid_subuid_file1/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/subgid b/tests/subids/67_invalid_subuid_file1/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/subuid b/tests/subids/67_invalid_subuid_file1/config/etc/subuid new file mode 100644 index 00000000..5ebb9463 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/config/etc/subuid @@ -0,0 +1,2 @@ +root::5000 +root:200000:10000 diff --git a/tests/subids/67_invalid_subuid_file1/data/group b/tests/subids/67_invalid_subuid_file1/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/67_invalid_subuid_file1/data/gshadow b/tests/subids/67_invalid_subuid_file1/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/67_invalid_subuid_file1/data/passwd b/tests/subids/67_invalid_subuid_file1/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/67_invalid_subuid_file1/data/shadow b/tests/subids/67_invalid_subuid_file1/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/67_invalid_subuid_file1/data/subgid b/tests/subids/67_invalid_subuid_file1/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/67_invalid_subuid_file1/data/subuid b/tests/subids/67_invalid_subuid_file1/data/subuid new file mode 100644 index 00000000..492cd046 --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/data/subuid @@ -0,0 +1,3 @@ +root:200000:10000 +root::5000 +foo:100000:10000 diff --git a/tests/subids/67_invalid_subuid_file1/useradd.test b/tests/subids/67_invalid_subuid_file1/useradd.test new file mode 100755 index 00000000..acdd793b --- /dev/null +++ b/tests/subids/67_invalid_subuid_file1/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd ignores invalid lines in /etc/subuid (no numerical subordinate user ID)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/68_invalid_subuid_file2/config.txt b/tests/subids/68_invalid_subuid_file2/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd b/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/group b/tests/subids/68_invalid_subuid_file2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/gshadow b/tests/subids/68_invalid_subuid_file2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/passwd b/tests/subids/68_invalid_subuid_file2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/shadow b/tests/subids/68_invalid_subuid_file2/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/subgid b/tests/subids/68_invalid_subuid_file2/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/subuid b/tests/subids/68_invalid_subuid_file2/config/etc/subuid new file mode 100644 index 00000000..154481dd --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/config/etc/subuid @@ -0,0 +1,2 @@ +root:100000: +root:200000:10000 diff --git a/tests/subids/68_invalid_subuid_file2/data/group b/tests/subids/68_invalid_subuid_file2/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/68_invalid_subuid_file2/data/gshadow b/tests/subids/68_invalid_subuid_file2/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/68_invalid_subuid_file2/data/passwd b/tests/subids/68_invalid_subuid_file2/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/68_invalid_subuid_file2/data/shadow b/tests/subids/68_invalid_subuid_file2/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/68_invalid_subuid_file2/data/subgid b/tests/subids/68_invalid_subuid_file2/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/68_invalid_subuid_file2/data/subuid b/tests/subids/68_invalid_subuid_file2/data/subuid new file mode 100644 index 00000000..162f05c7 --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/data/subuid @@ -0,0 +1,3 @@ +root:200000:10000 +root:100000: +foo:100000:10000 diff --git a/tests/subids/68_invalid_subuid_file2/useradd.test b/tests/subids/68_invalid_subuid_file2/useradd.test new file mode 100755 index 00000000..fa67277d --- /dev/null +++ b/tests/subids/68_invalid_subuid_file2/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd ignores invalid lines in /etc/subuid (no numerical subordinate user ID count)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/69_invalid_subuid_file3/config.txt b/tests/subids/69_invalid_subuid_file3/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd b/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/group b/tests/subids/69_invalid_subuid_file3/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/gshadow b/tests/subids/69_invalid_subuid_file3/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/passwd b/tests/subids/69_invalid_subuid_file3/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/shadow b/tests/subids/69_invalid_subuid_file3/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/subgid b/tests/subids/69_invalid_subuid_file3/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/subuid b/tests/subids/69_invalid_subuid_file3/config/etc/subuid new file mode 100644 index 00000000..86fd00dd --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/config/etc/subuid @@ -0,0 +1,2 @@ +:100000:10000 +root:200000:10000 diff --git a/tests/subids/69_invalid_subuid_file3/data/group b/tests/subids/69_invalid_subuid_file3/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/69_invalid_subuid_file3/data/gshadow b/tests/subids/69_invalid_subuid_file3/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/69_invalid_subuid_file3/data/passwd b/tests/subids/69_invalid_subuid_file3/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/69_invalid_subuid_file3/data/shadow b/tests/subids/69_invalid_subuid_file3/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/69_invalid_subuid_file3/data/subgid b/tests/subids/69_invalid_subuid_file3/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/69_invalid_subuid_file3/data/subuid b/tests/subids/69_invalid_subuid_file3/data/subuid new file mode 100644 index 00000000..7faccee1 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/data/subuid @@ -0,0 +1,3 @@ +root:200000:10000 +:100000:10000 +foo:100000:10000 diff --git a/tests/subids/69_invalid_subuid_file3/useradd.test b/tests/subids/69_invalid_subuid_file3/useradd.test new file mode 100755 index 00000000..89bc4cb4 --- /dev/null +++ b/tests/subids/69_invalid_subuid_file3/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd ignores invalid lines in /etc/subuid (no login name)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/subids/70_invalid_subuid_file4/config.txt b/tests/subids/70_invalid_subuid_file4/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd b/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/group b/tests/subids/70_invalid_subuid_file4/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/gshadow b/tests/subids/70_invalid_subuid_file4/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/passwd b/tests/subids/70_invalid_subuid_file4/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/shadow b/tests/subids/70_invalid_subuid_file4/config/etc/shadow new file mode 100644 index 00000000..031ce889 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/config/etc/shadow @@ -0,0 +1,19 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/subgid b/tests/subids/70_invalid_subuid_file4/config/etc/subgid new file mode 100644 index 00000000..5b6b0aa5 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/config/etc/subgid @@ -0,0 +1 @@ +root:100000:599990001 diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/subuid b/tests/subids/70_invalid_subuid_file4/config/etc/subuid new file mode 100644 index 00000000..c8f2b70a --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/config/etc/subuid @@ -0,0 +1,5 @@ +root:-1:10000 +root:100000:-1 +root:100000a:10000 +root:100000:10000a +root:200000:10000 diff --git a/tests/subids/70_invalid_subuid_file4/data/group b/tests/subids/70_invalid_subuid_file4/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/subids/70_invalid_subuid_file4/data/gshadow b/tests/subids/70_invalid_subuid_file4/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/subids/70_invalid_subuid_file4/data/passwd b/tests/subids/70_invalid_subuid_file4/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/subids/70_invalid_subuid_file4/data/shadow b/tests/subids/70_invalid_subuid_file4/data/shadow new file mode 100644 index 00000000..8899857f --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/data/shadow @@ -0,0 +1,20 @@ +root::12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/subids/70_invalid_subuid_file4/data/subgid b/tests/subids/70_invalid_subuid_file4/data/subgid new file mode 100644 index 00000000..dde59ae2 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/data/subgid @@ -0,0 +1,2 @@ +root:100000:599990001 +foo:600090001:10000 diff --git a/tests/subids/70_invalid_subuid_file4/data/subuid b/tests/subids/70_invalid_subuid_file4/data/subuid new file mode 100644 index 00000000..d162a80b --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/data/subuid @@ -0,0 +1,6 @@ +root:200000:10000 +root:100000:10000a +root:100000a:10000 +root:100000:-1 +root:-1:10000 +foo:100000:10000 diff --git a/tests/subids/70_invalid_subuid_file4/useradd.test b/tests/subids/70_invalid_subuid_file4/useradd.test new file mode 100755 index 00000000..a20e0e98 --- /dev/null +++ b/tests/subids/70_invalid_subuid_file4/useradd.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd ignores invalid lines in /etc/subuid (invalid numerical values)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Add user foo..." +useradd foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the /etc/subgid file..." +diff -au data/subgid /etc/subgid +echo "OK" +echo -n "Check the /etc/subuid file..." +diff -au data/subuid /etc/subuid +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/01_useradd_add_user.test b/tests/usertools/01/01_useradd_add_user.test new file mode 100755 index 00000000..dfd0366a --- /dev/null +++ b/tests/usertools/01/01_useradd_add_user.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 01_useradd_add_user/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/01_useradd_add_user/group b/tests/usertools/01/01_useradd_add_user/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/01_useradd_add_user/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/01_useradd_add_user/gshadow b/tests/usertools/01/01_useradd_add_user/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/01_useradd_add_user/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/01_useradd_add_user/passwd b/tests/usertools/01/01_useradd_add_user/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/01_useradd_add_user/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/01_useradd_add_user/shadow b/tests/usertools/01/01_useradd_add_user/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/01_useradd_add_user/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/01_userdel_delete_user.test b/tests/usertools/01/01_userdel_delete_user.test new file mode 100755 index 00000000..132e16aa --- /dev/null +++ b/tests/usertools/01/01_userdel_delete_user.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Delete user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Delete user test1 (userdel test1)..." +userdel test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user.test b/tests/usertools/01/02_useradd_recreate_deleted_user.test new file mode 100755 index 00000000..44721f59 --- /dev/null +++ b/tests/usertools/01/02_useradd_recreate_deleted_user.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Delete user test1 (userdel test1)..." +userdel test1 +echo "OK" +echo -n "Create user test2 (useradd test1)..." +useradd test2 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 02_useradd_recreate_deleted_user/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 02_useradd_recreate_deleted_user/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 02_useradd_recreate_deleted_user/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 02_useradd_recreate_deleted_user/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test2 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/group b/tests/usertools/01/02_useradd_recreate_deleted_user/group new file mode 100644 index 00000000..3b8e510f --- /dev/null +++ b/tests/usertools/01/02_useradd_recreate_deleted_user/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test2:x:1000: diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow b/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow new file mode 100644 index 00000000..73d02983 --- /dev/null +++ b/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test2:!:: diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/passwd b/tests/usertools/01/02_useradd_recreate_deleted_user/passwd new file mode 100644 index 00000000..0a8cf880 --- /dev/null +++ b/tests/usertools/01/02_useradd_recreate_deleted_user/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test2:x:1000:1000::/home/test2:/bin/sh diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/shadow b/tests/usertools/01/02_useradd_recreate_deleted_user/shadow new file mode 100644 index 00000000..1ca61d8d --- /dev/null +++ b/tests/usertools/01/02_useradd_recreate_deleted_user/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test2:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/03_useradd_additional_options.test b/tests/usertools/01/03_useradd_additional_options.test new file mode 100755 index 00000000..5808e458 --- /dev/null +++ b/tests/usertools/01/03_useradd_additional_options.test @@ -0,0 +1,50 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd options --comment, --expiredate, --shell, --inactive, --home-dir" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test3 with options)..." +useradd --comment "comment test3" \ + --expiredate "2006-02-04" \ + --shell "/bin/bash" \ + --inactive "12" \ + --home-dir "/nonexistenthomedir" \ + test3 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 03_useradd_additional_options/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 03_useradd_additional_options/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 03_useradd_additional_options/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 03_useradd_additional_options/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir /home/test3..." +test ! -d /home/test3 +echo "OK" +echo -n "no homedir /nonexistenthomedir..." +test ! -d /nonexistenthomedir +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/03_useradd_additional_options/group b/tests/usertools/01/03_useradd_additional_options/group new file mode 100644 index 00000000..a0c13812 --- /dev/null +++ b/tests/usertools/01/03_useradd_additional_options/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test3:x:1000: diff --git a/tests/usertools/01/03_useradd_additional_options/gshadow b/tests/usertools/01/03_useradd_additional_options/gshadow new file mode 100644 index 00000000..88e4ab16 --- /dev/null +++ b/tests/usertools/01/03_useradd_additional_options/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test3:!:: diff --git a/tests/usertools/01/03_useradd_additional_options/passwd b/tests/usertools/01/03_useradd_additional_options/passwd new file mode 100644 index 00000000..725da572 --- /dev/null +++ b/tests/usertools/01/03_useradd_additional_options/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test3:x:1000:1000:comment test3:/nonexistenthomedir:/bin/bash diff --git a/tests/usertools/01/03_useradd_additional_options/shadow b/tests/usertools/01/03_useradd_additional_options/shadow new file mode 100644 index 00000000..77fbfbc6 --- /dev/null +++ b/tests/usertools/01/03_useradd_additional_options/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test3:!:@TODAY@:0:99999:7:12:13183: diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test new file mode 100755 index 00000000..73324510 --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with an existing ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -u 4242 test1)..." +useradd -u 4242 test1 +echo "OK" +echo -n "Create user test2 with the same ID (useradd -u 4242 test2)..." +useradd -u 4242 test2 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" +echo "All right, useradd returned error $status." +echo -n "Check returned status..." +test "$status" = "4" +echo "OK" + +echo "useradd displayed:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au 04_useradd_add_user_with_existing_UID_fail/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group new file mode 100644 index 00000000..6c7895c6 --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:4242: diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd new file mode 100644 index 00000000..4b6c8085 --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:4242:4242::/home/test1:/bin/sh diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err new file mode 100644 index 00000000..23e59625 --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err @@ -0,0 +1 @@ +useradd: UID 4242 is not unique diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test new file mode 100755 index 00000000..b630c675 --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a specified existing ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -u 4242 test1)..." +useradd -u 4242 test1 +echo "OK" +echo -n "Create user test2 with the same ID (useradd -u 4242 -o test2)..." +useradd -u 4242 -o test2 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir /home/test1..." +test -d /home/test1 && exit 1 || true +echo "OK" +echo -n "no homedir /home/test2..." +test -d /home/test2 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group new file mode 100644 index 00000000..a951b25c --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:4242: +test2:x:4243: diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow new file mode 100644 index 00000000..11e7389c --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: +test2:!:: diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd new file mode 100644 index 00000000..58c50dd6 --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:4242:4242::/home/test1:/bin/sh +test2:x:4242:4243::/home/test2:/bin/sh diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow new file mode 100644 index 00000000..4c40f478 --- /dev/null +++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: +test2:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/04_useradd_specified_UID.test b/tests/usertools/01/04_useradd_specified_UID.test new file mode 100755 index 00000000..240899b6 --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a specified ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -u 4242 test1)..." +useradd -u 4242 test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 04_useradd_specified_UID/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 04_useradd_specified_UID/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 04_useradd_specified_UID/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 04_useradd_specified_UID/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/04_useradd_specified_UID/group b/tests/usertools/01/04_useradd_specified_UID/group new file mode 100644 index 00000000..6c7895c6 --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:4242: diff --git a/tests/usertools/01/04_useradd_specified_UID/gshadow b/tests/usertools/01/04_useradd_specified_UID/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/04_useradd_specified_UID/passwd b/tests/usertools/01/04_useradd_specified_UID/passwd new file mode 100644 index 00000000..4b6c8085 --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:4242:4242::/home/test1:/bin/sh diff --git a/tests/usertools/01/04_useradd_specified_UID/shadow b/tests/usertools/01/04_useradd_specified_UID/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID.test b/tests/usertools/01/04_useradd_specified_UID_and_GID.test new file mode 100755 index 00000000..1e119711 --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID_and_GID.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a specified existing UID and GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -u 4242 test1)..." +useradd -u 4242 test1 +echo "OK" +echo -n "Create user test2 with the same ID (useradd -u 4242 -g 4242 -o test2)..." +useradd -u 4242 -g 4242 -o test2 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 04_useradd_specified_UID_and_GID/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 04_useradd_specified_UID_and_GID/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 04_useradd_specified_UID_and_GID/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 04_useradd_specified_UID_and_GID/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir /home/test1..." +test -d /home/test1 && exit 1 || true +echo "OK" +echo -n "no homedir /home/test2..." +test -d /home/test2 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/group b/tests/usertools/01/04_useradd_specified_UID_and_GID/group new file mode 100644 index 00000000..6c7895c6 --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:4242: diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow b/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd b/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd new file mode 100644 index 00000000..2603e1ec --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:4242:4242::/home/test1:/bin/sh +test2:x:4242:4242::/home/test2:/bin/sh diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow b/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow new file mode 100644 index 00000000..4c40f478 --- /dev/null +++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: +test2:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test new file mode 100755 index 00000000..de2a1891 --- /dev/null +++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test @@ -0,0 +1,51 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Remove an user with a duplicate ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -u 4242 test1)..." +useradd -u 4242 test1 +echo "OK" +echo -n "Create user test2 with the same ID (useradd -u 4242 -o test2)..." +useradd -u 4242 -o test2 +echo "OK" +echo -n "Delete user test2 (userdel test2)..." +userdel test2 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir /home/test1..." +test -d /home/test1 && exit 1 || true +echo "OK" +echo -n "no homedir /home/test2..." +test -d /home/test2 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group new file mode 100644 index 00000000..6c7895c6 --- /dev/null +++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:4242: diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd new file mode 100644 index 00000000..4b6c8085 --- /dev/null +++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:4242:4242::/home/test1:/bin/sh diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test b/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test new file mode 100755 index 00000000..04b4bd03 --- /dev/null +++ b/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a specified unexisting GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -g 4242 test1)..." +useradd -g 4242 test1 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" +echo "OK" +echo "All right, useradd returned error $status." +echo -n "Check returned status..." +test "$status" = "6" +echo "OK" + +echo "useradd displayed:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au 05_useradd_invalid_numeric_primary_group/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err b/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err new file mode 100644 index 00000000..eb2629d2 --- /dev/null +++ b/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err @@ -0,0 +1 @@ +useradd: group '4242' does not exist diff --git a/tests/usertools/01/06_useradd_invalid_named_primary_group.test b/tests/usertools/01/06_useradd_invalid_named_primary_group.test new file mode 100755 index 00000000..ea02d5fa --- /dev/null +++ b/tests/usertools/01/06_useradd_invalid_named_primary_group.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a specified unexisting GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1 -g nekral)..." +useradd test1 -g nekral 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" +echo "OK" +echo "All right, useradd returned error $status." +echo -n "Check returned status..." +test "$status" = "6" +echo "OK" + +echo "useradd displayed:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au 06_useradd_invalid_named_primary_group/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err b/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err new file mode 100644 index 00000000..2b201fe0 --- /dev/null +++ b/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err @@ -0,0 +1 @@ +useradd: group 'nekral' does not exist diff --git a/tests/usertools/01/07_useradd_numerical_primary_group.test b/tests/usertools/01/07_useradd_numerical_primary_group.test new file mode 100755 index 00000000..1f1f14c2 --- /dev/null +++ b/tests/usertools/01/07_useradd_numerical_primary_group.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a numerical GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -g 1 test1)..." +useradd -g 1 test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 07_useradd_numerical_primary_group/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 07_useradd_numerical_primary_group/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 07_useradd_numerical_primary_group/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 07_useradd_numerical_primary_group/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/group b/tests/usertools/01/07_useradd_numerical_primary_group/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/01/07_useradd_numerical_primary_group/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/gshadow b/tests/usertools/01/07_useradd_numerical_primary_group/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/01/07_useradd_numerical_primary_group/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/passwd b/tests/usertools/01/07_useradd_numerical_primary_group/passwd new file mode 100644 index 00000000..902efbe4 --- /dev/null +++ b/tests/usertools/01/07_useradd_numerical_primary_group/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1::/home/test1:/bin/sh diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/shadow b/tests/usertools/01/07_useradd_numerical_primary_group/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/07_useradd_numerical_primary_group/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/08_useradd_named_primary_group.test b/tests/usertools/01/08_useradd_named_primary_group.test new file mode 100755 index 00000000..d18acdff --- /dev/null +++ b/tests/usertools/01/08_useradd_named_primary_group.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a named GID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1 -g nogroup)..." +useradd test1 -g nogroup +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 08_useradd_named_primary_group/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 08_useradd_named_primary_group/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 08_useradd_named_primary_group/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 08_useradd_named_primary_group/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/08_useradd_named_primary_group/group b/tests/usertools/01/08_useradd_named_primary_group/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/01/08_useradd_named_primary_group/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/01/08_useradd_named_primary_group/gshadow b/tests/usertools/01/08_useradd_named_primary_group/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/01/08_useradd_named_primary_group/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/01/08_useradd_named_primary_group/passwd b/tests/usertools/01/08_useradd_named_primary_group/passwd new file mode 100644 index 00000000..42ef2e26 --- /dev/null +++ b/tests/usertools/01/08_useradd_named_primary_group/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:65534::/home/test1:/bin/sh diff --git a/tests/usertools/01/08_useradd_named_primary_group/shadow b/tests/usertools/01/08_useradd_named_primary_group/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/08_useradd_named_primary_group/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/09_usermod_change_user_info.test b/tests/usertools/01/09_usermod_change_user_info.test new file mode 100755 index 00000000..75d00b27 --- /dev/null +++ b/tests/usertools/01/09_usermod_change_user_info.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Change user information with usermod" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Change user test1..." +usermod -g 1 --comment "comment" -e 2000-09-01 -f 17 -s /bin/bash -d /tmp test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 09_usermod_change_user_info/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 09_usermod_change_user_info/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 09_usermod_change_user_info/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 09_usermod_change_user_info/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/09_usermod_change_user_info/group b/tests/usertools/01/09_usermod_change_user_info/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/09_usermod_change_user_info/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/09_usermod_change_user_info/gshadow b/tests/usertools/01/09_usermod_change_user_info/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/09_usermod_change_user_info/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/09_usermod_change_user_info/passwd b/tests/usertools/01/09_usermod_change_user_info/passwd new file mode 100644 index 00000000..60c8e45f --- /dev/null +++ b/tests/usertools/01/09_usermod_change_user_info/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1:comment:/tmp:/bin/bash diff --git a/tests/usertools/01/09_usermod_change_user_info/shadow b/tests/usertools/01/09_usermod_change_user_info/shadow new file mode 100644 index 00000000..cf6bc25d --- /dev/null +++ b/tests/usertools/01/09_usermod_change_user_info/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7:17:11201: diff --git a/tests/usertools/01/10_usermod_rename_user.test b/tests/usertools/01/10_usermod_rename_user.test new file mode 100755 index 00000000..202e9b6e --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Rename user test1 to test2 (usermod -l test2 test1)..." +usermod -l test2 test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 10_usermod_rename_user/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 10_usermod_rename_user/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 10_usermod_rename_user/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 10_usermod_rename_user/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir (/home/test1)..." +test -d /home/test1 && exit 1 || true +echo "OK" +echo -n "no homedir (/home/test2)..." +test -d /home/test2 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/10_usermod_rename_user/group b/tests/usertools/01/10_usermod_rename_user/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/10_usermod_rename_user/gshadow b/tests/usertools/01/10_usermod_rename_user/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/10_usermod_rename_user/passwd b/tests/usertools/01/10_usermod_rename_user/passwd new file mode 100644 index 00000000..0d1ab518 --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test2:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/10_usermod_rename_user/shadow b/tests/usertools/01/10_usermod_rename_user/shadow new file mode 100644 index 00000000..1ca61d8d --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test2:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/10_usermod_rename_user_in_group.test b/tests/usertools/01/10_usermod_rename_user_in_group.test new file mode 100755 index 00000000..374acabc --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user_in_group.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 also in group daemon (useradd test1 -G daemon)..." +useradd test1 -G daemon +echo "OK" +echo -n "Rename user test1 to test2 (usermod -l test2 test1)..." +usermod -l test2 test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 10_usermod_rename_user_in_group/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 10_usermod_rename_user_in_group/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 10_usermod_rename_user_in_group/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 10_usermod_rename_user_in_group/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir (/home/test1)..." +test -d /home/test1 && exit 1 || true +echo "OK" +echo -n "no homedir (/home/test2)..." +test -d /home/test2 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/group b/tests/usertools/01/10_usermod_rename_user_in_group/group new file mode 100644 index 00000000..271a2c34 --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user_in_group/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:test2 +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/gshadow b/tests/usertools/01/10_usermod_rename_user_in_group/gshadow new file mode 100644 index 00000000..879d206a --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user_in_group/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::test2 +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/passwd b/tests/usertools/01/10_usermod_rename_user_in_group/passwd new file mode 100644 index 00000000..0d1ab518 --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user_in_group/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test2:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/shadow b/tests/usertools/01/10_usermod_rename_user_in_group/shadow new file mode 100644 index 00000000..1ca61d8d --- /dev/null +++ b/tests/usertools/01/10_usermod_rename_user_in_group/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test2:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/11_usermod_change_password.test b/tests/usertools/01/11_usermod_change_password.test new file mode 100755 index 00000000..a6e7acec --- /dev/null +++ b/tests/usertools/01/11_usermod_change_password.test @@ -0,0 +1,46 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Change user's password..." +usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1 +# (test1F00barbaz) +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 11_usermod_change_password/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 11_usermod_change_password/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 11_usermod_change_password/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 11_usermod_change_password/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/11_usermod_change_password/group b/tests/usertools/01/11_usermod_change_password/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/11_usermod_change_password/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/11_usermod_change_password/gshadow b/tests/usertools/01/11_usermod_change_password/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/11_usermod_change_password/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/11_usermod_change_password/passwd b/tests/usertools/01/11_usermod_change_password/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/11_usermod_change_password/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/11_usermod_change_password/shadow b/tests/usertools/01/11_usermod_change_password/shadow new file mode 100644 index 00000000..72025a2a --- /dev/null +++ b/tests/usertools/01/11_usermod_change_password/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/11_usermod_lock_password.test b/tests/usertools/01/11_usermod_lock_password.test new file mode 100755 index 00000000..f5e6a9fe --- /dev/null +++ b/tests/usertools/01/11_usermod_lock_password.test @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Change user's password..." +usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1 +# (test1F00barbaz) +echo "OK" +echo -n "Lock user's password..." +usermod -L test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 11_usermod_lock_password/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 11_usermod_lock_password/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 11_usermod_lock_password/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 11_usermod_lock_password/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/11_usermod_lock_password/group b/tests/usertools/01/11_usermod_lock_password/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/11_usermod_lock_password/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/11_usermod_lock_password/gshadow b/tests/usertools/01/11_usermod_lock_password/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/11_usermod_lock_password/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/11_usermod_lock_password/passwd b/tests/usertools/01/11_usermod_lock_password/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/11_usermod_lock_password/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/11_usermod_lock_password/shadow b/tests/usertools/01/11_usermod_lock_password/shadow new file mode 100644 index 00000000..5a236b74 --- /dev/null +++ b/tests/usertools/01/11_usermod_lock_password/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/11_usermod_unlock_empty_password.test b/tests/usertools/01/11_usermod_unlock_empty_password.test new file mode 100755 index 00000000..d12dfd8f --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_empty_password.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Unlock user's password..." +usermod -U test1 2>tmp/err +echo "OK" + +echo "usermod displayed:" +echo "=======================================================================" +cat tmp/err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au 11_usermod_unlock_empty_password/usermod.err tmp/err +echo "error message OK." +rm -f tmp/err + +echo -n "Check the passwd file..." +../../common/compare_file.pl 11_usermod_unlock_empty_password/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 11_usermod_unlock_empty_password/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 11_usermod_unlock_empty_password/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 11_usermod_unlock_empty_password/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/group b/tests/usertools/01/11_usermod_unlock_empty_password/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_empty_password/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/gshadow b/tests/usertools/01/11_usermod_unlock_empty_password/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_empty_password/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/passwd b/tests/usertools/01/11_usermod_unlock_empty_password/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_empty_password/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/shadow b/tests/usertools/01/11_usermod_unlock_empty_password/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_empty_password/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err b/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err new file mode 100644 index 00000000..2564dbfc --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err @@ -0,0 +1,2 @@ +usermod: unlocking the user's password would result in a passwordless account. +You should set a password with usermod -p to unlock this user's password. diff --git a/tests/usertools/01/11_usermod_unlock_password.test b/tests/usertools/01/11_usermod_unlock_password.test new file mode 100755 index 00000000..905b2c03 --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_password.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Change user's password..." +usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1 +# (test1F00barbaz) +echo "OK" +echo -n "Lock user's password..." +usermod -L test1 +echo "OK" +echo -n "Unlock user's password..." +usermod -U test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 11_usermod_unlock_password/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 11_usermod_unlock_password/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 11_usermod_unlock_password/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 11_usermod_unlock_password/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/11_usermod_unlock_password/group b/tests/usertools/01/11_usermod_unlock_password/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_password/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/11_usermod_unlock_password/gshadow b/tests/usertools/01/11_usermod_unlock_password/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_password/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/11_usermod_unlock_password/passwd b/tests/usertools/01/11_usermod_unlock_password/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_password/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/11_usermod_unlock_password/shadow b/tests/usertools/01/11_usermod_unlock_password/shadow new file mode 100644 index 00000000..72025a2a --- /dev/null +++ b/tests/usertools/01/11_usermod_unlock_password/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/12_usermod_change_gid_name.test b/tests/usertools/01/12_usermod_change_gid_name.test new file mode 100755 index 00000000..81481494 --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_name.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Change user's group..." +usermod -g daemon test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 12_usermod_change_gid_name/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 12_usermod_change_gid_name/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 12_usermod_change_gid_name/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 12_usermod_change_gid_name/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/12_usermod_change_gid_name/group b/tests/usertools/01/12_usermod_change_gid_name/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_name/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/12_usermod_change_gid_name/gshadow b/tests/usertools/01/12_usermod_change_gid_name/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_name/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/12_usermod_change_gid_name/passwd b/tests/usertools/01/12_usermod_change_gid_name/passwd new file mode 100644 index 00000000..902efbe4 --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_name/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1::/home/test1:/bin/sh diff --git a/tests/usertools/01/12_usermod_change_gid_name/shadow b/tests/usertools/01/12_usermod_change_gid_name/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_name/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/12_usermod_change_gid_number.test b/tests/usertools/01/12_usermod_change_gid_number.test new file mode 100755 index 00000000..e4172a8a --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_number.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Change user's group..." +usermod -g 1 test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 12_usermod_change_gid_number/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 12_usermod_change_gid_number/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 12_usermod_change_gid_number/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 12_usermod_change_gid_number/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/12_usermod_change_gid_number/group b/tests/usertools/01/12_usermod_change_gid_number/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_number/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/12_usermod_change_gid_number/gshadow b/tests/usertools/01/12_usermod_change_gid_number/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_number/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/12_usermod_change_gid_number/passwd b/tests/usertools/01/12_usermod_change_gid_number/passwd new file mode 100644 index 00000000..902efbe4 --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_number/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1::/home/test1:/bin/sh diff --git a/tests/usertools/01/12_usermod_change_gid_number/shadow b/tests/usertools/01/12_usermod_change_gid_number/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/12_usermod_change_gid_number/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/13_useradd_negative_UID.test b/tests/usertools/01/13_useradd_negative_UID.test new file mode 100755 index 00000000..f049a914 --- /dev/null +++ b/tests/usertools/01/13_useradd_negative_UID.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 with a negative UID (useradd -u -1 test1)..." +msg=$(useradd -u -1 test1 2>&1) && exit 1 || { + status=$? +} +echo "OK" +echo "useradd returned status $status," +echo "and displayed \"$msg\"" +echo -n "The returned status should be 3..." +test "$status" = "3" +echo "OK" +echo -n "Test the error message (should be \"useradd: invalid user ID '-1'\")..." +test "$msg" = "useradd: invalid user ID '-1'" +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 13_useradd_negative_UID/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 13_useradd_negative_UID/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 13_useradd_negative_UID/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 13_useradd_negative_UID/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/13_useradd_negative_UID/group b/tests/usertools/01/13_useradd_negative_UID/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/01/13_useradd_negative_UID/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/01/13_useradd_negative_UID/gshadow b/tests/usertools/01/13_useradd_negative_UID/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/01/13_useradd_negative_UID/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/01/13_useradd_negative_UID/passwd b/tests/usertools/01/13_useradd_negative_UID/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/01/13_useradd_negative_UID/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/01/13_useradd_negative_UID/shadow b/tests/usertools/01/13_useradd_negative_UID/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/01/13_useradd_negative_UID/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/01/14_useradd_out_of_range_UID.test b/tests/usertools/01/14_useradd_out_of_range_UID.test new file mode 100755 index 00000000..88cac264 --- /dev/null +++ b/tests/usertools/01/14_useradd_out_of_range_UID.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 with UID 4294967296 (useradd -u 4294967296 test1)..." +msg=$(useradd -u 4294967296 test1 2>&1) && exit 1 || { + status=$? +} +echo "OK" +echo "useradd returned status $status," +echo "and displayed \"$msg\"" +echo -n "The returned status should be 3..." +test "$status" = "3" +echo "OK" +echo -n "Test the error message (should be \"useradd: invalid user ID '4294967296'\")..." +test "$msg" = "useradd: invalid user ID '4294967296'" +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 14_useradd_out_of_range_UID/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 14_useradd_out_of_range_UID/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 14_useradd_out_of_range_UID/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 14_useradd_out_of_range_UID/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/group b/tests/usertools/01/14_useradd_out_of_range_UID/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/01/14_useradd_out_of_range_UID/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/gshadow b/tests/usertools/01/14_useradd_out_of_range_UID/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/01/14_useradd_out_of_range_UID/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/passwd b/tests/usertools/01/14_useradd_out_of_range_UID/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/01/14_useradd_out_of_range_UID/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/shadow b/tests/usertools/01/14_useradd_out_of_range_UID/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/01/14_useradd_out_of_range_UID/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/01/15_useradd_specified_large_UID.test b/tests/usertools/01/15_useradd_specified_large_UID.test new file mode 100755 index 00000000..69fd5dbc --- /dev/null +++ b/tests/usertools/01/15_useradd_specified_large_UID.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a specified ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -u 2147483647 test1)..." +useradd -u 2147483647 test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 15_useradd_specified_large_UID/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 15_useradd_specified_large_UID/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 15_useradd_specified_large_UID/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 15_useradd_specified_large_UID/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/15_useradd_specified_large_UID/group b/tests/usertools/01/15_useradd_specified_large_UID/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/15_useradd_specified_large_UID/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/15_useradd_specified_large_UID/gshadow b/tests/usertools/01/15_useradd_specified_large_UID/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/15_useradd_specified_large_UID/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/15_useradd_specified_large_UID/passwd b/tests/usertools/01/15_useradd_specified_large_UID/passwd new file mode 100644 index 00000000..116c1c74 --- /dev/null +++ b/tests/usertools/01/15_useradd_specified_large_UID/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:2147483647:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/15_useradd_specified_large_UID/shadow b/tests/usertools/01/15_useradd_specified_large_UID/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/15_useradd_specified_large_UID/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test b/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test new file mode 100755 index 00000000..3e0323e3 --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1, and add it to group src (useradd test1 -g src)..." +useradd test1 -g nogroup -G src,daemon,bin +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group new file mode 100644 index 00000000..04d5635c --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1:test1 +bin:x:2:test1 +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40:test1 +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow new file mode 100644 index 00000000..1605ab67 --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*::test1 +bin:*::test1 +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*::test1 +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd new file mode 100644 index 00000000..42ef2e26 --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:65534::/home/test1:/bin/sh diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group.test b/tests/usertools/01/16_useradd_add_user_to_one_group.test new file mode 100755 index 00000000..38c0020d --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_one_group.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1, and add it to group src (useradd test1 -g src)..." +useradd test1 -G src +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 16_useradd_add_user_to_one_group/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 16_useradd_add_user_to_one_group/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 16_useradd_add_user_to_one_group/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 16_useradd_add_user_to_one_group/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/group b/tests/usertools/01/16_useradd_add_user_to_one_group/group new file mode 100644 index 00000000..1c6668ee --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_one_group/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40:test1 +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow b/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow new file mode 100644 index 00000000..680a5dc0 --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*::test1 +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/passwd b/tests/usertools/01/16_useradd_add_user_to_one_group/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_one_group/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/shadow b/tests/usertools/01/16_useradd_add_user_to_one_group/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/16_useradd_add_user_to_one_group/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/17_useradd_create_homedir.test b/tests/usertools/01/17_useradd_create_homedir.test new file mode 100755 index 00000000..cf271409 --- /dev/null +++ b/tests/usertools/01/17_useradd_create_homedir.test @@ -0,0 +1,46 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 with homedir (useradd --create-home test1)..." +useradd --create-home test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 01_useradd_add_user/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow +echo "OK" +echo -n "homedir created..." +test -d /home/test1 +echo "OK" +echo -n "Check if skeleton files were added..." +diff -rauN /etc/skel /home/test1 +echo "OK" +rm -rf /home/test1 + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/17_useradd_create_homedir/group b/tests/usertools/01/17_useradd_create_homedir/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/17_useradd_create_homedir/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/17_useradd_create_homedir/gshadow b/tests/usertools/01/17_useradd_create_homedir/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/17_useradd_create_homedir/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/17_useradd_create_homedir/passwd b/tests/usertools/01/17_useradd_create_homedir/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/17_useradd_create_homedir/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/17_useradd_create_homedir/shadow b/tests/usertools/01/17_useradd_create_homedir/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/17_useradd_create_homedir/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/18_userdel_remove_homedir.test b/tests/usertools/01/18_userdel_remove_homedir.test new file mode 100755 index 00000000..085381d3 --- /dev/null +++ b/tests/usertools/01/18_userdel_remove_homedir.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 with homedir (useradd --create-home test1)..." +useradd --create-home test1 +echo "OK" +echo -n "Delete user test1 with homedir (userdel --remove test1)..." +userdel --remove test1 2>tmp/userdel.err + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check the userdel message..." +diff -au 18_userdel_remove_homedir/userdel.err tmp/userdel.err +echo "userdel message OK." +rm -f tmp/userdel.err +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "homedir removed..." +test ! -d /home/test1 +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/18_userdel_remove_homedir/group b/tests/usertools/01/18_userdel_remove_homedir/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/18_userdel_remove_homedir/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/18_userdel_remove_homedir/gshadow b/tests/usertools/01/18_userdel_remove_homedir/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/18_userdel_remove_homedir/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/18_userdel_remove_homedir/passwd b/tests/usertools/01/18_userdel_remove_homedir/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/18_userdel_remove_homedir/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/18_userdel_remove_homedir/shadow b/tests/usertools/01/18_userdel_remove_homedir/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/18_userdel_remove_homedir/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/18_userdel_remove_homedir/userdel.err b/tests/usertools/01/18_userdel_remove_homedir/userdel.err new file mode 100644 index 00000000..0b2f1ffc --- /dev/null +++ b/tests/usertools/01/18_userdel_remove_homedir/userdel.err @@ -0,0 +1 @@ +userdel: test1 mail spool (/var/mail/test1) not found diff --git a/tests/usertools/01/19_userdel_delete_user_in_group.test b/tests/usertools/01/19_userdel_delete_user_in_group.test new file mode 100755 index 00000000..77878999 --- /dev/null +++ b/tests/usertools/01/19_userdel_delete_user_in_group.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Delete user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 and add it to groups daemon and bin (useradd test1 -G daemon,bin)..." +useradd test1 -G daemon,bin +echo "OK" +echo -n "Delete user test1 (userdel test1)..." +userdel test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/20_usermod_change_homedir.test b/tests/usertools/01/20_usermod_change_homedir.test new file mode 100755 index 00000000..6ef6e8ff --- /dev/null +++ b/tests/usertools/01/20_usermod_change_homedir.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Delete user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 and its homedir (useradd test1 -m)..." +useradd test1 -m +echo "OK" +echo -n "Change the user's homedir (usermod --home /home/test1.new test1)..." +usermod --home /home/test1.new test1 +echo "OK" +echo -n "Test if the new homedir was not created..." +test ! -d /home/test1.new +echo "OK" +echo -n "test if the old homedir was kept..." +test -d /home/test1 +echo "OK" +echo -n "Delete user test1 (userdel test1)..." +userdel test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "old homedir kept (/home/test1)..." +test -d /home/test1 +echo "OK" +echo -n "no homedir (/home/test1.new)..." +test ! -d /home/test1.new +echo "OK" +rm -rf /home/test1 + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/21_usermod_change_and_move_homedir.test b/tests/usertools/01/21_usermod_change_and_move_homedir.test new file mode 100755 index 00000000..0f269208 --- /dev/null +++ b/tests/usertools/01/21_usermod_change_and_move_homedir.test @@ -0,0 +1,67 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Delete user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 and its homedir (useradd test1 -m)..." +useradd test1 -m +echo "OK" +echo -n "Change the user's homedir (usermod -m --home /home/test1.new test1)..." +usermod -m --home /home/test1.new test1 +echo "OK" +echo -n "Test if the new homedir exists..." +test -d /home/test1.new +echo "OK" +echo -n "test if the old homedir was removed..." +test ! -d /home/test1 +echo "OK" +echo -n "Delete user test1 (userdel test1)..." +userdel test1 --remove 2>tmp/userdel.err +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check the userdel message..." +diff -au 18_userdel_remove_homedir/userdel.err tmp/userdel.err +echo "userdel message OK." +rm -f tmp/userdel.err +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir (/home/test1)..." +test ! -d /home/test1 +echo "OK" +echo -n "no homedir (/home/test1.new)..." +test ! -d /home/test1.new +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/22_usermod_new_groups.test b/tests/usertools/01/22_usermod_new_groups.test new file mode 100755 index 00000000..2cbdfa28 --- /dev/null +++ b/tests/usertools/01/22_usermod_new_groups.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" +echo -n "Add test1 to groups nogroup, daemon, and src..." +usermod -G nogroup,daemon,src test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 22_usermod_new_groups/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 22_usermod_new_groups/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 22_usermod_new_groups/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 22_usermod_new_groups/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/22_usermod_new_groups/group b/tests/usertools/01/22_usermod_new_groups/group new file mode 100644 index 00000000..e529520f --- /dev/null +++ b/tests/usertools/01/22_usermod_new_groups/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:test1 +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40:test1 +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534:test1 +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/22_usermod_new_groups/gshadow b/tests/usertools/01/22_usermod_new_groups/gshadow new file mode 100644 index 00000000..87749e3b --- /dev/null +++ b/tests/usertools/01/22_usermod_new_groups/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::test1 +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*::test1 +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*::test1 +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/22_usermod_new_groups/passwd b/tests/usertools/01/22_usermod_new_groups/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/22_usermod_new_groups/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/22_usermod_new_groups/shadow b/tests/usertools/01/22_usermod_new_groups/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/22_usermod_new_groups/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/23_usermod_add_groups.test b/tests/usertools/01/23_usermod_add_groups.test new file mode 100755 index 00000000..754bdd4d --- /dev/null +++ b/tests/usertools/01/23_usermod_add_groups.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 and add it to group bin (useradd test1 -G bin)..." +useradd test1 -G bin +echo "OK" +echo -n "Add test1 to the additional groups nogroup, daemon, and src..." +usermod -a -G nogroup,daemon,src test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 23_usermod_add_groups/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 23_usermod_add_groups/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 23_usermod_add_groups/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 23_usermod_add_groups/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/23_usermod_add_groups/group b/tests/usertools/01/23_usermod_add_groups/group new file mode 100644 index 00000000..09243ddc --- /dev/null +++ b/tests/usertools/01/23_usermod_add_groups/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:test1 +bin:x:2:test1 +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40:test1 +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534:test1 +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/23_usermod_add_groups/gshadow b/tests/usertools/01/23_usermod_add_groups/gshadow new file mode 100644 index 00000000..a572a196 --- /dev/null +++ b/tests/usertools/01/23_usermod_add_groups/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::test1 +bin:*::test1 +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*::test1 +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*::test1 +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/23_usermod_add_groups/passwd b/tests/usertools/01/23_usermod_add_groups/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/23_usermod_add_groups/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/23_usermod_add_groups/shadow b/tests/usertools/01/23_usermod_add_groups/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/23_usermod_add_groups/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test b/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test new file mode 100755 index 00000000..6b217c68 --- /dev/null +++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 and add it to group bin (useradd test1 -G bin)..." +useradd test1 -G bin +echo "OK" +echo -n "Change the groups of test1 to nogroup, daemon, and src..." +usermod -G nogroup,daemon,src test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group new file mode 100644 index 00000000..e529520f --- /dev/null +++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:test1 +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40:test1 +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534:test1 +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow new file mode 100644 index 00000000..87749e3b --- /dev/null +++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::test1 +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*::test1 +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*::test1 +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd new file mode 100644 index 00000000..0b4b0fa8 --- /dev/null +++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/25_useradd_specified_large_UID2.test b/tests/usertools/01/25_useradd_specified_large_UID2.test new file mode 100755 index 00000000..ed4858c2 --- /dev/null +++ b/tests/usertools/01/25_useradd_specified_large_UID2.test @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user with a specified ID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd -u 4294967294 test1)..." +useradd -u 4294967294 test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 25_useradd_specified_large_UID2/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 25_useradd_specified_large_UID2/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 25_useradd_specified_large_UID2/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 25_useradd_specified_large_UID2/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/group b/tests/usertools/01/25_useradd_specified_large_UID2/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/01/25_useradd_specified_large_UID2/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/gshadow b/tests/usertools/01/25_useradd_specified_large_UID2/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/01/25_useradd_specified_large_UID2/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/passwd b/tests/usertools/01/25_useradd_specified_large_UID2/passwd new file mode 100644 index 00000000..cef49128 --- /dev/null +++ b/tests/usertools/01/25_useradd_specified_large_UID2/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:4294967294:1000::/home/test1:/bin/sh diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/shadow b/tests/usertools/01/25_useradd_specified_large_UID2/shadow new file mode 100644 index 00000000..5920e12b --- /dev/null +++ b/tests/usertools/01/25_useradd_specified_large_UID2/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/01/26_useradd_UID_-1.test b/tests/usertools/01/26_useradd_UID_-1.test new file mode 100755 index 00000000..18bedb59 --- /dev/null +++ b/tests/usertools/01/26_useradd_UID_-1.test @@ -0,0 +1,52 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 with UID 4294967295 (useradd -u 4294967295 test1)..." +msg=$(useradd -u 4294967295 test1 2>&1) && exit 1 || { + status=$? +} +echo "OK" +echo "useradd returned status $status," +echo "and displayed \"$msg\"" +echo -n "The returned status should be 3..." +test "$status" = "3" +echo "OK" +echo -n "Test the error message (should be \"useradd: invalid user ID '4294967295'\")..." +test "$msg" = "useradd: invalid user ID '4294967295'" +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 26_useradd_UID_-1/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 26_useradd_UID_-1/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 26_useradd_UID_-1/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 26_useradd_UID_-1/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir..." +test -d /home/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/01/26_useradd_UID_-1/group b/tests/usertools/01/26_useradd_UID_-1/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/01/26_useradd_UID_-1/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/01/26_useradd_UID_-1/gshadow b/tests/usertools/01/26_useradd_UID_-1/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/01/26_useradd_UID_-1/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/01/26_useradd_UID_-1/passwd b/tests/usertools/01/26_useradd_UID_-1/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/01/26_useradd_UID_-1/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/01/26_useradd_UID_-1/shadow b/tests/usertools/01/26_useradd_UID_-1/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/01/26_useradd_UID_-1/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/01/config/etc/default/useradd b/tests/usertools/01/config/etc/default/useradd new file mode 100644 index 00000000..64dec7d9 --- /dev/null +++ b/tests/usertools/01/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=100 +# +# The default home directory. Same as DHOME for adduser +HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=-1 +# +# The default expire date +EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/01/config/etc/group b/tests/usertools/01/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/01/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/01/config/etc/gshadow b/tests/usertools/01/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/01/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/01/config/etc/passwd b/tests/usertools/01/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/01/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/01/config/etc/shadow b/tests/usertools/01/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/01/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/02/config.txt b/tests/usertools/02/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/usertools/02/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/usertools/02/config/etc/default/useradd b/tests/usertools/02/config/etc/default/useradd new file mode 100644 index 00000000..a834feff --- /dev/null +++ b/tests/usertools/02/config/etc/default/useradd @@ -0,0 +1,37 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +# GROUP=100 +# +# The default home directory. Same as DHOME for adduser +# HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +# INACTIVE=-1 +# +# The default expire date +# EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes + diff --git a/tests/usertools/02/config/etc/group b/tests/usertools/02/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/usertools/02/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/usertools/02/config/etc/gshadow b/tests/usertools/02/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/usertools/02/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/usertools/02/config/etc/passwd b/tests/usertools/02/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/usertools/02/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/usertools/02/config/etc/shadow b/tests/usertools/02/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/usertools/02/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/usertools/02/data/useradd-D.out b/tests/usertools/02/data/useradd-D.out new file mode 100644 index 00000000..a3f48f3e --- /dev/null +++ b/tests/usertools/02/data/useradd-D.out @@ -0,0 +1,7 @@ +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/sh +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/02/data/useradd-D_default_values.out b/tests/usertools/02/data/useradd-D_default_values.out new file mode 100644 index 00000000..1eb58e2d --- /dev/null +++ b/tests/usertools/02/data/useradd-D_default_values.out @@ -0,0 +1,7 @@ +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL= +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/02/useradd_change_default_EXPIRE.test b/tests/usertools/02/useradd_change_default_EXPIRE.test new file mode 100755 index 00000000..6901603c --- /dev/null +++ b/tests/usertools/02/useradd_change_default_EXPIRE.test @@ -0,0 +1,30 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: get default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change default shell (useradd -D --expiredate 1979-11-24)..." +useradd -D --expiredate 1979-11-24 +echo "OK" + +echo -n "Check the default values..." +diff -au useradd_change_default_EXPIRE/useradd.default /etc/default/useradd +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default b/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default new file mode 100644 index 00000000..aa3cd2b3 --- /dev/null +++ b/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default @@ -0,0 +1,43 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +# GROUP=100 +# +# The default home directory. Same as DHOME for adduser +# HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +# INACTIVE=-1 +# +# The default expire date +# EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes + +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE=1979-11-24 +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/02/useradd_change_default_GROUP.test b/tests/usertools/02/useradd_change_default_GROUP.test new file mode 100755 index 00000000..07ea62be --- /dev/null +++ b/tests/usertools/02/useradd_change_default_GROUP.test @@ -0,0 +1,30 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: get default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change default shell (useradd -D --gid nogroup)..." +useradd -D --gid nogroup +echo "OK" + +echo -n "Check the default values..." +diff -au useradd_change_default_GROUP/useradd.default /etc/default/useradd +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/02/useradd_change_default_GROUP/useradd.default b/tests/usertools/02/useradd_change_default_GROUP/useradd.default new file mode 100644 index 00000000..c26a28bb --- /dev/null +++ b/tests/usertools/02/useradd_change_default_GROUP/useradd.default @@ -0,0 +1,43 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +# GROUP=100 +# +# The default home directory. Same as DHOME for adduser +# HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +# INACTIVE=-1 +# +# The default expire date +# EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes + +GROUP=65534 +HOME=/home +INACTIVE=-1 +EXPIRE= +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/02/useradd_change_default_HOME.test b/tests/usertools/02/useradd_change_default_HOME.test new file mode 100755 index 00000000..8d8357c4 --- /dev/null +++ b/tests/usertools/02/useradd_change_default_HOME.test @@ -0,0 +1,30 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: get default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change default shell (useradd -D --base-dir /tmp)..." +useradd -D --base-dir /tmp +echo "OK" + +echo -n "Check the default values..." +diff -au useradd_change_default_HOME/useradd.default /etc/default/useradd +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/02/useradd_change_default_HOME/useradd.default b/tests/usertools/02/useradd_change_default_HOME/useradd.default new file mode 100644 index 00000000..75953c6a --- /dev/null +++ b/tests/usertools/02/useradd_change_default_HOME/useradd.default @@ -0,0 +1,43 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +# GROUP=100 +# +# The default home directory. Same as DHOME for adduser +# HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +# INACTIVE=-1 +# +# The default expire date +# EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes + +GROUP=100 +HOME=/tmp +INACTIVE=-1 +EXPIRE= +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/02/useradd_change_default_INACTIVE.test b/tests/usertools/02/useradd_change_default_INACTIVE.test new file mode 100755 index 00000000..7257439c --- /dev/null +++ b/tests/usertools/02/useradd_change_default_INACTIVE.test @@ -0,0 +1,30 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: get default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change default shell (useradd -D --inactive 10)..." +useradd -D --inactive 10 +echo "OK" + +echo -n "Check the default values..." +diff -au useradd_change_default_INACTIVE/useradd.default /etc/default/useradd +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default b/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default new file mode 100644 index 00000000..fc2f0845 --- /dev/null +++ b/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default @@ -0,0 +1,43 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +# GROUP=100 +# +# The default home directory. Same as DHOME for adduser +# HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +# INACTIVE=-1 +# +# The default expire date +# EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes + +GROUP=100 +HOME=/home +INACTIVE=10 +EXPIRE= +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/02/useradd_change_default_SHELL.test b/tests/usertools/02/useradd_change_default_SHELL.test new file mode 100755 index 00000000..d6c22dc1 --- /dev/null +++ b/tests/usertools/02/useradd_change_default_SHELL.test @@ -0,0 +1,30 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: get default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change default shell (useradd -D --shell /bin/foobar)..." +useradd -D --shell /bin/foobar +echo "OK" + +echo -n "Check the default values..." +diff -au useradd_change_default_SHELL/useradd.default /etc/default/useradd +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/02/useradd_change_default_SHELL/useradd.default b/tests/usertools/02/useradd_change_default_SHELL/useradd.default new file mode 100644 index 00000000..421f1a06 --- /dev/null +++ b/tests/usertools/02/useradd_change_default_SHELL/useradd.default @@ -0,0 +1,43 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +# GROUP=100 +# +# The default home directory. Same as DHOME for adduser +# HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +# INACTIVE=-1 +# +# The default expire date +# EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes + +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/02/useradd_change_defaults.test b/tests/usertools/02/useradd_change_defaults.test new file mode 100755 index 00000000..665a9958 --- /dev/null +++ b/tests/usertools/02/useradd_change_defaults.test @@ -0,0 +1,30 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: set all default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change useradd defaults..." +useradd -D -b /var/tmp -e 1979-11-24 -f 12 -g 1 -s /usr/bin/foobar +echo "OK" + +echo -n "Check the default values..." +diff -au useradd_change_defaults/useradd.default /etc/default/useradd +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/02/useradd_change_defaults/useradd.default b/tests/usertools/02/useradd_change_defaults/useradd.default new file mode 100644 index 00000000..9edb781c --- /dev/null +++ b/tests/usertools/02/useradd_change_defaults/useradd.default @@ -0,0 +1,43 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/usr/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +# GROUP=100 +# +# The default home directory. Same as DHOME for adduser +# HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +# INACTIVE=-1 +# +# The default expire date +# EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes + +GROUP=1 +HOME=/var/tmp +INACTIVE=12 +EXPIRE=1979-11-24 +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/02/useradd_default_default_values.test b/tests/usertools/02/useradd_default_default_values.test new file mode 100755 index 00000000..4c6cf0e7 --- /dev/null +++ b/tests/usertools/02/useradd_default_default_values.test @@ -0,0 +1,36 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: get default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/default/useradd..." +rm -f /etc/default/useradd +echo "OK" + +echo -n "Get default values: 'useradd -D > tmp/out'..." +useradd -D > tmp/out +echo "OK" + +echo -n "Check the default values..." +diff -au data/useradd-D_default_values.out tmp/out +echo "OK" + +rm -f tmp/out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/02/useradd_get_default_values.test b/tests/usertools/02/useradd_get_default_values.test new file mode 100755 index 00000000..a18fb043 --- /dev/null +++ b/tests/usertools/02/useradd_get_default_values.test @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: get default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get default values: 'useradd -D > tmp/out'..." +useradd -D > tmp/out +echo "OK" + +echo -n "Check the default values..." +diff -au data/useradd-D.out tmp/out +echo "OK" + +rm -f tmp/out + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/03/config.txt b/tests/usertools/03/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/usertools/03/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/usertools/03/config/etc/default/useradd b/tests/usertools/03/config/etc/default/useradd new file mode 100644 index 00000000..f34b3ff8 --- /dev/null +++ b/tests/usertools/03/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +# SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=100 +# +# The default home directory. Same as DHOME for adduser +HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=-1 +# +# The default expire date +EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/03/config/etc/group b/tests/usertools/03/config/etc/group new file mode 100644 index 00000000..245cc9cf --- /dev/null +++ b/tests/usertools/03/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/usertools/03/config/etc/gshadow b/tests/usertools/03/config/etc/gshadow new file mode 100644 index 00000000..25bd55bd --- /dev/null +++ b/tests/usertools/03/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/usertools/03/config/etc/passwd b/tests/usertools/03/config/etc/passwd new file mode 100644 index 00000000..6eefe5a3 --- /dev/null +++ b/tests/usertools/03/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/usertools/03/config/etc/shadow b/tests/usertools/03/config/etc/shadow new file mode 100644 index 00000000..038d5cf4 --- /dev/null +++ b/tests/usertools/03/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/usertools/03/useradd_change_defaults.test b/tests/usertools/03/useradd_change_defaults.test new file mode 100755 index 00000000..665a9958 --- /dev/null +++ b/tests/usertools/03/useradd_change_defaults.test @@ -0,0 +1,30 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "useradd -D: set all default values" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change useradd defaults..." +useradd -D -b /var/tmp -e 1979-11-24 -f 12 -g 1 -s /usr/bin/foobar +echo "OK" + +echo -n "Check the default values..." +diff -au useradd_change_defaults/useradd.default /etc/default/useradd +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/03/useradd_change_defaults/useradd.default b/tests/usertools/03/useradd_change_defaults/useradd.default new file mode 100644 index 00000000..7ef8db6b --- /dev/null +++ b/tests/usertools/03/useradd_change_defaults/useradd.default @@ -0,0 +1,37 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +# SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=1 +# +# The default home directory. Same as DHOME for adduser +HOME=/var/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=1979-11-24 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=yes +SHELL=/usr/bin/foobar diff --git a/tests/usertools/04/01_useradd_add_user.test b/tests/usertools/04/01_useradd_add_user.test new file mode 100755 index 00000000..47aea8ac --- /dev/null +++ b/tests/usertools/04/01_useradd_add_user.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "Add a new user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +useradd test1 +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl 01_useradd_add_user/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow +echo "OK" +echo -n "no homedir (/home/test1)..." +test -d /home/test1 && exit 1 || true +echo "OK" +echo -n "no homedir (/tmp/test1)..." +test -d /tmp/test1 && exit 1 || true +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/04/01_useradd_add_user/group b/tests/usertools/04/01_useradd_add_user/group new file mode 100644 index 00000000..ff319127 --- /dev/null +++ b/tests/usertools/04/01_useradd_add_user/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +test1:x:1000: diff --git a/tests/usertools/04/01_useradd_add_user/gshadow b/tests/usertools/04/01_useradd_add_user/gshadow new file mode 100644 index 00000000..90e8eacc --- /dev/null +++ b/tests/usertools/04/01_useradd_add_user/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test1:!:: diff --git a/tests/usertools/04/01_useradd_add_user/passwd b/tests/usertools/04/01_useradd_add_user/passwd new file mode 100644 index 00000000..725e58b1 --- /dev/null +++ b/tests/usertools/04/01_useradd_add_user/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +test1:x:1000:1000::/tmp/test1:/bin/foobar diff --git a/tests/usertools/04/01_useradd_add_user/shadow b/tests/usertools/04/01_useradd_add_user/shadow new file mode 100644 index 00000000..116140f5 --- /dev/null +++ b/tests/usertools/04/01_useradd_add_user/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +test1:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/04/config.txt b/tests/usertools/04/config.txt new file mode 100644 index 00000000..aecff4a9 --- /dev/null +++ b/tests/usertools/04/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/usertools/04/config/etc/default/useradd b/tests/usertools/04/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/04/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/04/config/etc/group b/tests/usertools/04/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/04/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/04/config/etc/gshadow b/tests/usertools/04/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/04/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/04/config/etc/passwd b/tests/usertools/04/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/04/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/04/config/etc/shadow b/tests/usertools/04/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/04/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/05_userdel_del_from_group_members/config.txt b/tests/usertools/05_userdel_del_from_group_members/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd b/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/group b/tests/usertools/05_userdel_del_from_group_members/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow b/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd b/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow b/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/05_userdel_del_from_group_members/data/group b/tests/usertools/05_userdel_del_from_group_members/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/05_userdel_del_from_group_members/data/gshadow b/tests/usertools/05_userdel_del_from_group_members/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/05_userdel_del_from_group_members/data/passwd b/tests/usertools/05_userdel_del_from_group_members/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/05_userdel_del_from_group_members/data/shadow b/tests/usertools/05_userdel_del_from_group_members/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/05_userdel_del_from_group_members/userdel.test b/tests/usertools/05_userdel_del_from_group_members/userdel.test new file mode 100755 index 00000000..89e749b4 --- /dev/null +++ b/tests/usertools/05_userdel_del_from_group_members/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel removes the user from the member lists of /etc/group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user test1 (useradd test1)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config.txt b/tests/usertools/06_userdel_del_from_gshadow_members/config.txt new file mode 100644 index 00000000..73de4007 --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/gshadow only diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group new file mode 100644 index 00000000..0bf8d5d4 --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root,foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow new file mode 100644 index 00000000..ad90310c --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/group b/tests/usertools/06_userdel_del_from_gshadow_members/data/group new file mode 100644 index 00000000..838b9b98 --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow b/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd b/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow b/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test b/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test new file mode 100755 index 00000000..dd502f31 --- /dev/null +++ b/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel removes the user from the member lists of /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt b/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt new file mode 100644 index 00000000..56313e3c --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt @@ -0,0 +1,2 @@ +user foo, admin of group users according to /etc/gshadow +user foo in group users according to /etc/group diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group new file mode 100644 index 00000000..f60e18c8 --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow new file mode 100644 index 00000000..59e5042a --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo:root +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/group b/tests/usertools/07_userdel_del_from_gshadow_admins/data/group new file mode 100644 index 00000000..838b9b98 --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow b/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow new file mode 100644 index 00000000..0f3592ab --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*::root +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd b/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow b/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test b/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test new file mode 100755 index 00000000..b14aeb27 --- /dev/null +++ b/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel removes the user from the admins lists of /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt b/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt new file mode 100644 index 00000000..d339d5a4 --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt @@ -0,0 +1,4 @@ +user foo, in group users and mail according to /etc/group +user foo, in group disk and audio according to /etc/gshadow +foo member and admin of group users according to /etc/gshadow +root in group users diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group new file mode 100644 index 00000000..bb62de10 --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8:foo +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo,root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow new file mode 100644 index 00000000..7556fcf3 --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*::foo +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*::foo +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:foo,root:root,foo +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd new file mode 100644 index 00000000..dc7bf840 --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group new file mode 100644 index 00000000..838b9b98 --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:root +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow new file mode 100644 index 00000000..f8384c9a --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:root:root +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test b/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test new file mode 100755 index 00000000..db13fb4c --- /dev/null +++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel removes the user from lists in /etc/group and /etc/gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/09_userdel_del_homedir/config.txt b/tests/usertools/09_userdel_del_homedir/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd b/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/group b/tests/usertools/09_userdel_del_homedir/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/gshadow b/tests/usertools/09_userdel_del_homedir/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/passwd b/tests/usertools/09_userdel_del_homedir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/shadow b/tests/usertools/09_userdel_del_homedir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/09_userdel_del_homedir/data/group b/tests/usertools/09_userdel_del_homedir/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/09_userdel_del_homedir/data/gshadow b/tests/usertools/09_userdel_del_homedir/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/09_userdel_del_homedir/data/passwd b/tests/usertools/09_userdel_del_homedir/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/09_userdel_del_homedir/data/shadow b/tests/usertools/09_userdel_del_homedir/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/09_userdel_del_homedir/userdel.test b/tests/usertools/09_userdel_del_homedir/userdel.test new file mode 100755 index 00000000..5d2a7aa3 --- /dev/null +++ b/tests/usertools/09_userdel_del_homedir/userdel.test @@ -0,0 +1,53 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel can delete the user's home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +mkdir /home/foo +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0 +echo toto > /home/foo/toto +touch /var/mail/foo +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo' 0 +chown -R foo:foo /var/mail/foo /home/foo + +echo -n "Delete user foo (userdel -r foo)..." +userdel -r foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was removed..." +test ! -d /home/foo +echo "OK" +echo -n "Check the user's mail spool was removed..." +test ! -f /var/mail/foo +echo "OK" + + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt b/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err new file mode 100644 index 00000000..ca8e8abf --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err @@ -0,0 +1 @@ +userdel: /home/foo not owned by foo, not removing diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test b/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test new file mode 100755 index 00000000..37b1674a --- /dev/null +++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test @@ -0,0 +1,69 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel does not delete the user's home directory if it is not owned by the user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo' 0 + +change_config + +mkdir /home/foo +echo toto > /home/foo/toto +touch /var/mail/foo +chown -R foo:foo /var/mail/foo +chown -R root:root /home/foo + +echo -n "Delete user foo (userdel -r foo)..." +userdel -r foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo "The user should have been removed." +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was not removed..." +test -d /home/foo +echo "OK" +echo -n "Check the user's mail spool was removed..." +test ! -f /var/mail/foo +echo "OK" +rm -rf /home/foo + + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/11_usermod_move_homedir/config.txt b/tests/usertools/11_usermod_move_homedir/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd b/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/group b/tests/usertools/11_usermod_move_homedir/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/gshadow b/tests/usertools/11_usermod_move_homedir/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/passwd b/tests/usertools/11_usermod_move_homedir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/shadow b/tests/usertools/11_usermod_move_homedir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/11_usermod_move_homedir/data/home_ls-a b/tests/usertools/11_usermod_move_homedir/data/home_ls-a new file mode 100644 index 00000000..89bbbd9a --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/data/home_ls-a @@ -0,0 +1,3 @@ +-rw-r--r-- foo:foo `/home/foo2/toto' +drwxr-xr-x foo:foo `/home/foo2/.' +drwxr-xr-x root:root `/home/foo2/..' diff --git a/tests/usertools/11_usermod_move_homedir/data/passwd b/tests/usertools/11_usermod_move_homedir/data/passwd new file mode 100644 index 00000000..bc9a6f0d --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo2:/bin/false diff --git a/tests/usertools/11_usermod_move_homedir/usermod.test b/tests/usertools/11_usermod_move_homedir/usermod.test new file mode 100755 index 00000000..b0ebf5c8 --- /dev/null +++ b/tests/usertools/11_usermod_move_homedir/usermod.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can move the user's home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0 + +change_config + +mkdir /home/foo +echo toto > /home/foo/toto +chown -R foo:foo /home/foo + +echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..." +usermod -m -d /home/foo2 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was removed..." +test ! -d /home/foo +echo "OK" +echo -n "Check the user's home directory was moved..." +test -d /home/foo2 +echo "OK" +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" +rm -f tmp/home_ls-a + +echo -n "Remove the new home directory..." +rm -rf /home/foo2 +echo "done" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config.txt b/tests/usertools/12_usermod_move_homedir_dev_null/config.txt new file mode 100644 index 00000000..75f05ab7 --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/config.txt @@ -0,0 +1 @@ +user foo's home directory is /dev/null diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd new file mode 100644 index 00000000..b1fd322a --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/dev/null:/bin/false diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd b/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd new file mode 100644 index 00000000..bc9a6f0d --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo2:/bin/false diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err b/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err new file mode 100644 index 00000000..f02fc5a2 --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err @@ -0,0 +1 @@ +usermod: The previous home directory (/dev/null) was not a directory. It is not removed and no home directories are created. diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test b/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test new file mode 100755 index 00000000..c0ce1c14 --- /dev/null +++ b/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test @@ -0,0 +1,63 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +# TBC: should usermod create the home directory? +log_start "$0" "usermod does not move non-directory (/dev/null)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..." +usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Make sure /dev/null was not removed..." +test -c /dev/null +echo "OK" +echo -n "Make sure the user's home directory was not removed..." +test ! -e /home/foo2 +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/13_usermod_move_homedir_file/config.txt b/tests/usertools/13_usermod_move_homedir_file/config.txt new file mode 100644 index 00000000..5e41c31d --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/config.txt @@ -0,0 +1 @@ +user foo's home directory is /home/foo, which will be created by usermod.test as a regular file. diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd b/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/group b/tests/usertools/13_usermod_move_homedir_file/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow b/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd b/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow b/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/13_usermod_move_homedir_file/data/passwd b/tests/usertools/13_usermod_move_homedir_file/data/passwd new file mode 100644 index 00000000..bc9a6f0d --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo2:/bin/false diff --git a/tests/usertools/13_usermod_move_homedir_file/data/usermod.err b/tests/usertools/13_usermod_move_homedir_file/data/usermod.err new file mode 100644 index 00000000..d2715075 --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/data/usermod.err @@ -0,0 +1 @@ +usermod: The previous home directory (/home/foo) was not a directory. It is not removed and no home directories are created. diff --git a/tests/usertools/13_usermod_move_homedir_file/usermod.test b/tests/usertools/13_usermod_move_homedir_file/usermod.test new file mode 100755 index 00000000..2df56e05 --- /dev/null +++ b/tests/usertools/13_usermod_move_homedir_file/usermod.test @@ -0,0 +1,67 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +# TBC: should usermod create the home directory? +log_start "$0" "usermod does not move non-directory (regular file)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /home/foo' 0 + +change_config + +touch /home/foo + +echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..." +usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check /home/foo was not removed..." +test -f /home/foo +echo "OK" +echo -n "Check the user's home directory was not created..." +test ! -e /home/foo2 +echo "OK" + +rm -f /home/foo + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config.txt b/tests/usertools/14_usermod_move_homedir_other_device/config.txt new file mode 100644 index 00000000..3d43135c --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/config.txt @@ -0,0 +1,5 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a b/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a new file mode 100644 index 00000000..f7abeaa8 --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a @@ -0,0 +1,7 @@ +-rw-r--r-- foo:foo `/tmp/home/foo2/.tata' +-rw-r--r-- foo:foo `/tmp/home/foo2/toto' +crw-r--r-- foo:foo `/tmp/home/foo2/null' +drwxr-xr-x foo:foo `/tmp/home/foo2/.' +drwxr-xr-x foo:foo `/tmp/home/foo2/titi' +drwxr-xr-x root:root `/tmp/home/foo2/..' +lrwxrwxrwx foo:foo `/tmp/home/foo2/tutu' -> `/tmp/home/foo2/toto' diff --git a/tests/usertools/14_usermod_move_homedir_other_device/data/passwd b/tests/usertools/14_usermod_move_homedir_other_device/data/passwd new file mode 100644 index 00000000..86c29de4 --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/home/foo2:/bin/false diff --git a/tests/usertools/14_usermod_move_homedir_other_device/usermod.test b/tests/usertools/14_usermod_move_homedir_other_device/usermod.test new file mode 100755 index 00000000..e595ed32 --- /dev/null +++ b/tests/usertools/14_usermod_move_homedir_other_device/usermod.test @@ -0,0 +1,68 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod keeps links or devices when it moves the user's home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0 + +change_config + +mkdir /home/foo +mkdir /home/foo/titi +echo toto > /home/foo/toto +ln /home/foo/toto /home/foo/.tata +ln -s /home/foo/toto /home/foo/tutu +mknod /home/foo/null c 1 3 +chown -R foo:foo /home/foo + +mkdir /tmp/home +mount --bind /home /tmp/home + +echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 foo)..." +usermod -m -d /tmp/home/foo2 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was removed..." +test ! -d /home/foo +echo "OK" +echo -n "Check the user's home directory was moved..." +test -d /home/foo2 +echo "OK" +echo -n "Check content of /tmp/home/foo2/..." +stat --printf "%A %U:%G %N\n" /tmp/home/foo2/* /tmp/home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" +rm -f tmp/home_ls-a + +echo -n "Remove the new home directory..." +rm -rf /tmp/home/foo2 +echo "done" + +umount /tmp/home +rmdir /tmp/home + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config.txt b/tests/usertools/15_usermod_change_supplementary_groups/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/15_usermod_change_supplementary_groups/data/group b/tests/usertools/15_usermod_change_supplementary_groups/data/group new file mode 100644 index 00000000..6de5fa55 --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2:foo +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow b/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow new file mode 100644 index 00000000..8df27c9d --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo +bin:*::foo +sys:*::root +adm:*::root +tty:*:: +disk:*:foo: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo: +voice:*:: +cdrom:*:foo: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/15_usermod_change_supplementary_groups/usermod.test b/tests/usertools/15_usermod_change_supplementary_groups/usermod.test new file mode 100755 index 00000000..74d3ab7a --- /dev/null +++ b/tests/usertools/15_usermod_change_supplementary_groups/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can change the list of supplementary groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's list of supplementary groups (usermod -G bin,daemon foo)..." +usermod -G bin,daemon foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config.txt b/tests/usertools/16_usermod_remove_supplementary_groups/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/data/group b/tests/usertools/16_usermod_remove_supplementary_groups/data/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow b/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow new file mode 100644 index 00000000..c152e93b --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:foo: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo: +voice:*:: +cdrom:*:foo: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test b/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test new file mode 100755 index 00000000..69651905 --- /dev/null +++ b/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can clear the list of supplementary groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's list of supplementary groups (usermod -G \"\" foo)..." +usermod -G "" foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group new file mode 100644 index 00000000..09dc6c17 --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3:root,foo +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13:foo +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow new file mode 100644 index 00000000..f111ae2a --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*::root,foo +adm:*::root +tty:*:: +disk:*:foo: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*::foo +kmem:*:: +dialout:*:: +fax:*:foo: +voice:*:: +cdrom:*:foo: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test b/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test new file mode 100755 index 00000000..ecd3a5fc --- /dev/null +++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can change the list of supplementary groups, with numerical groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's list of supplementary groups (usermod -G 13,bin,3 foo)..." +usermod -G 13,bin,3 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err new file mode 100644 index 00000000..6cf0f1f9 --- /dev/null +++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err @@ -0,0 +1 @@ +usermod: group 'damon' does not exist diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test new file mode 100755 index 00000000..002bc53c --- /dev/null +++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod fails if asked to add an user to an unknown named group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's list of supplementary groups (usermod -G bin,damon foo)..." +usermod -G bin,damon foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err new file mode 100644 index 00000000..57021779 --- /dev/null +++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err @@ -0,0 +1 @@ +usermod: group '4242' does not exist diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test new file mode 100755 index 00000000..1915240b --- /dev/null +++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod fails if asked to add an user to an unknown numerical group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's list of supplementary groups (usermod -G bin,4242,daemon foo)..." +usermod -G bin,4242,daemon foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt b/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/group b/tests/usertools/20_usermod_rename_user_in_member_lists/data/group new file mode 100644 index 00000000..730e4dda --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo2 +tty:x:5: +disk:x:6: +lp:x:7:root,foo2 +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo2 +voice:x:22: +cdrom:x:24: +floppy:x:25:foo2 +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo2 +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow b/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow new file mode 100644 index 00000000..af81c094 --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo2 +tty:*::foo2 +disk:*:foo2: +lp:*::root,foo2 +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo2:foo2 +voice:*:: +cdrom:*:foo2:foo2 +floppy:*::foo2 +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd b/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd new file mode 100644 index 00000000..f9b78295 --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow b/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test b/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test new file mode 100755 index 00000000..8e0a2cd3 --- /dev/null +++ b/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod rename the user in the lists of members, when an user is renamed with -l" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename user foo (usermod -l foo2 foo)..." +usermod -l foo2 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group new file mode 100644 index 00000000..99e54fa1 --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo2 +bin:x:2:foo2 +sys:x:3:root +adm:x:4:root,foo2 +tty:x:5: +disk:x:6: +lp:x:7:root,foo2 +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo2 +voice:x:22: +cdrom:x:24: +floppy:x:25:foo2 +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo2 +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow new file mode 100644 index 00000000..6ce49038 --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo2 +bin:*::foo2 +sys:*::root +adm:*::root,foo2 +tty:*::foo2 +disk:*:foo2: +lp:*::root,foo2 +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo2:foo2 +voice:*:: +cdrom:*:foo2:foo2 +floppy:*::foo2 +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd new file mode 100644 index 00000000..f9b78295 --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test new file mode 100755 index 00000000..409b3acc --- /dev/null +++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod rename the user in the lists of members and uses the right username when adding the user to supplementary groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename the user and change the user's list of supplementary groups (usermod -l foo2 -a -G bin,daemon foo)..." +usermod -l foo2 -a -G bin,daemon foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt b/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/data/group b/tests/usertools/22_usermod-a_existing_supplementary_group/data/group new file mode 100644 index 00000000..84c86971 --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo +bin:x:2:foo +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow b/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow new file mode 100644 index 00000000..d0a61a3e --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo +bin:*::foo +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test b/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test new file mode 100755 index 00000000..e83a3e06 --- /dev/null +++ b/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod does not fail when requested to add the user to a group it is already a member" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's list of supplementary groups (usermod -a -G bin,daemon,floppy foo)..." +usermod -a -G bin,daemon,floppy foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group new file mode 100644 index 00000000..99e54fa1 --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1:foo2 +bin:x:2:foo2 +sys:x:3:root +adm:x:4:root,foo2 +tty:x:5: +disk:x:6: +lp:x:7:root,foo2 +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo2 +voice:x:22: +cdrom:x:24: +floppy:x:25:foo2 +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo2 +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow new file mode 100644 index 00000000..6ce49038 --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*::foo2 +bin:*::foo2 +sys:*::root +adm:*::root,foo2 +tty:*::foo2 +disk:*:foo2: +lp:*::root,foo2 +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo2:foo2 +voice:*:: +cdrom:*:foo2:foo2 +floppy:*::foo2 +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd new file mode 100644 index 00000000..f9b78295 --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test new file mode 100755 index 00000000..a2b74ae7 --- /dev/null +++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod renames the user when requested to add an user to a group it is already a member and to rename this user" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename the user and change the its list of supplementary groups (usermod -l foo2 -a -G bin,daemon,floppy foo)..." +usermod -l foo2 -a -G bin,daemon,floppy foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/24_usermod_locked_passwd/config.txt b/tests/usertools/24_usermod_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd b/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/group b/tests/usertools/24_usermod_locked_passwd/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/24_usermod_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow b/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/passwd b/tests/usertools/24_usermod_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/24_usermod_locked_passwd/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/shadow b/tests/usertools/24_usermod_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/24_usermod_locked_passwd/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/24_usermod_locked_passwd/data/usermod.err b/tests/usertools/24_usermod_locked_passwd/data/usermod.err new file mode 100644 index 00000000..b1d59ec8 --- /dev/null +++ b/tests/usertools/24_usermod_locked_passwd/data/usermod.err @@ -0,0 +1,2 @@ +usermod: existing lock file /etc/passwd.lock without a PID +usermod: cannot lock /etc/passwd; try again later. diff --git a/tests/usertools/24_usermod_locked_passwd/usermod.test b/tests/usertools/24_usermod_locked_passwd/usermod.test new file mode 100755 index 00000000..6348998e --- /dev/null +++ b/tests/usertools/24_usermod_locked_passwd/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -G checks if the passwd file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..." +usermod -G bin foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/25_usermod-G_locked_group/config.txt b/tests/usertools/25_usermod-G_locked_group/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd b/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/group b/tests/usertools/25_usermod-G_locked_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/25_usermod-G_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow b/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/passwd b/tests/usertools/25_usermod-G_locked_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/25_usermod-G_locked_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/shadow b/tests/usertools/25_usermod-G_locked_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/25_usermod-G_locked_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/25_usermod-G_locked_group/data/usermod.err b/tests/usertools/25_usermod-G_locked_group/data/usermod.err new file mode 100644 index 00000000..4b1d8f95 --- /dev/null +++ b/tests/usertools/25_usermod-G_locked_group/data/usermod.err @@ -0,0 +1,2 @@ +usermod: existing lock file /etc/group.lock without a PID +usermod: cannot lock /etc/group; try again later. diff --git a/tests/usertools/25_usermod-G_locked_group/usermod.test b/tests/usertools/25_usermod-G_locked_group/usermod.test new file mode 100755 index 00000000..a29cfaa7 --- /dev/null +++ b/tests/usertools/25_usermod-G_locked_group/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -G checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..." +usermod -G bin foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/26_usermod_locked_shadow/config.txt b/tests/usertools/26_usermod_locked_shadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd b/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/group b/tests/usertools/26_usermod_locked_shadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/26_usermod_locked_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow b/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/passwd b/tests/usertools/26_usermod_locked_shadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/26_usermod_locked_shadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/shadow b/tests/usertools/26_usermod_locked_shadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/26_usermod_locked_shadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/26_usermod_locked_shadow/data/usermod.err b/tests/usertools/26_usermod_locked_shadow/data/usermod.err new file mode 100644 index 00000000..f490717a --- /dev/null +++ b/tests/usertools/26_usermod_locked_shadow/data/usermod.err @@ -0,0 +1,2 @@ +usermod: existing lock file /etc/shadow.lock without a PID +usermod: cannot lock /etc/shadow; try again later. diff --git a/tests/usertools/26_usermod_locked_shadow/usermod.test b/tests/usertools/26_usermod_locked_shadow/usermod.test new file mode 100755 index 00000000..b35c69bf --- /dev/null +++ b/tests/usertools/26_usermod_locked_shadow/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -G checks if the shadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..." +usermod -G bin foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/shadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config.txt b/tests/usertools/27_usermod-G_locked_gshadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err b/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err new file mode 100644 index 00000000..d065cee0 --- /dev/null +++ b/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err @@ -0,0 +1,2 @@ +usermod: existing lock file /etc/gshadow.lock without a PID +usermod: cannot lock /etc/gshadow; try again later. diff --git a/tests/usertools/27_usermod-G_locked_gshadow/usermod.test b/tests/usertools/27_usermod-G_locked_gshadow/usermod.test new file mode 100755 index 00000000..6709fbc4 --- /dev/null +++ b/tests/usertools/27_usermod-G_locked_gshadow/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -G checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..." +usermod -G bin foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/28_usermod-c_locked_group/config.txt b/tests/usertools/28_usermod-c_locked_group/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/28_usermod-c_locked_group/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd b/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/group b/tests/usertools/28_usermod-c_locked_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/28_usermod-c_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow b/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/passwd b/tests/usertools/28_usermod-c_locked_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/28_usermod-c_locked_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/shadow b/tests/usertools/28_usermod-c_locked_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/28_usermod-c_locked_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/28_usermod-c_locked_group/data/passwd b/tests/usertools/28_usermod-c_locked_group/data/passwd new file mode 100644 index 00000000..c7bb997d --- /dev/null +++ b/tests/usertools/28_usermod-c_locked_group/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:new comment:/home/foo:/bin/false diff --git a/tests/usertools/28_usermod-c_locked_group/usermod.test b/tests/usertools/28_usermod-c_locked_group/usermod.test new file mode 100755 index 00000000..6275a9aa --- /dev/null +++ b/tests/usertools/28_usermod-c_locked_group/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -c does not check if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Change the user's comment (usermod -c \"new coment\" foo)..." +usermod -c "new comment" foo +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config.txt b/tests/usertools/29_usermod-c_locked_gshadow/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/29_usermod-c_locked_gshadow/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/29_usermod-c_locked_gshadow/data/passwd b/tests/usertools/29_usermod-c_locked_gshadow/data/passwd new file mode 100644 index 00000000..c7bb997d --- /dev/null +++ b/tests/usertools/29_usermod-c_locked_gshadow/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:new comment:/home/foo:/bin/false diff --git a/tests/usertools/29_usermod-c_locked_gshadow/usermod.test b/tests/usertools/29_usermod-c_locked_gshadow/usermod.test new file mode 100755 index 00000000..f7a14c9c --- /dev/null +++ b/tests/usertools/29_usermod-c_locked_gshadow/usermod.test @@ -0,0 +1,45 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -c does not check if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Change the user's comment (usermod -c \"new coment\" foo)..." +usermod -c "new comment" foo +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/30_usermod-l_locked_group/config.txt b/tests/usertools/30_usermod-l_locked_group/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/30_usermod-l_locked_group/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd b/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/group b/tests/usertools/30_usermod-l_locked_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/30_usermod-l_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow b/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/passwd b/tests/usertools/30_usermod-l_locked_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/30_usermod-l_locked_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/shadow b/tests/usertools/30_usermod-l_locked_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/30_usermod-l_locked_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/30_usermod-l_locked_group/data/usermod.err b/tests/usertools/30_usermod-l_locked_group/data/usermod.err new file mode 100644 index 00000000..4b1d8f95 --- /dev/null +++ b/tests/usertools/30_usermod-l_locked_group/data/usermod.err @@ -0,0 +1,2 @@ +usermod: existing lock file /etc/group.lock without a PID +usermod: cannot lock /etc/group; try again later. diff --git a/tests/usertools/30_usermod-l_locked_group/usermod.test b/tests/usertools/30_usermod-l_locked_group/usermod.test new file mode 100755 index 00000000..8b3799c3 --- /dev/null +++ b/tests/usertools/30_usermod-l_locked_group/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -l fails if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Change the user's list of supplementary groups (usermod -l foo2 foo)..." +usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config.txt b/tests/usertools/31_usermod-l_locked_gshadow/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/31_usermod-l_locked_gshadow/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err b/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err new file mode 100644 index 00000000..d065cee0 --- /dev/null +++ b/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err @@ -0,0 +1,2 @@ +usermod: existing lock file /etc/gshadow.lock without a PID +usermod: cannot lock /etc/gshadow; try again later. diff --git a/tests/usertools/31_usermod-l_locked_gshadow/usermod.test b/tests/usertools/31_usermod-l_locked_gshadow/usermod.test new file mode 100755 index 00000000..1e18287b --- /dev/null +++ b/tests/usertools/31_usermod-l_locked_gshadow/usermod.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod -l fails if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Change the user's list of supplementary groups (usermod -l foo2 foo)..." +usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/32_usermod-u_new_UID/config.txt b/tests/usertools/32_usermod-u_new_UID/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/32_usermod-u_new_UID/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd b/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/group b/tests/usertools/32_usermod-u_new_UID/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/32_usermod-u_new_UID/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow b/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/passwd b/tests/usertools/32_usermod-u_new_UID/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/32_usermod-u_new_UID/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/shadow b/tests/usertools/32_usermod-u_new_UID/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/32_usermod-u_new_UID/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/32_usermod-u_new_UID/data/passwd b/tests/usertools/32_usermod-u_new_UID/data/passwd new file mode 100644 index 00000000..174e4f6b --- /dev/null +++ b/tests/usertools/32_usermod-u_new_UID/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/false diff --git a/tests/usertools/32_usermod-u_new_UID/usermod.test b/tests/usertools/32_usermod-u_new_UID/usermod.test new file mode 100755 index 00000000..ca04c6f7 --- /dev/null +++ b/tests/usertools/32_usermod-u_new_UID/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can change the user's UID" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/33_usermod-u_existing_UID/config.txt b/tests/usertools/33_usermod-u_existing_UID/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/33_usermod-u_existing_UID/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd b/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/group b/tests/usertools/33_usermod-u_existing_UID/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow b/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd b/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow b/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/33_usermod-u_existing_UID/data/usermod.err b/tests/usertools/33_usermod-u_existing_UID/data/usermod.err new file mode 100644 index 00000000..dd2fa8ad --- /dev/null +++ b/tests/usertools/33_usermod-u_existing_UID/data/usermod.err @@ -0,0 +1 @@ +usermod: UID '1001' already exists diff --git a/tests/usertools/33_usermod-u_existing_UID/usermod.test b/tests/usertools/33_usermod-u_existing_UID/usermod.test new file mode 100755 index 00000000..10c1e28c --- /dev/null +++ b/tests/usertools/33_usermod-u_existing_UID/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod tests if the new user's UID is already used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's UID (usermod -u 1001 foo)..." +usermod -u 1001 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "4" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config.txt b/tests/usertools/34_usermod-u-o_existing_UID/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/34_usermod-u-o_existing_UID/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/34_usermod-u-o_existing_UID/data/passwd b/tests/usertools/34_usermod-u-o_existing_UID/data/passwd new file mode 100644 index 00000000..28bc739c --- /dev/null +++ b/tests/usertools/34_usermod-u-o_existing_UID/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1001:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/34_usermod-u-o_existing_UID/usermod.test b/tests/usertools/34_usermod-u-o_existing_UID/usermod.test new file mode 100755 index 00000000..5ea5210e --- /dev/null +++ b/tests/usertools/34_usermod-u-o_existing_UID/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can change the user's UID to an existing UID (with -o)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's UID (usermod -o -u 1001 foo)..." +usermod -o -u 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/35_usermod-u_invalid_UID/config.txt b/tests/usertools/35_usermod-u_invalid_UID/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/35_usermod-u_invalid_UID/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd b/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/group b/tests/usertools/35_usermod-u_invalid_UID/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow b/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd b/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow b/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err b/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err new file mode 100644 index 00000000..2d5c5e97 --- /dev/null +++ b/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid user ID '100a1' diff --git a/tests/usertools/35_usermod-u_invalid_UID/usermod.test b/tests/usertools/35_usermod-u_invalid_UID/usermod.test new file mode 100755 index 00000000..43f0dafb --- /dev/null +++ b/tests/usertools/35_usermod-u_invalid_UID/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks if the uid is valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's UID (usermod -u 100a1 foo)..." +usermod -u 100a1 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt new file mode 100644 index 00000000..b337f3fd --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000, home directory: /home/foo diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a new file mode 100644 index 00000000..24c95736 --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a @@ -0,0 +1,7 @@ +-rw-r--r-- 1001:1000 `/home/foo2/.tata' +-rw-r--r-- 1001:1000 `/home/foo2/toto' +crw-r--r-- 1001:1000 `/home/foo2/null' +drwxr-xr-x 0:0 `/home/foo2/..' +drwxr-xr-x 1001:1000 `/home/foo2/.' +drwxr-xr-x 1001:1000 `/home/foo2/titi' +lrwxrwxrwx 1001:1000 `/home/foo2/tutu' -> `/tmp/home/foo2/toto' diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd new file mode 100644 index 00000000..9327c6d2 --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1001:1000::/tmp/home/foo2:/bin/false diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test new file mode 100755 index 00000000..6a8d7080 --- /dev/null +++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test @@ -0,0 +1,69 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod can move the user's home directory, over a new device and changes the owner of the user's file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0 + +change_config + +mkdir /home/foo +mkdir /home/foo/titi +echo toto > /home/foo/toto +ln /home/foo/toto /home/foo/.tata +ln -s /home/foo/toto /home/foo/tutu +mknod /home/foo/null c 1 3 +chown -R foo:foo /home/foo +stat --printf "%A %u:%g %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort + +mkdir /tmp/home +mount --bind /home /tmp/home + +echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 -u 1001 foo ..." +usermod -m -d /tmp/home/foo2 -u 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was removed..." +test ! -d /home/foo +echo "OK" +echo -n "Check the user's home directory was moved..." +test -d /home/foo2 +echo "OK" +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %u:%g %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" +rm -f tmp/home_ls-a + +echo -n "Remove the new home directory..." +rm -rf /home/foo2 +echo "done" + +umount /tmp/home +rmdir /tmp/home + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/37_Debian_Bug_470745/config.txt b/tests/usertools/37_Debian_Bug_470745/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd b/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/group b/tests/usertools/37_Debian_Bug_470745/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow b/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/passwd b/tests/usertools/37_Debian_Bug_470745/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/shadow b/tests/usertools/37_Debian_Bug_470745/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/37_Debian_Bug_470745/data/group b/tests/usertools/37_Debian_Bug_470745/data/group new file mode 100644 index 00000000..ad32c023 --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/data/group @@ -0,0 +1,45 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: +tr:x:1002: +rtr:x:1003: diff --git a/tests/usertools/37_Debian_Bug_470745/data/gshadow b/tests/usertools/37_Debian_Bug_470745/data/gshadow new file mode 100644 index 00000000..01b35536 --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/data/gshadow @@ -0,0 +1,45 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: +tr:!:: +tr:!:: diff --git a/tests/usertools/37_Debian_Bug_470745/data/passwd b/tests/usertools/37_Debian_Bug_470745/data/passwd new file mode 100644 index 00000000..0e312597 --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/data/passwd @@ -0,0 +1,22 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false +tr:x:1002:1002::/tmp/tr:/bin/foobar diff --git a/tests/usertools/37_Debian_Bug_470745/data/shadow b/tests/usertools/37_Debian_Bug_470745/data/shadow new file mode 100644 index 00000000..ccbe5807 --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/data/shadow @@ -0,0 +1,22 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: +tr:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/37_Debian_Bug_470745/data/usermod.err b/tests/usertools/37_Debian_Bug_470745/data/usermod.err new file mode 100644 index 00000000..46df2920 --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/data/usermod.err @@ -0,0 +1,2 @@ +Multiple entries named 'tr' in /etc/gshadow. Please fix this with pwck or grpck. +usermod: failed to prepare the new /etc/gshadow entry 'tr' diff --git a/tests/usertools/37_Debian_Bug_470745/usermod.test b/tests/usertools/37_Debian_Bug_470745/usermod.test new file mode 100755 index 00000000..8aa75ba6 --- /dev/null +++ b/tests/usertools/37_Debian_Bug_470745/usermod.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod tests if the new user's UID is already used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo add group tr +groupadd tr +echo add group rtr +groupadd rtr +echo add user tr to group tr +useradd -g tr tr +echo rename group rtr to tr in /etc/gshadow +perl -pi -e 's/rtr/tr/g' /etc/gshadow +echo add user tr to the member list of tr +usermod -G tr tr 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/38_usermod_invalid_user/config.txt b/tests/usertools/38_usermod_invalid_user/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/38_usermod_invalid_user/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd b/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/group b/tests/usertools/38_usermod_invalid_user/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/38_usermod_invalid_user/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/gshadow b/tests/usertools/38_usermod_invalid_user/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/38_usermod_invalid_user/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/passwd b/tests/usertools/38_usermod_invalid_user/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/38_usermod_invalid_user/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/shadow b/tests/usertools/38_usermod_invalid_user/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/38_usermod_invalid_user/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/38_usermod_invalid_user/data/usermod.err b/tests/usertools/38_usermod_invalid_user/data/usermod.err new file mode 100644 index 00000000..83a91835 --- /dev/null +++ b/tests/usertools/38_usermod_invalid_user/data/usermod.err @@ -0,0 +1 @@ +usermod: user 'fooinvalid' does not exist diff --git a/tests/usertools/38_usermod_invalid_user/usermod.test b/tests/usertools/38_usermod_invalid_user/usermod.test new file mode 100755 index 00000000..e88034d7 --- /dev/null +++ b/tests/usertools/38_usermod_invalid_user/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks if the user is valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change an invalid user (usermod -u 100 fooinvalid)..." +usermod -u 100 fooinvalid 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config.txt b/tests/usertools/39_usermod_-c_invalid_comment/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/39_usermod_-c_invalid_comment/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err b/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err new file mode 100644 index 00000000..2cdfa7a9 --- /dev/null +++ b/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid field 'com:ment' diff --git a/tests/usertools/39_usermod_-c_invalid_comment/usermod.test b/tests/usertools/39_usermod_-c_invalid_comment/usermod.test new file mode 100755 index 00000000..5a240eda --- /dev/null +++ b/tests/usertools/39_usermod_-c_invalid_comment/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks validity of -c argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change to and invalid comment (usermod -c 'com:ment' foo)..." +usermod -c 'com:ment' foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config.txt b/tests/usertools/40_usermod_-d_invalid_homedir/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/40_usermod_-d_invalid_homedir/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err b/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err new file mode 100644 index 00000000..0b376d67 --- /dev/null +++ b/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err @@ -0,0 +1,2 @@ +usermod: invalid field 'home +directory' diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test b/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test new file mode 100755 index 00000000..c510489d --- /dev/null +++ b/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks validity of -d argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change to and invalid homedir (usermod -d 'home +directory' foo)..." +usermod -d 'home +directory' foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config.txt b/tests/usertools/41_usermod_-d_invalid_shell/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/41_usermod_-d_invalid_shell/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err b/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err new file mode 100644 index 00000000..b105c0e3 --- /dev/null +++ b/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid field 'sh:ell' diff --git a/tests/usertools/41_usermod_-d_invalid_shell/usermod.test b/tests/usertools/41_usermod_-d_invalid_shell/usermod.test new file mode 100755 index 00000000..44ce22b8 --- /dev/null +++ b/tests/usertools/41_usermod_-d_invalid_shell/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks validity of -s argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change to and invalid shell (usermod -s 'sh:ell' foo)..." +usermod -s 'sh:ell' foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config.txt b/tests/usertools/42_usermod_-g_invalid_group_name/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/42_usermod_-g_invalid_group_name/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err b/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err new file mode 100644 index 00000000..dbd9dc78 --- /dev/null +++ b/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err @@ -0,0 +1 @@ +usermod: group 'fooinvalid' does not exist diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test b/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test new file mode 100755 index 00000000..22fd1073 --- /dev/null +++ b/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks existence of the specified primary group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change to and invalid shell (usermod -g 'fooinvalid' foo)..." +usermod -g 'fooinvalid' foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt b/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err b/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err new file mode 100644 index 00000000..82d3de6a --- /dev/null +++ b/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err @@ -0,0 +1 @@ +usermod: group '12345' does not exist diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test b/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test new file mode 100755 index 00000000..5d60cef2 --- /dev/null +++ b/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks existence of the specified primary group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change to and invalid shell (usermod -g 12345 foo)..." +usermod -g 12345 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/44_usermod-l_existing_username/config.txt b/tests/usertools/44_usermod-l_existing_username/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/44_usermod-l_existing_username/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd b/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/group b/tests/usertools/44_usermod-l_existing_username/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/44_usermod-l_existing_username/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow b/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/passwd b/tests/usertools/44_usermod-l_existing_username/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/44_usermod-l_existing_username/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/shadow b/tests/usertools/44_usermod-l_existing_username/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/44_usermod-l_existing_username/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/44_usermod-l_existing_username/data/usermod.err b/tests/usertools/44_usermod-l_existing_username/data/usermod.err new file mode 100644 index 00000000..895463e0 --- /dev/null +++ b/tests/usertools/44_usermod-l_existing_username/data/usermod.err @@ -0,0 +1 @@ +usermod: user 'foo2' already exists diff --git a/tests/usertools/44_usermod-l_existing_username/usermod.test b/tests/usertools/44_usermod-l_existing_username/usermod.test new file mode 100755 index 00000000..f3cbf150 --- /dev/null +++ b/tests/usertools/44_usermod-l_existing_username/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod tests if the new username is already used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's name (usermod -l foo2 foo)..." +usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "9" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config.txt b/tests/usertools/45_usermod-l_existing_username_passwd/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/45_usermod-l_existing_username_passwd/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow new file mode 100644 index 00000000..7d2cc657 --- /dev/null +++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo3:!:12977:0:99999:7::: diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err b/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err new file mode 100644 index 00000000..895463e0 --- /dev/null +++ b/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err @@ -0,0 +1 @@ +usermod: user 'foo2' already exists diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test b/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test new file mode 100755 index 00000000..f3cbf150 --- /dev/null +++ b/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod tests if the new username is already used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's name (usermod -l foo2 foo)..." +usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "9" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config.txt b/tests/usertools/46_usermod-l_existing_username_shadow/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/46_usermod-l_existing_username_shadow/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd new file mode 100644 index 00000000..92eddca1 --- /dev/null +++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo3:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err b/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err new file mode 100644 index 00000000..16ef5fc5 --- /dev/null +++ b/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err @@ -0,0 +1 @@ +usermod: user 'foo2' already exists in /etc/shadow diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test b/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test new file mode 100755 index 00000000..f3cbf150 --- /dev/null +++ b/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod tests if the new username is already used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's name (usermod -l foo2 foo)..." +usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "9" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config.txt b/tests/usertools/47_usermod-l_no_shadow_file/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/group b/tests/usertools/47_usermod-l_no_shadow_file/data/group new file mode 100644 index 00000000..730e4dda --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo2 +tty:x:5: +disk:x:6: +lp:x:7:root,foo2 +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo2 +voice:x:22: +cdrom:x:24: +floppy:x:25:foo2 +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo2 +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow b/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow new file mode 100644 index 00000000..af81c094 --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo2 +tty:*::foo2 +disk:*:foo2: +lp:*::root,foo2 +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo2:foo2 +voice:*:: +cdrom:*:foo2:foo2 +floppy:*::foo2 +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/passwd b/tests/usertools/47_usermod-l_no_shadow_file/data/passwd new file mode 100644 index 00000000..f542fb07 --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/47_usermod-l_no_shadow_file/usermod.test b/tests/usertools/47_usermod-l_no_shadow_file/usermod.test new file mode 100755 index 00000000..46bdc57a --- /dev/null +++ b/tests/usertools/47_usermod-l_no_shadow_file/usermod.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod does not require a shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "done" + +echo -n "Change the user's name (usermod -l foo2 foo)..." +usermod -l foo2 foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd new file mode 100644 index 00000000..9ae1f6f0 --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1000:::/bin/false diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd new file mode 100644 index 00000000..6b6522f6 --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1000:::/bin/false diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err new file mode 100644 index 00000000..157a8fcd --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err @@ -0,0 +1 @@ +userdel: group foo is the primary group of another user and is not removed. diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test b/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test new file mode 100755 index 00000000..750780e2 --- /dev/null +++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel does not remove the user's group if it is still used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user test1 (userdel foo)..." +userdel foo 2>tmp/userdel.err +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/49_userdel_delete_users_group/config.txt b/tests/usertools/49_userdel_delete_users_group/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd b/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/group b/tests/usertools/49_userdel_delete_users_group/config/etc/group new file mode 100644 index 00000000..ac82d7f1 --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow b/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow new file mode 100644 index 00000000..a5268196 --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/passwd b/tests/usertools/49_userdel_delete_users_group/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/shadow b/tests/usertools/49_userdel_delete_users_group/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/49_userdel_delete_users_group/data/group b/tests/usertools/49_userdel_delete_users_group/data/group new file mode 100644 index 00000000..4b6a079e --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo2:x:1001: diff --git a/tests/usertools/49_userdel_delete_users_group/data/gshadow b/tests/usertools/49_userdel_delete_users_group/data/gshadow new file mode 100644 index 00000000..08d25a20 --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo2:*:: diff --git a/tests/usertools/49_userdel_delete_users_group/data/passwd b/tests/usertools/49_userdel_delete_users_group/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/49_userdel_delete_users_group/data/shadow b/tests/usertools/49_userdel_delete_users_group/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/49_userdel_delete_users_group/userdel.test b/tests/usertools/49_userdel_delete_users_group/userdel.test new file mode 100755 index 00000000..90e7afc3 --- /dev/null +++ b/tests/usertools/49_userdel_delete_users_group/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel does not remove the user's group if it is still used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user test1 (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group new file mode 100644 index 00000000..ac82d7f1 --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow new file mode 100644 index 00000000..9fdfaa0c --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo3:*:: +foo2:*:: diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group new file mode 100644 index 00000000..4b6a079e --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo2:x:1001: diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test new file mode 100755 index 00000000..4293f278 --- /dev/null +++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel remove the user's group even if it does not exist in gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user test1 (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..ac82d7f1 --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..9fdfaa0c --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo3:*:: +foo2:*:: diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group new file mode 100644 index 00000000..4b6a079e --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo2:x:1001: diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test new file mode 100755 index 00000000..72cd32ff --- /dev/null +++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel remove the user's group even if it does not exist in gshadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete /etc/gshadow..." +rm -f /etc/gshadow +echo "done" + +echo -n "Delete user test1 (userdel foo)..." +userdel foo +echo "OK" + + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..ac82d7f1 --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..a5268196 --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..2c64068b --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo3:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group new file mode 100644 index 00000000..4b6a079e --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo2:x:1001: diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow new file mode 100644 index 00000000..08d25a20 --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo2:*:: diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test b/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test new file mode 100755 index 00000000..244adc92 --- /dev/null +++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel accepts when the user has no shadow entry" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt b/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group new file mode 100644 index 00000000..ac82d7f1 --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..a5268196 --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..2c64068b --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo3:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group new file mode 100644 index 00000000..4b6a079e --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo2:x:1001: diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow new file mode 100644 index 00000000..08d25a20 --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo2:*:: diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test b/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test new file mode 100755 index 00000000..26bc485b --- /dev/null +++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel accepts when the user is not is shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Delete user test1 (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt new file mode 100644 index 00000000..93534c38 --- /dev/null +++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt @@ -0,0 +1 @@ +user foo exists. diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group new file mode 100644 index 00000000..feb1bcac --- /dev/null +++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow new file mode 100644 index 00000000..5f131b1e --- /dev/null +++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd new file mode 100644 index 00000000..6d87df11 --- /dev/null +++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +foo2:x:1001:1001::/home/foo2:/bin/false diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err b/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err new file mode 100644 index 00000000..862ad44d --- /dev/null +++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid user ID '4294967295' diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test b/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test new file mode 100755 index 00000000..08728461 --- /dev/null +++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "usermod checks if the uid is valid" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's UID (usermod -u 4294967295 foo)..." +usermod -u 4294967295 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/usermod.err tmp/usermod.err +echo "error message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/55_userdel_busy_user/config.txt b/tests/usertools/55_userdel_busy_user/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/55_userdel_busy_user/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/55_userdel_busy_user/config/etc/default/useradd b/tests/usertools/55_userdel_busy_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/55_userdel_busy_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/55_userdel_busy_user/config/etc/group b/tests/usertools/55_userdel_busy_user/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/55_userdel_busy_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/55_userdel_busy_user/config/etc/gshadow b/tests/usertools/55_userdel_busy_user/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/55_userdel_busy_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/55_userdel_busy_user/config/etc/passwd b/tests/usertools/55_userdel_busy_user/config/etc/passwd new file mode 100644 index 00000000..82223ff6 --- /dev/null +++ b/tests/usertools/55_userdel_busy_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/bash diff --git a/tests/usertools/55_userdel_busy_user/config/etc/shadow b/tests/usertools/55_userdel_busy_user/config/etc/shadow new file mode 100644 index 00000000..23ff0c0c --- /dev/null +++ b/tests/usertools/55_userdel_busy_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12977:0:99999:7::: diff --git a/tests/usertools/55_userdel_busy_user/data/userdel.err b/tests/usertools/55_userdel_busy_user/data/userdel.err new file mode 100644 index 00000000..860d0967 --- /dev/null +++ b/tests/usertools/55_userdel_busy_user/data/userdel.err @@ -0,0 +1 @@ +userdel: user foo is currently used by process <PID> diff --git a/tests/usertools/55_userdel_busy_user/userdel.test b/tests/usertools/55_userdel_busy_user/userdel.test new file mode 100755 index 00000000..45d6e3fb --- /dev/null +++ b/tests/usertools/55_userdel_busy_user/userdel.test @@ -0,0 +1,68 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel accepts when the user is not is shadow" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; kill $pid' 0 + +change_config + +echo -n "Create a process for foo (su -l foo -c \"sleep 10\")..." +su -l foo -c "sleep 10" 2>/dev/null & +echo "OK" + +# Make sure su was started. +sleep 1 + +echo -n "Delete user foo (userdel foo)..." +userdel foo 2>tmp/userdel.err && exit 1 || { + ps=$(echo $! $?) + pid=$(echo $ps | cut -f1 -d' ') + status=$(echo $ps | cut -f2 -d' ') +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "8" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +sed -i -e "s/ [0-9]*$/ <PID>/" tmp/userdel.err +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + + +kill $pid || true +wait || true + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/56_userdel_locked_passwd/config.txt b/tests/usertools/56_userdel_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd b/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/group b/tests/usertools/56_userdel_locked_passwd/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/56_userdel_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow b/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/passwd b/tests/usertools/56_userdel_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/56_userdel_locked_passwd/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/shadow b/tests/usertools/56_userdel_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/56_userdel_locked_passwd/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/56_userdel_locked_passwd/data/userdel.err b/tests/usertools/56_userdel_locked_passwd/data/userdel.err new file mode 100644 index 00000000..183acb4c --- /dev/null +++ b/tests/usertools/56_userdel_locked_passwd/data/userdel.err @@ -0,0 +1,2 @@ +userdel: existing lock file /etc/passwd.lock without a PID +userdel: cannot lock /etc/passwd; try again later. diff --git a/tests/usertools/56_userdel_locked_passwd/userdel.test b/tests/usertools/56_userdel_locked_passwd/userdel.test new file mode 100755 index 00000000..af186a91 --- /dev/null +++ b/tests/usertools/56_userdel_locked_passwd/userdel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel checks if the passwd file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Delete user foo (userdel foo)..." +userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/57_userdel_locked_group/config.txt b/tests/usertools/57_userdel_locked_group/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/57_userdel_locked_group/config/etc/default/useradd b/tests/usertools/57_userdel_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/57_userdel_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/57_userdel_locked_group/config/etc/group b/tests/usertools/57_userdel_locked_group/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/57_userdel_locked_group/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/57_userdel_locked_group/config/etc/gshadow b/tests/usertools/57_userdel_locked_group/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/57_userdel_locked_group/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/57_userdel_locked_group/config/etc/passwd b/tests/usertools/57_userdel_locked_group/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/57_userdel_locked_group/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/57_userdel_locked_group/config/etc/shadow b/tests/usertools/57_userdel_locked_group/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/57_userdel_locked_group/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/57_userdel_locked_group/data/userdel.err b/tests/usertools/57_userdel_locked_group/data/userdel.err new file mode 100644 index 00000000..1e947b22 --- /dev/null +++ b/tests/usertools/57_userdel_locked_group/data/userdel.err @@ -0,0 +1,2 @@ +userdel: existing lock file /etc/group.lock without a PID +userdel: cannot lock /etc/group; try again later. diff --git a/tests/usertools/57_userdel_locked_group/userdel.test b/tests/usertools/57_userdel_locked_group/userdel.test new file mode 100755 index 00000000..01e8c8c1 --- /dev/null +++ b/tests/usertools/57_userdel_locked_group/userdel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Delete user foo (userdel foo)..." +userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/58_userdel_locked_shadow/config.txt b/tests/usertools/58_userdel_locked_shadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd b/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/group b/tests/usertools/58_userdel_locked_shadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/58_userdel_locked_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow b/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/passwd b/tests/usertools/58_userdel_locked_shadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/58_userdel_locked_shadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/shadow b/tests/usertools/58_userdel_locked_shadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/58_userdel_locked_shadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/58_userdel_locked_shadow/data/userdel.err b/tests/usertools/58_userdel_locked_shadow/data/userdel.err new file mode 100644 index 00000000..324b9ec7 --- /dev/null +++ b/tests/usertools/58_userdel_locked_shadow/data/userdel.err @@ -0,0 +1,2 @@ +userdel: existing lock file /etc/shadow.lock without a PID +userdel: cannot lock /etc/shadow; try again later. diff --git a/tests/usertools/58_userdel_locked_shadow/userdel.test b/tests/usertools/58_userdel_locked_shadow/userdel.test new file mode 100755 index 00000000..54acf616 --- /dev/null +++ b/tests/usertools/58_userdel_locked_shadow/userdel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel checks if the shadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Delete user foo (userdel foo)..." +userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/shadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/59_userdel_locked_gshadow/config.txt b/tests/usertools/59_userdel_locked_gshadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd b/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/group b/tests/usertools/59_userdel_locked_gshadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow b/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd b/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow b/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/59_userdel_locked_gshadow/data/userdel.err b/tests/usertools/59_userdel_locked_gshadow/data/userdel.err new file mode 100644 index 00000000..7a567713 --- /dev/null +++ b/tests/usertools/59_userdel_locked_gshadow/data/userdel.err @@ -0,0 +1,2 @@ +userdel: existing lock file /etc/gshadow.lock without a PID +userdel: cannot lock /etc/gshadow; try again later. diff --git a/tests/usertools/59_userdel_locked_gshadow/userdel.test b/tests/usertools/59_userdel_locked_gshadow/userdel.test new file mode 100755 index 00000000..97993b99 --- /dev/null +++ b/tests/usertools/59_userdel_locked_gshadow/userdel.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Delete user foo (userdel foo)..." +userdel foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/60_userdel_invalid_user/config.txt b/tests/usertools/60_userdel_invalid_user/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd b/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/group b/tests/usertools/60_userdel_invalid_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/60_userdel_invalid_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/gshadow b/tests/usertools/60_userdel_invalid_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/60_userdel_invalid_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/passwd b/tests/usertools/60_userdel_invalid_user/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/60_userdel_invalid_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/shadow b/tests/usertools/60_userdel_invalid_user/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/60_userdel_invalid_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/60_userdel_invalid_user/data/userdel.err b/tests/usertools/60_userdel_invalid_user/data/userdel.err new file mode 100644 index 00000000..97598b9b --- /dev/null +++ b/tests/usertools/60_userdel_invalid_user/data/userdel.err @@ -0,0 +1 @@ +userdel: user 'fooo' does not exist diff --git a/tests/usertools/60_userdel_invalid_user/userdel.test b/tests/usertools/60_userdel_invalid_user/userdel.test new file mode 100755 index 00000000..b070736a --- /dev/null +++ b/tests/usertools/60_userdel_invalid_user/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel checks if the user exists" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user fooo (userdel fooo)..." +userdel fooo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo -n "Check the passwd file..." +../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt b/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err new file mode 100644 index 00000000..5d7b44f1 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err @@ -0,0 +1 @@ +userdel: foo mail spool (/var/mail/foo) not found diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test b/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test new file mode 100755 index 00000000..a123ccb7 --- /dev/null +++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test @@ -0,0 +1,70 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "userdel delete links, but not the pointed file/directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +mkdir /home/foo +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0 +mkdir /home/bar +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/bar' 0 +touch /home/baz +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/bar /home/baz' 0 +echo toto > /home/foo/toto +ln -s /home/bar /home/foo/bar +ln -s /home/baz /home/foo/baz +chown -R foo:foo /home/foo /home/bar /home/baz + +echo -n "Delete user foo (userdel -r foo)..." +userdel -r foo 2>tmp/userdel.err +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check the userdel message..." +diff -au data/userdel.err tmp/userdel.err +echo "userdel message OK." +rm -f tmp/userdel.err +echo "OK" + +echo -n "Check the passwd file..." +../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was removed..." +test ! -d /home/foo +echo "OK" +echo -n "Check that directory pointed from a foo's link is not removed..." +test -d /home/bar +echo "OK" +echo -n "Check that file pointed from a foo's link is not removed..." +test -f /home/baz +echo "OK" +rm -rf /home/bar /home/baz + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test new file mode 100755 index 00000000..519d0a29 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd fails if an user does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody, lp, and foooo's password..." +echo 'nobody:test +lp:test2 +foooo:test3' | chpasswd 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password new file mode 100644 index 00000000..07f3f1de --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err new file mode 100644 index 00000000..8a3011fe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err @@ -0,0 +1,3 @@ +chpasswd: (user foooo) pam_chauthtok() failed, error: +Authentication token manipulation error +chpasswd: (line 3, user foooo) password not changed diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow new file mode 100644 index 00000000..cb548561 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_MD5 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_MD5 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test new file mode 100755 index 00000000..c036205b --- /dev/null +++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can change the password of multiple users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow new file mode 100644 index 00000000..d69c00cd --- /dev/null +++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_DES test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test new file mode 100755 index 00000000..fb915a18 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd file if shadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check that shadow does not exist..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password new file mode 100644 index 00000000..07f3f1de --- /dev/null +++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..bd037066 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:bar:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd new file mode 100644 index 00000000..36fa602b --- /dev/null +++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:@PASS_MD5 test2@:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:@PASS_MD5 test@:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test new file mode 100755 index 00000000..26602134 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries" +# FIXME: The PAM and !PAM versions differs: +# PAM will create a shadow entry if the shadow file exists +# !PAM will update the passwd entry and leave the shadow file untouched + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..54dc57e0 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,40 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..f4f74a53 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow @@ -0,0 +1,18 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow new file mode 100644 index 00000000..090d61ac --- /dev/null +++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +lp:@PASS_DES test2@:@TODAY@:::::: diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test new file mode 100755 index 00000000..5760ca55 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd fails if no password are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp' | chpasswd 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password new file mode 100644 index 00000000..07f3f1de --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err new file mode 100644 index 00000000..a02b7d61 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err @@ -0,0 +1 @@ +chpasswd: line 2: missing new password diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow new file mode 100644 index 00000000..658661b3 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_MD5 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test new file mode 100755 index 00000000..fda62303 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get chpasswd usage (chpasswd -h)..." +chpasswd -h >tmp/usage.out +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out new file mode 100644 index 00000000..59c8b351 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out @@ -0,0 +1,12 @@ +Usage: chpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test new file mode 100755 index 00000000..f75e6749 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd displays its usage message in case on non recognized option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get chpasswd usage (chpasswd --foo)..." +chpasswd --foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out new file mode 100644 index 00000000..4e26b6dd --- /dev/null +++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out @@ -0,0 +1,13 @@ +chpasswd: unrecognized option '--foo' +Usage: chpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test new file mode 100755 index 00000000..ecfbb200 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks that -e and -m are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password are encrypted and must use md5 (chpasswd -m -e)..." +echo 'nobody:test' | chpasswd -m -e 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out new file mode 100644 index 00000000..799c8ddb --- /dev/null +++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out @@ -0,0 +1,13 @@ +chpasswd: the -c, -e, and -m flags are exclusive +Usage: chpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test new file mode 100755 index 00000000..ab5deec3 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks that -e and -c are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password are encrypted and must use another method (chpasswd -c SHA512 -e)..." +echo 'nobody:test' | chpasswd -c SHA512 -e 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out new file mode 100644 index 00000000..799c8ddb --- /dev/null +++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out @@ -0,0 +1,13 @@ +chpasswd: the -c, -e, and -m flags are exclusive +Usage: chpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test new file mode 100755 index 00000000..fe2bbd7e --- /dev/null +++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks that -c and -m are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password must use md5 and another method (chpasswd -m -c SHA256)..." +echo 'nobody:test' | chpasswd -m -c SHA256 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out new file mode 100644 index 00000000..799c8ddb --- /dev/null +++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out @@ -0,0 +1,13 @@ +chpasswd: the -c, -e, and -m flags are exclusive +Usage: chpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test new file mode 100755 index 00000000..29982fc1 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks that -c is provided if -s is used" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password must use md5 and another method (chpasswd --sha-rounds 12)..." +echo 'nobody:test' | chpasswd --sha-rounds 12 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out new file mode 100644 index 00000000..ab133e29 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out @@ -0,0 +1,13 @@ +chpasswd: -s flag is only allowed with the -c flag +Usage: chpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test new file mode 100755 index 00000000..1b478f98 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks the -s argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password must use md5 and another method (chpasswd --sha-rounds 12foo -c SHA512)..." +echo 'nobody:test' | chpasswd --sha-rounds 12foo -c SHA512 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out new file mode 100644 index 00000000..bcfcf6d0 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out @@ -0,0 +1,13 @@ +chpasswd: invalid numeric argument '12foo' +Usage: chpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test new file mode 100755 index 00000000..a2f653c7 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks the -c argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Password must use md5 and another method (chpasswd --crypt-method SHA513)..." +echo 'nobody:test' | chpasswd --crypt-method SHA513 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out new file mode 100644 index 00000000..2c9e5aaf --- /dev/null +++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out @@ -0,0 +1,13 @@ +chpasswd: unsupported crypt method: SHA513 +Usage: chpasswd [options] + +Options: + -c, --crypt-method METHOD the crypt method (one of NONE DES MD5 SHA256 SHA512) + -e, --encrypted supplied passwords are encrypted + -h, --help display this help message and exit + -m, --md5 encrypt the clear text password using + the MD5 algorithm + -R, --root CHROOT_DIR directory to chroot into + -s, --sha-rounds number of SHA rounds for the SHA* + crypt algorithms + diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test new file mode 100755 index 00000000..3591462b --- /dev/null +++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use encrypted password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd -e)..." +echo 'nobody:test +lp:test2' | chpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow new file mode 100644 index 00000000..269ee68f --- /dev/null +++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:test2:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:test:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test new file mode 100755 index 00000000..534fb6fc --- /dev/null +++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create md5 passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --md5)..." +echo 'nobody:test +lp:test2' | chpasswd --md5 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow new file mode 100644 index 00000000..cb548561 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_MD5 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_MD5 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test new file mode 100755 index 00000000..e7c1b4e5 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use encrypted passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd -c NONE)..." +echo 'nobody:test +lp:test2' | chpasswd -c NONE +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow new file mode 100644 index 00000000..269ee68f --- /dev/null +++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:test2:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:test:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test new file mode 100755 index 00000000..f7da2c69 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create MD5 passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --crypt-method MD5)..." +echo 'nobody:test +lp:test2' | chpasswd --crypt-method MD5 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow new file mode 100644 index 00000000..cb548561 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_MD5 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_MD5 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test new file mode 100755 index 00000000..750b82f2 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create DES passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --crypt-method DES)..." +echo 'nobody:test +lp:test2' | chpasswd --crypt-method DES +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow new file mode 100644 index 00000000..d69c00cd --- /dev/null +++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_DES test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test new file mode 100755 index 00000000..56c67bf1 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create SHA256 passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256)..." +echo 'nobody:test +lp:test2' | chpasswd --crypt-method SHA256 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow new file mode 100644 index 00000000..2705a064 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test new file mode 100755 index 00000000..9a0b0d79 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create SHA256 passwords and use at least 1000 rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256 -s 900)..." +echo 'nobody:test +lp:test2' | chpasswd --crypt-method SHA256 -s 900 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +grep nobody /etc/shadow | grep -q ':\$5\$rounds=1000\$' +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow new file mode 100644 index 00000000..2705a064 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test new file mode 100755 index 00000000..6f5f586d --- /dev/null +++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create SHA256 passwords and use the requested number of rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256 -s 9000)..." +echo 'nobody:test +lp:test2' | chpasswd --crypt-method SHA256 -s 9000 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +grep nobody /etc/shadow | grep -q ':\$5\$rounds=9000\$' +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow new file mode 100644 index 00000000..2705a064 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test new file mode 100755 index 00000000..856665f2 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create SHA512 passwords" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512)..." +echo 'nobody:test +lp:test2' | chpasswd --crypt-method SHA512 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow new file mode 100644 index 00000000..83bc0c9b --- /dev/null +++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test new file mode 100755 index 00000000..4382ab59 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create SHA512 passwords and use at least 1000 rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512 -s 900)..." +echo 'nobody:test +lp:test2' | chpasswd --crypt-method SHA512 -s 900 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +grep nobody /etc/shadow | grep -q ':\$6\$rounds=1000\$' +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow new file mode 100644 index 00000000..83bc0c9b --- /dev/null +++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test new file mode 100755 index 00000000..f42c7bed --- /dev/null +++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test @@ -0,0 +1,41 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use create SHA512 passwords and use the requested number of rounds" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512 -s 9000)..." +echo 'nobody:test +lp:test2' | chpasswd --crypt-method SHA512 -s 9000 +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +grep nobody /etc/shadow | grep -q ':\$6\$rounds=9000\$' +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow new file mode 100644 index 00000000..83bc0c9b --- /dev/null +++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test new file mode 100755 index 00000000..ce881e8e --- /dev/null +++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd file if shadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check that shadow does not exist..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password new file mode 100644 index 00000000..07f3f1de --- /dev/null +++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd new file mode 100644 index 00000000..04899576 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:test2:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:test:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test new file mode 100755 index 00000000..7aa511ed --- /dev/null +++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd file if shadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check that shadow does not exist..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password new file mode 100644 index 00000000..07f3f1de --- /dev/null +++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err new file mode 100644 index 00000000..498b5c81 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err @@ -0,0 +1,6 @@ +chpasswd: (user nobody) pam_chauthtok() failed, error: +Authentication token manipulation error +chpasswd: (line 1, user nobody) password not changed +chpasswd: (user lp) pam_chauthtok() failed, error: +Authentication token manipulation error +chpasswd: (line 2, user lp) password not changed diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test new file mode 100755 index 00000000..0578c1fa --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd file if shadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check that shadow does not exist..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password new file mode 100644 index 00000000..07f3f1de --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd new file mode 100644 index 00000000..0d291195 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err new file mode 100644 index 00000000..1381d0ee --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err @@ -0,0 +1,3 @@ +chpasswd: (user lp) pam_chauthtok() failed, error: +Authentication token manipulation error +chpasswd: (line 2, user lp) password not changed diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd new file mode 100644 index 00000000..9a44671d --- /dev/null +++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:@PASS_MD5 test@:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test new file mode 100755 index 00000000..0578c1fa --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd file if shadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check that shadow does not exist..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password new file mode 100644 index 00000000..07f3f1de --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure md5 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd new file mode 100644 index 00000000..6ba390f2 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:bar:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err new file mode 100644 index 00000000..9eb11ca4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err @@ -0,0 +1,3 @@ +chpasswd: (user nobody) pam_chauthtok() failed, error: +Authentication token manipulation error +chpasswd: (line 1, user nobody) password not changed diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd new file mode 100644 index 00000000..978ea44c --- /dev/null +++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:@PASS_MD5 test2@:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test new file mode 100755 index 00000000..c3412858 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries" +# FIXME: The PAM and !PAM versions differs: +# PAM will create a shadow entry if the shadow file exists +# !PAM will update the passwd entry and leave the shadow file untouched + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..54dc57e0 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,40 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..f4f74a53 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow @@ -0,0 +1,18 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow new file mode 100644 index 00000000..fcb19dbc --- /dev/null +++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:test:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +lp:test2:@TODAY@:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test new file mode 100755 index 00000000..a18f9128 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test @@ -0,0 +1,61 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks if the passwd file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Change passwords (chpasswd -e)..." +echo 'nobody:test +lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err new file mode 100644 index 00000000..468b8b6b --- /dev/null +++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err @@ -0,0 +1,2 @@ +chpasswd: existing lock file /etc/passwd.lock without a PID +chpasswd: cannot lock /etc/passwd; try again later. diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test new file mode 100755 index 00000000..36867586 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test @@ -0,0 +1,61 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks if the shadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Change passwords (chpasswd -e)..." +echo 'nobody:test +lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/shadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err new file mode 100644 index 00000000..507310f2 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err @@ -0,0 +1,2 @@ +chpasswd: existing lock file /etc/shadow.lock without a PID +chpasswd: cannot lock /etc/shadow; try again later. diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test new file mode 100755 index 00000000..05bf3949 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks that users exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chpasswd)..." +echo 'nobody:test +bar:bar2 +lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err new file mode 100644 index 00000000..245a3b28 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err @@ -0,0 +1,3 @@ +chpasswd: (user bar) pam_chauthtok() failed, error: +Authentication token manipulation error +chpasswd: (line 2, user bar) password not changed diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow new file mode 100644 index 00000000..958f25bd --- /dev/null +++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test new file mode 100755 index 00000000..05c6a316 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd checks that users exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change passwords (chpasswd -e)..." +echo 'nobody:test +bar:bar2 +lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err new file mode 100644 index 00000000..7182e70d --- /dev/null +++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err @@ -0,0 +1,2 @@ +chpasswd: line 2: user 'bar' does not exist +chpasswd: error detected, changes ignored diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test new file mode 100755 index 00000000..5e3bc03a --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can use encrypted password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password (chpasswd -e)..." +echo 'nobody:test +lp:test2' | chpasswd -e +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd new file mode 100644 index 00000000..552045e4 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `chpasswd' service +# + +@include common-password + diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password new file mode 100644 index 00000000..06c59a74 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password @@ -0,0 +1,33 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd new file mode 100644 index 00000000..5648ba06 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:oldpass:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd new file mode 100644 index 00000000..1ed98b37 --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:test2:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow new file mode 100644 index 00000000..269ee68f --- /dev/null +++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:test2:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:test:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test new file mode 100755 index 00000000..f1d09e99 --- /dev/null +++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd fails if an user does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody, lp, and foooo's password..." +echo 'nobody:test +lp:test2 +foooo:test3' | chpasswd 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err new file mode 100644 index 00000000..3478c551 --- /dev/null +++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err @@ -0,0 +1,2 @@ +chpasswd: line 3: user 'foooo' does not exist +chpasswd: error detected, changes ignored diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test b/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test new file mode 100755 index 00000000..c036205b --- /dev/null +++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test @@ -0,0 +1,40 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd can change the password of multiple users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow new file mode 100644 index 00000000..d69c00cd --- /dev/null +++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:@PASS_DES test2@:@TODAY@:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test new file mode 100755 index 00000000..fb915a18 --- /dev/null +++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test @@ -0,0 +1,44 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd file if shadow does not exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check that shadow does not exist..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd new file mode 100644 index 00000000..a9a8b927 --- /dev/null +++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:@PASS_DES test2@:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:@PASS_DES test@:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test new file mode 100755 index 00000000..d97d8b56 --- /dev/null +++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries" +# FIXME: The PAM and !PAM versions differs: +# PAM will create a shadow entry if the shadow file exists +# !PAM will update the passwd entry and leave the shadow file untouched + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp:test2' | chpasswd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..54dc57e0 --- /dev/null +++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,40 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..f4f74a53 --- /dev/null +++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow @@ -0,0 +1,18 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd new file mode 100644 index 00000000..e7f6c7b8 --- /dev/null +++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:@PASS_DES test2@:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow new file mode 100644 index 00000000..8e105908 --- /dev/null +++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow @@ -0,0 +1,18 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:@PASS_DES test@:@TODAY@:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test b/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test new file mode 100755 index 00000000..005b7ba2 --- /dev/null +++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "chpasswd fails if no password are provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change nobody's and lp's password..." +echo 'nobody:test +lp' | chpasswd 2>tmp/chpasswd.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "chpasswd reported:" +echo "=======================================================================" +cat tmp/chpasswd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/chpasswd.err tmp/chpasswd.err +echo "error message OK." +rm -f tmp/chpasswd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs new file mode 100644 index 00000000..dff071c6 --- /dev/null +++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs @@ -0,0 +1,318 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK usage is discouraged because it catches only some classes of user +# entries to system, in fact only those made through login(1), while setting +# umask in shell rc file will catch also logins through su, cron, ssh etc. +# +# At the same time, using shell rc to set umask won't catch entries which use +# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" +# user and alike. +# +# Therefore the use of pam_umask is recommended (Debian package libpam-umask) +# as the solution which catches all these cases on PAM-enabled systems. +# +# This avoids the confusion created by having the umask set +# in two different places -- in login.defs and shell rc files (i.e. +# /etc/profile). +# +# For discussion, see #314539 and #248150 as well as the thread starting at +# http://lists.debian.org/debian-devel/2005/06/msg01598.html +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +# 022 is the "historical" value in Debian for UMASK when it was used +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +#UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 100 +GID_MAX 60000 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# This enables userdel to remove user groups if no members exist. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, thus in Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is used by chpasswd, gpasswd and newusers. +# +#MD5_CRYPT_ENAB no +ENCRYPT_METHOD DES +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err b/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err new file mode 100644 index 00000000..afeef279 --- /dev/null +++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err @@ -0,0 +1,2 @@ +chpasswd: line 2: missing new password +chpasswd: error detected, changes ignored diff --git a/tests/usertools/useradd/01_useradd_usage/config.txt b/tests/usertools/useradd/01_useradd_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/01_useradd_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd b/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/group b/tests/usertools/useradd/01_useradd_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/01_useradd_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow b/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/passwd b/tests/usertools/useradd/01_useradd_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/01_useradd_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/shadow b/tests/usertools/useradd/01_useradd_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/01_useradd_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/01_useradd_usage/data/usage.out b/tests/usertools/useradd/01_useradd_usage/data/usage.out new file mode 100644 index 00000000..b77a98a0 --- /dev/null +++ b/tests/usertools/useradd/01_useradd_usage/data/usage.out @@ -0,0 +1,35 @@ +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/01_useradd_usage/useradd.test b/tests/usertools/useradd/01_useradd_usage/useradd.test new file mode 100755 index 00000000..a7fe0464 --- /dev/null +++ b/tests/usertools/useradd/01_useradd_usage/useradd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get useradd usage (useradd -h)..." +useradd -h >tmp/usage.out +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt b/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out b/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out new file mode 100644 index 00000000..2efa1348 --- /dev/null +++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out @@ -0,0 +1,36 @@ +useradd: unrecognized option '--foo' +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test b/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test new file mode 100755 index 00000000..6711b26a --- /dev/null +++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd displays its usage message when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid option (useradd --foo)..." +useradd --foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config.txt b/tests/usertools/useradd/03_useradd_usage_no_users/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/03_useradd_usage_no_users/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out b/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out new file mode 100644 index 00000000..b77a98a0 --- /dev/null +++ b/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out @@ -0,0 +1,35 @@ +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test b/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test new file mode 100755 index 00000000..fe178eb2 --- /dev/null +++ b/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd displays its usage message when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd without an user (useradd -f 12)..." +useradd -f 12 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config.txt b/tests/usertools/useradd/04_useradd_usage_2_users/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/04_useradd_usage_2_users/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out b/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out new file mode 100644 index 00000000..b77a98a0 --- /dev/null +++ b/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out @@ -0,0 +1,35 @@ +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test b/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test new file mode 100755 index 00000000..c51e8bcd --- /dev/null +++ b/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd displays its usage message when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with 2 users (useradd -f 12 bin nobody)..." +useradd -f 12 bin nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out b/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out new file mode 100644 index 00000000..6f4cd08d --- /dev/null +++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out @@ -0,0 +1 @@ +useradd: invalid base directory '/home/no:body' diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test b/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test new file mode 100755 index 00000000..a880dde7 --- /dev/null +++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -b '/home/no:body' nobody)..." +useradd -b '/home/no:body' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out b/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out new file mode 100644 index 00000000..22a5df88 --- /dev/null +++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out @@ -0,0 +1,2 @@ +useradd: invalid base directory '/home/no +body' diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test b/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test new file mode 100755 index 00000000..37f27c03 --- /dev/null +++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -b '/home/no +body' nobody)..." +useradd -b '/home/no +body' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out b/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out new file mode 100644 index 00000000..de930e62 --- /dev/null +++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out @@ -0,0 +1 @@ +useradd: invalid base directory 'home/nobody' diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test b/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test new file mode 100755 index 00000000..a0ff227e --- /dev/null +++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -b 'home/nobody' nobody)..." +useradd -b 'home/nobody' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out b/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out new file mode 100644 index 00000000..ec0e2ab6 --- /dev/null +++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out @@ -0,0 +1 @@ +useradd: invalid comment 'comm:ent' diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test b/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test new file mode 100755 index 00000000..6cd22624 --- /dev/null +++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -c 'comm:ent' nobody)..." +useradd -c 'comm:ent' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out b/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out new file mode 100644 index 00000000..30daaab9 --- /dev/null +++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out @@ -0,0 +1,2 @@ +useradd: invalid comment 'comm +ent' diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test b/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test new file mode 100755 index 00000000..98f64209 --- /dev/null +++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -c 'comm +ent' nobody)..." +useradd -c 'comm +ent' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out b/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out new file mode 100644 index 00000000..34b6e40a --- /dev/null +++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out @@ -0,0 +1 @@ +useradd: invalid home directory '/home/no:body' diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test b/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test new file mode 100755 index 00000000..3f3b81ed --- /dev/null +++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -d '/home/no:body' nobody)..." +useradd -d '/home/no:body' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out b/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out new file mode 100644 index 00000000..0ac0eed1 --- /dev/null +++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out @@ -0,0 +1,2 @@ +useradd: invalid home directory '/home/no +body' diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test b/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test new file mode 100755 index 00000000..12569b56 --- /dev/null +++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -d '/home/no +body' nobody)..." +useradd -d '/home/no +body' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out b/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out new file mode 100644 index 00000000..722cb576 --- /dev/null +++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out @@ -0,0 +1 @@ +useradd: invalid home directory 'home/nobody' diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test b/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test new file mode 100755 index 00000000..3b624c19 --- /dev/null +++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -d 'home/nobody' nobody)..." +useradd -d 'home/nobody' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out b/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out new file mode 100644 index 00000000..02f2e406 --- /dev/null +++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out @@ -0,0 +1 @@ +useradd: invalid date '2011-09-09-11' diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test b/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test new file mode 100755 index 00000000..15acb229 --- /dev/null +++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -e '2011-09-09-11' nobody)..." +useradd -e '2011-09-09-11' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out b/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out new file mode 100644 index 00000000..c0d25cb0 --- /dev/null +++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out @@ -0,0 +1 @@ +useradd: invalid date '1900-09-11' diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test b/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test new file mode 100755 index 00000000..c5642f03 --- /dev/null +++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -e '1900-09-11' nobody)..." +useradd -e '1900-09-11' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out new file mode 100644 index 00000000..f148d91b --- /dev/null +++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out @@ -0,0 +1 @@ +useradd: shadow passwords required for -e diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test new file mode 100755 index 00000000..255a7999 --- /dev/null +++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Call useradd with the -e option (useradd -e '2011-09-11' nobody)..." +useradd -e '2011-09-11' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out b/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out new file mode 100644 index 00000000..40d8d93a --- /dev/null +++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out @@ -0,0 +1 @@ +useradd: invalid numeric argument '2011f' diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test b/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test new file mode 100755 index 00000000..ad948d50 --- /dev/null +++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -f '2011f' nobody)..." +useradd -f '2011f' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out b/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out new file mode 100644 index 00000000..add36d3f --- /dev/null +++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out @@ -0,0 +1 @@ +useradd: invalid numeric argument '-2' diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test b/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test new file mode 100755 index 00000000..2f5a3852 --- /dev/null +++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -f '-2' nobody)..." +useradd -f '-2' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out new file mode 100644 index 00000000..f5095a5b --- /dev/null +++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out @@ -0,0 +1 @@ +useradd: shadow passwords required for -f diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test new file mode 100755 index 00000000..aa5b54e8 --- /dev/null +++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Call useradd with the -f option (useradd -f '12' nobody)..." +useradd -f '12' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out b/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out new file mode 100644 index 00000000..9eaa3159 --- /dev/null +++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out @@ -0,0 +1 @@ +useradd: -K requires KEY=VALUE diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test b/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test new file mode 100755 index 00000000..bef12a6e --- /dev/null +++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -K 'VALUE' nobody)..." +useradd -K 'VALUE' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out b/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out new file mode 100644 index 00000000..cb3b31a2 --- /dev/null +++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out @@ -0,0 +1 @@ +configuration error - unknown item 'KEY' (notify administrator) diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test b/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test new file mode 100755 index 00000000..883eac51 --- /dev/null +++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -O 'KEY=VALUE' nobody)..." +useradd -O 'KEY=VALUE' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out b/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out new file mode 100644 index 00000000..6e06315d --- /dev/null +++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out @@ -0,0 +1 @@ +useradd: invalid field 'no:body' diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test b/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test new file mode 100755 index 00000000..86e99ffe --- /dev/null +++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -p 'no:body' nobody)..." +useradd -p 'no:body' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out b/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out new file mode 100644 index 00000000..19f477e0 --- /dev/null +++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out @@ -0,0 +1,2 @@ +useradd: invalid field 'no +body' diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test b/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test new file mode 100755 index 00000000..9888c75f --- /dev/null +++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -p 'no +body' nobody)..." +useradd -p 'no +body' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out b/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out new file mode 100644 index 00000000..2b9b1575 --- /dev/null +++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out @@ -0,0 +1 @@ +useradd: invalid shell '/home/no:body' diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test b/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test new file mode 100755 index 00000000..9864e429 --- /dev/null +++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -s '/home/no:body' nobody)..." +useradd -s '/home/no:body' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out b/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out new file mode 100644 index 00000000..e2891b27 --- /dev/null +++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out @@ -0,0 +1,2 @@ +useradd: invalid shell '/home/no +body' diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test b/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test new file mode 100755 index 00000000..4704ed50 --- /dev/null +++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test @@ -0,0 +1,56 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -s '/home/no +body' nobody)..." +useradd -s '/home/no +body' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out b/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out new file mode 100644 index 00000000..9fb467ed --- /dev/null +++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out @@ -0,0 +1 @@ +useradd: invalid shell 'home/nobody' diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test b/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test new file mode 100755 index 00000000..ea1ada38 --- /dev/null +++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid argument (useradd -s 'home/nobody' nobody)..." +useradd -s 'home/nobody' nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt b/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out b/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out new file mode 100644 index 00000000..f0e24c55 --- /dev/null +++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out @@ -0,0 +1,36 @@ +useradd: -o flag is only allowed with the -u flag +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test b/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test new file mode 100755 index 00000000..36498ceb --- /dev/null +++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd rejects -o without -u" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Allow duplicate UID without UID (useradd -o foo)..." +useradd -o foo 2>tmp/usage.out && exit 1 || { + status=$? +} + +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt b/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out b/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out new file mode 100644 index 00000000..e27e5b6b --- /dev/null +++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out @@ -0,0 +1,36 @@ +useradd: -k flag is only allowed with the -m flag +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test b/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test new file mode 100755 index 00000000..c64af4ab --- /dev/null +++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd rejects -k without -m" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Copy skeleton without creating home dir (useradd -k foo)..." +useradd -k foo 2>tmp/usage.out && exit 1 || { + status=$? +} + +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt b/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out b/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out new file mode 100644 index 00000000..3b030c38 --- /dev/null +++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out @@ -0,0 +1,36 @@ +useradd: options -U and -g conflict +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test b/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test new file mode 100755 index 00000000..2a7b381e --- /dev/null +++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd rejects -U with -g" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Usergroup and fixed group (useradd -U -g 100 foo)..." +useradd -U -g 100 foo 2>tmp/usage.out && exit 1 || { + status=$? +} + +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt b/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out b/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out new file mode 100644 index 00000000..7a7bc5df --- /dev/null +++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out @@ -0,0 +1,36 @@ +useradd: options -U and -N conflict +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test b/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test new file mode 100755 index 00000000..57eabd3b --- /dev/null +++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd rejects -U with -N" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Usergroup and no usergroup (useradd -U -N foo)..." +useradd -U -N foo 2>tmp/usage.out && exit 1 || { + status=$? +} + +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt b/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out b/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out new file mode 100644 index 00000000..37a90dc6 --- /dev/null +++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out @@ -0,0 +1,36 @@ +useradd: options -m and -M conflict +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test b/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test new file mode 100755 index 00000000..80d7a5a1 --- /dev/null +++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd rejects -m with -M" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create and do not create home directory (useradd -M -m foo)..." +useradd -M -m foo 2>tmp/usage.out && exit 1 || { + status=$? +} + +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt b/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out b/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out new file mode 100644 index 00000000..b77a98a0 --- /dev/null +++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out @@ -0,0 +1,35 @@ +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test b/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test new file mode 100755 index 00000000..b66842ba --- /dev/null +++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd displays its usage message when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set defaulkt with useradd and specify an user (useradd -D nobody)..." +useradd -D nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt b/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out b/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out new file mode 100644 index 00000000..b77a98a0 --- /dev/null +++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out @@ -0,0 +1,35 @@ +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test b/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test new file mode 100755 index 00000000..c3aacfbd --- /dev/null +++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd rejects -m with -M" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +for opt in "-u 1010" "-G nogroup" "-d /home/foo" "-c comment" "-m" +do + echo -n "Call useradd -D with option $opt (useradd -D $opt)..." + useradd -D $opt 2>tmp/usage.out && exit 1 || { + status=$? + } + + echo "OK" + + echo -n "Check returned status ($status)..." + test "$status" = "2" + echo "OK" + + echo "useradd reported:" + echo "=======================================================================" + cat tmp/usage.out + echo "=======================================================================" + echo -n "Check the usage message..." + diff -au data/usage.out tmp/usage.out + echo "usage message OK." + rm -f tmp/usage.out +done + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt b/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out b/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out new file mode 100644 index 00000000..c1c58fad --- /dev/null +++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out @@ -0,0 +1 @@ +useradd: invalid user name 'user:name' diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test b/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test new file mode 100755 index 00000000..8024f7d7 --- /dev/null +++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd checks the username validity" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an invalid username (useradd user:name)..." +useradd user:name 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd new file mode 100644 index 00000000..540cc99c --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:10::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test b/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test new file mode 100755 index 00000000..df98f829 --- /dev/null +++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the GROUP default value" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo, without usergroup (useradd -N foo)..." +useradd -N foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt b/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd new file mode 100644 index 00000000..487e3281 --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=nogroup +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd new file mode 100644 index 00000000..4e481a15 --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:65534::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test b/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test new file mode 100755 index 00000000..df98f829 --- /dev/null +++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the GROUP default value" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo, without usergroup (useradd -N foo)..." +useradd -N foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd new file mode 100644 index 00000000..4da665d9 --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=3000 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd new file mode 100644 index 00000000..db829662 --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:100::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out new file mode 100644 index 00000000..6e4920f0 --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out @@ -0,0 +1,2 @@ +useradd: group '3000' does not exist +useradd: the GROUP= configuration in /etc/default/useradd will be ignored diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test new file mode 100755 index 00000000..c030cd2a --- /dev/null +++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the GROUP default value" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo, without usergroup (useradd -N foo)..." +useradd -N foo 2>tmp/usage.out +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd new file mode 100644 index 00000000..3d298ac3 --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=invalidgroup +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd new file mode 100644 index 00000000..db829662 --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:100::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out new file mode 100644 index 00000000..06f5b8c1 --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out @@ -0,0 +1,2 @@ +useradd: group 'invalidgroup' does not exist +useradd: the GROUP= configuration in /etc/default/useradd will be ignored diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test new file mode 100755 index 00000000..c030cd2a --- /dev/null +++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the GROUP default value" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo, without usergroup (useradd -N foo)..." +useradd -N foo 2>tmp/usage.out +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt b/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd new file mode 100644 index 00000000..095cf3d9 --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=42 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd new file mode 100644 index 00000000..540cc99c --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:10::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow new file mode 100644 index 00000000..b8db0a78 --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:42:13849: diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test b/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test new file mode 100755 index 00000000..dbee2ad9 --- /dev/null +++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the INACT default value" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo, without usergroup (useradd -N foo)..." +useradd -N foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..e7513e49 --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=1a +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd new file mode 100644 index 00000000..540cc99c --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:10::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow new file mode 100644 index 00000000..39849f5d --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7::13849: diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out new file mode 100644 index 00000000..d27941eb --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out @@ -0,0 +1,2 @@ +useradd: invalid numeric argument '1a' +useradd: the INACTIVE= configuration in /etc/default/useradd will be ignored diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test new file mode 100755 index 00000000..c030cd2a --- /dev/null +++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the GROUP default value" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo, without usergroup (useradd -N foo)..." +useradd -N foo 2>tmp/usage.out +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..b3f265e6 --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=-2 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd new file mode 100644 index 00000000..540cc99c --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:10::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow new file mode 100644 index 00000000..39849f5d --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7::13849: diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out new file mode 100644 index 00000000..d3010736 --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out @@ -0,0 +1,2 @@ +useradd: invalid numeric argument '-2' +useradd: the INACTIVE= configuration in /etc/default/useradd will be ignored diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test new file mode 100755 index 00000000..c030cd2a --- /dev/null +++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the GROUP default value" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo, without usergroup (useradd -N foo)..." +useradd -N foo 2>tmp/usage.out +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt b/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd new file mode 100644 index 00000000..3fca45b1 --- /dev/null +++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=42 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +SKEL= +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults b/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults new file mode 100644 index 00000000..90cfe794 --- /dev/null +++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults @@ -0,0 +1,7 @@ +GROUP=10 +HOME=/tmp +INACTIVE=42 +EXPIRE=2007-12-02 +SHELL=/bin/foobar +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test b/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test new file mode 100755 index 00000000..0ca12b61 --- /dev/null +++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the defautl SKEL value is SKEL is set to empty" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get default value (useradd -D)..." +useradd -D >tmp/defaults +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/defaults +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/defaults tmp/defaults +echo "usage message OK." +rm -f tmp/defaults + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd new file mode 100644 index 00000000..bbb85b40 --- /dev/null +++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=42 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL= +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL= diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults new file mode 100644 index 00000000..90cfe794 --- /dev/null +++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults @@ -0,0 +1,7 @@ +GROUP=10 +HOME=/tmp +INACTIVE=42 +EXPIRE=2007-12-02 +SHELL=/bin/foobar +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test new file mode 100755 index 00000000..0ca12b61 --- /dev/null +++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses the defautl SKEL value is SKEL is set to empty" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get default value (useradd -D)..." +useradd -D >tmp/defaults +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/defaults +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/defaults tmp/defaults +echo "usage message OK." +rm -f tmp/defaults + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt b/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd new file mode 100644 index 00000000..b85eaf3f --- /dev/null +++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd @@ -0,0 +1,37 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=42 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL= +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL= +# \ No newline at end of file diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd b/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd new file mode 100644 index 00000000..15084f0c --- /dev/null +++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd @@ -0,0 +1,38 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/toto +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=42 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL= +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL=no +# +SKEL=/etc/skel diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test b/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test new file mode 100755 index 00000000..110e3ae6 --- /dev/null +++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd accepts a line with no eol at eof" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set a default value (useradd -D -b /toto)..." +useradd -D -b /toto +echo "OK" + +echo -n "Check the default file..." +diff -Nau data/useradd /etc/default/useradd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config.txt b/tests/usertools/useradd/44_useradd_default_no_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/44_useradd_default_no_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd new file mode 100644 index 00000000..b85eaf3f --- /dev/null +++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd @@ -0,0 +1,37 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=42 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL= +# +# Defines whether the mail spool should be created while +# creating the account +CREATE_MAIL_SPOOL= +# \ No newline at end of file diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/44_useradd_default_no_file/data/useradd b/tests/usertools/useradd/44_useradd_default_no_file/data/useradd new file mode 100644 index 00000000..796e8dd9 --- /dev/null +++ b/tests/usertools/useradd/44_useradd_default_no_file/data/useradd @@ -0,0 +1,8 @@ +# useradd defaults file +GROUP=100 +HOME=/toto +INACTIVE=-1 +EXPIRE= +SHELL= +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/tests/usertools/useradd/44_useradd_default_no_file/useradd.test b/tests/usertools/useradd/44_useradd_default_no_file/useradd.test new file mode 100755 index 00000000..0bc28047 --- /dev/null +++ b/tests/usertools/useradd/44_useradd_default_no_file/useradd.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd can create a defaults file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete the defaults file..." +rm -f /etc/default/useradd +echo "OK" + +echo -n "Set a default value (useradd -D -b /toto)..." +useradd -D -b /toto +echo "OK" + +echo -n "Check the default file..." +diff -Nau data/useradd /etc/default/useradd +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config.txt b/tests/usertools/useradd/45_useradd-G_UID_name/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/group b/tests/usertools/useradd/45_useradd-G_UID_name/data/group new file mode 100644 index 00000000..c9c71f8b --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4:foo +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12:foo +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24:foo +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow b/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow new file mode 100644 index 00000000..ec19c4aa --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*:: +adm:*::foo +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*::foo +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*::foo +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd b/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow b/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test b/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test new file mode 100755 index 00000000..480c4a3f --- /dev/null +++ b/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd adds the user to specified groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..." +useradd -G bin,adm,12,cdrom foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group new file mode 100644 index 00000000..c9c71f8b --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4:foo +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12:foo +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24:foo +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow new file mode 100644 index 00000000..ec19c4aa --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*:: +adm:*::foo +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*::foo +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*::foo +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test b/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test new file mode 100755 index 00000000..1de81386 --- /dev/null +++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd adds the user to specified groups (once)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,12 foo)..." +useradd -G bin,adm,12,cdrom,12 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group new file mode 100644 index 00000000..c9c71f8b --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4:foo +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12:foo +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24:foo +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow new file mode 100644 index 00000000..ec19c4aa --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*:: +adm:*::foo +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*::foo +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*::foo +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test new file mode 100755 index 00000000..cb7bed8b --- /dev/null +++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd adds the user to specified groups (once)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,man foo)..." +useradd -G bin,adm,12,cdrom,man foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt b/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group new file mode 100644 index 00000000..c9c71f8b --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4:foo +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12:foo +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24:foo +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow new file mode 100644 index 00000000..ec19c4aa --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*:: +adm:*::foo +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*::foo +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*::foo +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test b/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test new file mode 100755 index 00000000..44f63c13 --- /dev/null +++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd adds the user to specified groups (once)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,adm foo)..." +useradd -G bin,adm,12,cdrom,adm foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt b/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out b/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out new file mode 100644 index 00000000..23ea5ddb --- /dev/null +++ b/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out @@ -0,0 +1 @@ +useradd: group 'cdromm' does not exist diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test b/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test new file mode 100755 index 00000000..5d16073a --- /dev/null +++ b/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd check the validity of groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo in groups with an invalid group (useradd -G bin,adm,12,cdromm,adm foo)..." +useradd -G bin,adm,12,cdromm,adm foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "6" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/50_useradd-r/config.txt b/tests/usertools/useradd/50_useradd-r/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd b/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/group b/tests/usertools/useradd/50_useradd-r/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/gshadow b/tests/usertools/useradd/50_useradd-r/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/passwd b/tests/usertools/useradd/50_useradd-r/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/shadow b/tests/usertools/useradd/50_useradd-r/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/50_useradd-r/data/group b/tests/usertools/useradd/50_useradd-r/data/group new file mode 100644 index 00000000..b5b6ce2f --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:999: diff --git a/tests/usertools/useradd/50_useradd-r/data/gshadow b/tests/usertools/useradd/50_useradd-r/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/50_useradd-r/data/passwd b/tests/usertools/useradd/50_useradd-r/data/passwd new file mode 100644 index 00000000..640a0ccc --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:101:999::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/50_useradd-r/data/shadow b/tests/usertools/useradd/50_useradd-r/data/shadow new file mode 100644 index 00000000..823c4c05 --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:::::: diff --git a/tests/usertools/useradd/50_useradd-r/useradd.test b/tests/usertools/useradd/50_useradd-r/useradd.test new file mode 100755 index 00000000..0eacc6a3 --- /dev/null +++ b/tests/usertools/useradd/50_useradd-r/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd can create system users" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create system user foo (useradd -r foo)..." +useradd -r foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/51_useradd_already_exist/config.txt b/tests/usertools/useradd/51_useradd_already_exist/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/51_useradd_already_exist/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd b/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/group b/tests/usertools/useradd/51_useradd_already_exist/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow b/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd b/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow b/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow new file mode 100644 index 00000000..498ef868 --- /dev/null +++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:*:12977:0:99999:7::: diff --git a/tests/usertools/useradd/51_useradd_already_exist/data/usage.out b/tests/usertools/useradd/51_useradd_already_exist/data/usage.out new file mode 100644 index 00000000..5d125303 --- /dev/null +++ b/tests/usertools/useradd/51_useradd_already_exist/data/usage.out @@ -0,0 +1 @@ +useradd: user 'foo' already exists diff --git a/tests/usertools/useradd/51_useradd_already_exist/useradd.test b/tests/usertools/useradd/51_useradd_already_exist/useradd.test new file mode 100755 index 00000000..539e7182 --- /dev/null +++ b/tests/usertools/useradd/51_useradd_already_exist/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd checks ifthe requested new user already exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with an existing user (useradd foo)..." +useradd foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "9" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt b/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out b/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out new file mode 100644 index 00000000..c000a60d --- /dev/null +++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out @@ -0,0 +1 @@ +useradd: group foo exists - if you want to add this user to that group, use -g. diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test b/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test new file mode 100755 index 00000000..7fe651dd --- /dev/null +++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd -U checks if a group with the same name already exist" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd -U with an existing group (useradd -U foo)..." +useradd -U foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "9" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/53_useradd-G_empty/config.txt b/tests/usertools/useradd/53_useradd-G_empty/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd b/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/group b/tests/usertools/useradd/53_useradd-G_empty/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow b/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd b/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow b/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/group b/tests/usertools/useradd/53_useradd-G_empty/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/gshadow b/tests/usertools/useradd/53_useradd-G_empty/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/passwd b/tests/usertools/useradd/53_useradd-G_empty/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/shadow b/tests/usertools/useradd/53_useradd-G_empty/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/53_useradd-G_empty/useradd.test b/tests/usertools/useradd/53_useradd-G_empty/useradd.test new file mode 100755 index 00000000..8eac65ef --- /dev/null +++ b/tests/usertools/useradd/53_useradd-G_empty/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd accepts empty list of groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo with empty group list (useradd -G "" foo)..." +useradd -G "" foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt b/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/group b/tests/usertools/useradd/54_useradd_no_shadow_file/data/group new file mode 100644 index 00000000..c9c71f8b --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4:foo +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12:foo +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24:foo +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow b/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow new file mode 100644 index 00000000..ec19c4aa --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*:: +adm:*::foo +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*::foo +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*::foo +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd b/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd new file mode 100644 index 00000000..e2c466ae --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:!:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test b/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test new file mode 100755 index 00000000..c7ab56b5 --- /dev/null +++ b/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd adds the user even if /etc/shadow is missing" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..." +useradd -G bin,adm,12,cdrom foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt b/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group new file mode 100644 index 00000000..eb2e1b5f --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4:foo +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12:foo +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24:foo +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:!:1000: diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test b/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test new file mode 100755 index 00000000..b5519b91 --- /dev/null +++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd adds the user and groups even if /etc/gshadow is missing" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete /etc/gshadow..." +rm -f /etc/gshadow +echo "OK" + +echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..." +useradd -G bin,adm,12,cdrom foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow new file mode 100644 index 00000000..3c9bae92 --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test:x:: diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group new file mode 100644 index 00000000..c9c71f8b --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2:foo +sys:x:3: +adm:x:4:foo +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12:foo +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24:foo +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow new file mode 100644 index 00000000..fd939a3f --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*::foo +sys:*:: +adm:*::foo +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*::foo +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*::foo +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +test:x:: +foo:!:: diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test new file mode 100755 index 00000000..c8a66660 --- /dev/null +++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd adds the user and groups even if /etc/gshadow is missing" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..." +useradd -G bin,adm,12,cdrom foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out new file mode 100644 index 00000000..b77a98a0 --- /dev/null +++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out @@ -0,0 +1,35 @@ +Usage: useradd [options] LOGIN + useradd -D + useradd -D [options] + +Options: + -b, --base-dir BASE_DIR base directory for the home directory of the + new account + -c, --comment COMMENT GECOS field of the new account + -d, --home-dir HOME_DIR home directory of the new account + -D, --defaults print or change default useradd configuration + -e, --expiredate EXPIRE_DATE expiration date of the new account + -f, --inactive INACTIVE password inactivity period of the new account + -g, --gid GROUP name or ID of the primary group of the new + account + -G, --groups GROUPS list of supplementary groups of the new + account + -h, --help display this help message and exit + -k, --skel SKEL_DIR use this alternative skeleton directory + -K, --key KEY=VALUE override /etc/login.defs defaults + -l, --no-log-init do not add the user to the lastlog and + faillog databases + -m, --create-home create the user's home directory + -M, --no-create-home do not create the user's home directory + -N, --no-user-group do not create a group with the same name as + the user + -o, --non-unique allow to create users with duplicate + (non-unique) UID + -p, --password PASSWORD encrypted password of the new account + -r, --system create a system account + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL login shell of the new account + -u, --uid UID user ID of the new account + -U, --user-group create a group with the same name as the user + -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping + diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test new file mode 100755 index 00000000..97e011d2 --- /dev/null +++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd reports an error when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call useradd with -D as second option (useradd -f 12 -D)..." +useradd -f 12 -D 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/58_useradd-e_empty/config.txt b/tests/usertools/useradd/58_useradd-e_empty/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd b/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/group b/tests/usertools/useradd/58_useradd-e_empty/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow b/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd b/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow b/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/group b/tests/usertools/useradd/58_useradd-e_empty/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/gshadow b/tests/usertools/useradd/58_useradd-e_empty/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/passwd b/tests/usertools/useradd/58_useradd-e_empty/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/shadow b/tests/usertools/useradd/58_useradd-e_empty/data/shadow new file mode 100644 index 00000000..949c978e --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:: diff --git a/tests/usertools/useradd/58_useradd-e_empty/useradd.test b/tests/usertools/useradd/58_useradd-e_empty/useradd.test new file mode 100755 index 00000000..ab90d67e --- /dev/null +++ b/tests/usertools/useradd/58_useradd-e_empty/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd accepts empty list of groups" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo without expiry (useradd -e "" foo)..." +useradd -e "" foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt b/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/group b/tests/usertools/useradd/59_useradd-e-1-f-1/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow b/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd b/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow b/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow new file mode 100644 index 00000000..602bef59 --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7::: diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test b/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test new file mode 100755 index 00000000..ff5233cb --- /dev/null +++ b/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd accepts -1 as expiry and inactivity" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo without expiry (useradd -e -1 -f -1 foo)..." +useradd -e -1 -f -1 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd new file mode 100644 index 00000000..e2c466ae --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:!:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test new file mode 100755 index 00000000..0170ef81 --- /dev/null +++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd accepts -1 as expiry and inactivity" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete /etc/shadow..." +rm -f /etc/shadow +echo "OK" + +echo -n "Create user foo without expiry (useradd -e -1 -f -1 foo)..." +useradd -e -1 -f -1 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/61_useradd-K/config.txt b/tests/usertools/useradd/61_useradd-K/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd b/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/group b/tests/usertools/useradd/61_useradd-K/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/gshadow b/tests/usertools/useradd/61_useradd-K/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/passwd b/tests/usertools/useradd/61_useradd-K/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/shadow b/tests/usertools/useradd/61_useradd-K/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/61_useradd-K/data/group b/tests/usertools/useradd/61_useradd-K/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/61_useradd-K/data/gshadow b/tests/usertools/useradd/61_useradd-K/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/61_useradd-K/data/passwd b/tests/usertools/useradd/61_useradd-K/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/61_useradd-K/data/shadow b/tests/usertools/useradd/61_useradd-K/data/shadow new file mode 100644 index 00000000..bfd9ffa3 --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:42:7:12:13849: diff --git a/tests/usertools/useradd/61_useradd-K/useradd.test b/tests/usertools/useradd/61_useradd-K/useradd.test new file mode 100755 index 00000000..3a8ee29b --- /dev/null +++ b/tests/usertools/useradd/61_useradd-K/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd uses -K options" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo and set option with -K (useradd -K PASS_MAX_DAYS=42 foo)..." +useradd -K PASS_MAX_DAYS=42 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/62_useradd-p/config.txt b/tests/usertools/useradd/62_useradd-p/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd b/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/group b/tests/usertools/useradd/62_useradd-p/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/gshadow b/tests/usertools/useradd/62_useradd-p/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/passwd b/tests/usertools/useradd/62_useradd-p/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/shadow b/tests/usertools/useradd/62_useradd-p/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/62_useradd-p/data/group b/tests/usertools/useradd/62_useradd-p/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/62_useradd-p/data/gshadow b/tests/usertools/useradd/62_useradd-p/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/62_useradd-p/data/passwd b/tests/usertools/useradd/62_useradd-p/data/passwd new file mode 100644 index 00000000..ed91b350 --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:/bin/foobar diff --git a/tests/usertools/useradd/62_useradd-p/data/shadow b/tests/usertools/useradd/62_useradd-p/data/shadow new file mode 100644 index 00000000..4abac0c4 --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:fooPass:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/62_useradd-p/useradd.test b/tests/usertools/useradd/62_useradd-p/useradd.test new file mode 100755 index 00000000..655f871e --- /dev/null +++ b/tests/usertools/useradd/62_useradd-p/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "The -p option can set the password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo and set password (useradd -p fooPass foo)..." +useradd -p fooPass foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/63_useradd-s/config.txt b/tests/usertools/useradd/63_useradd-s/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd b/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/group b/tests/usertools/useradd/63_useradd-s/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/gshadow b/tests/usertools/useradd/63_useradd-s/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/passwd b/tests/usertools/useradd/63_useradd-s/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/shadow b/tests/usertools/useradd/63_useradd-s/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/63_useradd-s/data/group b/tests/usertools/useradd/63_useradd-s/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/63_useradd-s/data/gshadow b/tests/usertools/useradd/63_useradd-s/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/63_useradd-s/data/passwd b/tests/usertools/useradd/63_useradd-s/data/passwd new file mode 100644 index 00000000..5c7dfc4a --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo:*/bin/dash diff --git a/tests/usertools/useradd/63_useradd-s/data/shadow b/tests/usertools/useradd/63_useradd-s/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/63_useradd-s/useradd.test b/tests/usertools/useradd/63_useradd-s/useradd.test new file mode 100755 index 00000000..99e783b0 --- /dev/null +++ b/tests/usertools/useradd/63_useradd-s/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "The -s option can change the default shell" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo and set shell (useradd -s \"*/bin/dash\" foo)..." +useradd -s "*/bin/dash" foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config.txt b/tests/usertools/useradd/64_useradd_locked_passwd/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err b/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err new file mode 100644 index 00000000..c4b6ed37 --- /dev/null +++ b/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err @@ -0,0 +1,2 @@ +useradd: existing lock file /etc/passwd.lock without a PID +useradd: cannot lock /etc/passwd; try again later. diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test b/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test new file mode 100755 index 00000000..8dde3259 --- /dev/null +++ b/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd -G checks if the passwd file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0 + +change_config + +echo -n "Create lock file for /etc/passwd..." +touch /etc/passwd.lock +echo "done" + +echo -n "Add user foo (useradd foo)..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/passwd.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/65_useradd_locked_group/config.txt b/tests/usertools/useradd/65_useradd_locked_group/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd b/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/group b/tests/usertools/useradd/65_useradd_locked_group/config/etc/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow b/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd b/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow b/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err b/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err new file mode 100644 index 00000000..b36210f2 --- /dev/null +++ b/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err @@ -0,0 +1,2 @@ +useradd: existing lock file /etc/group.lock without a PID +useradd: cannot lock /etc/group; try again later. diff --git a/tests/usertools/useradd/65_useradd_locked_group/useradd.test b/tests/usertools/useradd/65_useradd_locked_group/useradd.test new file mode 100755 index 00000000..e6583bae --- /dev/null +++ b/tests/usertools/useradd/65_useradd_locked_group/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd -G checks if the group file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0 + +change_config + +echo -n "Create lock file for /etc/group..." +touch /etc/group.lock +echo "done" + +echo -n "Add user foo (useradd foo)..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/group.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config.txt b/tests/usertools/useradd/66_useradd_locked_shadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err b/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err new file mode 100644 index 00000000..a29346a8 --- /dev/null +++ b/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err @@ -0,0 +1,2 @@ +useradd: existing lock file /etc/shadow.lock without a PID +useradd: cannot lock /etc/shadow; try again later. diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test b/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test new file mode 100755 index 00000000..24ef14fe --- /dev/null +++ b/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd -G checks if the shadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/shadow..." +touch /etc/shadow.lock +echo "done" + +echo -n "Add user foo (useradd foo)..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/shadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "1" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config.txt b/tests/usertools/useradd/67_useradd_locked_gshadow/config.txt new file mode 100644 index 00000000..e69de29b diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group new file mode 100644 index 00000000..66f04f64 --- /dev/null +++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow new file mode 100644 index 00000000..19f13256 --- /dev/null +++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err b/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err new file mode 100644 index 00000000..9155bfdd --- /dev/null +++ b/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err @@ -0,0 +1,2 @@ +useradd: existing lock file /etc/gshadow.lock without a PID +useradd: cannot lock /etc/gshadow; try again later. diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test b/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test new file mode 100755 index 00000000..71f7dc05 --- /dev/null +++ b/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "useradd -G checks if the gshadow file is locked" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0 + +change_config + +echo -n "Create lock file for /etc/gshadow..." +touch /etc/gshadow.lock +echo "done" + +echo -n "Add user foo (useradd foo)..." +useradd foo 2>tmp/useradd.err && exit 1 || { + status=$? +} +echo "OK" + +rm -f /etc/gshadow.lock + +echo -n "Check returned status ($status)..." +test "$status" = "10" +echo "OK" + +echo "useradd reported:" +echo "=======================================================================" +cat tmp/useradd.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/useradd.err tmp/useradd.err +echo "error message OK." +rm -f tmp/useradd.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/useradd/68_useradd-s_empty/config.txt b/tests/usertools/useradd/68_useradd-s_empty/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd b/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/group b/tests/usertools/useradd/68_useradd-s_empty/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow b/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd b/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow b/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/group b/tests/usertools/useradd/68_useradd-s_empty/data/group new file mode 100644 index 00000000..fecba0c4 --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/gshadow b/tests/usertools/useradd/68_useradd-s_empty/data/gshadow new file mode 100644 index 00000000..bfc06753 --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/data/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:!:: diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/passwd b/tests/usertools/useradd/68_useradd-s_empty/data/passwd new file mode 100644 index 00000000..8a4ebe51 --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/tmp/foo: diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/shadow b/tests/usertools/useradd/68_useradd-s_empty/data/shadow new file mode 100644 index 00000000..0aee0c5c --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:@TODAY@:0:99999:7:12:13849: diff --git a/tests/usertools/useradd/68_useradd-s_empty/useradd.test b/tests/usertools/useradd/68_useradd-s_empty/useradd.test new file mode 100755 index 00000000..448000ca --- /dev/null +++ b/tests/usertools/useradd/68_useradd-s_empty/useradd.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "The -s option can set an empty shell" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create user foo and set empty shell (useradd -s \"\" foo)..." +useradd -s "" foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/01_userdel_usage/config.txt b/tests/usertools/userdel/01_userdel_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/userdel/01_userdel_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd b/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/group b/tests/usertools/userdel/01_userdel_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/userdel/01_userdel_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow b/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/passwd b/tests/usertools/userdel/01_userdel_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/userdel/01_userdel_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/shadow b/tests/usertools/userdel/01_userdel_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/userdel/01_userdel_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/01_userdel_usage/data/usage.out b/tests/usertools/userdel/01_userdel_usage/data/usage.out new file mode 100644 index 00000000..955c793a --- /dev/null +++ b/tests/usertools/userdel/01_userdel_usage/data/usage.out @@ -0,0 +1,10 @@ +Usage: userdel [options] LOGIN + +Options: + -f, --force force removal of files, + even if not owned by user + -h, --help display this help message and exit + -r, --remove remove home directory and mail spool + -R, --root CHROOT_DIR directory to chroot into + -Z, --selinux-user remove any SELinux user mapping for the user + diff --git a/tests/usertools/userdel/01_userdel_usage/userdel.test b/tests/usertools/userdel/01_userdel_usage/userdel.test new file mode 100755 index 00000000..6d2b9e8c --- /dev/null +++ b/tests/usertools/userdel/01_userdel_usage/userdel.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get userdel usage (userdel -h)..." +userdel -h >tmp/usage.out +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt b/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out b/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out new file mode 100644 index 00000000..a0dcbf8d --- /dev/null +++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out @@ -0,0 +1,11 @@ +userdel: unrecognized option '--foo' +Usage: userdel [options] LOGIN + +Options: + -f, --force force removal of files, + even if not owned by user + -h, --help display this help message and exit + -r, --remove remove home directory and mail spool + -R, --root CHROOT_DIR directory to chroot into + -Z, --selinux-user remove any SELinux user mapping for the user + diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test b/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test new file mode 100755 index 00000000..7d134f0d --- /dev/null +++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel displays its usage message when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call userdel with an invalid option (userdel --foo)..." +userdel --foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config.txt b/tests/usertools/userdel/03_userdel_usage_no_users/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/userdel/03_userdel_usage_no_users/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out b/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out new file mode 100644 index 00000000..955c793a --- /dev/null +++ b/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out @@ -0,0 +1,10 @@ +Usage: userdel [options] LOGIN + +Options: + -f, --force force removal of files, + even if not owned by user + -h, --help display this help message and exit + -r, --remove remove home directory and mail spool + -R, --root CHROOT_DIR directory to chroot into + -Z, --selinux-user remove any SELinux user mapping for the user + diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test b/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test new file mode 100755 index 00000000..9bf3685a --- /dev/null +++ b/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel displays its usage message when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call userdel without an user (userdel -f)..." +userdel -f 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config.txt b/tests/usertools/userdel/04_userdel_usage_2_users/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/userdel/04_userdel_usage_2_users/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out b/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out new file mode 100644 index 00000000..955c793a --- /dev/null +++ b/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out @@ -0,0 +1,10 @@ +Usage: userdel [options] LOGIN + +Options: + -f, --force force removal of files, + even if not owned by user + -h, --help display this help message and exit + -r, --remove remove home directory and mail spool + -R, --root CHROOT_DIR directory to chroot into + -Z, --selinux-user remove any SELinux user mapping for the user + diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test b/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test new file mode 100755 index 00000000..67882402 --- /dev/null +++ b/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel displays its usage message when called incorrectly" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Call userdel with 2 users (userdel -f bin nobody)..." +userdel -f bin nobody 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group new file mode 100644 index 00000000..ac82d7f1 --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow new file mode 100644 index 00000000..a5268196 --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs new file mode 100644 index 00000000..a0adc249 --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB no + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group new file mode 100644 index 00000000..c60d727b --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +foo2:x:1001: diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow new file mode 100644 index 00000000..a5268196 --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test new file mode 100755 index 00000000..83e801f1 --- /dev/null +++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel does not remove the user's group if USERGROUPS_ENAB is disabled" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config.txt b/tests/usertools/userdel/06_userdel_no_usergroup/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group new file mode 100644 index 00000000..d5d74e29 --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:1000: +foo2:x:1001: diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow new file mode 100644 index 00000000..5e2c5d3c --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: +foo2:*:: diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/group b/tests/usertools/userdel/06_userdel_no_usergroup/data/group new file mode 100644 index 00000000..15f4c27f --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo1:x:1000: +foo2:x:1001: diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow b/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow new file mode 100644 index 00000000..5e2c5d3c --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo1:*:: +foo2:*:: diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd b/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow b/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test b/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test new file mode 100755 index 00000000..f0907c64 --- /dev/null +++ b/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel does not remove the user's group if it has a different name" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group new file mode 100644 index 00000000..c39e02c2 --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1002: +foo1:x:1000: +foo2:x:1001: diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow new file mode 100644 index 00000000..75ecdfea --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo1:*:: +foo2:*:: diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group new file mode 100644 index 00000000..3aa52824 --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group @@ -0,0 +1,44 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1002: +foo1:x:1000: +foo2:x:1001: diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow new file mode 100644 index 00000000..75ecdfea --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow @@ -0,0 +1,44 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo1:*:: +foo2:*:: diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out new file mode 100644 index 00000000..0ccbef6f --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out @@ -0,0 +1 @@ +userdel: group foo not removed because it is not the primary group of user foo. diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test b/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test new file mode 100755 index 00000000..9ff44d45 --- /dev/null +++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel does not remove the user's group if it has a different name" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo 2>tmp/userdel.out +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/userdel.out tmp/userdel.out +echo "usage message OK." +rm -f tmp/userdel.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group new file mode 100644 index 00000000..ff15b82f --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo2 +foo2:x:1001: diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow new file mode 100644 index 00000000..50ca6cef --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo2 +foo2:*:: diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group new file mode 100644 index 00000000..5e4034bd --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo2 +foo2:x:1001: diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow new file mode 100644 index 00000000..50ca6cef --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*::foo2 +foo2:*:: diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out new file mode 100644 index 00000000..2dc27c8a --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out @@ -0,0 +1 @@ +userdel: group foo not removed because it has other members. diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test new file mode 100755 index 00000000..69fc3396 --- /dev/null +++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel does not remove the user's group if is has other members" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo 2>tmp/userdel.out +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/userdel.out tmp/userdel.out +echo "usage message OK." +rm -f tmp/userdel.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt new file mode 100644 index 00000000..1b0360b9 --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt @@ -0,0 +1 @@ +user foo, in group users according to /etc/group only diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group new file mode 100644 index 00000000..ff15b82f --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo2 +foo2:x:1001: diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow new file mode 100644 index 00000000..a5268196 --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs new file mode 100644 index 00000000..7b70c90e --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd new file mode 100644 index 00000000..9958fca5 --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:::/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow new file mode 100644 index 00000000..eaf0278f --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group new file mode 100644 index 00000000..5e4034bd --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000:foo2 +foo2:x:1001: diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow new file mode 100644 index 00000000..a5268196 --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +foo2:*:: diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd new file mode 100644 index 00000000..88469324 --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1001:1001:::/bin/false diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out new file mode 100644 index 00000000..2dc27c8a --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out @@ -0,0 +1 @@ +userdel: group foo not removed because it has other members. diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test new file mode 100755 index 00000000..23874010 --- /dev/null +++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel does not remove the user's group from gshadow if there were no additional members in gshadow but there were in group" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Delete user foo (userdel foo)..." +userdel foo 2>tmp/userdel.out +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/userdel.out tmp/userdel.out +echo "usage message OK." +rm -f tmp/userdel.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err new file mode 100644 index 00000000..893b416e --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err @@ -0,0 +1 @@ +userdel: /home/foo is a symbolic link, not removing diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test b/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test new file mode 100755 index 00000000..eb9c6fe0 --- /dev/null +++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test @@ -0,0 +1,72 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "userdel does not delete the user's home directory as symlink" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo /home/foo2' 0 + +change_config + +mkdir /home/foo2 +touch /home/foo2/file +chown -R foo:foo /home/foo2 +ln -s foo2 /home/foo +touch /var/mail/foo +chown --no-dereference foo:foo /var/mail/foo /home/foo + +echo -n "Delete user foo (userdel -r foo)..." +userdel -r foo 2>tmp/userdel.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "userdel reported:" +echo "=======================================================================" +cat tmp/userdel.err +echo "=======================================================================" +echo -n "Check that there were a failure message..." +diff -au data/userdel.err tmp/userdel.err +echo "error message OK." +rm -f tmp/userdel.err + +echo "The user should have been removed." +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl data/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was not removed..." +test -L /home/foo +test -d /home/foo2 +test -f /home/foo2/file +echo "OK" +echo -n "Check the user's mail spool was removed..." +test ! -f /var/mail/foo +echo "OK" +rm -rf /home/foo /home/foo2 + + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd new file mode 100644 index 00000000..d9798a6e --- /dev/null +++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:foopass:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test b/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test new file mode 100755 index 00000000..e272fc87 --- /dev/null +++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not require a shadow file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "done" + +echo -n "Change the user's password (usermod -p foopass foo)..." +usermod -p foopass foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd new file mode 100644 index 00000000..d9798a6e --- /dev/null +++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:foopass:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test new file mode 100755 index 00000000..a5231c54 --- /dev/null +++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not require a shadow entry" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's password (usermod -p foopass foo)..." +usermod -p foopass foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow new file mode 100644 index 00000000..0c6770f7 --- /dev/null +++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:foopass:@TODAY@:0:99999:7::: diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test new file mode 100755 index 00000000..3cdfabc2 --- /dev/null +++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not require a shadow entry" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's password (usermod -p foopass foo)..." +usermod -p foopass foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow new file mode 100644 index 00000000..151547d0 --- /dev/null +++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!oldpass:12977:0:99999:7::: diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test new file mode 100755 index 00000000..9f4907f0 --- /dev/null +++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not fail to lock an already locked password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Lock foo's password (usermod -L foo)..." +usermod -L foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd new file mode 100644 index 00000000..9abcbc42 --- /dev/null +++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:!blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow new file mode 100644 index 00000000..6e9fa8e1 --- /dev/null +++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow new file mode 100644 index 00000000..18b71a2c --- /dev/null +++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!blahblahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test new file mode 100755 index 00000000..bd8e3389 --- /dev/null +++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not fail to lock an already locked password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Lock foo's password (usermod -L foo)..." +usermod -L foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd new file mode 100644 index 00000000..9abcbc42 --- /dev/null +++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:!blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test new file mode 100755 index 00000000..9f4907f0 --- /dev/null +++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not fail to lock an already locked password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Lock foo's password (usermod -L foo)..." +usermod -L foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow new file mode 100644 index 00000000..6e9fa8e1 --- /dev/null +++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test new file mode 100755 index 00000000..68c6d4cf --- /dev/null +++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not fail to unlock an already unlocked password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Unlock foo's password (usermod -U foo)..." +usermod -U foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow new file mode 100644 index 00000000..3d01e1a2 --- /dev/null +++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!unusedblahblahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow new file mode 100644 index 00000000..646a9a5c --- /dev/null +++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:unusedblahblahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test new file mode 100755 index 00000000..a8456774 --- /dev/null +++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not fail to unlock an already unlocked password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Unlock foo's password (usermod -U foo)..." +usermod -U foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd new file mode 100644 index 00000000..06b331b3 --- /dev/null +++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:blahblahblah:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test new file mode 100755 index 00000000..68c6d4cf --- /dev/null +++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not fail to unlock an already unlocked password" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Unlock foo's password (usermod -U foo)..." +usermod -U foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/10_usermod_usage/config.txt b/tests/usertools/usermod/10_usermod_usage/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/10_usermod_usage/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd b/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/group b/tests/usertools/usermod/10_usermod_usage/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/10_usermod_usage/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow b/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/passwd b/tests/usertools/usermod/10_usermod_usage/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/usermod/10_usermod_usage/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/shadow b/tests/usertools/usermod/10_usermod_usage/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/10_usermod_usage/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/10_usermod_usage/data/usage.out b/tests/usertools/usermod/10_usermod_usage/data/usage.out new file mode 100644 index 00000000..6e12e632 --- /dev/null +++ b/tests/usertools/usermod/10_usermod_usage/data/usage.out @@ -0,0 +1,30 @@ +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/10_usermod_usage/usermod.test b/tests/usertools/usermod/10_usermod_usage/usermod.test new file mode 100755 index 00000000..2f964420 --- /dev/null +++ b/tests/usertools/usermod/10_usermod_usage/usermod.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can display its usage message" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get usermod usage (usermod -h)..." +usermod -h >tmp/usage.out +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt b/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out b/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out new file mode 100644 index 00000000..e228571c --- /dev/null +++ b/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out @@ -0,0 +1,31 @@ +usermod: unrecognized option '--foo' +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test b/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test new file mode 100755 index 00000000..a5ebf49f --- /dev/null +++ b/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod displays its usage message in case on non recognized option" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Get usermod usage (usermod --foo)..." +usermod --foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt b/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err b/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err new file mode 100644 index 00000000..e5438f47 --- /dev/null +++ b/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid numeric argument 'bar' diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test b/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test new file mode 100755 index 00000000..68a6563e --- /dev/null +++ b/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks that the number of inactive days is a number" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Use -f without a number (usermod -f bar foo)..." +usermod -f bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usermod.err tmp/usermod.err +echo "usage message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd new file mode 100644 index 00000000..43fc135a --- /dev/null +++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd @@ -0,0 +1,19 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err new file mode 100644 index 00000000..4e80b688 --- /dev/null +++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid numeric argument '-2' diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test new file mode 100755 index 00000000..b7655a3c --- /dev/null +++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod displays its usage message in case when -f receive a wrong number" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Set number of inactive days to -2 (usermod -f -2)..." +usermod -f -2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usermod.err tmp/usermod.err +echo "usage message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config.txt b/tests/usertools/usermod/14_usermod_usage_no_options/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/14_usermod_usage_no_options/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out b/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out new file mode 100644 index 00000000..f2a56d79 --- /dev/null +++ b/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out @@ -0,0 +1,31 @@ +usermod: no options +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test b/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test new file mode 100755 index 00000000..caa9de70 --- /dev/null +++ b/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks that there is actually something to change" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change user foo (usermod foo)..." +usermod foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config.txt b/tests/usertools/usermod/15_usermod_usage_no_user/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/15_usermod_usage_no_user/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out b/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out new file mode 100644 index 00000000..6e12e632 --- /dev/null +++ b/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out @@ -0,0 +1,30 @@ +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test b/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test new file mode 100755 index 00000000..98e8c092 --- /dev/null +++ b/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks that the user to be changed is provided" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change a user name (usermod -l bar)..." +usermod -l bar 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out new file mode 100644 index 00000000..4068a75a --- /dev/null +++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out @@ -0,0 +1 @@ +usermod: shadow passwords required for -e and -f diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test new file mode 100755 index 00000000..1cf05f51 --- /dev/null +++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks that the shadow file exist for option -e" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "done" + +echo -n "Change expire date (usermod -e 10 foo)..." +usermod -e 10 foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out new file mode 100644 index 00000000..4068a75a --- /dev/null +++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out @@ -0,0 +1 @@ +usermod: shadow passwords required for -e and -f diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test new file mode 100755 index 00000000..f62a2924 --- /dev/null +++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks that the shadow file exist for option -f" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/shadow..." +rm -f /etc/shadow +echo "done" + +echo -n "Change number of inactive days (usermod -f 10 foo)..." +usermod -f 10 foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +test ! -f /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out new file mode 100644 index 00000000..97b98e8e --- /dev/null +++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out @@ -0,0 +1,31 @@ +usermod: the -L, -p, and -U flags are exclusive +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test new file mode 100755 index 00000000..3886f269 --- /dev/null +++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks that -L and -p are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change an lock password (usermod -L -p newpass foo)..." +usermod -L -p newpass foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out new file mode 100644 index 00000000..97b98e8e --- /dev/null +++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out @@ -0,0 +1,31 @@ +usermod: the -L, -p, and -U flags are exclusive +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test new file mode 100755 index 00000000..5ab22703 --- /dev/null +++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks that -L and -U are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Lock an unlock password (usermod -L -U foo)..." +usermod -L -U foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out new file mode 100644 index 00000000..97b98e8e --- /dev/null +++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out @@ -0,0 +1,31 @@ +usermod: the -L, -p, and -U flags are exclusive +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test new file mode 100755 index 00000000..0dc1ea49 --- /dev/null +++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks that -U and -p are not provided at the same time" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change an unlock password (usermod -U -p newpass foo)..." +usermod -U -p newpass foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt new file mode 100644 index 00000000..f21fb088 --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt @@ -0,0 +1,6 @@ +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group new file mode 100644 index 00000000..730e4dda --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo2 +tty:x:5: +disk:x:6: +lp:x:7:root,foo2 +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo2 +voice:x:22: +cdrom:x:24: +floppy:x:25:foo2 +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo2 +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd new file mode 100644 index 00000000..f9b78295 --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo2:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow new file mode 100644 index 00000000..60a11cfe --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo2:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test new file mode 100755 index 00000000..5ad5bf90 --- /dev/null +++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod rename the user in the lists of members, when an user is renamed with -l" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Remove /etc/gshadow..." +rm -f /etc/gshadow +echo "done" + +echo -n "Rename user foo (usermod -l foo2 foo)..." +usermod -l foo2 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +test ! -f /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out new file mode 100644 index 00000000..5a96e571 --- /dev/null +++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out @@ -0,0 +1 @@ +usermod: invalid user name '2:bar' diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test new file mode 100755 index 00000000..66ff45a7 --- /dev/null +++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks the validity of a new username" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Rename with invalid username (usermod -l 2bar foo)..." +usermod -l 2:bar foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/23_usermod-e_date/config.txt b/tests/usertools/usermod/23_usermod-e_date/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/23_usermod-e_date/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd b/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/group b/tests/usertools/usermod/23_usermod-e_date/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow b/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd b/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow b/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow new file mode 100644 index 00000000..e678938f --- /dev/null +++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/23_usermod-e_date/data/shadow b/tests/usertools/usermod/23_usermod-e_date/data/shadow new file mode 100644 index 00000000..af989561 --- /dev/null +++ b/tests/usertools/usermod/23_usermod-e_date/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::15320: diff --git a/tests/usertools/usermod/23_usermod-e_date/usermod.test b/tests/usertools/usermod/23_usermod-e_date/usermod.test new file mode 100755 index 00000000..5ab527f2 --- /dev/null +++ b/tests/usertools/usermod/23_usermod-e_date/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can set the expiry date" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's expiry date (usermod -e 2011-12-12 foo)..." +usermod -e 2011-12-12 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/24_usermod-e_date/config.txt b/tests/usertools/usermod/24_usermod-e_date/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/24_usermod-e_date/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd b/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/group b/tests/usertools/usermod/24_usermod-e_date/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow b/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd b/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow b/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow new file mode 100644 index 00000000..ae79ac53 --- /dev/null +++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::42: diff --git a/tests/usertools/usermod/24_usermod-e_date/data/shadow b/tests/usertools/usermod/24_usermod-e_date/data/shadow new file mode 100644 index 00000000..a1923b54 --- /dev/null +++ b/tests/usertools/usermod/24_usermod-e_date/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::42424: diff --git a/tests/usertools/usermod/24_usermod-e_date/usermod.test b/tests/usertools/usermod/24_usermod-e_date/usermod.test new file mode 100755 index 00000000..a2ae15ad --- /dev/null +++ b/tests/usertools/usermod/24_usermod-e_date/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can set the expiry date (number of days)" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's expiry date (usermod -e 42424 foo)..." +usermod -e 42424 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt b/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow new file mode 100644 index 00000000..b21ccf8c --- /dev/null +++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::2: diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow b/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow new file mode 100644 index 00000000..e678938f --- /dev/null +++ b/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test b/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test new file mode 100755 index 00000000..997d51a6 --- /dev/null +++ b/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can disable the expiry date" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable the user's expiry date (usermod -e '' foo)..." +usermod -e '' foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/26_usermod-e-1/config.txt b/tests/usertools/usermod/26_usermod-e-1/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/26_usermod-e-1/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd b/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/group b/tests/usertools/usermod/26_usermod-e-1/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow b/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd b/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow b/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow new file mode 100644 index 00000000..b21ccf8c --- /dev/null +++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::2: diff --git a/tests/usertools/usermod/26_usermod-e-1/data/shadow b/tests/usertools/usermod/26_usermod-e-1/data/shadow new file mode 100644 index 00000000..e678938f --- /dev/null +++ b/tests/usertools/usermod/26_usermod-e-1/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/26_usermod-e-1/usermod.test b/tests/usertools/usermod/26_usermod-e-1/usermod.test new file mode 100755 index 00000000..c15ddc69 --- /dev/null +++ b/tests/usertools/usermod/26_usermod-e-1/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can disable the expiry date" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable the user's expiry date (usermod -e -1 foo)..." +usermod -e -1 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config.txt b/tests/usertools/usermod/27_usermod-e_invalid1/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/27_usermod-e_invalid1/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow new file mode 100644 index 00000000..b21ccf8c --- /dev/null +++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::2: diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err b/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err new file mode 100644 index 00000000..3de424ee --- /dev/null +++ b/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid date '-2' diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test b/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test new file mode 100755 index 00000000..c5641970 --- /dev/null +++ b/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks the validity of the expiry argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable the user's expiry date (usermod -e -2 foo)..." +usermod -e -2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usermod.err tmp/usermod.err +echo "usage message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config.txt b/tests/usertools/usermod/28_usermod-e_invalid2/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/28_usermod-e_invalid2/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow new file mode 100644 index 00000000..b21ccf8c --- /dev/null +++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::2: diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err b/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err new file mode 100644 index 00000000..43494b06 --- /dev/null +++ b/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err @@ -0,0 +1 @@ +usermod: invalid date 'bar' diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test b/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test new file mode 100755 index 00000000..fa761b20 --- /dev/null +++ b/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks the validity of the expiry argument" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Disable the user's expiry date (usermod -e bar foo)..." +usermod -e bar foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "3" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usermod.err tmp/usermod.err +echo "usage message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/29_usermod_no_changes/config.txt b/tests/usertools/usermod/29_usermod_no_changes/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/29_usermod_no_changes/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd b/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/group b/tests/usertools/usermod/29_usermod_no_changes/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow b/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd b/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd new file mode 100644 index 00000000..7c90a9bc --- /dev/null +++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000:GeCoS:/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow b/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow new file mode 100644 index 00000000..0a244220 --- /dev/null +++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:oldpass:12977:0:99999:7::: diff --git a/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err b/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err new file mode 100644 index 00000000..ea8edd6e --- /dev/null +++ b/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err @@ -0,0 +1 @@ +usermod: no changes diff --git a/tests/usertools/usermod/29_usermod_no_changes/usermod.test b/tests/usertools/usermod/29_usermod_no_changes/usermod.test new file mode 100755 index 00000000..5d703291 --- /dev/null +++ b/tests/usertools/usermod/29_usermod_no_changes/usermod.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod detects when no real changes are requested" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Perform non changes (usermod -l foo -c GeCoS -e -1 -f -1 -u 1000 -d /nonexistent -s /bin/sh foo)..." +usermod -l foo -c GeCoS -e -1 -f -1 -u 1000 -d /nonexistent -s /bin/sh foo 2>tmp/usermod.err +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usermod.err tmp/usermod.err +echo "usage message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt b/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out b/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out new file mode 100644 index 00000000..27dcca70 --- /dev/null +++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out @@ -0,0 +1,31 @@ +usermod: -a flag is only allowed with the -G flag +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test b/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test new file mode 100755 index 00000000..6e30cfde --- /dev/null +++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod rejects -a without -G" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Append groups without groups (usermod -a foo)..." +usermod -a foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt b/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out b/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out new file mode 100644 index 00000000..d3a108fe --- /dev/null +++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out @@ -0,0 +1,31 @@ +usermod: -o flag is only allowed with the -u flag +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test b/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test new file mode 100755 index 00000000..bf57aa7c --- /dev/null +++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod rejects -o without -u" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Append groups without groups (usermod -o foo)..." +usermod -o foo 2>tmp/usage.out && exit 1 || { + status=$? +} + +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt b/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt new file mode 100644 index 00000000..31f56359 --- /dev/null +++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt @@ -0,0 +1,10 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz + +user foo, in group users (only in /etc/group) +user foo, in group tty (only in /etc/gshadow) +user foo, in group floppy +user foo, admin of group disk +user foo, admin and member of group fax +user foo, admin and member of group cdrom (only in /etc/gshadow) diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group new file mode 100644 index 00000000..10123908 --- /dev/null +++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group @@ -0,0 +1,41 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow new file mode 100644 index 00000000..ae424865 --- /dev/null +++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow @@ -0,0 +1,41 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd new file mode 100644 index 00000000..dbb06b81 --- /dev/null +++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/nonexistent:/bin/sh diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out b/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out new file mode 100644 index 00000000..0dbcdefd --- /dev/null +++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out @@ -0,0 +1,31 @@ +usermod: -m flag is only allowed with the -d flag +Usage: usermod [options] LOGIN + +Options: + -c, --comment COMMENT new value of the GECOS field + -d, --home HOME_DIR new home directory for the user account + -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE + -f, --inactive INACTIVE set password inactive after expiration + to INACTIVE + -g, --gid GROUP force use GROUP as new primary group + -G, --groups GROUPS new list of supplementary GROUPS + -a, --append append the user to the supplemental GROUPS + mentioned by the -G option without removing + him/her from other groups + -h, --help display this help message and exit + -l, --login NEW_LOGIN new value of the login name + -L, --lock lock the user account + -m, --move-home move contents of the home directory to the + new location (use only with -d) + -o, --non-unique allow using duplicate (non-unique) UID + -p, --password PASSWORD use encrypted password for the new password + -R, --root CHROOT_DIR directory to chroot into + -s, --shell SHELL new login shell for the user account + -u, --uid UID new UID for the user account + -U, --unlock unlock the user account + -v, --add-subuids FIRST-LAST add range of subordinate uids + -V, --del-subuids FIRST-LAST remove range of subordinate uids + -w, --add-subgids FIRST-LAST add range of subordinate gids + -W, --del-subgids FIRST-LAST remove range of subordinate gids + -Z, --selinux-user SEUSER new SELinux user mapping for the user account + diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test b/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test new file mode 100755 index 00000000..407dc325 --- /dev/null +++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod rejects -m without -d" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Move home without new home (usermod -m foo)..." +usermod -m foo 2>tmp/usage.out && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "2" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usage.out +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usage.out tmp/usage.out +echo "usage message OK." +rm -f tmp/usage.out + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/33_usermod_change_shell/config.txt b/tests/usertools/usermod/33_usermod_change_shell/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/33_usermod_change_shell/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd b/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/group b/tests/usertools/usermod/33_usermod_change_shell/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow b/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd b/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow b/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow new file mode 100644 index 00000000..e678938f --- /dev/null +++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:blahblah:12977:0:99999:7::: diff --git a/tests/usertools/usermod/33_usermod_change_shell/data/passwd b/tests/usertools/usermod/33_usermod_change_shell/data/passwd new file mode 100644 index 00000000..57c4cf36 --- /dev/null +++ b/tests/usertools/usermod/33_usermod_change_shell/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/bash diff --git a/tests/usertools/usermod/33_usermod_change_shell/usermod.test b/tests/usertools/usermod/33_usermod_change_shell/usermod.test new file mode 100755 index 00000000..81145df2 --- /dev/null +++ b/tests/usertools/usermod/33_usermod_change_shell/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can change the shell" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's shell (usermod -s /bin/bash foo)..." +usermod -s /bin/bash foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..0175ffc0 --- /dev/null +++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:oldpass:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow new file mode 100644 index 00000000..64ee844c --- /dev/null +++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:oldpass:@TODAY@:0:99999:7::15320: diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test new file mode 100755 index 00000000..fa2e5677 --- /dev/null +++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod create a shadow entry to set the expiry date" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's expiry date (usermod -e 2011-12-12 foo)..." +usermod -e 2011-12-12 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt new file mode 100644 index 00000000..a2ff9110 --- /dev/null +++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt @@ -0,0 +1,2 @@ +user foo exists, UID 1000 +user foo2 exists, UID 1001 diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd new file mode 100644 index 00000000..0175ffc0 --- /dev/null +++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:oldpass:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow new file mode 100644 index 00000000..5f50d187 --- /dev/null +++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow @@ -0,0 +1,19 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow new file mode 100644 index 00000000..43a9175f --- /dev/null +++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:oldpass:@TODAY@:0:99999:7:42:: diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test new file mode 100755 index 00000000..0c1d2936 --- /dev/null +++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test @@ -0,0 +1,39 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod create a shadow entry to set the number of inactive days" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Change the user's number of inactive days (usermod -f 42 foo)..." +usermod -f 42 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl config/etc/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a new file mode 100644 index 00000000..62a6381d --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a @@ -0,0 +1,3 @@ +-rw-r--r-- foo:foo `/home/foo/toto' +drwxr-xr-x foo:foo `/home/foo/.' +drwxr-xr-x root:root `/home/foo/..' diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2 b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2 new file mode 100644 index 00000000..e69e95df --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2 @@ -0,0 +1,2 @@ +drwxr-xr-x root:root `/home/foo2/.' +drwxr-xr-x root:root `/home/foo2/..' diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd new file mode 100644 index 00000000..bc9a6f0d --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo2:/bin/false diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err new file mode 100644 index 00000000..64b72d11 --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err @@ -0,0 +1 @@ +usermod: directory /home/foo2 exists diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test new file mode 100755 index 00000000..0821c02f --- /dev/null +++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test @@ -0,0 +1,84 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can move the user's home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0 + +change_config + +mkdir /home/foo +echo toto > /home/foo/toto +chown -R foo:foo /home/foo + +echo -n "Create /home/foo2"... +mkdir /home/foo2 +echo "OK" + +echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..." +usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usermod.err tmp/usermod.err +echo "usage message OK." +rm -f tmp/usermod.err + +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was not removed..." +test -d /home/foo +echo "OK" +echo -n "Check the user's home directory was not moved..." +test -d /home/foo2 +echo "OK" +echo -n "Check content of /home/foo/..." +stat --printf "%A %U:%G %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" +rm -f tmp/home_ls-a +echo -n "Check content of /home/foo2/..." +stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a2 +diff -rauN data/home_ls-a2 tmp/home_ls-a2 +echo "OK" +rm -f tmp/home_ls-a2 + +echo -n "Remove the home directories..." +rm -rf /home/foo /home/foo2 +echo "done" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd new file mode 100644 index 00000000..bc9a6f0d --- /dev/null +++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo2:/bin/false diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test new file mode 100755 index 00000000..3b3ba6f5 --- /dev/null +++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can move the user's home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0 + +change_config + +# Do not create the user's /home/foo home directory + +echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..." +usermod -m -d /home/foo2 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the old user's home directory was not created..." +test ! -d /home/foo +echo "OK" +echo -n "Check the new user's home directory was not created..." +test ! -d /home/foo2 +echo "OK" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd new file mode 100644 index 00000000..174e4f6b --- /dev/null +++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test new file mode 100755 index 00000000..b232d9e8 --- /dev/null +++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not create /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/lastlog' 0 + +change_config + +echo -n "Remove /var/log/lastlog (it will not be restored)..." +rm -f /var/log/lastlog +echo "OK" + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check that the /var/log/lastlog file was not created"... +test ! -f /var/log/lastlog +echo "OK" + +touch /var/log/lastlog + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd new file mode 100644 index 00000000..ae6ebfe9 --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd new file mode 100644 index 00000000..137b91da --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/sh diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp new file mode 100755 index 00000000..c8866d92 --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp @@ -0,0 +1,13 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login -f foo\r" +expect "$ " + +send "exit\r" +exit 0 diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test new file mode 100755 index 00000000..8b4f43f7 --- /dev/null +++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not create /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +touch /var/log/lastlog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp +echo "OK" + +lastlog > tmp/lastlog.out + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +lastlog > tmp/lastlog.out2 + +echo "lastlog:" +echo "=======================================================================" +cat tmp/lastlog.out2 +echo "=======================================================================" + +echo -n "Check the lastlog message..." +diff -au tmp/lastlog.out tmp/lastlog.out2 +echo "lastlog message OK." +rm -f tmp/lastlog.out tmp/lastlog.out2 + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group new file mode 100644 index 00000000..6470be54 --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:10000: diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow new file mode 100644 index 00000000..e982c7ca --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd new file mode 100644 index 00000000..5173c28d --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +bar:x:10000:10000::/home/bar:/bin/sh diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow new file mode 100644 index 00000000..5f73f335 --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group new file mode 100644 index 00000000..d9721118 --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:10000: diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd new file mode 100644 index 00000000..1cfb31fe --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:10000::/home/bar:/bin/sh diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow new file mode 100644 index 00000000..2fc3f9cc --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp new file mode 100755 index 00000000..c8866d92 --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp @@ -0,0 +1,13 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login -f foo\r" +expect "$ " + +send "exit\r" +exit 0 diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test new file mode 100755 index 00000000..5efc96fe --- /dev/null +++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test @@ -0,0 +1,74 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not create /var/log/lastlog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/lastlog (it will not be restored)..." +touch /var/log/lastlog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp +echo "OK" + +lastlog > tmp/lastlog.out + +echo "lastlog :" +echo "=======================================================================" +cat tmp/lastlog.out +echo "=======================================================================" + +echo -n "Manually delete the user foo (to keep the lastlog entry)..." +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +sed -e '/^foo:/d' -i /etc/group +sed -e '/^foo:/d' -i /etc/gshadow +echo "OK" + +echo -n "Change the user's UID to reuse foo's (usermod -u 1000 bar)..." +usermod -u 1000 bar +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +lastlog > tmp/lastlog.out2 + +echo "lastlog:" +echo "=======================================================================" +cat tmp/lastlog.out2 +echo "=======================================================================" + +echo -n "Check the lastlog message..." +sed -e '/^foo /d' -i tmp/lastlog.out +diff -au tmp/lastlog.out tmp/lastlog.out2 +echo "lastlog message OK." +rm -f tmp/lastlog.out tmp/lastlog.out2 + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd new file mode 100644 index 00000000..174e4f6b --- /dev/null +++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test b/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test new file mode 100755 index 00000000..2122a876 --- /dev/null +++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not create /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/faillog' 0 + +change_config + +echo -n "Remove /var/log/faillog (it will not be restored)..." +rm -f /var/log/faillog +echo "OK" + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check that the /var/log/faillog file was not created"... +test ! -f /var/log/faillog +echo "OK" + +touch /var/log/faillog + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group new file mode 100644 index 00000000..b6fae894 --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root,foo +tty:x:5: +disk:x:6: +lp:x:7:foo,root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21:foo +voice:x:22: +cdrom:x:24: +floppy:x:25:foo +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow new file mode 100644 index 00000000..1f2ba8da --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root,foo +tty:*::foo +disk:*:foo: +lp:*::foo,root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:foo:foo +voice:*:: +cdrom:*:foo:foo +floppy:*::foo +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd new file mode 100644 index 00000000..ae6ebfe9 --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow new file mode 100644 index 00000000..9b99f4dc --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12977:0:99999:7::: diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd new file mode 100644 index 00000000..137b91da --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/sh diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp new file mode 100755 index 00000000..bb91e57c --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login foo\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test new file mode 100755 index 00000000..769e5dc6 --- /dev/null +++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test @@ -0,0 +1,66 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not create /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +> /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp +echo "OK" + +faillog > tmp/faillog.out + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +faillog > tmp/faillog.out2 + +echo "faillog:" +echo "=======================================================================" +cat tmp/faillog.out2 +echo "=======================================================================" + +echo -n "Check the faillog message..." +diff -au tmp/faillog.out tmp/faillog.out2 +echo "faillog message OK." +rm -f tmp/faillog.out tmp/faillog.out2 + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group new file mode 100644 index 00000000..6470be54 --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:10000: diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow new file mode 100644 index 00000000..e982c7ca --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +bar:*:: diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login new file mode 100644 index 00000000..54f888d5 --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login @@ -0,0 +1,111 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a password on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# Added to support faillog +auth required pam_tally.so per_user + + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd new file mode 100644 index 00000000..5173c28d --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/sh +bar:x:10000:10000::/home/bar:/bin/sh diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow new file mode 100644 index 00000000..5f73f335 --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group new file mode 100644 index 00000000..d9721118 --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +bar:x:10000: diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd new file mode 100644 index 00000000..1cfb31fe --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:10000::/home/bar:/bin/sh diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow new file mode 100644 index 00000000..2fc3f9cc --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp new file mode 100755 index 00000000..bb91e57c --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp @@ -0,0 +1,17 @@ +#!/usr/bin/expect + +set timeout 5 +expect_after default {puts "\nFAIL"; exit 1} + +spawn /bin/bash +expect "# " + +send "login foo\r" +expect "Password: " +sleep 0.1 +send "badpass\r" +send_user "\n# password 'badpass' sent\n\n" +expect "login: " + +send "exit\r" +exit 0 diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test new file mode 100755 index 00000000..ee262b6f --- /dev/null +++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test @@ -0,0 +1,75 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod does not create /var/log/faillog" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +echo -n "Create an empty /var/log/faillog (it will not be restored)..." +touch /var/log/faillog +echo "OK" + +echo -n "Trigger a connection as foo..." +./login.exp +echo "OK" + +faillog > tmp/faillog.out + +echo "faillog :" +echo "=======================================================================" +cat tmp/faillog.out +echo "=======================================================================" +rm -f tmp/faillog.out + +echo -n "Manually delete the user foo (to keep the faillog entry)..." +sed -e '/^foo:/d' -i /etc/passwd +sed -e '/^foo:/d' -i /etc/shadow +sed -e '/^foo:/d' -i /etc/group +sed -e '/^foo:/d' -i /etc/gshadow +echo "OK" + +echo -n "Change the user's UID to reuse foo's (usermod -u 1000 bar)..." +usermod -u 1000 bar +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl data/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" + +faillog > tmp/faillog.out2 + +echo "faillog:" +echo "=======================================================================" +cat tmp/faillog.out2 +echo "=======================================================================" + +echo -n "Check the faillog message..." +c=$(cat tmp/faillog.out2 | wc -c) +test $c = "0" +echo "empty faillog OK." +rm -f tmp/faillog.out2 + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt b/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms new file mode 100644 index 00000000..92d36eaf --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms @@ -0,0 +1 @@ +7 -rw-r--r-- bar:mail `/var/mail/bar' diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd new file mode 100644 index 00000000..656230a2 --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +bar:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow new file mode 100644 index 00000000..2fc3f9cc --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/test b/tests/usertools/usermod/44_usermod-l_move_mailbox/test new file mode 100644 index 00000000..fbcf12d5 --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/test @@ -0,0 +1 @@ +toto diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test b/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test new file mode 100755 index 00000000..dfd0ef98 --- /dev/null +++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod move the mailbox if it exists" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo /var/mail/bar' 0 + +change_config + +echo -n "Create foo mailbox /var/mail/foo ..." +echo foobar > /var/mail/foo +chown foo:mail /var/mail/foo +echo "OK" + +echo -n "Change the user's name (usermod -l bar foo)..." +usermod -l bar foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl data/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check that the new mailbox was created..." +test -f /var/mail/bar +echo "OK" +echo -n "Check that the old mailbox was removed..." +test ! -f /var/mail/foo +echo "OK" +echo -n "Check permissions of the mailbox..." +stat --printf "%s %A %U:%G %N\n" /var/mail/bar | sort > tmp/mailbox.perms +diff -rauN data/mailbox.perms tmp/mailbox.perms +echo "OK" +rm -f tmp/mailbox.perms + +rm -f /var/mail/bar + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms new file mode 100644 index 00000000..52233bed --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms @@ -0,0 +1 @@ +-rw-r--r-- foo:mail `/var/mail/foo' diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd new file mode 100644 index 00000000..174e4f6b --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test new file mode 100755 index 00000000..3fb509ba --- /dev/null +++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod changes the mailbox ownership" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0 + +change_config + +echo -n "Create foo mailbox /var/mail/foo ..." +touch /var/mail/foo +chown foo:mail /var/mail/foo +echo "OK" + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check that the mailbox was moved..." +test -f /var/mail/foo +echo "OK" +echo -n "Check permissions of the mailbox..." +stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms +diff -rauN data/mailbox.perms tmp/mailbox.perms +echo "OK" +rm -f tmp/mailbox.perms + +rm -f /var/mail/foo + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group new file mode 100644 index 00000000..7fca7205 --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow new file mode 100644 index 00000000..f735fda7 --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd new file mode 100644 index 00000000..6082b5f9 --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false +bar:x:1001:1001::/home/bar:/bin/false diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow new file mode 100644 index 00000000..5f73f335 --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow @@ -0,0 +1,21 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: +bar:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms new file mode 100644 index 00000000..2c8f1124 --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms @@ -0,0 +1 @@ +7 -rw-r--r-- bar:mail `/var/mail/foo' diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd new file mode 100644 index 00000000..138adccf --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/false +bar:x:1001:1001::/home/bar:/bin/false diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err new file mode 100644 index 00000000..8f674602 --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err @@ -0,0 +1 @@ +usermod: warning: /var/mail/foo not owned by foo diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test new file mode 100755 index 00000000..ab57a798 --- /dev/null +++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test @@ -0,0 +1,63 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod checks the mailbox ownership" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0 + +change_config + +echo -n "Create foo mailbox /var/mail/foo ..." +echo foobar> /var/mail/foo +chown bar:mail /var/mail/foo +echo "OK" + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo 2>tmp/usermod.err +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usermod.err tmp/usermod.err +echo "usage message OK." +rm -f tmp/usermod.err + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check that the mailbox was moved..." +test -f /var/mail/foo +echo "OK" +echo -n "Check permissions of the mailbox..." +stat --printf "%s %A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms +diff -rauN data/mailbox.perms tmp/mailbox.perms +echo "OK" +rm -f tmp/mailbox.perms + +rm -f /var/mail/foo + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt b/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs new file mode 100644 index 00000000..10614114 --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +#MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms b/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms new file mode 100644 index 00000000..52233bed --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms @@ -0,0 +1 @@ +-rw-r--r-- foo:mail `/var/mail/foo' diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd b/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd new file mode 100644 index 00000000..174e4f6b --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test b/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test new file mode 100755 index 00000000..3fb509ba --- /dev/null +++ b/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod changes the mailbox ownership" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0 + +change_config + +echo -n "Create foo mailbox /var/mail/foo ..." +touch /var/mail/foo +chown foo:mail /var/mail/foo +echo "OK" + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check that the mailbox was moved..." +test -f /var/mail/foo +echo "OK" +echo -n "Check permissions of the mailbox..." +stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms +diff -rauN data/mailbox.perms tmp/mailbox.perms +echo "OK" +rm -f tmp/mailbox.perms + +rm -f /var/mail/foo + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt new file mode 100644 index 00000000..1a78b6cd --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000 diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group new file mode 100644 index 00000000..a11bebe4 --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3:root +adm:x:4:root +tty:x:5: +disk:x:6: +lp:x:7:root +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow new file mode 100644 index 00000000..272c4de4 --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*::root +adm:*::root +tty:*:: +disk:*:: +lp:*::root +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs new file mode 100644 index 00000000..cf83ea80 --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +#MAIL_DIR /var/mail +MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the userĀ“s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms new file mode 100644 index 00000000..9e78a91e --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms @@ -0,0 +1 @@ +-rw-r--r-- UNKNOWN:mail `/var/mail/foo' diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd new file mode 100644 index 00000000..174e4f6b --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:4242:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test new file mode 100755 index 00000000..3fb509ba --- /dev/null +++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod changes the mailbox ownership" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0 + +change_config + +echo -n "Create foo mailbox /var/mail/foo ..." +touch /var/mail/foo +chown foo:mail /var/mail/foo +echo "OK" + +echo -n "Change the user's UID (usermod -u 4242 foo)..." +usermod -u 4242 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check that the mailbox was moved..." +test -f /var/mail/foo +echo "OK" +echo -n "Check permissions of the mailbox..." +stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms +diff -rauN data/mailbox.perms tmp/mailbox.perms +echo "OK" +rm -f tmp/mailbox.perms + +rm -f /var/mail/foo + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt new file mode 100644 index 00000000..b337f3fd --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt @@ -0,0 +1 @@ +user foo exists, UID 1000, home directory: /home/foo diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group new file mode 100644 index 00000000..65ffe606 --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a new file mode 100644 index 00000000..654c2bec --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a @@ -0,0 +1,12 @@ +-rw-r--r-- 0:1001 `/home/foo2/uroot' +-rw-r--r-- 1000:0 `/home/foo2/groot' +-rw-r--r-- 1000:1001 `/home/foo2/.tata' +-rw-r--r-- 1000:1001 `/home/foo2/.tyty' +-rw-r--r-- 1000:1001 `/home/foo2/profile2' +-rw-r--r-- 1000:1001 `/home/foo2/toto' +-rw-r--r-- 1000:1001 `/home/foo2/tyty' +crw-r--r-- 1000:1001 `/home/foo2/null' +drwxr-xr-x 0:0 `/home/foo2/..' +drwxr-xr-x 1000:1001 `/home/foo2/.' +drwxr-xr-x 1000:1001 `/home/foo2/titi' +lrwxrwxrwx 1000:1001 `/home/foo2/tutu' -> `/tmp/home/foo2/toto' diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd new file mode 100644 index 00000000..b966e613 --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1001::/tmp/home/foo2:/bin/false diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test new file mode 100755 index 00000000..9a42e8de --- /dev/null +++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test @@ -0,0 +1,87 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can move the user's home directory, over a new device and changes the owner of the user's file" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0 + +change_config + +mkdir /home/foo +mkdir /home/foo/titi +echo toto > /home/foo/toto +echo tyty > /home/foo/tyty +ln /home/foo/toto /home/foo/.tata +ln /home/foo/tyty /home/foo/.tyty +ln -s /home/foo/toto /home/foo/tutu +mknod /home/foo/null c 1 3 +ln /etc/profile /home/foo/profile2 +echo root > /home/foo/uroot +echo root > /home/foo/groot +chown -R foo:foo /home/foo +chown root /home/foo/uroot +chgrp root /home/foo/groot +stat --printf "%A %u:%g %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort + +mkdir /tmp/home +mount --bind /home /tmp/home + +echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 -g 1001 foo ..." +usermod -m -d /tmp/home/foo2 -g 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was removed..." +test ! -d /home/foo +echo "OK" +echo -n "Check the user's home directory was moved..." +test -d /home/foo2 +echo "OK" +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %u:%g %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" +echo -n "Check that hardlink to another homedir file remains a hardlink..." +dev_ino=$(stat --printf "%d-%i" /home/foo2/toto) +dev_ino2=$(stat --printf "%d-%i" /home/foo2/.tata) +test "$dev_ino" = "$dev_ino2" +echo "OK" +echo -n "Check hardlink to outside the homedir..." +dev_ino=$(stat --printf "%d-%i" /etc/profile) +dev_ino2=$(stat --printf "%d-%i" /home/foo2/profile2) +echo "$dev_ino" != "$dev_ino2" +#test "$dev_ino" = "$dev_ino2" +echo "NOT IMPLEMENTED" +rm -f tmp/home_ls-a + +echo -n "Remove the new home directory..." +rm -rf /home/foo2 +echo "done" + +umount /tmp/home +rmdir /tmp/home + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a new file mode 100644 index 00000000..161c30fc --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a @@ -0,0 +1,5 @@ +-rw-r--r-- foo:foo `/home/foo2/toto' +-rw-r--r-- foo:root `/home/foo2/groot' +-rw-r--r-- root:foo `/home/foo2/uroot' +drwxr-xr-x foo:foo `/home/foo2/.' +drwxr-xr-x root:root `/home/foo2/..' diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd new file mode 100644 index 00000000..6074624d --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1001:1000::/home/foo2:/bin/false diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test new file mode 100755 index 00000000..6ac347c7 --- /dev/null +++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test @@ -0,0 +1,62 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can move the user's home directory" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0 + +change_config + +mkdir /home/foo +echo toto > /home/foo/toto +echo root > /home/foo/uroot +echo root > /home/foo/groot +chown -R foo:foo /home/foo +chown root /home/foo/uroot +chgrp root /home/foo/groot + +echo -n "Change the user's home directory (usermod -m -d /home/foo2 -u 1001 foo)..." +usermod -m -d /home/foo2 -u 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was removed..." +test ! -d /home/foo +echo "OK" +echo -n "Check the user's home directory was moved..." +test -d /home/foo2 +echo "OK" +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" +rm -f tmp/home_ls-a + +echo -n "Remove the new home directory..." +rm -rf /home/foo2 +echo "done" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group new file mode 100644 index 00000000..65ffe606 --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group @@ -0,0 +1,43 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: +bar:x:1001: diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow new file mode 100644 index 00000000..d8aa8adc --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow @@ -0,0 +1,43 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: +bar:*:: diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a new file mode 100644 index 00000000..74d7ab02 --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a @@ -0,0 +1,3 @@ +-rw-r--r-- foo:bar `/home/foo2/toto' +drwxr-xr-x foo:bar `/home/foo2/.' +drwxr-xr-x root:root `/home/foo2/..' diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd new file mode 100644 index 00000000..676b1123 --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1001::/home/foo2:/bin/false diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test new file mode 100755 index 00000000..6bc87f3a --- /dev/null +++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test @@ -0,0 +1,58 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can move the user's home directory and change the group permissions" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0 + +change_config + +mkdir /home/foo +echo toto > /home/foo/toto +chown -R foo:foo /home/foo + +echo -n "Change the user's home directory (usermod -m -d /home/foo2 -g 1001 foo)..." +usermod -m -d /home/foo2 -g 1001 foo +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check the user's home directory was removed..." +test ! -d /home/foo +echo "OK" +echo -n "Check the user's home directory was moved..." +test -d /home/foo2 +echo "OK" +echo -n "Check content of /tmp/test-newusers..." +stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a +diff -rauN data/home_ls-a tmp/home_ls-a +echo "OK" +rm -f tmp/home_ls-a + +echo -n "Remove the new home directory..." +rm -rf /home/foo2 +echo "done" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt new file mode 100644 index 00000000..4b5baab6 --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt @@ -0,0 +1 @@ +user foo exists diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd new file mode 100644 index 00000000..31c44abe --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd @@ -0,0 +1,36 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/foobar +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +GROUP=10 +# +# The default home directory. Same as DHOME for adduser +HOME=/tmp +# +# The number of days after a password expires until the account +# is permanently disabled +INACTIVE=12 +# +# The default expire date +EXPIRE=2007-12-02 +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group new file mode 100644 index 00000000..50518255 --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100:foo +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +foo:x:1000: diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow new file mode 100644 index 00000000..5042e581 --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +foo:*:: diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd new file mode 100644 index 00000000..bf52df00 --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo:/bin/false diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow new file mode 100644 index 00000000..2baad3b4 --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +foo:!:12977:0:99999:7::: diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a new file mode 100644 index 00000000..62a6381d --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a @@ -0,0 +1,3 @@ +-rw-r--r-- foo:foo `/home/foo/toto' +drwxr-xr-x foo:foo `/home/foo/.' +drwxr-xr-x root:root `/home/foo/..' diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2 b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2 new file mode 100644 index 00000000..e69e95df --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2 @@ -0,0 +1,2 @@ +drwxr-xr-x root:root `/home/foo2/.' +drwxr-xr-x root:root `/home/foo2/..' diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd new file mode 100644 index 00000000..9da880b3 --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd @@ -0,0 +1,20 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +foo:x:1000:1000::/home/foo3:/bin/false diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err new file mode 100644 index 00000000..c8f9de2c --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err @@ -0,0 +1 @@ +usermod: directory /home/foo could not be moved diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test b/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test new file mode 100755 index 00000000..8bd0fd02 --- /dev/null +++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test @@ -0,0 +1,75 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../../common/config.sh +. ../../../common/log.sh + +log_start "$0" "usermod can't move the user's home directory when it's a symlink" + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2/file /home/foo2' 0 + +change_config + +mkdir /home/foo2 +echo toto > /home/foo2/file +ln -s foo2 /home/foo +chown -R foo:foo /home/foo /home/foo2 + +echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..." +usermod -m -d /home/foo3 foo 2>tmp/usermod.err && exit 1 || { + status=$? +} +echo "OK" + +echo -n "Check returned status ($status)..." +test "$status" = "12" +echo "OK" + +echo "usermod reported:" +echo "=======================================================================" +cat tmp/usermod.err +echo "=======================================================================" +echo -n "Check the usage message..." +diff -au data/usermod.err tmp/usermod.err +echo "usage message OK." +rm -f tmp/usermod.err + +echo "OK" + +echo -n "Check the passwd file..." +../../../common/compare_file.pl data/passwd /etc/passwd +echo "OK" +echo -n "Check the group file..." +../../../common/compare_file.pl config/etc/group /etc/group +echo "OK" +echo -n "Check the shadow file..." +../../../common/compare_file.pl config/etc/shadow /etc/shadow +echo "OK" +echo -n "Check the gshadow file..." +../../../common/compare_file.pl config/etc/gshadow /etc/gshadow +echo "OK" +echo -n "Check that /home/foo is still a symlink..." +test -L /home/foo +echo "OK" +echo -n "Check that /home/foo2 was not removed..." +test -d /home/foo2 +test -f /home/foo2/file +echo "OK" +echo -n "Check that /home/foo3 was not created..." +test ! -f /home/foo3 +echo "OK" + +echo -n "Remove the home directories..." +rm -rf /home/foo /home/foo2 +echo "done" + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/ylwrap b/ylwrap deleted file mode 100755 index 1c4d7761..00000000 --- a/ylwrap +++ /dev/null @@ -1,249 +0,0 @@ -#! /bin/sh -# ylwrap - wrapper for lex/yacc invocations. - -scriptversion=2012-12-21.17; # UTC - -# Copyright (C) 1996-2013 Free Software Foundation, Inc. -# -# Written by Tom Tromey <tromey@cygnus.com>. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# This file is maintained in Automake, please report -# bugs to <bug-automake@gnu.org> or send patches to -# <automake-patches@gnu.org>. - -get_dirname () -{ - case $1 in - */*|*\\*) printf '%s\n' "$1" | sed -e 's|\([\\/]\)[^\\/]*$|\1|';; - # Otherwise, we want the empty string (not "."). - esac -} - -# guard FILE -# ---------- -# The CPP macro used to guard inclusion of FILE. -guard() -{ - printf '%s\n' "$1" \ - | sed \ - -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/' \ - -e 's/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ]/_/g' \ - -e 's/__*/_/g' -} - -# quote_for_sed [STRING] -# ---------------------- -# Return STRING (or stdin) quoted to be used as a sed pattern. -quote_for_sed () -{ - case $# in - 0) cat;; - 1) printf '%s\n' "$1";; - esac \ - | sed -e 's|[][\\.*]|\\&|g' -} - -case "$1" in - '') - echo "$0: No files given. Try '$0 --help' for more information." 1>&2 - exit 1 - ;; - --basedir) - basedir=$2 - shift 2 - ;; - -h|--h*) - cat <<\EOF -Usage: ylwrap [--help|--version] INPUT [OUTPUT DESIRED]... -- PROGRAM [ARGS]... - -Wrapper for lex/yacc invocations, renaming files as desired. - - INPUT is the input file - OUTPUT is one file PROG generates - DESIRED is the file we actually want instead of OUTPUT - PROGRAM is program to run - ARGS are passed to PROG - -Any number of OUTPUT,DESIRED pairs may be used. - -Report bugs to <bug-automake@gnu.org>. -EOF - exit $? - ;; - -v|--v*) - echo "ylwrap $scriptversion" - exit $? - ;; -esac - - -# The input. -input="$1" -shift -# We'll later need for a correct munging of "#line" directives. -input_sub_rx=`get_dirname "$input" | quote_for_sed` -case "$input" in - [\\/]* | ?:[\\/]*) - # Absolute path; do nothing. - ;; - *) - # Relative path. Make it absolute. - input="`pwd`/$input" - ;; -esac -input_rx=`get_dirname "$input" | quote_for_sed` - -# Since DOS filename conventions don't allow two dots, -# the DOS version of Bison writes out y_tab.c instead of y.tab.c -# and y_tab.h instead of y.tab.h. Test to see if this is the case. -y_tab_nodot=false -if test -f y_tab.c || test -f y_tab.h; then - y_tab_nodot=true -fi - -# The parser itself, the first file, is the destination of the .y.c -# rule in the Makefile. -parser=$1 - -# A sed program to s/FROM/TO/g for all the FROM/TO so that, for -# instance, we rename #include "y.tab.h" into #include "parse.h" -# during the conversion from y.tab.c to parse.c. -sed_fix_filenames= - -# Also rename header guards, as Bison 2.7 for instance uses its header -# guard in its implementation file. -sed_fix_header_guards= - -while test "$#" -ne 0; do - if test "$1" = "--"; then - shift - break - fi - from=$1 - # Handle y_tab.c and y_tab.h output by DOS - if $y_tab_nodot; then - case $from in - "y.tab.c") from=y_tab.c;; - "y.tab.h") from=y_tab.h;; - esac - fi - shift - to=$1 - shift - sed_fix_filenames="${sed_fix_filenames}s|"`quote_for_sed "$from"`"|$to|g;" - sed_fix_header_guards="${sed_fix_header_guards}s|"`guard "$from"`"|"`guard "$to"`"|g;" -done - -# The program to run. -prog="$1" -shift -# Make any relative path in $prog absolute. -case "$prog" in - [\\/]* | ?:[\\/]*) ;; - *[\\/]*) prog="`pwd`/$prog" ;; -esac - -# FIXME: add hostname here for parallel makes that run commands on -# other machines. But that might take us over the 14-char limit. -dirname=ylwrap$$ -do_exit="cd '`pwd`' && rm -rf $dirname > /dev/null 2>&1;"' (exit $ret); exit $ret' -trap "ret=129; $do_exit" 1 -trap "ret=130; $do_exit" 2 -trap "ret=141; $do_exit" 13 -trap "ret=143; $do_exit" 15 -mkdir $dirname || exit 1 - -cd $dirname - -case $# in - 0) "$prog" "$input" ;; - *) "$prog" "$@" "$input" ;; -esac -ret=$? - -if test $ret -eq 0; then - for from in * - do - to=`printf '%s\n' "$from" | sed "$sed_fix_filenames"` - if test -f "$from"; then - # If $2 is an absolute path name, then just use that, - # otherwise prepend '../'. - case $to in - [\\/]* | ?:[\\/]*) target=$to;; - *) target="../$to";; - esac - - # Do not overwrite unchanged header files to avoid useless - # recompilations. Always update the parser itself: it is the - # destination of the .y.c rule in the Makefile. Divert the - # output of all other files to a temporary file so we can - # compare them to existing versions. - if test $from != $parser; then - realtarget="$target" - target=tmp-`printf '%s\n' "$target" | sed 's|.*[\\/]||g'` - fi - - # Munge "#line" or "#" directives. Don't let the resulting - # debug information point at an absolute srcdir. Use the real - # output file name, not yy.lex.c for instance. Adjust the - # include guards too. - sed -e "/^#/!b" \ - -e "s|$input_rx|$input_sub_rx|" \ - -e "$sed_fix_filenames" \ - -e "$sed_fix_header_guards" \ - "$from" >"$target" || ret=$? - - # Check whether files must be updated. - if test "$from" != "$parser"; then - if test -f "$realtarget" && cmp -s "$realtarget" "$target"; then - echo "$to is unchanged" - rm -f "$target" - else - echo "updating $to" - mv -f "$target" "$realtarget" - fi - fi - else - # A missing file is only an error for the parser. This is a - # blatant hack to let us support using "yacc -d". If -d is not - # specified, don't fail when the header file is "missing". - if test "$from" = "$parser"; then - ret=1 - fi - fi - done -fi - -# Remove the directory. -cd .. -rm -rf $dirname - -exit $ret - -# Local Variables: -# mode: shell-script -# sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-time-zone: "UTC" -# time-stamp-end: "; # UTC" -# End: